TechTarget

US military gets new software testing rules

The US has introduced new policies for military software engineers aimed at pre-empting software supply chain attacks

The US has introduced new policies for military software engineers aimed at pre-empting software supply chain attacks.

The policy, contained in the 2013 National Defense Authorization Act, introduces new software testing rules to prevent security breaches that exploit design flaws in computer code, say US reports.

The move comes after US Homeland Security officials warned that contractor requirements and code developers were overlooking software integrity to the detriment of national security.

The new baseline software assurance policy requires military IT staff to use automated vulnerability analysis tools to inspect software code during the entire lifecycle of the computer program.

In addition to mandating tighter software assurance, the law requires defence firms to inform military officials about any breaches of company networks.

Software assurance refers to the level of confidence that code is free of vulnerabilities – inserted either inadvertently or intentionally – that can create gateways for attackers.

The law also calls for a review of how the US Cyber Command operates; a strategy for deploying a futuristic information technology structure and information environment for the US military; and a more robust threat-detection system to block leaks of classified data and identify potential insider threats.

CW+

Features

Enjoy the benefits of CW+ membership, learn more and join.

Read more

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCIO

SearchSecurity

SearchNetworking

SearchDataCenter

SearchDataManagement

Close