|
|||||
OMG’s First Software Assurance Workshop:
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Manufacturing Software Interoperability and Assurance using
Standardized Capability Profiling: An ISO 16100 Proposal |
||
| Michiko Matsuda,
Professor, Kanagawa Institute of Technology - Qian Wang,
Professor, Southeast University - Em delaHostria, Manager, Rockwell Automation - Eiji Arai, Professor, Osaka University |
 |
|
|
|
||
|
Building High-Assurance Systems out of Software Components
of Lesser Assurance Using Middleware Security Gateways |
||
| Sebastian Staamann, Director for Security Products and Solutions, PrismTech |
|
|
|
|
||
| Towards a Meta-model for Dependability Cases | ||
| George Despotou, D. Kolovos, R. Paige, F. Polack and T. Kelly, University of York |
|
|
|
|
||
|
Certifying Applications for Known Security Weaknesses: The
Common Weakness Enumeration (CWE) Effort |
||
| Robert A. Martin, Principal Engineer, MITRE Corporation |
|
|
|
|
||
| SOA ,Technical Risks, and Emerging Standards | ||
| Victor L. Harrison, Partner, Federal Consulting Practice, Computer Sciences Corporation |
|
|
|
|
||
| Software Assurance Ecosystem | ||
| Djenana Campara, Chief Executive Officer, KDM Analytics |
|
|
|
|
||
| Creating a Baseline Functional Specification for Source Code Analysis Tools | ||
| Michael Kass, Computer Scientist, National Institute of Standards and Technology |
|
|
|
|
||
| Software Reviews at Ericsson | ||
| Dominique Toupin, Software Quality Assurance Manager, Ericsson |
|
|
|
|
||
| High Fidelity Static Analysis for Secure Enterprise Software Requires Platform Knowledge | ||
| Nikolai Mansourov, CTO, KDM Analytics |
|
|
|
|
||
|
Opportunities and Obstacles to Using Static Analysis for the
Development of Safety-Critical Software |
||
| Redge Bartholomew, Engineering Manager, Rockwell Collins |
|
|
|
|
||
| Gaps in Static Analysis Tools Coverage | ||
| Pedro Vales, Principal
Software Engineer, James Butler, Manager, Knowledge Solutions,
David Rager, Sr. Software Engineer, Charles Stack, Principal Software Engineer and Christopher Telfer, Ph.D., Principal Software Engineer, Concurrent Technologies Corporation |
|
|
|
|
||
| Automatic Model-driven Security Policy Generation for High Assurance Systems | ||
| Ulrich Lang, CEO &
Rudolf Schreiner, CTO, ObjectSecurity - Ramesh Bharadwaj, High
Assurance Center, US Naval Research Laboratory, Tom Ritter, Fraunhofer Institute FOKUS |
|
|
|
|
||
| Fault Tree Analysis of UML Designs | ||
| Christopher Harper, Director, Avian Technologies Ltd. & Alan Parkinson, AGP Micro Ltd. |
|
|
|
|
||
| Harmonizing System Development and Test Development with MDA | ||
| Zhen Ru Dai, Fraunhofer FOKUS |
|
|
|
|
||
| So You Have to Verify Software? A Quick Look at What You Should Expect | ||
| Frédéric Michaud & Frédéric Painchaud, Defence Research and Development Canada – Valcartier |
|
|
|
|
||
| Using the Principle of Least Authorization to Improve Software Assurance | ||
| David Chizmadia, Sr. Security Assurance Analyst, Promia |
|
|
|
|
||
| Full Cycle Real Time Information Assurance | ||
| Sumeet Malhotra, Global Director Of Advanced Research, UNISYS |
|
|
|
|
||
[ top ]
Tutorials
| Introduction to Software Security and Assurance Cases | ||
| Samuel T. Redwine, Jr., Associate Professor, James Madison University |
|
|
|
|
||
| Security in the Software Life Cycle | ||
| Karen Mercedes Goertzel & Theodore Winograd, Booz Allen Hamilton |
|
|
|
|
||
| Software Safety Case Management | ||
| Tim Kelly, High Integrity Systems Engineering Group, Dept. of Computer Science, University of York |
|
|
|
|
||
| An Introduction to Attack Patterns as a SwA Knowledge Resource | ||
| Sean Barnum, Principal Consultant, Cigital |
|
|
|
|
||
| MILS: Architecture Enabling High Assurance | ||
| Gordon Uchenick, Objective Interface Systems & W. Mark Vanfleet, National Security Agency |
|
|
|
|
||
Last updated on 06/11/2008