SAFECode Blog

Interpreting the BSIMM: A SAFECode Perspective

November 10th, 2011

Today SAFECode published Interpreting the BSIMM: A SAFECode Perspective on Leveraging Descriptive Software Security Initiatives. The goal of the paper is to provide SAFECode’s perspectives on the BSIMM and address the questions that we often get about how our guidance relates to the data released through the BSIMM effort.  It expands on my recent blog post that discussed the differences between descriptive and prescriptive software security guidance.

While I encourage you to read the paper, and won’t attempt to summarize it here, I will highlight a few key points we think are worth remembering when you review the BSIMM data.

First, the BSIMM covers much more than secure engineering practices, and in many ways is weighted toward operational security and compliance activities.  This is a point often lost in conversations around the BSIMM data and something worth strongly considering if you plan to use the data to review your software security efforts.  In fact, a strict adoption of the practices that the BSIMM reports as most prevalent would not address what SAFECode considers the root cause of the problem: poor secure coding practices. Thus, while many SAFECode members participate in and support the BSIMM, none of them uses it as an arbiter of proper secure development practice.

Another point not often discussed is that being a “snapshot in time” of current observed practices, the BSIMM will not capture emerging practices in software security. Thus, those looking to use the BSIMM should consider supplementing its data with more prescriptive guidance, which tends to highlight these trends and put more emphasis on such shifts. The BSIMM will eventually capture these changes, but recognition of such changes can only be achieved using historical data.

For more details on these issues and additional SAFECode observations, I encourage you to read the short paper.  I’d also like to emphasize that while SAFECode thought it was important and appropriate to provide its perspective on the BSIMM as part of its ongoing efforts to provide software security guidance to technology providers, our goal is not to minimize its value or significance.

In fact, the BSIMM provides real value when interpreted correctly.  It is perhaps the only source of real-world, quantitative data on the software security programs across a broad range of organizations.  The BSIMM provides the software security practitioner with a non-judgmental lens into a broad spectrum of security activities whose scope extends beyond secure software development.

And, while there are some important differences between the guidance SAFECode provides and the BSIMM initiative, we are all working toward a common goal - to improve the state of software security. And that is something we should all support.

Posted in Uncategorized | No Comments »

SAFECode and the BSIMM: Two Paths to a Common Goal

September 30th, 2011

This week, Gary McGraw and his team released the third version of the Building Security In Maturity Model (BSIMM3).  On behalf of SAFECode, I’d like to congratulate the entire team on another successful release of what has become a great resource for the security community.

With the BSIMM’s third release, comes another wave of questions regarding SAFECode and the BSIMM and how the two efforts fit together.  In fact, I have gotten enough questions about this that SAFECode will take a closer look at the BSIMM in a longer form document we hope to release later this fall.

In the meantime, though, I’ll try to answer the basic question on the differences between the BSIMM and SAFECode.  It is more than just the number of firms who participate; rather, it is the difference between descriptive and prescriptive guidance on improving software security.

The BSIMM is about collecting data that describes the things firms across a broad set of verticals do today.  It does not - and this is important - describe what they should do. As a descriptive model, it doesn’t make judgments. The BSIMM won’t tell you what to do or how to do it, and it doesn’t weigh which practices are more effective in some verticals or which practices might be more effective in others.  Its authors’ intention is to observe and report on the frequency of use of particular security practices within a set of IT organizations - and thus allow the reader to form their own conclusions about what constitutes effective security development practice.

SAFECode is supportive of the BSIMM work and we are pleased with the success of its third release.  In fact, nearly all of our members have joined in the effort because we all share a common goal - to improve software security. But, at SAFECode, we are taking a different path to that goal.

SAFECode members represent one vertical.  It is composed of commercial software providers and our recommendations and efforts speak from that perspective.  It is SAFECode’s belief that large commercial software providers have a unique set of software security requirements, and thus, our efforts focus on the needs of these organizations and their customers.

Perhaps more important, SAFECode has chosen a prescriptive approach that emphasizes the use of security practices and techniques that have proven to be effective at each of the SAFECode member organizations.  It makes deliberate value judgments regarding security practices and prioritizes those that were recognized by SAFECode experts as having the most impact - regardless of organizational size, resource pools or computing platform.  In this spirit, it is important to note that SAFECode is primarily focused on engineering best practices.

