Choose one of the software development models or methodologies. Using credible source on the Internet, find an article which describes the model.

Minimum of 100 words each:

  • Choose one of the software development models or methodologies. Using credible source on the Internet, find an article which describes the model.
  • The Software Engineering Institute, SEI is located at Carnegie Mellon University and is the brain trust for CMMI, “Capability Maturity Model Integration”. It is a process improvement methodology which has grown in popularity and usage. So far CMMI has been most widely applied in software and systems engineering organizations.
  • What are the values of doing formal evaluation?
  • Information security vulnerability analysis tool
  • Let’s have a robust and lively dialogue with respect to the following questions:

Explain in your own words the essential characteristics of the model, when you would employ the model, how it is different from other models and what assurance challenges you would face if you were to use the model for software development.

Below are a couple of URL’s which point to relevant web sites which describe and discuss CMMI.

CMMI Institute Overview.: http://cmmiinstitute.com/.

http://www.cmmifaq.info/ (Very extensive web site exclusively dedicated to CMMI FAQs)

Requirements

Choose a development model, preferably one you have used or using. What are the Process Areas (discuss at least two PAs) that you are missing in your development model? Why do you think they are needed?

What do you see as the drawbacks of evaluation?

If possible and applicable frame your answer around a situation relevant to your current work. If not frame your answer around a hypothetical situation or a situation which you have previously experienced in a past work environment.

Note:- If you do use a work example make sure that it is unencumbered (meaning you are free to discuss it). Be sure not to divulge any propriety or confidential information. If you are unsure do not post the example and answer the question using a hypothetical situation instead.

Your browser should return several hits. Choose a topic which can be a tool, framework, practice, a methodology or technology related to vulnerability analysis and summarize it for the class. In your summary explain its purpose and address the following points:

How widely is it used? How reliable is it in practice? What is its commercial availability? Does it scale well? Is it applicable to networked environments? Are there any other relevant aspects which you may have noticed?

-What do you need to log/audit in a mobile phone? Why?

-How is that different from auditing a desktop/laptop/server?

-What tools, methodologies, or frameworks are available to assist us in detecting vulnerabilities and auditing issues in the mobile phone environment?

-Is privacy sufficiently catered for? If not how it could be addressed better?

6. The two papers by two leading software security researchers to minimize software vulnerabilities or their exploitation by attackers Two of the three ideas proposed by these papers advocate the use of law/regulations to minimize software vulnerabilities. Dorothy Denning puts forward two ideas: (1) Use of a vulnerability bounty program that rewards vulnerability discoverers, and (2) Holding software developers legally responsible (liable) for their faulty programs. Carl Landwehr proposes code governing software code.

For this conference, your task is to take one of these three ideas and discuss its pros and cons. Two quality posts are required from every one for a passing grade. Avoid duplications.

Here are the two papers:

Dorothy Denning on Secure Software

Carl Landwehr – Code for Code

7. Search the web for an example(s) of software development projects which failed. There will be many. Pick one which interests you. Briefly post your summary of the failed project. Be sure to touch up on the following points:

  1. Why did it fail? Was it poor requirements, poor design, poor coding and poor testing, validation & verification?
  2. Did it fail because of project and program management?
  3. Did it follow good assurance techniques?
  4. Did the project pay attention to secure design and coding?

8. For this conference, pick two of these testing techniques, explain what it is, how it is specifically intended for testing security aspects of a system, how it is carried out and any drawbacks it has.

Brute force or random testing

Security fault injection testing

Compliance testing

Reliability testing

Operational testing

9. Here is a recent list of Secure Coding Practices from OWASP: OWASP Secure Coding Practices. You may consult or use the following resources:

CMU CERT Coding Standards and

Microsoft Secure Coding Guidelines.

For this conference, pick a coding practice ( e.g., Input Validation, Error Handling), describe in your words what the practice is, what vulnerabilities the practice can minimize or eliminate or abuse cases it can prevent.

10. We will focus on software maintenance or sustainment in this conference. You need to maintain a formal process during maintenance for activities that include:

  • Sustaining quality and security in the code
  • Doing software upgrades (upgrades of OS, DBMS, etc.)
  • Performing validation and verification activities
  • Incorporating new developers into the project
  • Incorporating new features
  • Identifying new threats
  • Impact analysis of new threats
  • Fixing vulnerabilities discovered in the field
  • Controlling change
  • Assuring changes

For this conference, pick two area from the above list, explain what it is and how you will perform the activity.

Requirements: .doc file

Calculate the price of your order

550 words
We'll send you the first draft for approval by September 11, 2018 at 10:52 AM
Total price:
$26
The price is based on these factors:
Academic level
Number of pages
Urgency
Basic features
  • Free title page and bibliography
  • Unlimited revisions
  • Plagiarism-free guarantee
  • Money-back guarantee
  • 24/7 support
On-demand options
  • Writer’s samples
  • Part-by-part delivery
  • Overnight delivery
  • Copies of used sources
  • Expert Proofreading
Paper format
  • 275 words per page
  • 12 pt Arial/Times New Roman
  • Double line spacing
  • Any citation style (APA, MLA, Chicago/Turabian, Harvard)

Our guarantees

Delivering a high-quality product at a reasonable price is not enough anymore.
That’s why we have developed 5 beneficial guarantees that will make your experience with our service enjoyable, easy, and safe.

Money-back guarantee

You have to be 100% sure of the quality of your product to give a money-back guarantee. This describes us perfectly. Make sure that this guarantee is totally transparent.

Read more

Zero-plagiarism guarantee

Each paper is composed from scratch, according to your instructions. It is then checked by our plagiarism-detection software. There is no gap where plagiarism could squeeze in.

Read more

Free-revision policy

Thanks to our free revisions, there is no way for you to be unsatisfied. We will work on your paper until you are completely happy with the result.

Read more

Privacy policy

Your email is safe, as we store it according to international data protection rules. Your bank details are secure, as we use only reliable payment systems.

Read more

Fair-cooperation guarantee

By sending us your money, you buy the service we provide. Check out our terms and conditions if you prefer business talks to be laid out in official language.

Read more