Designing Concurrent, Distributed, and Real-Time Applications with Uml
Designing Concurrent, Distributed, and Real-Time Applications with Uml
Guide for the Security Certification And Accreditation of Federal Information Systems
Guide for the Security Certification And Accreditation of Federal Information Systems
Does the Common Criteria Paradigm Have a Future?
IEEE Security and Privacy
On the Operational Security Assurance Evaluation of Networked IT Systems
NEW2AN '09 and ruSMART '09 Proceedings of the 9th International Conference on Smart Spaces and Next Generation Wired/Wireless Networking and Second Conference on Smart Spaces
Agile development with security engineering activities
Proceedings of the 2011 International Conference on Software and Systems Process
| Hi-index | 0.00 |
The National Institute of Standards and Technology has proposed using the Common Criteria and system-level protection profiles (SLPPs) to specify security requirements in large systems, such as those used in air traffic management. This article summarizes experience with SLPP and security targets for the US Federal Aviation Administration's National Airspace System. The authors review the FAA efforts, highlight the problems encountered, and offer suggestions for future work, calling for more research on linking systems, software, and security requirements engineering with SLPP; clearer ties between security specifications and system certification; and better guidance on the appropriate use of SLPP as a prerequisite to widespread use.