March/April 2011

Rugged Software

Download Entire March/April 2011 Issue (PDF 5.5MB)

Table of Contents
(click below to download individual articles from the March/April 2011 issue)

From the Rugged Software Community
by Joshua Corman
Download Article (PDF 180KB)

Crumple Zones: Absorbing Attack Effects Before They Become a Problem
by Michael Atighetchi, Partha Pal, Aaron Adler, Andrew Gronosky, Fusun Yaman, Jonathan Webb, Joe Loyall, Asher Sin- clair, and Charles Payne
Software services that are essential for mission success must not only withstand normal wear and tear, stresses and accidental failures, they also must endure the stresses and failures caused by malicious activities and continue to remain usable.
Download Article (PDF 900KB)

Stop the Flow: A Damage Mitigation Framework for Trusted Systems
by Linda M. Laird and Jon P. Wade
A proposal for a high-level, abstract framework of Damage Mitigation enabling the architecture and design of trusted systems to dependably perform a mission while minimizing or eliminating the probability of significant, unintended damage.
Download Article (PDF 1.3MB)

The Need for Functional Security Testing
by C. Warren Axelrod, Ph.D.
Due in large part to a lack of negative functionality testing, many applications perform adversely in ways not anticipated when attacked or during normal operation. How can we achieve some measure of assurance that applications will behave appropriately under a broad range of conditions?
Download Article (PDF 220KB)

Fault Tolerance With Service Degradations
by Dr. Gertrude Levine
An examination of the propagation of faults to errors and failures and then to faults again, with service degradation considered as a control mechanism at each stage of the anomaly cycle.
Download Article (PDF 300KB)

An Ecosystem for Continuously Secure Application Software
by Mark Merkow and Lakshmikanth Raghavan
A software development ecosystem composed of nine working elements makes it possible to continuously secure application software throughout the entire software development lifecycle and while it’s in production use.
Download Article (PDF 300KB)

Ensuring Software Assurance Process Maturity
by Edmund Wotring III and Sammy Migues
Successful software assurance initiatives require organizations to perform risk management activities throughout the software lifecycle. These activities help ensure organizations can meet software assurance goals, including those related to reliability, resilience, security, and compliance.
Download Article (PDF 250KB)

by John Reisner
Download Article (PDF 90KB)

Online Only Article:
Establishing a Software Ecosystem that Produces Security
by Jeff Williams
What if the key to efficiently and reliably producing secure code is not better tools or processes, but our software development culture?
Download Article (PDF 475KB)