Download Secure and Resilient Software: Requirements, Test Cases, and by Mark S. Merkow, Lakshmikanth Raghavan PDF

By Mark S. Merkow, Lakshmikanth Raghavan

Secure and Resilient software program: requisites, try circumstances, and checking out Methods presents a complete set of necessities for safe and resilient software program improvement and operation. It offers documented try out circumstances for these standards in addition to most sensible practices for checking out nonfunctional necessities for greater info insurance. This resource-rich publication includes:

• Pre-developed nonfunctional necessities that may be reused for any software program improvement undertaking
• Documented try out instances that associate with the necessities and will be used to strengthen a try Plan for the software
• checking out tools that may be utilized to the try instances supplied
• A CD with all defense standards and attempt circumstances in addition to MS be aware models of the checklists, standards, and try out circumstances coated within the book


Offering ground-level, already-developed software program nonfunctional requisites and corresponding try situations and techniques, this booklet can assist to make sure that your software program meets its nonfunctional requisites for safeguard and resilience. The accompanying CD jam-packed with beneficial checklists and reusable documentation offers you the instruments had to combine safety into the necessities research, layout, and checking out stages of your software program improvement lifecycle.

Some compliment for the Book:

This e-book pulls jointly the state-of-the-art in wondering this crucial factor in a holistic manner with a number of examples. It takes you thru the full lifecycle from notion to implementation ... .
—Doug Cavit, leader defense Strategist, Microsoft Corporation

...provides the reader with the instruments essential to jump-start and mature protection in the software program improvement lifecycle (SDLC).
—Jeff Weekes, Sr. safety Architect at Terra Verde Services

... full of worthwhile insights and sensible suggestion from authors who've lived this procedure. What you get is a tactical software safety roadmap that cuts in the course of the noise and is instantly acceptable on your initiatives.
—Jeff Williams, element protection CEO and Volunteer Chair of the OWASP Foundation

Show description

Read Online or Download Secure and Resilient Software: Requirements, Test Cases, and Testing Methods PDF

Best software development books

Agile Excellence for Product Managers: A Guide to Creating Winning Products with Agile Development Teams

Companies are consistently suffering from complicated improvement initiatives and are in look for a couple of, straight forward, and straightforward to profit ways to aid take care of their difficulties. consequently, a growing number of software program businesses are swiftly turning to Agile improvement to deal with speedy altering markets, unknown or altering product necessities, without borderlines pageant, and to resolve advanced difficulties.

Winning with Software: An Executive Strategy


The message here's that if you want to improve strong software program, rather of any major dimension, you would like a powerful technique and a staff of disciplined programmers/engineers. The operative phrases listed here are strong and disciplined. those phrases, rather the self-discipline one, resonate fairly good with us, simply because one of many major motives of an issue undertaking is the inability of self-discipline to persist with an outlined procedure. The additional message is that "quality counts" - much more so than agenda. this is often really suitable to any enterprise that makes use of software.

When the undertaking begins to "go off the track", the venture group may possibly return to what they're ok with which regularly is the "lazy" procedure. rather like a soccer group - whilst issues cross pear formed and they're at the again foot, undesirable conduct sneak in . .. .. tackles get neglected, contributors do not get into place in defence, the ball will get dropped, the go is going off track. .. .. self-discipline is going out the window!

His own software program method (PSP) and staff software program technique (TSP) will not be incompatible with the extraordinary programming (XP) or agile software program improvement circulate, even supposing the XP crowd could disagree. i don't believe Humphrey could disagree even if he's coming from the software program Engineering Institute (SEI) perspective and used to be an important participant within the SEI power adulthood version (CMM) improvement that's usually held up because the antithesis of XP.

Having stated all that and noting that the point of interest is on software program improvement, the messages are both appropriate despite what's being constructed. total, it's a solid learn with a few first-class suggestion and functional examples. So do not be eliminate via the identify and the very fact it may be a piece dry in locations, insert for software program, your specific know-how (missile, bridge, community, satellite tv for pc, communications method, and so forth) and it'll nonetheless make feel and supply you with a few helpful insights.


It extra proven our current strategy instead of taught us anything new. yet, it did enlighten us on a couple of strategies we will use to teach the price of taking a powerful and disciplined method of venture administration. loads so, we're getting one other reproduction of the publication and giving it to the executive of the venture portfolio in a single of our patron corporations. This confirms for us that this can be a publication for executives.

Leadership, Teamwork, and Trust: Building a Competitive Software Capability (SEI Series in Software Engineering)

Each enterprise is a software program company, and each enterprise can make the most of stronger software program strategies   management, Teamwork, and belief discusses the severe value of data paintings to the good fortune of recent firms. It explains concrete and helpful steps for reshaping the way software program improvement, particularly, is performed.

Offshoring IT: The Good, the Bad, and the Ugly

Reverend invoice Blunden is an alumnus of Cornell collage, the place he earned a bachelor of arts measure in physics. He additionally holds a grasp of technology measure in operations study from Case Western Reserve collage in Ohio. Reverend Blunden is an ordained SubGenius minister, and is at the moment at huge in California's Bay zone.

Extra resources for Secure and Resilient Software: Requirements, Test Cases, and Testing Methods

Example text

3 11 Medical Equipment Medical equipment is not immune to bad software either. S. firm, miscalculated10 the proper dosage of radiation for patients undergoing radiation therapy. Multidata’s software allowed a radiation therapist to draw on a computer screen the placement of metal shields called “blocks” designed to protect healthy tissue from the radiation. However, the software only allowed technicians to use four shielding blocks. Doctors in Panama wanted to use five! The doctors discovered that they could trick the software by drawing all five blocks as a single large block with a hole in the middle.

It is subject to one and only one interpretation. Vague subjects, adjectives, prepositions, verbs, and subjective phrases are avoided. Negative statements and compound statements are not used. Mandatory The requirement represents a stakeholder-defined characteristic or constraint. Verifiable Implementation of the requirement can be determined through one of four possible methods: inspection, analysis, demonstration, or test. If testing is the method needed for verifiability, the documentation should contain a section on how a tester might go about testing for it and what results would be considered passing.

Computer-aided software engineering (CASE) tool: The method includes a CASE tool. ”) Stakeholder acceptance: The stakeholders are likely to agree to the elicitation method in analyzing their requirements. For example, the method isn’t too invasive in a business environment. Easy implementation: The elicitation method isn’t overly complex and can be properly executed easily. Graphical output: The method produces readily understandable visual artifacts. fm Page 19 Sunday, July 31, 2011 10:41 AM Secure and Resilient Software: Requirements, Test Cases, and Testing 19 Quick implementation: The requirements engineers and stakeholders can fully execute the elicitation method in a reasonable length of time.

Download PDF sample

Rated 4.74 of 5 – based on 16 votes