DOD considers creation of a national high-assurance lab for software security

SALT LAKE CITY'Defense Department cybersecurity managers are urging secretary Donald Rumsfeld to establish a high-assurance software lab serving all of DOD. The lab would be virtual, drawing on software certification capabilities scattered across DOD research facilities.

Joe Jarzombek, deputy director for software assurance in DOD's Information Assurance Directorate, said the measure is one response to the fiscal 2004 Defense authorization bill that requires the department to make sure vulnerabilities in commercial software don't compromise military missions. Lawmakers 'are asking how DOD can enhance the acquisition risk management to improve software integrity. DOD is not up to the task of protecting missions from software vulnerabilities,' Jarzombek said last week at the annual Systems and Software Technology Conference.

The proposed lab would create a single executive organization responsible for software integrity and information assurance. Jarzombek said DOD has so many millions of lines of code, it would take years to identify what was developed where.

Featured

  • Records management: Look beyond the NARA mandates

    Records management is about to get harder

    New collaboration technologies ramped up in the wake of the pandemic have introduced some new challenges.

  • puzzled employee (fizkes/Shutterstock.com)

    Phish Scale: Weighing the threat from email scammers

    The National Institute of Standards and Technology’s Phish Scale quantifies characteristics of phishing emails that are likely to trick users.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.