DOD considers creation of national software security lab

DOD considers creation of national software security lab

SALT LAKE CITY'Defense Department cybersecurity managers are urging secretary Donald Rumsfeld to establish a high-assurance software lab serving all of DOD.

The lab would be virtual, drawing on the existing software certification capabilities scattered across DOD research facilities.

Joe Jarzombek, deputy director for software assurance in DOD's Information Assurance Directorate, said the measure is one response to language in the fiscal 2004 Defense authorization bill that requires the department to make sure vulnerabilities in commercial software don't compromise military missions.

Lawmakers 'are asking how DOD can enhance the acquisition risk management to improve software integrity. DOD is not up task of protecting missions from software vulnerabilities,' Jarzombek said at the annual Systems and Software Technology Conference.

The proposed lab would create a single executive organization responsible for software integrity and information assurance.

Whatever approach DOD components take on testing software, Jarzombek said, the efforts should not be overly focused on software developed in foreign countries, as he said a soon-to-be-released General Accounting Office study suggests.

'We've told [GAO] we have plenty of vulnerabilities from domestically developed software,' he said.

Jarzombek said DOD possesses so many millions of lines of code in countless thousands of packages, that it would take years of effort and millions of dollars just to identify what was developed where.

Featured

  • Records management: Look beyond the NARA mandates

    Pandemic tests electronic records management

    Between the rush enable more virtual collaboration, stalled digitization of archived records and managing records that reside in datasets, records management executives are sorting through new challenges.

  • boy learning at home (Travelpixs/Shutterstock.com)

    Tucson’s community wireless bridges the digital divide

    The city built cell sites at government-owned facilities such as fire departments and libraries that were already connected to Tucson’s existing fiber backbone.

Stay Connected