|
For Immediate Release August 2, 2007 |
|
New DoD Report Looks at Today’s Software Security Challenges and Solutions Herndon, VA—The Information Assurance Technology Analysis Center (IATAC), an Information Analysis Center within the Defense Technical Information Center (DTIC), has just published Software Security Assurance: A State-of-the-Art Report (SOAR), which provides a comprehensive look at the most significant of today’s efforts to improve the state of Software Security Assurance. The triple threat of cyber crime, cyber terrorism, and asymmetric information warfare is here to stay. Wellfunded, highly-motivated nation-state adversaries, terrorists, and criminals are overshadowing the more familiar ranks of malicious and recreational “hackers” in targeting the landscape of software-based systems, services, applications on the Internet, and other private networks, software on which, increasingly, our financial welfare, privacy, health, safety, and indeed our very lives depend. Software Security Assurance: A State-of-the-Art Report (SOAR) describes the threats and common vulnerabilities to which software is subject. It presents the many ways in which the Software Security Assurance problem is being framed and understood across government, industry, and academia and describes numerous methodologies, best practices, technologies, and tools currently being used to specify, design, and implement software that will be less vulnerable to attack, and to verify its attack-resistance, attacktolerance, and attack-resilience. The publication offers a large number of available print and online resources from which readers can learn more about the principles and practices that constitute Software Security Assurance. The report closes with observations about the potentials for success, remaining shortcomings, and emerging trends across the Software Security Assurance landscape. Software Security Assurance: A State-of-the-Art Report (SOAR) |