|
Secure Operations
security training |
CTA has extensive experience working with software development teams in solving information security issues. To help solve these complex problems, CTA recognized the need to train software developers on the distinctions of trusted software. CTA also recognized that if they could train developers to be cognizant of information security, it would only help secure the overall systems they were working to get accredited. To that end, CTA developed a Trusted Software Development Training Course. This course provides the essential core knowledge needed to help software developers make good coding decisions.
Experience
CTA created and presented a Trusted Software Training Course for the Joint Strike Fighter Program. This course focused on training software developers and other JSF engineers on the fundamentals of developing trusted software. The purpose of this training was two-fold: First, the training focused on raising security awareness within the software development community, ensuring the developers of trusted software understood and adhered to the policies and procedures created to help secure such software. Second, the training course introduced ten primary principles for developing trusted software. These principles help ensure the actual code was developed with the fewest possible security vulnerabilities. Examples included how to avoid buffer overflows, how to properly develop a write-down filter, and how to compartmentalize code so that distrusted software does not affect the trusted software. This training course was not only accepted and welcomed by the development community; but also helped satisfy the program’s assurance requirements for trusted software on the contract. This effort was so successful it was incorporated by our client as a core competency and planned for use throughout the organization.
|
| |
