Cybersecurity Guidelines for Software Development & Assessment

Jun 9, 2017·
Florian Stosse
Florian Stosse
,
Franck Sadmi
,
Florent Kirchner
· 1 min read
Abstract
These guidelines describe a list of objectives to develop, verify, and operate a software system that satisfies an intended level of cybersecurity. The focus is on the use of software support tools to satisfy software system development and assessment objectives, especially for the analysis of the program structure and code. It was co-written by Bureau Veritas SA and CEA-List, an institute of CEA Tech.
Type
Publication
Bureau Veritas, BV-SW-200
publication

These guidelines lay out key security practices for the design, verification, and operation of software systems requiring certified levels of security. A core focus of these guidelines is the leverage of automated software support tools, such as static analysis, for structural and source code validation (a whitebox approach to security assessment).

Co-written by Bureau Veritas SA and CEA-List, an institute of CEA Tech.

Florian Stosse
Authors
Cybersecurity engineer
Cybersecurity engineer at the European Space Agency, specializing in space systems security, embedded platform hardening, and software security defenses.