While the BSIMM’s open ended “here’s what everybody else is doing” approach may help organizations identify blank spots in their development security landscape, or assist them in picking activities, SAFECode offers detailed advice for developers on recommended practices for design, coding and testing.  This is an important distinction that we’ll dive into further in our upcoming paper.

In sum, SAFECode’s commercial software-focused, prescriptive approach offers software security practitioners a blueprint for secure engineering best practices based on what we judge to be most effective as a result of our collective, real-world experiences. The BSIMM’s descriptive approach provides the software security practitioner with a non-judgmental lens into software security activities across a broad spectrum of organizations.

Strong industry collaboration can only have a positive impact on the state of software security.  The two approaches, either in concert or independently, can be used by any organization to review and improve their software security program.  Further, when viewed together, we believe SAFECode and the BSIMM are a powerful combination in the broader industry effort to advance software security.  Thus, we encourage you to take a look at the new data the BSIMM3 offers.

Posted in Uncategorized | No Comments »

Software Security Sucks? Ok, So Let’s Do Something About It

April 20th, 2011

Yesterday, Veracode released the 3rd Volume of its State of Software Security report (registration required). This version of the report was especially interesting to us at SAFECode given its focus on the software industry. Unfortunately, the report’s conclusions highlighted what most of us already knew - the software industry has more work to do in the area of software security. The software security community will take time to digest the data and its significance, but at SAFECode we’re already focused squarely on how we as an industry can continue to get better.

SAFECode has brought together subject matter experts in an effort to identify vendor best practices for secure software development. To do this, our members roll up their sleeves and compare notes on their software security programs - the challenges they face, the lessons they’ve learned, the successes they’ve had and what they think others can learn from their experiences. We’ve taken the best of this information, analyzed it and shared it in an effort to help others in the software industry initiate or improve their own programs. We think commercial software providers will find our papers and reports practical, actionable and relevant to their environments.

Whether motivated by the Veracode report or just the nagging sense that your organization can do better, we encourage anyone interested in improving the security of the software they produce to take a look at this work and see how they can apply it to their own environment.

  • Fundamental Practices for Secure Software Development, 2nd Edition
    • This report provides a foundational set of secure development practices based on an analysis of the real-world actions of SAFECode members. It also highlights tools and techniques to help verify that development teams are following prescribed security practices.
  • Framework for Software Supply Chain Integrity
    • This report takes a step back to define an industry-driven framework for analyzing and describing the efforts of software suppliers to mitigate the potential that software could be intentionally compromised during its sourcing, development or distribution.

Finally I’d like to emphasize that at SAFECode, we’ve learned a lot from the innovations and successful efforts at individual companies and this would not be possible without our members’ commitment to collaboration and their willingness to share information. Reports like Veracode’s also represent an effort to share information and new data points to consider as we, and others, continue our efforts to improve software security. So I’d like to thank Veracode for sharing this information with the community. And - shameless plug alert - I’d also like to encourage other commercial software vendors interested in working together to make our industry better to take a closer look at SAFECode and consider joining our efforts.

Posted in Development Practices, Software Integrity, Supply Chain | No Comments »

SAFECode Updates Guidance on Secure Development Practices

February 8th, 2011

Today, we were very excited to release the 2nd edition of our Fundamental Practices for Secure Software Development paper. The report is intended to help others in the industry initiate or improve their own software security programs and encourage the industry-wide adoption of foundational secure development methods.

I would like to take a minute to thank the primary authors of the paper for their tireless efforts over the last nine months in getting this paper ready to publish. SAFECode is fortunate to have a membership made up of folks who aren’t afraid to roll up their sleeves and get to work.

  • Mark Belk, Juniper Networks
  • Matt Coles, EMC Corporation
  • Cassio Goldschmidt, Symantec Corp.
  • Michael Howard, Microsoft Corp.
  • Kyle Randolph, Adobe Systems Inc.
  • Mikko Saario, Nokia
  • Reeny Sondhi, EMC Corporation
  • Izar Tarandach, EMC Corporation
  • Antti Vähä-Sipilä, Nokia
  • Yonko Yonchev, SAP AG

It’s been more than two years since we released the original edition of this paper and it continues to be SAFECode’s most in-demand publication.  In fact, it has been downloaded more than 50,000 times since its release.  But in that time, the process of building secure software has continued to evolve and improve.  The second edition of the paper disseminates the new knowledge SAFECode has gathered since the original’s release and provides new tools and improved guidance for those implementing the paper’s recommended practices.

