Bienvenue chez nous !
Mon Ex Libris
DEFR
ContactOffrir des bonsSuccursales
0
Recherche detaillée

Cyber Security Engineering

Nancy R. Mead
,
Carol Woody
eBook (pdf)
(0)
Donner la première évaluation
Cyber Security Engineering is the definitive modern reference and tutorial on the full range of capabilities associated with mode...

20%

34.90

CHF27.90

Vous économisez CHF 7.00

Download est disponible immédiatement

eBook (pdf)

Souvent achetés ensemble

D’autres clients ont aussi acheté

Description

Cyber Security Engineering is the definitive modern reference and tutorial on the full range of capabilities associated with modern cyber security engineering. Pioneering software assurance experts Dr. Nancy R. Mead and Dr. Carol C. Woody bring together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security throughout your full system development and acquisition lifecycles. Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, Mead and Woody introduce seven core principles of software assurance, and show how to apply them coherently and systematically. Using these principles, they help you prioritize the wide range of possible security actions available to you, and justify the required investments. Cyber Security Engineering guides you through risk analysis, planning to manage secure software development, building organizational models, identifying required and missing competencies, and defining and structuring metrics. Mead and Woody address important topics, including the use of standards, engineering security requirements for acquiring COTS software, applying DevOps, analyzing malware to anticipate future vulnerabilities, and planning ongoing improvements. This book will be valuable to wide audiences of practitioners and managers with responsibility for systems, software, or quality engineering, reliability, security, acquisition, or operations. Whatever your role, it can help you reduce operational problems, eliminate excessive patching, and deliver software that is more resilient and secure.

Auteur

Dr. Nancy R. Mead is a Fellow and Principal Researcher at the Software Engineering Institute (SEI). She is also an Adjunct Professor of Software Engineering at Carnegie Mellon University. She is currently involved in the study of security requirements engineering and the development of software assurance curricula. She served as director of software engineering education for the SEI from 1991 to 1994. Her research interests are in the areas of software security, software requirements engineering, and software architectures.

Prior to joining the SEI, Dr. Mead was a senior technical staff member at IBM Federal Systems, where she spent most of her career in the development and management of large real-time systems. She also worked in IBM's software engineering technology area and managed IBM Federal Systems' software engineering education department. She has developed and taught numerous courses on software engineering topics, both at universities and in professional education courses, and she has served on many advisory boards and committees.

Dr. Mead has authored more than 150 publications and invited presentations. She is a Fellow of the Institute of Electrical and Electronic Engineers, Inc. (IEEE) and the IEEE Computer Society, and is a Distinguished Educator of the Association for Computing Machinery. She received the 2015 Distinguished Education Award from the IEEE Computer Society Technical Council on Software Engineering. The Nancy Mead Award for Excellence in Software Engineering Education is named for her and has been awarded since 2010, with Professor Mary Shaw as the first recipient.

Dr. Mead received her PhD in mathematics from the Polytechnic Institute of New York, and received a BA and an MS in mathematics from New York University

Dr. Carol C. Woody has been a senior member of the technical staff at the Software Engineering Institute since 2001. Currently she is the manager of the Cyber Security Engineering team, which focuses on building capabilities in defining, acquiring, developing, measuring, managing, and sustaining secure software for highly complex networked systems as well as systems of systems.

Dr. Woody leads engagements with industry and the federal government to improve the trustworthiness and reliability of the software products and capabilities we build, buy, implement, and use. She has helped organizations identify effective security risk management solutions, develop approaches to improve their ability to identify security and survivability requirements, and field software and systems with greater assurance. For example, she worked with the Department of Homeland Security (DHS) on defining security guidelines for its implementation of wireless emergency alerting so originators such as the National Weather Service and commercial mobile service providers such as Verizon and AT&T could ensure that the emergency alerts delivered to your cell phones are trustworthy. Her publications define capabilities for measuring, managing, and sustaining cyber security for highly complex networked systems and systems of systems. In addition, she has developed and delivered training to transition assurance capabilities to the current and future workforce.

Dr. Woody has held roles in consulting, strategic planning, and project management. She has successfully implemented technology solutions for banking, mining, clothing and tank manufacturing, court and land records management, financial management, human resources management, and social welfare administration, using such diverse capabilities as data mining, artificial intelligence, document image capture, and electronic workflow.

Dr. Woody is a senior member of the Institute of Electrical and Electronic Engineers, Inc. Computer Society and a senior member of the Association for Computing Machinery. She holds a BS in mathematics from the College of William & Mary, an MBA with distinction from The Babcock School at Wake Forest University, and a PhD in information systems from NOVA Southeastern University.

Contenu

Foreword
Preface
Chapter 1: Cyber Security Engineering: Lifecycle Assurance of Systems and Software
Chapter 2: Risk Analysis-Identifying and Prioritizing Needs
Chapter 3: Secure Software Development Management and Organizational Models
Chapter 4: Engineering Competencies
Chapter 5: Performing Gap Analysis
Chapter 6: Metrics
Chapter 7: Special Topics in Cyber Security Engineering
Chapter 8: Summary and Plan for Improvements in Cyber Security Engineering Performance
References
Bibliography
Appendix A: WEA Case Study: Evaluating Security Risks Using Mission Threads
Appendix B: The MSwA Body of Knowledge with Maturity Levels Added
Appendix C: The Software Assurance Curriculum Project
Appendix D: The Software Assurance Competency Model Designations
Appendix E: Proposed SwA Competency Mappings
Appendix F: BSIMM Assessment Final Report
Appendix G: Measures from Lifecycle Activities, Security Resources, and Software Assurance Principles
Index

Informations sur le produit

Titre:
Cyber Security Engineering
Sous-titre :
A Practical Approach for Systems and Software Assurance
Auteur:
Nancy R. Mead
,
Carol Woody
EAN:
9780134189864
Format:
eBook (pdf)
Producteur:
Pearson ITP
Genre:
Communication des données, réseaux
Parution:
07.11.2016
Protection contre la copie numérique:
Adobe DRM
Taille de fichier:
19.4 MB
Nombre de pages:
384

Mehr entdeckenInformatique, traitement des données

Généralités, lexiques, Logiciels, Systèmes d'exploitation, interfaces utilisateur, Communication des données, réseaux, Matériel, Informatique, Internet, Langages de programmation, Autres