Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Software Assurance Using Structured Assurance Case Models

Published

Author(s)

Thomas R. Rhodes, Frederick E. Boland Jr., Elizabeth N. Fong, Michael J. Kass

Abstract

Software assurance is an important part of the software development process to reduce risks and ensure that the software is dependable and trustworthy. Software defects and weaknesses can often lead to software errors and failures and to exploitation by hackers and criminals who attempt to exploit software vulnerabilities. Testing, certification and accreditation have been traditionally used in the software assurance process to attempt to improve software trustworthiness. In this paper, we examine a methodology known as a structured assurance model, which has been widely used for assuring system safety, for its potential application to software assurance. We describe the structured assurance model and examine its application and use for software assurance. We identify strengths and weaknesses of this approach and suggest areas for further investigation and testing.
Citation
NIST Interagency/Internal Report (NISTIR) - 7608
Report Number
7608

Keywords

product assurance, software assurance, software assurance case, software security, structured assurance case model, structured software assurance model.

Citation

Rhodes, T. , Boland Jr., F. , Fong, E. and Kass, M. (2009), Software Assurance Using Structured Assurance Case Models, NIST Interagency/Internal Report (NISTIR), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=902688 (Accessed March 19, 2024)
Created April 30, 2009, Updated October 12, 2021