Incorporating Security Risk Analysis into Software Development

Wednesday, January 17 | 11:30PM–11:30PM
Session Type: Resources
Building software that can predictably meet operational security needs is a challenge. This presentation will focus on appropriately identifying and evaluating security requirements based on operational risk. An analysis technique for determining system and software operational risk during development will be introduced. Results from a piloting organization will be shared.


  • Carol Woody

    Sr Technical Staff, Software Engineering Institute, Carnegie Mellon University