Process-Based Assurance Product Suite
Small Business Information
8229 Boone Boulevard, Suite, 750, Vienna, VA, 22182
Karen M. Ferraiolo
AbstractArca proposes research leading to development of a suite of methodology support products to help meet the need for innovative assurance techniques appropriate for emerging information technologies. The product will consist of a licensable methodology and supporting materials for specifying, building, and evaluating assurance arguments for products and systems based on the capability of security engineering organizations and the maturity of their processes. Arca proposes to research the contribution of process capability, as measured by the Systems Security Engineering Capability Maturity Model (SSE-CMM), to assurance, drawing on its unique combination of expertise in security engineering process improvement and in traditional and alternative assurance techniques. Process capability is widely regarded as a very promising potential source of assurance that could contribute substantively to assurance for new technologies, as well as reducing the time and cost associated with traditional product evaluation. Arca believes that research and development of a product to measure and document process-based assurance will be of tremendous value to secure product and system developers and integrators, security service providers, product evaluators and assessors, system certifiers and accreditors, acquirers of products and systems, and other initiatives interested in alternative assurance techniques.
* information listed above is at the time of submission.