Accession Number:

AD1161240

Title:

Engineering for Cyber

Descriptive Note:

[Technical Report, Briefing Charts]

Corporate Author:

CARNEGIE-MELLON UNIV PITTSBURGH PA

Personal Author(s):

Report Date:

2022-02-25

Pagination or Media Count:

24

Abstract:

In June of 2020 a generally successful DoD program completed an 8 week Hardening the Software Factory effort in order to address accumulated technical debt and to address insufficient security and operations practices due to the narrow focus on speed of delivery. These things occur, even in small relatively successful programs, when technical debt and insufficient security and operational practices are in place due to lack of knowledge, experience, and reference material to fully design and execute an integrated DevSecOps strategy in which all stakeholder needs, including cybersecurity, are addressed. While playing Whac-A-Mole is inevitable, instead of missing the holes, or constantly hitting the same hole, the key is to fill in the holes.

Subject Categories:

  • Computer Systems

Distribution Statement:

[A, Approved For Public Release]