Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Software process improvement produces secure software?

From: fcojbn at yahoo.com.br (Francisco Nunes)
Date: Tue, 7 Aug 2007 08:01:45 -0300 (ART)
Dear list members.

In june 2007, I had an interesting conversation with
Mr. Will Hayes from SEI during the Brazilian Symposium
on Software Quality. It was a great experience and I
am very grateful for this.

During our conversation, I made a question to Mr.
Hayes similar to this: "Is it possible that only
software development process improvements can produce
secure software?"

The scenario was only based on CMMI without security
interference.

His answer to this question was "YES". My answer was
"I DO NOT THINK SO".

His answer made me confuse and I had no arguments,
mainly, because my professional experience in software
process does not compare to Mr. Haye's experience.

Unfortunately, I also haven't found any statistics
which could answer this question. Please, if there is
one, let me know!

So, how about you, list members? What are your answers
to the question above?

I will try to organize your answers and present the
final result.

Thank you.

Yours faithfully,
Francisco Jos? Barreto Nunes.


      Alertas do Yahoo! Mail em seu celular. Saiba mais em http://br.mobile.yahoo.com/mailalertas/
Previous By Date Next
Previous By Thread Next

Current thread: