CrossTalk: The Journal of Defense Software Engineering. Volume 21, Number 9

Abstract

CONTENTS: 1) Securing Legacy C Applications Using Dynamic Data Flow Analysis by Steve Cook, Dr. Calvin Lin, and Walter Chang: Describes an extensible, compiler-based system to ensure that C programs enforce a wide variety of user-defined security policies with a minimum of runtime overhead and disruption to development processes. 2) Building Secure Systems Using Model-Based Engineering and Architectural Models by Dr. Joergen Hansson, Dr. Peter H. Feiler, and John Morley: Shows how model-based engineering and architectural modeling are a platform for multi-dimensional, multi-fidelity analysis, enabling a system designer to exercise various architectural design options for confidentiality and data integrity prior to system realization. 3) Practical Defense In Depth by Michael Howard: This article shows how defense in depth mechanisms have been effective in slowing and stopping attacks. 4) Supporting Safe Content-Inspection of Web Traffic by Dr. Partha Pal and Michael Atighetchi: More and more interactions are becoming Web-based. The concept of a personal proxy has the potential to fill an important and emerging gap in the current Web-based systems architecture, and this article explores an early prototype. 5) Enhancing the Development Life Cycle to Produce Secure Software by Karen Mercedes Goertzel: Explores recent reports on security in the software development life cycle, and shows how enhancing practices with the objective of improving software quality, reliability, and fault-tolerance results in software that is higher in quality, more reliable, and more tolerant of faults. 6) Hazardous Software Development by Corey P. Cunha: Explores past safety-critical systems failures in hazardous situations the Union Carbide accident in Bhopal, the Patriot Missile Defense System failure, the Iran Air Flight 655 shoot-down, and Therac-25 system malfunctions and how methods such as closed-loop corrective actions can help prevent future problems.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Sep 01, 2008
Accession Number
ADA487057

Entities

People

  • Calvin Lin
  • Corey P. Cunha
  • Joergen Hansson
  • John Morley
  • Karen M. Goertzel
  • Michael Atighetchi
  • Michael J Howard
  • Partha Pal
  • Peter H. Feiler
  • Steve Cook
  • Walter Chang

Tags

Communities of Interest

  • Biomedical
  • Cyber
  • Engineered Resilient Systems
  • Ground and Sea Platforms
  • Human Systems
  • Space

DTIC Thesaurus Topics

  • Application Software
  • Communication Channels
  • Computer Program Reliability
  • Computer Programming
  • Computer Programs
  • Computer Science
  • Computers
  • Cryptography
  • Cybersecurity
  • Electronic Mail
  • Failure Mode And Effect Analysis
  • Information Systems
  • Operating Systems
  • Software Development
  • Software Testing
  • Systems Engineering
  • Web Browsers

Fields of Study

  • Computer science
  • Engineering

Readers

  • Cybersecurity.
  • Military History
  • Software Engineering.