Software Assurance
The intent of the Software Assurance Knowledge Unit is to provide students with the ability to describe why software assurance is important to the development of secure systems and describe the methods and techniques that lead to secure software.
Topics
- Apply modeling techniques and vulnerability mapping to evaluate potential security issues.
- l. Usability
- Describe examples of the application of Security Principles
- Compare and contrast the security of alternative designs
- Review Secure Design Patterns
- Evaluate the level of security required for system data.
- Apply Life of Data - N-order Scope Map
- Create an Audit Trail
- Increase Resiliency
- Design reviews
- Describe examples of the application of Security Principles:
- Usability
- Separation (of domains)
- 1. Describe examples of the application of Security Principles:
a. Separation (of domains)
b. Isolation
c. Encapsulation
d. Least Privilege
e. Simplicity (of design)
f. Minimization (of implementation)
g. Fail Safe Defaults / Fail Secure
h. Modularity
i. Layering
j. Least Astonishment
k. Open Design
l. Usability
m. Reduce attack surfaces
Outcomes
- Apply security design principles.
- Describe how system design and architecture affects security.
- Create a system design optimized to meet appropriate security requirements.
- Apply modeling and vulnerability assessment to create a secure design.
- Explain the importance of Design Reviews in creating secure systems.
- Explain the importance of Design Reviews in creating secure systems
KSA-T
Below are the Knowledge, Skills, Abilities and Tasks (KSA-T) identified as being required to perform this work role.
Learn More about the KAS-T's.
ID |
DESCRIPTION |
K0087 |
Knowledge of system software and organizational design standards, policies, and authorized approaches (e.g., International Organization for Standardization [ISO] guidelines) relating to system design. |
K0153 |
Knowledge of software quality assurance process. |
K0036 |
Knowledge of human-computer interaction principles. |
K0032 |
Knowledge of resiliency and redundancy. |
K0049 |
Knowledge of information technology (IT) security principles and methods (e.g., firewalls, demilitarized zones, encryption). |
K0323 |
Knowledge of system fault tolerance methodologies. |
K0080 |
Knowledge of software design tools, methods, and techniques. |
ID |
DESCRIPTION |
S0103 |
Skill in assessing the predictive power and subsequent generalizability of a model. |
S0160 |
Skill in the use of design modeling (e.g., unified modeling language). |