Acquisition Security Framework (ASF): Overview

Abstract

ASF Goals; Integrate software security engineering practices into the acquisition lifecycle: Expand Acquisition Security Framework (ASF) Version 1.0 based on lessons learned from successful supply chain attacks (e.g., the SolarWinds attack): Incorporate DevSecOps concepts and principles into ASF V2.0 : Adapt system and software engineering measurement activities to include security where appropriate.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 05, 2021
Accession Number
AD1132173

Entities

People

  • Carol C. Woody
  • Charles Wallen
  • Christopher J. Alberts
  • Mike Bandor

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Biomedical
  • Cyber

DTIC Thesaurus Topics

  • Acquisition
  • Agile Software Development
  • Business Administration
  • Commerce
  • Cybersecurity
  • Department Of Defense
  • Engineering
  • Governments
  • Guarantees
  • Health
  • Health Care
  • Information Systems
  • Infrastructure
  • Lessons Learned
  • Materials
  • Nuclear Reactors
  • Procurement
  • Public Health
  • Risk
  • Risk Management
  • Security
  • Software Development
  • Supply Chain
  • United States
  • Universities

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Defense Acquisition Program Management