Software Capability Evaluations Incorporating Trusted Software Methodology

摘要

This paper defines a method for evaluating a contractor's ability to comply withboth the Software Engineering Institute's (SEI) Process Maturity Model and the Ballistic Missile Defense's (BMD) Trusted Software Methodology (TSM). The SEI model is used to evaluate the maturity of a contractor's software development process. The TSM is used to evaluate the contractor's ability to prevent inadvertent and malicious errors from occurring in software products. The method described in this paper identifies the commonality and differences between these two models and the additional activities that must occur during an SEI Software Capability Evaluation (SCE) to accommodate the TSM criteria. This method was developed after receiving appropriate SCE and TSM training and performing numerous SCEs. It is intended to be used throughout the BMD program to help identify software development risks.