Software Assurance Guidance and Evaluation (SAGE) Tool

Abstract

The Software Assurance (SwA) Evaluation was developed by the Carnegie Mellon University Software Engineering Institute (SEI) to assess systems development and operations practices and to identify potential vulnerabilities and opportunities to improve and secure processes. The creation of the Software Assurance Guidance and Evaluation (SAGE) tool required a thorough analysis of the most popular standards and frameworks for software assurance, secure coding, Agile, and secure DevOps, used both in industry and government settings. As a result of this analysis, both the questions and the provided guidance draw from modern practices used in software design, development, test, and operation. The appendix contains a list of some of the standards and frameworks used in the elaboration of this tool.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
May 01, 2021
Accession Number
AD1174686

Entities

People

  • Ebonie Mcneil
  • Hasan Yaşar
  • Luiz L. Antunes
  • Robert B. Schiela

Organizations

  • Carnegie Mellon University

Tags

Communities of Interest

  • Cyber
  • Engineered Resilient Systems

DTIC Thesaurus Topics

  • Application Software
  • Computer Programming
  • Computer Programs
  • Computers
  • Debugging
  • Failure Mode And Effect Analysis
  • Information Systems
  • Intrusion Detection
  • Lessons Learned
  • National Security
  • Risk
  • Risk Analysis
  • Risk Management
  • Software Design
  • Software Development
  • Software Development Tools
  • Software Testing
  • Systems Engineering
  • Test And Evaluation
  • Vulnerability

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Software Engineering.