Premium
Pilot Results Applying the System Security Engineering CMM
Author(s) -
Hefner Rick
Publication year - 1997
Publication title -
incose international symposium
Language(s) - English
Resource type - Journals
ISSN - 2334-5837
DOI - 10.1002/j.2334-5837.1997.tb02241.x
Subject(s) - security engineering , capability maturity model , maturity (psychological) , process (computing) , computer security model , engineering management , engineering , computer science , systems engineering , computer security , security service , information security , software security assurance , psychology , developmental psychology , software , programming language , operating system
The Systems Security Engineering Capability Maturity Model (SSE‐CMM) describes the essential characteristics of an organization's security engineering process that must exist to ensure good security engineering. The model also highlights the relationship between security engineering and systems engineering. This paper summarizes pilot appraisals conducted at four security contractors during 1996. The results indicate the model and appraisal method are fundamentally sound. In 1997, the project will promote use of the model by acquisition agencies to evaluate potential system security vendors.