Re: secure software engineering methodology
From: Bill Weiss (houdini_at_nmt.edu)
Date: Mon, 22 Mar 2004 18:24:52 -0700 To: firstname.lastname@example.org
Mads Rasmussen(email@example.com)@Mon, Mar 22, 2004 at 10:42:49AM -0300:
> Do any of you have any experience with methodologies for software
> engineering of secure software?
I have some experience with the Cleanroom method, using the book "Toward
zero-defect programming" by Allan Stavely.
It has shown to be a reliable method for producing error free code. It is
not a method of developing any faster, you simply shift debugging time
(some of it after the software ships) to design time.
There is a decent review of the book at this site, which was written by
the teacher of the Cleanroom class I took:
-- Bill Weiss The reason the Poisson disk method of supersampling with jitter works is monkeys. -- Prof. John C. Hart, CS319 (Graphics II) University of Illinois, Champaign-Urbana, IL