Skip to content

team-assure/Semester-Project

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

206 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Semester-Project

https://robinagandhi.github.io/swa/pages/project.html

  • 1. Project Proposal: due September 13, 2017: 2-3 page report that describes the following:
    • Open source project description (What is it?, Contributors, Activity, Use, Popularity, Languages used, platform, documentation sources, etc.)
    • Discuss License, procedures for making contributions, and contributor agreements
    • Security related history (E.g. known vulnerabilities)
    • Functional security requirements for the software
    • Your motivation for selecting this project
    • Link to your team github repository that shows your project plan and internal collaboration
  • 2. Assurance Cases Software Security Engineering: due September 27, 2017: A short report that includes the following:
    • 5 assurance claims that would require evidence from software security engineering activities
    • Build 5 assurance cases; one for each of the claims
  • 3. Requirements for Software Security Engineering: 2-3 page report that describes the following:
    • Identify security requirements based on assurance claims
    • Document security requirements for the project captured using mis-use case diagrams
    • Include links to Lucidchart diagrams with brief descriptions in the document
    • Review project documentation for security related configuration and installation
  • 4. Designing for Software Security Engineering: 2-3 page report that describes the following:
    • Develop threat models for critical data-flows through the software captured in mis-use cases
    • Include diagrams
    • Discuss alignment of threat models with actual software design
  • 5. Code analysis for Software Security Engineering: 2-3 page report that describes the following:
    • Code review strategy
    • Automated code scanning results summary. Include links to full reports.
    • Summary of key findings
    • Links to pull requests to the original project and any follow-up interactions.
  • 6. Class Presentation – due December 6, 2017: 10-minute class presentation that highlights the following:
    • Project description
    • Assurance claims
    • Gaps in security requirements and design of the original project
    • Findings from code review and automated software scanning
    • Contributions to the original project (documentation, design changes, code changes, communications)

About

Security related improvements to be contributed to an open source software project

Topics

Resources

License

Stars

0 stars

Watchers

0 watching

Forks

Releases

No releases published

Packages

 
 
 

Contributors

Languages