U.S. flag

An official website of the United States government

Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock () or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Breadcrumb

  1. Home
  2. Tools
  3. DoD Developer's Guidebook For Software Assurance

DoD Developer's Guidebook for Software Assurance


Last Updated : 08/31/2018

​Software assurance refers to the justified confidence that software functions as intended and is free of vulnerabilities throughout the product lifecycle. While "free of vulnerabilities" is the ideal, in practice the objective is to manage the risk associated with vulnerabilities. To that end, this guidebook helps software developers understand expectations for software assurance. Because developers need to be aware of the regulatory background in which their projects operate, this guidebook summarizes standards and requirements that affect software assurance decisions and provides pointers to key resources that developers should consult. It includes a summary of the State-of-the-Art Resources (SOAR) for Software Vulnerability Detection, Test, and Evaluation report, along with its approach for selecting tools. A bottom-up approach to tool selection is also provided, which considers what activities and tools are typically appropriate at different stages of the development or product lifecycle. Advice is provided for special lifecycle considerations, such as new development and system reengineering, and metrics that may be useful in selecting and applying tools or techniques during development are discussed. Special sections are devoted to assurance in software sustainment and software acquisition. Supplemental materials are provided in the appendices.

RATINGS

5 out of 5 | 1 Reviews
Rate this tool:

You Might Also Consider

Related Tools

Related Events