[ISN] DHS wants to improve software security

InfoSec News isn at c4i.org
Fri Feb 3 04:28:43 EST 2006


By Michael Arnone
Feb. 1, 2006 

The Homeland Security Department wants public comment on two draft 
documents that are part of a federal program to improve software 
security, according to today's Federal Register. 

The documents are part of the Software Assurance Program that DHS 
created as part of the National Strategy to Secure Cyberspace. The 
program is designed to reduce vulnerabilities and exploitation of 
weaknesses to improve software security, particularly in software that 
critical infrastructure uses.

One document, "Security in the Software Lifecycle," aims to help 
developers and project managers of software applications establish 
strategies to make sure new software products are more secure. 

The second, "Secure Software Assurance - Common Body of Knowledge," 
would help colleges and the private sector create curricula to train 
people in software assurance. 

The documents and an online comment form are available at the Build
Security In Web site [1]. Comments on the two documents are due by
Feb.  21.

[1] http://buildsecurityin.us-cert.gov/

More information about the ISN mailing list