Home | About QAI | Federated Chapters
 

Conference Home Page
General Information
- Hotel
- Sponsors
- Contact Us
Pricing & Registration
Special Conference Session - October 4th
Conference
- Program
- Keynotes
- Sessions
CSTE 2-day Prep Course
 



Special Conference Session

Mitigating Software Supply Chain Risks:
Security-Enhanced Quality Assurance, Software Testing, and Project Management
October 4, 2010 - Maritime Institute, Baltimore, MD

The QAI/QAAM conference, in collaboration with the Software Assurance Forum working group members, is pleased to offer "Mitigating Software Supply Chain Risks:  Security-Enhanced Quality Assurance, Software Testing and Project Management” - a Software Assurance workshop. The workshop is designed to present information on how to improve software security practices in software testing, quality assurance, and project management – focused on mitigating risks to projects and enterprises attributable to exploitable software. We will be reviewing industry standards, maturity models, and certification schema for testing, quality, and organizational capability benchmarking, and we will address how static analysis tools can be used to support these efforts.

This is a “workshop” and is not a “spectator event” - nor is it meant to be strictly informational in nature. Attendees will be expected suggest improvements to current industry practice.

Why the workshop? Software is essential to the operation of the Nation’s critical infrastructure. Vulnerabilities in software can jeopardize intellectual property, consumer trust, and business operations and services. Additionally, a broad spectrum of critical applications and infrastructure, from process control systems to commercial application products, depend on secure, reliable software. It is estimated that 90 percent of reported security incidents result from exploits against defects in the design or build of software. Therefore, ensuring the integrity and resiliency of software is vital to protecting the infrastructure from threats which target software vulnerabilities, and reducing overall risk from cyber attacks. In order to ensure system reliability, integrity, and safety, it is critical to include provisions for built-in security of the enabling software.

This is a free “space available” workshop (with priority given to those with paid registration to the QAI/QAAM Conference being held Oct 5-6, 2010). This workshop is being sponsored by Keane Federal Systems. Registrants must request to attend this Monday session with an understanding that those registered for the QAAM 2-day conference have a priority for attending this October 4th session. Those who request to attend will be notified at a later time whether space is available.

Contact Darrin Crittington for more information: dcrittington@qaiworldwide.org 1-866-724-6013

Workshop on Mitigating Software Supply Chain Risks:
Security-Enhanced Quality Assurance Software Testing, and Project Management
(Tentative Schedule - Invited Speakers)

8-9 a.m. Continental Breakfast
9-9:15 a.m. Opening Remarks
Susan Burgess, Mid-Atlantic Software Quality Conference Chair
Keane Federal Systems
9:15-9:45 a.m. Software Supply Chain Risk Management:  Software Assurance Needs for Security-Enhanced Software Testing, Quality Assurance and Project Management
Joe Jarzombek, Director for Software Assurance
National Cyber Security Division (NCSD), Department of Homeland Security (DHS)
9:45-10:30 a.m. Architecting For Quality: Managing Quality Attributes To Reduce Risks
Paul Croll, Computer Sciences Corporation (CSC)
10:30-11 a.m. Networking Break
11-11:30 a.m. Quality and Software Supply Chain Risk Management
Rama Moorty (Hatha Systems)
11:30 a.m.-12:00 p.m. Panel on Static Analysis Tools to Mitigate Software Supply Chain Risks
Joe Jarzombek (Moderator), Paul Croll (CSC), and Warren Badgley (GB Tech)
12-1:15 p.m. Lunch and Networking
1:30-1:45 p.m. Joe Jarzombek - Facilitator
1:45-2:15 p.m. Using SwA And Quality Frameworks To Raise Awareness And Prioritize Improvements
Michele Moss (Booz Allen)
2:15-2:45 p.m. Predicting Software Quality Early In the Software Development Lifecycle and Producing Secure Software
Girish Seshagiri (Advanced Information Services - AIS)
2:45-3:15 p.m. Break
3:15-4:30 p.m. Progress in Software Certification
Tom Ticknor (QAI)
4:30-5 p.m. Birds of a Feather on Achieving Workforce Readiness for SwA Implementation: What Must SwA Adopt from the Quality Community?
Joe Jarzombek, Susan Burgess, Michele Moss, and Paul Croll




QAI Global Institute Conference - Copyright © 2010
www.qaiglobalinstitute.org