User Account

All Pages

Identify a non-traditional software development model

Assignment Help Software Engineering
Reference no: EM131697205

Assignment

Create a software assurance guidelines document shell in Word. It should include the following:

• Create a title page

o Course number and name
o Project name
o Student name
o Date

• Table of contents (TOC)

o Use autogenerated TOC
o Separate page
o Maximum of 3 levels deep
o Update the TOC before submitting your project

• Section headings (create each heading on a new page with "TBD" as content, except for sections listed under New Content below)

o Project Outline
o Security in the Development Life Cycle
o Software Assurance Techniques
o Security in Nontraditional Development Models
o Security Static Analysis
o Software Assurance Policies and Processes

• Project outline and requirements

o Brief description of the organization (can be hypothetical) and where the guidelines will be implemented
o Company size, location(s), and other pertinent information
o List of the software applications provided by the company for the government

- The software list must include at least 1 desktop and 1 Web application.
- A database must be used with one of the applications.

o A summary of the software development organization within the company, employees and reporting structure, systems and technologies used for software development, testing, source control, and document storage

- Material can be taken from the approved proposal that was submitted to the instructor (ensure that this project is approved by the instructor).

• Security in the development life cycle

o Provide an outline of the SDLC model that is used in your organization, including each of the major phases.
o This should be a traditional SDLC. Extended models, such extreme programming, will be covered in a later section.
o Identify specific components of the security development model that can be applied to each of the phases of your SDLC model.
o For each pairing of security development model component to SDLC model phase, describe how the security model is applied and the major tasks that are involved.

Complete the Software Assurance Techniques section.

• Analysis:

o List and describe at least 3 software applications that are produced by the organization. The applications must include at least 1 desktop application and 1 Web application.

- One of the applications must use a database for data storage.

o Identify at least 2 areas of each application that are at security risk, and describe the possible threats and their implications to the organization and to the client (in this case, the government).

o For each security risk, identify at least 1 software assurance technique that can be applied to reduce the security threat.
• Guidelines:

o Based on the analysis that was performed in the previous step, prepare a set of software assurance guidelines that the organization can use for all of the applications that it creates.

o Guidelines should be categorized by the type of software application and if the application is using a database for data storage or not.

o Guidelines should identify the software assurance technique to be applied, and they should provide sufficient detail to allow the software development group to implement the technique.

Security in Nontraditional Development Models section:

• Identify a non-traditional software development model that could be used by your company.

• Provide a summary of the major steps in the development model, and describe the potential security threats for each step.

• Using the security development model as the foundation for analysis, develop and document appropriate policies and processes for each security risk that will minimize the threat.

• Association with the security development model should be demonstrated in the policies and processes.

Complete the Security Static Analysis section:

• Prepare a design for an application your organization might produce.

• Include appropriate diagrams to identify the major components of the application.

• Describe the major components and potential security issues where appropriate and as related to the security development model.

• Create code samples in C, C++, or Java to illustrate the tenets of the security development model.

• Identify at least 3 security static-analysis tools, and prepare guidelines for how they would be used in the sample code and throughout the software development in the company

• Software Assurance Policies and Processes section:

• Prepare a plan for the training of the software developers in the organization on the new software assurance guidelines.

• Define the metrics that will be collected to track the effectiveness of software assurance in the company.

o Include a description of how each of the metrics will be obtained and used.

• Identify the roles and responsibilities of the members of the security team with respect to software assurance in the organization.

• Software assurance guidelines document, final version:

• Review the entire document for any changes and improvements you would like to make.

• Ensure that this final version of the plan is sufficiently detailed to allow the organization to confidently move forward with software assurance based on your findings.

• Any previous instructor feedback should be addressed with appropriate changes.

Reference no: EM131697205

Questions Cloud

How does organizational theory relate to the real world : How does organizational theory relate to the real world? What are the implications of organizational theory for change managers?
Capital asset pricing model : If the risk free rate is 4 %, the expected return on the market portfolio is 12% and the beta of Stock B is 0.9, what is the required rate of return for Stock B
Describe potential stakeholders indirectly involved : Describe potential stakeholders directly or indirectly involved. Specifies the overall objective and any outcomes for this project.
Identify the relevant consideration for given problem : Sam is at the post office to mail a package. After he pays for mailing the package, the clerk asks if he would like to buy some stamps.
Identify a non-traditional software development model : Identify a non-traditional software development model that could be used by your company. Identify 2 areas of each application that are at security risk.
What happens if contributory negligence applies : Kendra Knight took part in a friendly game of touch football. She had played beforeand was familiar with football. Michael Jewett was on her team.
Analyze one element of poetry in selected poems : The research paper should analyze one element of poetry in selected poems. Choose together a literary movement (such as realism, modernism, etc.)
How would you create a chain of custody for the evidence : How would you create a chain of custody for this evidence? What are the limitations when protecting evidence only found online or in the cloud?
How does learning about the history of the new testament : How does learning about the history of the New Testament and Jewish life in the time of Jesus change your view of the Gospels or Christianity?

Reviews

Write a Review

Software Engineering Questions & Answers

  End users must be involved in database design in a limit

End users must be involved in database design, but only to  degree. What are you are your toughts do you agree or did agree why or why not.

  Effects on a political campaign

The Internet was first extensively used in American political campaigns during the 2004 presidential election. Since then, the Internet has been used for many political agendas ranging from local city politics to presidential elections.

  Design a software class diagram for the use case

Design a software class diagram for the Use Case (Make Appointment) for patient

  Types of boundary classes

What makes a good analysis class. The three types of boundary classes are

  Prepare a document that guides your client

Prepare a document that guides your client in program preparation and includes an example console program.

  Research the following financial off balance sheet

research the following financial off balance sheet instrumentsaforeign currency forwards exchange contract binterest

  Computing open-circuit voltage and short-circuit current

Compute the open-circuit voltage and short-circuit current of combination of cells.

  Continuing to build rx companys marketing plan this

continuing to build rx companys marketing plan this assignment focuses on branding pricing and distribution of your

  Description of functional and nonfunctional requirements

A detailed description of both functional and nonfunctional requirements. At least four (4) functional requirements and four (4) nonfunctional requirements should be provided

  Briefly discuss the erp system or erp software application

Briefly discuss the ERP system or the ERP software application and include how this resource can help an organization manage important aspects of its business

  Suppose you have algorithm with the five running times

Suppose you have algorithm with the five running times listed below(assume these are the exact running times)how much slower do each of these algorithms get when you (a) double the input size ,(b) increase the input size by one?

  Describe your chosen architecture pattern

Include charts or diagrams created in Visio or an equivalent such as Dia. The completed diagrams / charts must be imported into the Word document before the paper is submitted.

Free Assignment Quote

Assured A++ Grade

Get guaranteed satisfaction & time on delivery in every assignment order you paid with us! We ensure premium quality solution document along with free turntin report!

Submit Assignment

Academics

Major Subjects

Majors

Get In Touch

whatsapp: +1-415-670-9521

Phone: +1-415-670-9521

Email: [email protected]

TERMS & POLICIES

HELP & SUPPORT

All rights reserved! Copyrights ©2019-2020 ExpertsMind IT Educational Pvt Ltd