Assessment Method of Step-by-Step Cyber Security in the Software Development Life Cycle |
Seo, Dal-Mi
(NSE Inc.)
Cha, Ki-Jong (NSE Inc.) Shin, Yo-Soon (NSE Inc.) Jeong, Choong-Heui (Korea Institute of Nuclear Safety) Kim, Young-Mi (Korea Institute of Nuclear Safety) |
1 | Youngdoo Kang and Kil To Chong, "Development of Cyber Security Assessment Methodology for the Instrumentation & Control Systems in Nuclear Power Plants," Journal of academia-industrial technology, 11(9), pp. 3451-3457, Sep. 2010. |
2 | James W. Over, Team Software process for Secure Systems Development, CMU Software Engineering Institute, Mar. 2002. |
3 | Microsoft Corporation, Microsoft Security Development Lifecycle(SDL), Version 5.2, Microsoft Corporation, P.167, May. 2012. |
4 | CLASP, https://www.owasp.org/index.php/ Category: OWASP CLASP Project |
5 | Gary McGraw, Software Security: Building Security In, Addison-Wesley Professional, P.448, 2006. |
6 | IEEE Std. 7-4.3.2, "IEEE Standard Criteria for Digital Computers in Safety Systems of Nuclear Power Generating Stations," Aug. 2010. |
7 | NIST SP 800-64(Rev.2), "Security Considerations in the System Development Life Cycle," Oct. 2008. |
8 | Regulatory Guide 5.71, "Cyber Security Programs for Nuclear Facilities," Jan. 2010. |
9 | NIST SP 800-53(Rev.4), "Security and Privacy Controls for Federal Information Systems and Organizations," Apr. 2013. |
10 | U.S. Department of Homeland Security, "Catalog of Control Security : Recommendations for Standards Developers(Rev.7)," Apr. 2011. |
11 | Sang-Hyun Lee, "Cybersecurity Laws in the U.S.:Focusing on Responses from the Legislative, the Judicial, and the Executive Body," Journal of the Korea Institute of Information Security and Cryptology,3(1), pp. 109-131, Jan. 2012. |
12 | NEI 08-09(Rev.6), "Cyber Security Plan for Nuclear Power Reactors," Apr. 2010. |