Cyber Security Engineering: A Practical Approach For Systems And Software Assurance by Nancy R. MeadCyber Security Engineering: A Practical Approach For Systems And Software Assurance by Nancy R. Mead

Cyber Security Engineering: A Practical Approach For Systems And Software Assurance

byNancy R. Mead, Carol Woody

Paperback | October 31, 2016

Pricing and Purchase Info


Earn 250 plum® points

Prices and offers may vary in store


In stock online

Ships free on orders over $25

Not available in stores


Cyber Security Engineering is the definitive modern reference and tutorial on the full range of capabilities associated with modern cyber security engineering. Pioneering software assurance experts Dr. Nancy R. Mead and Dr. Carol C. Woody bring together comprehensive best practices for building software systems that exhibit superior operational security, and for considering security throughout your full system development and acquisition lifecycles.

Drawing on their pioneering work at the Software Engineering Institute (SEI) and Carnegie Mellon University, Mead and Woody introduce seven core principles of software assurance, and show how to apply them coherently and systematically. Using these principles, they help you prioritize the wide range of possible security actions available to you, and justify the required investments.

Cyber Security Engineering guides you through risk analysis, planning to manage secure software development, building organizational models, identifying required and missing competencies, and defining and structuring metrics. Mead and Woody address important topics, including the use of standards, engineering security requirements for acquiring COTS software, applying DevOps, analyzing malware to anticipate future vulnerabilities, and planning ongoing improvements.

This book will be valuable to wide audiences of practitioners and managers with responsibility for systems, software, or quality engineering, reliability, security, acquisition, or operations. Whatever your role, it can help you reduce operational problems, eliminate excessive patching, and deliver software that is more resilient and secure.

Dr. Nancy R. Mead is a Fellow and Principal Researcher at the Software Engineering Institute (SEI). She is also an Adjunct Professor of Software Engineering at Carnegie Mellon University. She is currently involved in the study of security requirements engineering and the development of software assurance curricula. She served as direc...
Title:Cyber Security Engineering: A Practical Approach For Systems And Software AssuranceFormat:PaperbackDimensions:384 pages, 9 × 6.9 × 1 inPublished:October 31, 2016Publisher:Pearson EducationLanguage:English

The following ISBNs are associated with this title:

ISBN - 10:0134189809

ISBN - 13:9780134189802


Table of Contents

Chapter 1:  Cyber Security Engineering: Lifecycle Assurance of Systems and Software
Chapter 2:  Risk Analysis—Identifying and Prioritizing Needs
Chapter 3:  Secure Software Development Management and Organizational Models
Chapter 4:  Engineering Competencies
Chapter 5:  Performing Gap Analysis
Chapter 6:  Metrics
Chapter 7:  Special Topics in Cyber Security Engineering
Chapter 8:  Summary and Plan for Improvements in Cyber Security Engineering Performance
Appendix A:  WEA Case Study: Evaluating Security Risks Using Mission Threads
Appendix B:  The MSwA Body of Knowledge with Maturity Levels Added
Appendix C:  The Software Assurance Curriculum Project
Appendix D:  The Software Assurance Competency Model Designations
Appendix E:  Proposed SwA Competency Mappings
Appendix F:  BSIMM Assessment Final Report
Appendix G:  Measures from Lifecycle Activities, Security Resources, and Software Assurance Principles

Editorial Reviews

“This book presents a wealth of extremely useful material and makes it available from a single source.”—Nadya Bartol, Vice President of Industry Affairs and Cybersecurity Strategist, Utilities Technology Council “Drawing from more than 20 years of applied research and use, CSE serves as both a comprehensive reference and a practical guide for developing assured, secure systems and software—addressing the full lifecycle; manager and practitioner perspectives; and people, process, and technology dimensions.”—Julia Allen, Principal Researcher, Software Engineering Institute