Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

NIST CSWP 13

Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)

Date Published: April 23, 2020

Author(s)

Donna Dodson (NIST), Murugiah Souppaya (NIST), Karen Scarfone (Scarfone Cybersecurity)

Abstract

Keywords

secure software development; secure software development framework (SSDF); secure software development practices; software acquisition; software development; software development life cycle (SDLC); software security
Control Families

Access Control; Awareness and Training; Contingency Planning; Program Management; Personnel Security; System and Information Integrity

Documentation

Publication:
https://doi.org/10.6028/NIST.CSWP.13
Download URL

Supplemental Material:
Local Download (pdf)

Related NIST Publications:
SP 800-218 (Draft)

Document History:
06/11/19: Other (Draft)
04/23/20: CSWP 13 (Final)