Supplement of security-related parts of ISO/IEC TR 15504

Sang Ho Kim, Choon Seong Leem, Tai Hoon Kim, Jae Sung Kim

Research output: Chapter in Book/Report/Conference proceedingChapter

2 Citations (Scopus)

Abstract

ISO/IEC TR 15504, the Software Process Improvement Capability Determination (SPICE), provides a framework for the assessment of software processes. This framework can be used by organizations involved in planning, monitoring, controlling, and improving the acquisition, supply, development, operation, evolution and support of software. But, in the ISO/IEC TR 15504, considerations for security are relatively poor to others. For example, the considerations for security related to software development and developer are lacked. In this paper we propose a process related to security by comparing ISO/IEC TR 15504 to ISO/IEC 21827 and ISO/IEC 15408. The proposed scheme may be contributed to the improvement of security for IT product or system.

Original languageEnglish
Title of host publicationLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
EditorsAdnan Yazici, Cevat Sener
PublisherSpringer Verlag
Pages1084-1089
Number of pages6
ISBN (Print)3540204091, 9783540397373
DOIs
Publication statusPublished - 2003

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume2869
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Fingerprint Dive into the research topics of 'Supplement of security-related parts of ISO/IEC TR 15504'. Together they form a unique fingerprint.

Cite this