Part II: Questions requiring a short description, no more than 1 page (double-spaced) per question (2 Questions, 15 points each, 30 points total)

1. 1. What are the conceptual differences between a reference validation mechanism, a trusted computing base, and the TOE Security Functions?

 

 

2. 2. A company develops a new security product using the extreme programming software development methodology – programmers code, then test, then add more code, then test, and continue the iteration. Every day, they test the code base as a whole. The programmers work in pair when writing code to ensure that at least two people review the code. The company does not adduce any additional evidence of assurance.  How will you explain to the management of this company why their software is not a high assurance software.

 

Part III: 1 question requiring no more than 2 pages (double-spaced) (30 points)

One well-known secure software development methodology is that of Microsoft, the Microsoft Security Development Lifecycle  (see https://www.microsoft.com/en-us/sdl/; also the attached Simplified Implementation of the Microsoft SDL document). Explain what the methodology is, how well it addresses security concerns in the life cycle and what its drawbacks if any are. Feel free to use other resources to support your answer