The objectives of this presentation are to provide an introduction to the topic of Software Assurance (SwA) – what it is and why it is needed – as well as an overview of the Missile Defense Agency’s (MDA) approach to implementing SwA. The MDA has holistically integrated key aspects of software assurance into its business and engineering practices to bring order to disparate issues. This process includes incorporating SwA throughout the MDA software development and systems engineering lifecycle.
The goal of the MDA’s SwA program is to improve the integrity of MDA software and minimize risk, by identifying and mitigating software vulnerabilities before fielding. This will be accomplished using a three-phase approach that includes: 1) building software security into the development process; 2) performing an independent SwA assessment and 3) managing any unmitigated software vulnerabilities.