| Title | Cybersecurity Certification for Agile and Dynamic Software Systems – a Process-Based Approach |
| Publication Type | Conference Paper |
| Year of Publication | 2020 |
| Authors | Lotz, Volkmar |
| Conference Name | 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW) |
| Keywords | Agile development, certification, composability, computer security, Dynamical Systems, IEC standards, ISO standards, Predictive Metrics, process control, pubcrawl, Resiliency, security, Software, Standards organizations |
| Abstract | In this extended abstract, we outline an approach for security certification of products or services for modern commercial systems that are characterized by agile development, the integration of development and operations, and high dynamics of system features and structures. The proposed scheme rather evaluates the processes applied in development and operations than investigates into the validity of the product properties itself. We argue that the resulting claims are still suitable to increase the confidence in the security of products and services resulting from such processes. |
| DOI | 10.1109/EuroSPW51379.2020.00021 |
| Citation Key | lotz_cybersecurity_2020 |
Cybersecurity Certification for Agile and Dynamic Software Systems – a Process-Based Approach