ISO ISO/IEC TR 20004 Information technology - Security techniques - Refining software vulnerability analysis under ISO/IEC 15408 and ISO/IEC 18045 - First Edition
Данный раздел/документ содержится в продуктах:
- Техэксперт: Машиностроительный комплекс
- Картотека зарубежных и международных стандартов
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- ISO ISO/IEC 15504-2 CORR 1 Software engineering - Process assessment - Part 2: Performing an assessment TECHNICAL CORRIGENDUM 1 - First Edition
- 13
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- ISO ISO/IEC 15504-2 CORR 1 Software engineering - Process assessment - Part 2: Performing an assessment TECHNICAL CORRIGENDUM 1 - First Edition
- 13.180
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- ISO ISO/IEC 15504-2 CORR 1 Software engineering - Process assessment - Part 2: Performing an assessment TECHNICAL CORRIGENDUM 1 - First Edition
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- 35
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- ISO ISO/IEC 15504-2 CORR 1 Software engineering - Process assessment - Part 2: Performing an assessment TECHNICAL CORRIGENDUM 1 - First Edition
- 35.180
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- ISO ISO/IEC 15504-2 CORR 1 Software engineering - Process assessment - Part 2: Performing an assessment TECHNICAL CORRIGENDUM 1 - First Edition
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- ISO ISO/IEC 15504-1 Information technology Process assessment Part 1: Concepts and vocabulary - First Edition; Supersedes ISO/IEC TR 15504-1 and ISO/IEC TR 15504-9
- ISO ISO/IEC TR 15504-7 Information technology - Process assessment - Part 7: Assessment of organizational maturity - First Edition
- ISO ISO/IEC 15504-2 CORR 1 Software engineering - Process assessment - Part 2: Performing an assessment TECHNICAL CORRIGENDUM 1 - First Edition
- ISO ISO/IEC TR 15504-7 Information technology - Process assessment - Part 7: Assessment of organizational maturity - First Edition
- ISO ISO/IEC TR 15504-7 Information technology - Process assessment - Part 7: Assessment of organizational maturity - First Edition
- ISO ISO/IEC 15504-2 CORR 1 Software engineering - Process assessment - Part 2: Performing an assessment TECHNICAL CORRIGENDUM 1 - First Edition
- ISO ISO/IEC 15504-2 CORR 1 Software engineering - Process assessment - Part 2: Performing an assessment TECHNICAL CORRIGENDUM 1 - First Edition
- BSI BS ISO/IEC 15026-2 Systems and software engineering - Systems and software assurance Part 2: Assurance case
- BSI PD ISO/IEC TR 20004 Information technology - Security techniques - Refining software vulnerability analysis under ISO/IEC 15408 and ISO/IEC 18405
- ISO ISO/IEC 15408-3 Information technology - Security techniques - Evaluation criteria for IT security - Part 3: Security assurance components - Third Edition
- CEN ISO/TR 9241-100 Ergonomics of human-system interaction - Part 100: Introduction to standards related to software ergonomics
- Картотека зарубежных и международных стандартов
International Organization for Standardization
Information technology - Security techniques - Refining software vulnerability analysis under /IEC 15408 and /IEC 18045 - First Edition
N ISO/IEC TR 20004
Annotation
This Technical Report refines the AVA_VAN assurance family activities defined in ISO/IEC 18045:2008 and provides more specific guidance on the identification, selection and assessment of relevant potential vulnerabilities in order to conduct an ISO/IEC 15408 evaluation of a software target of evaluation. This Technical Report leverages the Common Weakness Enumeration (CWE) and the Common Attack Pattern Enumeration and Classification (CAPEC) to support the method of scoping and implementing ISO/IEC 18045:2008 vulnerability analysis activities.
This Technical Report does not define evaluator actions for certain high assurance ISO/IEC 15408 components, where there is as yet no generally agreed guidance.
Автоматический перевод:
Информационные технологии - методы безопасности - Совершенствовавший анализ программной уязвимости под ISO/IEC 15408 и ISO/IEC 18045 - Первый Выпуск
Этот Технический отчет совершенствовал действия семьи обеспечения AVA_VAN, определенные в ISO/IEC 18045:2008, и обеспечивает более определенное руководство на идентификации, выборе и оценке соответствующих потенциальных уязвимостей для проведения ISO/IEC 15408 оценок цели программного обеспечения оценки. Этот Технический отчет эффективно использует Common Weakness Enumeration (CWE) и Общее Перечисление Образца Нападения и Классификацию (CAPEC) для поддержки метода определения объема и реализации ISO/IEC 18045:2008 аналитические действия уязвимости.
