Continuous Software Assurance Through a National Marketplace
Abstract
The SWAMP project was built and executed on the foundation of a commitment to the goal of promoting effectiveness and adoption of software assurance. The project pioneered the concept of "continuous software assurance" and followed a multipronged approach to create an open source, portable continuous assurance platform that addressed the needs of an evolving ecosystem of software assurance practices. The SWAMP strategy targeted software developers, tool developers, educators and researchers. With these users in mind, the project created an open platform that demonstrated the power of continuous software assurance. The SWAMP public facility and SWAMP-in-the-Box software provided a working blueprint for the architecture and functionality of a continuous assurance capability with the ability to be fully integrated into the software development life cycle. In addition, the project identified gaps in available technology that guided and advanced future R and D in software assurance. By operating a public marketplace, the SWAMP project brought the power of hands-on, continuous software assurance to individual developers, small development groups, class rooms and training sessions that would not have otherwise been able to access such resources without being in large organizations with a well establish software assurance program. The SWAMP project lowered the threshold for organizations to continuously harness software assurance tools.
Document Details
- Document Type
- Technical Report
- Publication Date
- Nov 01, 2020
- Accession Number
- AD1116012
Entities
People
- Abe Megahed
- Bart Miller
- Irene Landrum
- James A. Kupsch
- Jeffery Peterson
- Jim Basney
- Josef T. Burger
- Miron Livny
- Von Welch
Organizations
- Morgridge Institute for Research