Engineering Safe and Secure Software Systems (Artech House Information Security and Privacy)
This first-of-its-kind resource offers a broad and detailed understanding of software systems engineering from both security and safety perspectives. Addressing the overarching issues related to safeguarding public data and intellectual property, the book defines such terms as systems engineering, software engineering, security, and safety as precisely as possible, making clear the many distinctions, commonalities, and interdependencies among various disciplines. You explore the various approaches to risk and the generation and analysis of appropriate metrics.
This unique book explains how processes relevant to the creation and operation of software systems should be determined and improved, how projects should be managed, and how products can be assured. You learn the importance of integrating safety and security into the development life cycle. Additionally, this practical volume helps identify what motivators and deterrents can be put in place in order to implement the methods that have been recommended.
Contents: Definitions. Security Metrics. Software Assurance. Differentiating between Security-Criticality and Safety-Criticality. Identity Access Management Issues. Factors Affecting Safety and Security. Risk Models. The Importance of the Requirements Phase. Nonfunctional Requirements. The Transition from Requirements to Specifications. System Design and Development. Validation and Verification. The Impact of Changing Context. Operational Issues. Decommissioning. Cyber Security Economics. The Future of system Safety and Security.
Table of Contents
Chapter 1 Introduction
Chapter 2 Engineering Systems
Chapter 3 Engineering Software Systems
Chapter 4 Engineering Secure and Safe Systems, Part I
Chapter 5 Engineering Secure and Safe Systems, Part 2
Chapter 6 Software Systems Security and Safety Risk
Chapter 7 Software System Security and Safety Metrics
Chapter 8 Software System Development Processes
Chapter 9 Secure SSDLC Projects in Greater Detail
Chapter 10 Safe SSDLC Projects in Greater Detail
Chapter 11 The Economics of Software Systems’ Safety and Security
Appendix A Software Vulnerabilities, Errors, and Attacks
Appendix B Comparison of ISO/IEC 12207 and CMMI-DEV Process Areas
Appendix C Security-Related Tasks in the Secure SSDLC
Appendix D Safety-Related Tasks in the Safe SSDLC