Re: secure software engineering methodology
From: Bill Weiss (houdini_at_nmt.edu)
Date: 03/23/04
- Previous message: John Viega: "Re: secure software engineering methodology"
- In reply to: Mads Rasmussen: "secure software engineering methodology"
- Next in thread: Mads Rasmussen: "Re: secure software engineering methodology"
- Reply: Mads Rasmussen: "Re: secure software engineering methodology"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 22 Mar 2004 18:24:52 -0700 To: secprog@securityfocus.com
Mads Rasmussen(mads@opencs.com.br)@Mon, Mar 22, 2004 at 10:42:49AM -0300:
>
> Do any of you have any experience with methodologies for software
> engineering of secure software?
I have some experience with the Cleanroom method, using the book "Toward
zero-defect programming" by Allan Stavely.
It has shown to be a reliable method for producing error free code. It is
not a method of developing any faster, you simply shift debugging time
(some of it after the software ships) to design time.
There is a decent review of the book at this site, which was written by
the teacher of the Cleanroom class I took:
http://www.nmt.edu/~shipman/reading/stavely.html
--
Bill Weiss
The reason the Poisson disk method of supersampling with jitter works is
monkeys.
-- Prof. John C. Hart, CS319 (Graphics II)
University of Illinois, Champaign-Urbana, IL
- Previous message: John Viega: "Re: secure software engineering methodology"
- In reply to: Mads Rasmussen: "secure software engineering methodology"
- Next in thread: Mads Rasmussen: "Re: secure software engineering methodology"
- Reply: Mads Rasmussen: "Re: secure software engineering methodology"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