Here is what’s new:

  • We refined the paper to focus on the core areas of design, development and testing as some of the other related areas from the first paper, such as training and secure code handling, were given detailed treatment in other SAFECode papers.
  • We expanded and updated the guidance and references for each of the listed practices.
  • We added a new design practice to the list - sandboxing - which has seen a small number of high profile implementations since our original paper was released.
  • We included Common Weakness Enumeration (CWE) references for each of the listed practices to provide a more detailed illustration of the security issues these practices aim to resolve. We also hopes this provides a more precise starting point for those looking to learn more.
  • We added Verification guidance for each listed practice to help address an important challenge for those managing software security programs - the need to verify that the development teams correctly followed prescribed security practices. This was a significant new addition, and an emerging area of work, so we are looking forward to gathering more feedback from readers on this section. However, our hope is that this will be another tool to aid in the successful implementation of these practices.

One of the more striking aspects of our work in putting this paper together was an opportunity to review the evolution of software security practices and resources in the two years since the first edition was published.  Though much of the advancement is a result of innovation happening internally within individual software companies, an increase in industry collaboration has amplified these efforts and contributed positively to advancing secure development practices across the industry. To keep this positive trend going, we encourage other software providers to continue to contribute to a broad industry dialogue on advancing secure software development.

For our part, we will continue to review and update the practices in this paper based on the experiences of our members and the feedback from the industry and other experts.  To this end, SAFECode encourages your comments and contributions, especially to the newly added work on verification methods.  (So congratulations authors on today’s release, but your work is not yet done!)

dev-graph

Posted in Announcements, Development Practices | No Comments »

Guest Blogger: IT Supply Chain Risk Assessment

July 26th, 2010

Today we have a guest blogger -  Chris Fagan, Senior Director, Trustworthy Computing, Microsoft. Chris discusses IT supply chain risk assessment.

The assessment of supply chain risks in information technology systems is an area of increasing interest. NIST has recently released an internal report for public comment, IR7622 “Piloting Supply Chain Risk Management for Federal Information Systems.” This report takes an expansive view of IT supply chain risks and this presents cyber security professionals with challenges. One challenge is to identify the potential vulnerabilities that need to be threat modeled and integrated into current risk assessment practices. To identify potential vulnerabilities, a broad-brush approach is required.

An IT system harbors vulnerabilities originating from different sources. These sources range from the practices used to operate the system, the “path” IT elements take before being incorporated into the system, the IT elements themselves that comprise the system, and finally changes that occur during the system’s lifetime.

The plethora of potential vulnerabilities associated with the practices used to operate an IT system and its elements can be organized into a number of buckets based on their source:

a. End User Practices: Poor end-user practices, e.g. no or weak passwords; trawling the web; opening suspect emails.

b. IT System Operating Practices: Poor system operating practices, e.g. not updating patches; the broad use of system accounts.

c. IT System Configuration: Miss-configuration of otherwise sound IT elements, e.g. open ports; insufficient security between elements.

d. Counterfeit Elements: Counterfeit hardware or a counterfeit component within an element, e.g. purchased through a grey market; switched somewhere between supplier and integrator.

e. Element Weaknesses: An unintentional weakness in the fabric of the material of a genuine IT element or component, e.g. hardware errors, coding errors, fatigued code (code which met best practices when developed, but has since become vulnerable as attack techniques improve).

f. Tampering: A genuine IT element is intentionally altered during development, transport, maintenance or during operation, e.g. malware inserted, Hardware and Software Integrity.

These buckets assist risk professionals in three ways. First, they provide a checklist to ensure that common sources of vulnerabilities have been considered. Second, risk reduction activities can be focused on each bucket. And third, the improved measurement enabled by these buckets helps when calculating the return on investments made to mitigate risks.

These buckets are populated with potential vulnerabilities that originate during a system’s lifetime. This lifetime is punctuated by two milestone events – system commissioning and system retirement. These milestones segment a system’s lifetime into three phases – integration, operation and disposal. Potential vulnerabilities can be identified in each phase. Say for example, the threat being considered is that a counterfeit hardware component contains a potential vulnerability. One can ask in which phase a component is incorporated into the IT system, for instance, is it incorporated prior to the system being commissioned or is it introduced as a replacement part 10 years into the system’s life? Controls against the different threats that could introduce a counterfeit component need to be applied in the appropriate phase.

