Security-Enhanced Quality Assurance
Software Testing, and Project Management
September 9th, 2008 - Maritime Institute, Baltimore, MD
The QAI/QAAM conference, in collaboration with the Department of Homeland Security (DHS), Cyber Security Division and Software Assurance working group members, is pleased to offer "Security-Enhanced Quality Assurance, Software Testing and Project Management” - a Software Assurance workshop. The workshop is designed to collect information from the industry on how to improve software security practices in software testing, quality assurance, and project management. We will be reviewing industry standards and certification schema for testing and quality. This is a “working group” and is not meant to be strictly informational in nature. Attendees must suggest improvements to current industry practice.
Why the workshop? Software is essential to the operation of the Nation’s critical infrastructure. Vulnerabilities in software can jeopardize intellectual property, consumer trust, and business operations and services. Additionally, a broad spectrum of critical applications and infrastructure, from process control systems to commercial application products, depend on secure, reliable software. It is estimated that 90 percent of reported security incidents result from exploits against defects in the design or code of software. Therefore, ensuring the integrity of software is key to protecting the infrastructure from threats and vulnerabilities, and reducing overall risk to cyber attacks. In order to ensure system reliability, integrity, and safety, it is critical to include provisions for built-in security of the enabling software.
This is a space available workshop with paid registration to the QAI/QAAM "How to Manage and Control Your IT Projects" on September 10-11, 2008. The Security-Enhanced Quality Assurance, Software Testing and Project Management workshop is being sponsored by Keane Federal Systems.
Registrants must request to attend the Tuesday session after having registered for the QAAM 2-day conference and, thereafter, will be placed on a waiting list. Those who request to attend will be notified at a later time whether space is availabe. Contact Francine Chase for more information: fchase@qaiworldwide.org, 1-866-724-6013
(Tentative Schedule – Invited Speakers)
| 8-9 a.m. |
Continental Breakfast
|
| 9-9:15 a.m. |
Opening Remarks
Susan Burgess, QAAM Conference Chair
Keane Federal Systems
|
| 9:15-9:45 a.m. |
QAI Testing and Quality Certification Programs
Tom Ticknor, Chief Operating Officer
Quality Assurance Institute
|
| 9:45-10:30 a.m. |
Software Assurance Needs for Security-Enhanced Software Testing, Quality Assurance and Project Management
Joe Jarzombek, Director for Software Assurance
National Cyber Security Division (NCSD), Department of Homeland Security (DHS)
|
| 10:30-11 a.m. |
Networking Break
|
| 11-11:30 a.m. |
Software System Security Principles
Samuel T. Redwine Jr., Associate Professor
James Madison University
|
| 11:30 a.m.-12:00 p.m. |
ASTQB Certification Schema for Security and Safety
Andrew Pollner
ASTQB Director
|
| 12-1:15 p.m. |
Lunch and Networking
|
| 1:30-1:45 p.m. |
Joe Jarzombek - Facilitator
|
| 1:45-2:15 p.m. |
Security-Enhanced Software Testing for QA Professionals
Sean Barnum, Principal Consultant
Cigital
|
| 2:15-2:45 p.m. |
Assurance in Industry Standards and Capability Maturity Models
Michele Moss
Booz Allen Hamilton
|
| 2:45-3:15 p.m. |
Break
|
| 3:15-3:45 p.m. |
Software Assurance Measurements
Nadya Bartol, Senior Associate
Booz Allen Hamilton
|
| 3:45-4:15 p.m. |
ITIL and SDLC implications for System Assurance
Rama Moorthy
Hatha Systems
|
| 4:15-5 p.m. |
Recommendations & Software Assurance Workshop Wrap-Up |
|
