Skip to main content
U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock ( ) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

The System Development Life Cycle (SDLC)

Published

Author(s)

Shirley M. Radack

Abstract

This bulletin summarizes the information that was disseminated by the National Institute of Standards and Technology (NIST) in Special Publication (SP) 800-64, Revision 2, Security Considerations in the System Development Life Cycle. This publication was developed by Richard Kissel, Kevin Stine, and Matthew Scholl of NIST, with the assistance of Hart Rossman, Jim Fahlsing and Jessica Gulick, of Science Applications International Corporation (SAIC), and issued in October 2008. The bulletin discusses the topics presented in SP 800-64, and briefly describes the five phases of the system development life cycle (SDLC) process, which is the overall process of developing, implementing, and retiring information systems from initiation, analysis, design, implementation, and maintenance to disposal. The benefits of integrating security into each phase of the system development life cycle are presented. Information is provided about other NIST standards and guidelines that organizations can draw upon in carrying out their SDLC activities.
Citation
ITL Bulletin -

Keywords

Federal Information Processing Standards, information security, risk management, security categorization, security controls, security planning, system development, system life cycle

Citation

Radack, S. (2009), The System Development Life Cycle (SDLC), ITL Bulletin, National Institute of Standards and Technology, Gaithersburg, MD, [online], https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=902622 (Accessed April 21, 2021)
Created April 29, 2009, Updated February 19, 2017