One can also ask about the “path” by which a component or element arrives in a system. An IT system’s supply chain is the collection of supply chains for each of the system’s elements. Broadly interpreted, an IT element can be hardware, software, or even services since the operation and maintenance of an IT system is a service that may be outsourced. For example, if a control, designed to mitigate the threat posed by a counterfeit component, was to purchase an additional genuine component during the integration phase and store it until needed, then access to storage needs to be secured. Thus storage is one location in the component’s supply chain and potential vulnerabilities associated with that presumably secure storage need to be identified.

The buckets listed above provide a framework that assists security professionals in making informed supply chain risk assessments. The examples provide a flavor for how vulnerabilities are identified by considering where in an IT system vulnerabilities manifest themselves, the phases in an IT system’s lifetime, and the path components and elements take prior to arriving in the IT system.

Posted in Uncategorized | No Comments »

New SAFECode Report: Overview of Software Integrity Practices

June 14th, 2010

Feedback Wanted

Today has been an exciting day for SAFECode.  We are very pleased to release our latest report: Software Integrity Controls: An Assurance-Based Approach to Minimizing Risks in the Software Supply Chain.”

For the past year, we’ve been bringing together subject matter experts from all of our member companies to identify and analyze the controls they use to minimize the risk that insecure processes, or a motivated attacker, could undermine the security of a software product as it moves through the links in the global supply chain.  This paper represents the best of those discussions.  Using the real-world experiences of SAFECode members, we were able to develop a set of actionable recommendations for others in the industry looking to reduce the risk of vulnerabilities being inserted into a software product during its sourcing, development and distribution, which we refer to as “software integrity controls.”

controls-chart

It is worth noting that the paper builds upon our previously released Software Supply Chain Integrity Framework,” which defines a taxonomy for describing supply chain security in the context of software assurance.  We had never planned to develop the framework paper, hoping instead to jump into discussions of controls and practices (SAFECode members are a technical bunch, after all).  However, as soon as we embarked on the project, it became immediately clear that we needed a common language to discuss software integrity issues, and more broadly, software supply chain security.  So I recommend that you take a look at look at that paper as well, since it adds useful context to this discussion.

SAFECode believes that broad industry adoption of software integrity practices can greatly improve customer confidence in IT systems.  And, while we are proud of the fact that this report represents the first industry-led effort on software integrity, we also recognize that this in an emerging area. As such, we encourage public comment on this paper and ideas for future software integrity projects.  We look forward to continuing the conversation!

PS- You can now find us on Facebook and Twitter!

5u84f48n

Follow SAFECodeForum on Twitter

Posted in Uncategorized | No Comments »

SAFECode and BSIMM: A Powerful Combination in the Work to Improve Software Security

May 12th, 2010

I am frequently asked about SAFECode’s opinion of the Building Security In Maturity Model (BSIMM) and how it differs from our own efforts. So, with the release of BSIMM2 today, I thought it might be a good time to talk a little about BSIMM and how it relates to our work at SAFECode.

It should go without saying that SAFECode is extremely supportive of the BSIMM work and we are thrilled with the success of BSIMM2.  In fact, if you take a look at its participants, you will note that nearly all of our members have joined in the effort or are planning to join.  Further, a number of our members are represented on the newly announced BSIMM Advisory Board.

So why do these companies dedicate time to both SAFECode and BSIMM?

As Gary McGraw will tell you, BSIMM is about science. It is a descriptive model for software security and provides a way to assess the state of an organization in relation to its peers. As a descriptive model, it doesn’t make judgments. It won’t tell you what to do or how to do it, and it doesn’t weigh which practices are more effective than others – it simply offers data on what is currently being done.

Actually the use of the word “simply” is a bad choice. The truth is that a tremendous amount of work went into to collecting and analyzing this data. The latest release, BSIMM2, triples the size of the original study from nine organizations to 30, across a range of seven overlapping verticals including: financial services (12), independent software vendors (7), technology firms (7), healthcare (2), insurance (2), energy (2) and media (2). BSIMM2 now reports the collective expertise of 635 people in firms with 130 years of collective experience.

This is an impressive amount of industry participation, especially when one considers the detail and scope of BSIMM2, which now offers clear descriptions of 109 software security activities in use today. The combination of broad industry participation and a hardworking BSIMM team has resulted in an extremely valuable set of data and a helpful taxonomy for describing software security practices. The question for SAFECode is how do we leverage this work to make ourselves better? And that is precisely where the two efforts come together.

