SwA in Education, Training & Certification - US-Cert
SwA in Education, Training & Certification - US-Cert
SwA in Education, Training & Certification - US-Cert
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Curriculum and Tra<strong>in</strong><strong>in</strong>g Guides<br />
Table 1– <strong>SwA</strong> Curriculum and Tra<strong>in</strong><strong>in</strong>g Development Guides<br />
Identifier Relevant Documents and L<strong>in</strong>ks Purpose<br />
<strong>SwA</strong> CBK<br />
and<br />
Organization<br />
of Pr<strong>in</strong>ciples<br />
and<br />
Guidel<strong>in</strong>es<br />
<strong>SwA</strong><br />
Curriculum<br />
Project 1<br />
Software<br />
Security<br />
Assurance<br />
SOAR<br />
Towards an Organization for Software System Security<br />
Pr<strong>in</strong>ciples and Guidel<strong>in</strong>es. Version 1.0, Samuel T.<br />
Redw<strong>in</strong>e, Jr., https://buildsecurity<strong>in</strong>.uscert.gov/bsi/dhs/927-BSI.html<br />
Software Assurance Body of Knowledge. Version 1.2,<br />
Samuel T. Redw<strong>in</strong>e, Jr. (Editor), DHS,<br />
https://buildsecurity<strong>in</strong>.us-cert.gov/bsi/dhs/927-<br />
BSI.html<br />
Volume I: Master of Software Assurance Reference<br />
Curriculum. Mead, Nancy R. et al. SEI/CMU.<br />
http://www.cert.org/mswa/ ;<br />
http://www.cert.org/podcast/show/20101026mead.<br />
html<br />
Volume II: Undergraduate Course Outl<strong>in</strong>es. Mead,<br />
Nancy R. et al. SEI/CMU. http://www.cert.org/mswa/<br />
Enhanc<strong>in</strong>g the Development Life Cycle to Produce<br />
Secure Software: A Reference Guidebook on Software<br />
Assurance. Goertzel, Karen et al. For DHS and DTIC,<br />
https://www.thedacs.com/techs/enhanced_life_cyc<br />
les/<br />
Software Security Assurance: A State-of-the-Art Report.<br />
Goertzel, Karen Mercedes, et al, IATAC of the DTIC.<br />
http://iac.dtic.mil/iatac/download/security.pdf<br />
Software Assurance Pocket Guide Series:<br />
Life Cycle Support, Volume I – Version 2.2, Mar 16, 2011<br />
Provides an extensive set of software system<br />
security pr<strong>in</strong>ciples and guidel<strong>in</strong>es organized <strong>in</strong> a<br />
logical, <strong>in</strong>-depth fashion. Last updated February<br />
2008.<br />
Provides a comprehensive set of pr<strong>in</strong>ciples and<br />
guidel<strong>in</strong>es from the discipl<strong>in</strong>es of software<br />
eng<strong>in</strong>eer<strong>in</strong>g, systems eng<strong>in</strong>eer<strong>in</strong>g, <strong>in</strong>formation<br />
system, computer science, safety, security, test<strong>in</strong>g,<br />
<strong>in</strong>formation assurance, and project management.<br />
Last updated October 2007.<br />
Offers a core body of knowledge from which to<br />
create a master‟s level degree program <strong>in</strong> software<br />
assurance, as a standalone offer<strong>in</strong>g and as a track<br />
with<strong>in</strong> exist<strong>in</strong>g software eng<strong>in</strong>eer<strong>in</strong>g and computer<br />
science master‟s degree programs. Last updated<br />
2010.<br />
Focuses on an undergraduate curriculum<br />
specialization for software assurance. Intended to<br />
provide students with fundamental skills for either<br />
enter<strong>in</strong>g the field directly or cont<strong>in</strong>u<strong>in</strong>g with<br />
graduate level education. Last updated 2010.<br />
Complements the Software Security Assurance: A<br />
State-of-the-Art Report with further details. Last<br />
updated October 2008.<br />
Identifies the current “state-of-the-art” <strong>in</strong> software<br />
security assurance. Last updated July 2007.<br />
1 The Institute of Electrical and Electronics Eng<strong>in</strong>eers (IEEE) Computer Society announced <strong>in</strong> December 2010 its recognition of the Master of Software Assurance<br />
(M<strong>SwA</strong>) Reference Curriculum. The Reference Curriculum identifies a core body of knowledge for M<strong>SwA</strong> degree program development. Sponsored by<br />
DHS NCSD, this M<strong>SwA</strong> project was led by educators from Carnegie Mellon University CERT <strong>in</strong> collaboration with educators from Embry-Riddle Aeronautical<br />
University, Monmouth University, and Stevens Institute of Technology. This project recognizes software assurance as an emerg<strong>in</strong>g and important multidiscipl<strong>in</strong>e<br />
body of knowledge: a field that covers how to provide the requisite levels of dependability and security throughout software development,<br />
acquisition, and operation . See materials at https://buildsecurity<strong>in</strong>.us-cert.gov/bsi/1165-BSI.html andwww.cert.org/mswa. To facilitate implementation, the M<strong>SwA</strong><br />
project team is available to assist educational <strong>in</strong>stitutions <strong>in</strong> start<strong>in</strong>g an M<strong>SwA</strong> degree program, credential, or track based on the curriculum. This<br />
assistance, provided at no charge, <strong>in</strong>cludes review of implementation plans and mentor<strong>in</strong>g to guide through implementation.<br />
Software Assurance <strong>in</strong> <strong>Education</strong>, Tra<strong>in</strong><strong>in</strong>g & <strong><strong>Cert</strong>ification</strong><br />
7