The content provides guidance for how to think about a topic for which there is no proven or widely accepted approach. The intent of the description is to raise awareness and aid the reader in thinking about the problem and candidate solutions. The content may also describe promising research results that may have been demonstrated in a constrained setting.

Title Updated
Evidence of Assurance: Laying the Foundation for a Credible Security Case 2014-11-04
Arguing Security - Creating Security Assurance Cases 2014-11-04
Phkmalloc 2013-07-31
Measures and Measurement for Secure Software Development 2013-07-03
Identity in Assembly and Integration 2013-07-02
Finding a Vendor You Can Trust in the Global Marketplace 2013-07-02
Adapting Penetration Testing for Software Development Purposes 2013-05-21
Vstr 2013-05-20
Software Assurance Education Overview 2013-05-15
Assurance Cases Overview 2013-05-14
strncpy_s() and strncat_s() 2013-05-14
A Common Sense Way to Make the Business Case for Software Assurance 2013-05-14
"Assembly, Integration, and Evolution Overview" 2013-05-14
Source Code Analysis Tools - References 2013-05-13
Safe Integer Operations 2013-05-10
Heap Integrity Detection 2013-05-10
SafeStr 2013-05-10
The Role of Computer Security Incident Response Teams in the Software Development Life Cycle 2008-08-20
Trustworthy Composition: The System Is Not Always the Sum of Its Parts 2005-09-28