IEEE Distinguished Lecturer Presentation
 
You are coordinally invited to hear Dr. Carol Woody present:

"Operational Security in Software Development"

This presentation describes an approach to incorporating operational security considerations into the software development life cycle. Experiences in defining security requirements and ways to identify unacceptable risks early enough to make changes prior to an operational disaster will be shared.

This presentation is offered under the auspices of the IEEE Computer Society Distinguished Visitor Program, IEEE Denver Section program for Professional Development, IEEE Denver Section Computer Society and IEEE Denver Section Communications Society.

 

Summary

Dr. Carol Woody, SEI/CMU and CERT, will give a talk on "Operational Security in Software Development". ABSTRACT Security problems will not show up until the system is implemented. However, the decisions from acquisition, design, development, and implementation are critical to system security because they impact operational options. This presentation describes an approach to incorporating operational security considerations into the software development life cycle. Experiences in defining security requirements and ways to identify unacceptable risks early enough to make changes prior to an operational disaster will be shared. This presentation is offered under the auspices of the IEEE Computer Society Distinguished Visitor Program, IEEE Denver Section program for Professional Development, IEEE Denver Section Computer Society and IEEE Denver Section Communications Society. BIOGRAPHY Dr. Carol Woody is a senior member of the technical staff at the Software Engineering Institute (SEI) at Carnegie Mellon University. Her research is focused on ways to address software design and development that improve the security of the implemented results. Speaking engagements include: PSQT 05 (May 05), CSI 32nd Annual Conference (Nov. 05), Better Software Conference (May 06), and EDUCAUSE Annual Conference (Oct 06). Recent publications include an SEI technical note titled “Eliciting and Analyzing Quality Requirements: Management Influences on Software Quality Requirements” released March 2005, “Securely Sustaining Software-Intensive Systems” published in the /Cutter IT Journal/ January 2006, and “Considering Operational Security Risk during System Development” published in /IEEE Security & Privacy /January/February 2007. Carol has 25 years of experience covering all aspects of software and systems planning, design, development, and implementation in large complex organizations. Carol holds a BS in mathematics from The College of William and Mary, an MBA with distinction from Wake Forest University, and a PhD in Information Systems from NOVA Southeastern University where she was elected to Upsilon Phi Epsilon, the international honor society for computing and information disciplines. Carol is a member of IEEE, ACM, and PMI. *** REGISTRATION REQUIRED ***