At SAFECode, we also share practices amongst our members and with the industry at large.  But our goal is not to be descriptive. Rather, we are working to improve on the current state-of-the-art in software assurance. SAFECode members come together to work on answers to tough questions. For instance, how can we measure which of these practices are most effective?  How can our internal software security teams verify that each of our chosen practices is being done to our internal standards?  How can we leverage our software assurance programs to positively impact the security of the larger IT system supply chain? How can we get better at training our teams?  How can we get better at communicating with our customers?

SAFECode believes that finding answers to these questions relies in part on an objective understanding of what is being done today – and this is exactly what BSIMM offers. In this way, BSIMM2 provides not only an excellent yardstick for corporate software security programs, but also a foundation for future industry work to make us all better.

Thus when viewed together, we believe SAFECode and BSIMM are a powerful combination in the industry’s efforts to advance software security.  We congratulate the BSIMM team on its successful release of BSIMM2 and we are excited about the opportunity to work with the new data.

And, of course, we invite you to join us.

Posted in Uncategorized | No Comments »

INTRODUCING OUR NEWEST SAFECODE MEMBER: ADOBE Interview with Brad Arkin, Director of Product Security and Privacy at Adobe

September 29th, 2009

Following up on the announcement today that Adobe Systems Incorporated has joined SAFECode, I interviewed Brad Arkin, who will be serving as Adobe’s representative on SAFECode’s Board of Directors. Brad Arkin is the director of Product Security and Privacy at Adobe, where he is responsible for cross-company coordination and initiatives related to security and privacy. I asked Brad a few questions to learn a little about him, his role at Adobe, and why Adobe has joined SAFECode.

arkin

Q: What is your role at Adobe?
I manage two teams. One is the Adobe Secure Software Engineering Team, or ASSET. The other is the Product Security Incident Response Team, or PSIRT. The ASSET group coaches and evangelizes software security principles with development teams to make sure that security is most properly incorporated into software development to mitigate the risk of any security problems. Whenever a potential problem does make it into a product, our incident response team coordinates with other folks in the security community and begins working with our engineering teams on triaging the issue and getting a patch out the door.

Q: Can you tell us a little about Adobe’s software development programs?
We have thousands of software developers located around the world. And, at any time, we have hundreds of projects under development. Both Adobe Flash Player and Adobe Reader have some of the widest reach of any software product. For example, Flash Player is on close to 99 percent of all Internet connected devices. So we have a massive install base for our software.

The code that we write gets deployed on pretty much every platform—whether it’s Windows, Mac, Linux or others. We’ve built desktop products, mobile products, server products and services.  To meet these diverse requirements, we use a combination of agile processes and formal methods.  We also build platforms that other people write code for, which means that we’re thinking not only about how to make our own software secure, but also how to help other developers make their software secure.

Thus, the secure development processes that we use have to be effective across a wide range of environments, methods and product types.

Q: Why did Adobe join SAFECode?
We take software security very seriously and are always looking to build upon what we’ve been able to accomplish so far.  We have a mature software security process and have developed a lot of experience in this area that we feel we can share in an effort to help the industry advance software assurance practices. We’re also looking forward to learning from the other SAFECode members and sharing some lessons that we’ve learned with them. In addition, there are some specific industry-wide initiatives that we’re looking to help drive through SAFECode, such as effective patch management across platforms.

Q: Are there any challenges in software assurance that Adobe is looking forward to working on with SAFECode?
A big challenge is how fast the threat landscape changes. An example is that 10-15 years ago, buffer overflow attacks were largely theoretical. Now they are common, and we’re seeing some pretty exotic kinds of attacks. The flip side is that companies are shipping code that, in some cases, might be as old as 10-15 years. We need to go back and improve the security of that code without decreasing the functionality of the programs. How do we efficiently improve code that was developed under different circumstances so that it meets today’s security challenges?  As a company and an industry, we’ve made a lot of progress in this area, but there is still work to do and we feel SAFECode provides a great platform for continuing these efforts and addressing these kinds of challenges.

—–
Brad Arkin is director of Product Security and Privacy at Adobe Systems Incorporated. He is responsible for the Adobe Secure Software Engineering Team (ASSET) and Product Security Incident Response Team (PSIRT), as well as cross-company coordination and initiatives related to security and privacy. Arkin has worked in software security for more than 12 years. He served as a Technical Director for @Stake’s New York office and as a Senior Manager at Symantec. Earlier, Arkin worked at Cigital, where he co-founded the company’s software security group. Arkin holds a BS in computer science from the College of William and Mary, a MS in computer science from George Washington University, and MBA degrees from Columbia University and London Business School.

