Published: June 15, 1992
Author(s)
Dolores Wallace (NIST), Richard Kuhn (NIST), Laura Ippolito (NIST)
Conference
Name: Seventh Annual Conference on Computer Assurance
Dates: 06/15/1992 - 06/18/1992
Location: Gaithersburg, Maryland, United States
Citation: COMPASS '92: Proceedings of the Seventh Annual Conference on Computer Assurance, pp. 123-136
This study examines standards, draft standards, and guidelines that provide requirements for the assurance of high-integrity software. It focuses on identifying the attributes necessary in such documents for providing reasonable assurance for high-integrity software, and on identifying the relative strengths and weaknesses of the documents. The documents vary widely in their requirements and the precision with which the requirements are expressed. Security documents tend to have a narrow focus and to be more product-oriented, whereas safety documents tend to be broad in scope and center primarily on the software development process. Overall there is little relationship between the degree of risk and the rigor of applicable standards. Recommendations are provided for a base standard for the assurance of high-integrity software.
This study examines standards, draft standards, and guidelines that provide requirements for the assurance of high-integrity software. It focuses on identifying the attributes necessary in such documents for providing reasonable assurance for high-integrity software, and on identifying the relative...
See full abstract
This study examines standards, draft standards, and guidelines that provide requirements for the assurance of high-integrity software. It focuses on identifying the attributes necessary in such documents for providing reasonable assurance for high-integrity software, and on identifying the relative strengths and weaknesses of the documents. The documents vary widely in their requirements and the precision with which the requirements are expressed. Security documents tend to have a narrow focus and to be more product-oriented, whereas safety documents tend to be broad in scope and center primarily on the software development process. Overall there is little relationship between the degree of risk and the rigor of applicable standards. Recommendations are provided for a base standard for the assurance of high-integrity software.
Hide full abstract
Keywords
document development; software assurance; standards and guidelines
Control Families
None selected