3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 1

Secure Software Engineering inHigher Education andProfessional Societies

Samuel T. Redwine, Jr.James Madison University

Software AssuranceObject Management GroupFebruary 15, 2006

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 2

Overview

• Secure Software Assurance• Higher Education Activities• Professional Society Activities

– Organizations– Publications– Events

• Conclusion

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 3

Secure Software Assurance

• Assurance• Justified Confidence• Assurance Case• Uses of Assurance Case• Body of Knowledge

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 4

Assurance

• “Assurance” is used in severalways, but underlying conceptis to reduce uncertainty

• To rationally decide to usesoftware in dangeroussituation one needs– The software– Justified confidence in it

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 5

Justified Confidence

• To have one’s uncertaintyreduced so have justifiedconfidence in a security claimneed convincing– Evidence– Arguments that tie evidence to

claim• Implies valid evidence and

argumentsTogether these make the “assurance case”

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 6

Uses of Assurance Case

• Planned assurance case helpsdetermine development planand activities

• For developer: assurance casecontents (so far) need to beadequate at each step– Especially release

• Assurance case helps decidepurchase and use

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 7

Secure Software AssuranceBOK• Body of knowledge document out

for review (until Feb. 21st)– At buildsecurityin website under

Additional Resources– (https://buildsecurityin.us-

cert.gov/portałresources/)• Identifies knowledge and gives

references• Approximately 225 pages• To be issued in March• Government, industry, and

academic involvement

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 8

Higher Education Status

• Depending on how one counts onecan identify between two andtwenty-two institutions that teachsecure software engineering

• Few regular software securitycourses or programs offered

• Secure Software Assurance body ofknowledge out for review

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 9

Higher Education Activities

• Naval Post Graduate School– Number of Masters theses

• James Madison University– Secure Software Engineering Masters

• Carnegie Mellon University– CyLab– Computer Science Department– Software Engineering Institute

• Northeastern University– Engineering Secure Software

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 10

Example Single Topic Courses

• Purdue– Secure Programming

• George Mason University– Secure Programming

• Princeton– Secure Internet Programming

• Columbia– Programming-heavy Network

Security

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 11

Textbooks

• Only one of the major SoftwareEngineering textbooks treatssecurity– Sommerville 7th edition treats critical

systems (and safety) at length andsecurity briefly but explicitly in thiscontext

• None of the many SoftwareQuality Assurance texts I haveexamined treat security in morethan passing

Software security books:•Gasser 1988 last introductory text to emphasize high security•Few professional books go much beyond programming

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 12

Funding for Curricula

• Microsoft has given a numberof modest awards to improveeducation in TrustworthyComputing and SoftwareEngineering

• Federal funding has beenquite modest

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 13

Professional Society Activities

• Organizations– ACM Risks Forum– IEEE CS TCSE Committee on Secure

Software Engineering– NDIA committee on software

assurance• Publications

– ACM Trans. Info and System Security– IEEE Trans. Dependability and

Security– IEEE Security and Privacy magazine

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 14

Events

• IEEE InternationalSymposium on SecureSoftware Engineering March13-15 in Arlington VA

• Software Engineering forSecure Systems Workshop

• Workshop on Secure SoftwareEngineering Education andTraining

Also: DHS Software Assurance Forum, NIST Workshops on tools andmetrics, and NDIA Software Assurance events

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 15

Professional Examinations

• Canadian Council of ProfessionalEngineers has an elective SoftwareEngineering examination onSecurity/Safety

• British Computer Society exams mentionsecurity under networking and distributedsystems topics (not SwE)

• IEEE Computer Society Certified SoftwareDevelopment Professional exam does notcurrently cover security– SWEBOK Guide should add “soon”

3/21/06 Copyright © 2006 Samuel T. Redwine, Jr. 16

Conclusion

• Must have Software andJustified Confidence

• Higher education effortslimited but growing

• Professional societypublications and events exist

• Secure Software Assurancebody of knowledge out forreview