Posted in Announcements | No Comments »

Security, Integrity and Authenticity: The Tripod of Software Assurance

July 24th, 2009

As a follow-up to the release of SAFECode’s paper, “The Software Supply Chain Integrity Framework: Defining Risks and Responsibilities for Securing Software in the Global Supply Chain,” I thought I would elaborate on a core concept of the report: the definition of software integrity and how it relates to software assurance.

Software assurance is most frequently discussed in the context of ensuring that code itself is more secure through the repeatable application of secure software development practices.  These practices, however, only represent one aspect of software assurance.

SAFECode defines software assurance as “confidence that software, hardware and services are free from intentional and unintentional vulnerabilities and that the software functions as intended.”  To achieve software assurance, suppliers take action in three key areas:

•    Security: Security threats are anticipated and addressed in the software’s design, development and testing.
•    Authenticity: The software is not counterfeit and customers are able to confirm that they have the real thing.
•    Integrity: The processes for sourcing, creating and delivering software contain controls to enhance confidence that the software functions as the supplier intended.
untitled1

SAFECode’s recent paper on software supply chain integrity provides a framework for analyzing and describing the efforts of vendors to ensure software integrity. I think of the difference between secure development practices and software integrity practices this way: Secure development practices address the security characteristics of the code itself, while software integrity practices address the security of the process used to source, build, test and deliver the code.

Software integrity practices complement secure development practices by minimizing the risk of malicious code being intentionally inserted in the global software supply chain.  They represent one leg of the software assurance tripod.  Software integrity, authenticity and security together form a sound basis for confidence that software is free from intentional and unintentional vulnerabilities and that the software functions as intended.

Next time: We’ll take a closer look how software integrity practices relate to the global software supply chain.

Posted in Development Practices, Software Integrity, Supply Chain | No Comments »

SAFECode’s Framework for Software Supply Chain Integrity

July 21st, 2009

Today, SAFECode publicly announced its efforts to address software supply chain integrity with the release of a new paper, “The Software Supply Chain Integrity Framework: Defining Risks and Responsibilities for Securing Software in the Global Supply Chain.” The paper outlines the first industry-driven framework for analyzing and describing the efforts of software suppliers to mitigate the potential that an IT solution could be compromised by the intentional insertion of malicious code into the solution’s software during its sourcing, development or distribution.

As the software industry has become increasingly globalized, questions have been raised about what additional product security and brand risks are introduced by the increased distribution of software development activities, how these risks should be assessed, and what proactive measures can minimize their occurrence.  These questions are of interest to both customers and suppliers and have been aggregated under the label “software supply chain integrity.”

The challenge we faced when we started this project was that the concept of “software supply chain integrity” and its key components of “software supply chain” and “software integrity” were not commonly understood.  As such, we felt that there was great value in developing a framework and common taxonomy that would serve as the foundation for our subsequent work aimed at identifying and analyzing software integrity best practices.  Releasing the framework publicly provides us with an opportunity to solicit feedback on our approach, helping to ensure that our future papers are as useful and relevant as possible.

However, the development of this framework is just the first step in our effort to address software supply chain integrity.  Our members are working together to identify the threats, assess the risks, share current practices for mitigating those risks, and develop process guidelines that other software companies should consider adopting to protect the integrity of the software they produce through the global supply chain.  SAFECode will be publishing our findings later this year to extend these practices across the industry and provide customers with additional insight into how to view and evaluate the processes by which software integrity is achieved.

Though experts have concluded that the software supply chain is not the most likely attack vector, the fact that a risk does exist requires preventative action. Further, the interdependencies of the IT ecosystem require software suppliers to not only be able to demonstrate the security of the products they produce, but also evaluate the integrity of products they acquire and use.  For these reasons, we believe that every software supplier has a significant stake in the identification, communication and evaluation of best practices for ensuring software integrity.

I will be highlighting key elements of our framework in a series of blog entries.  Next up: what is software integrity and how does it relate to software assurance?

Posted in Software Integrity, Supply Chain | No Comments »

« Older Entries

© 2007-2009 Software Assurance Forum for Excellence in Code (SAFECode) - All Rights Reserved