Dear list members.
In june 2007, I had an interesting conversation with
Mr. Will Hayes from SEI during the Brazilian Symposium
on Software Quality. It was a great experience and I
am very grateful for this.
During our conversation, I made a question to Mr.
Hayes similar to this: "Is it possible that only
software development process improvements can produce
secure software?"
The scenario was only based on CMMI without security
interference.
His answer to this question was "YES". My answer was
"I DO NOT THINK SO".
His answer made me confuse and I had no arguments,
mainly, because my professional experience in software
process does not compare to Mr. Haye's experience.
Unfortunately, I also haven't found any statistics
which could answer this question. Please, if there is
one, let me know!
So, how about you, list members? What are your answers
to the question above?
I will try to organize your answers and present the
final result.
Thank you.
Yours faithfully,
Francisco José Barreto Nunes.
Alertas do Yahoo! Mail em seu celular. Saiba mais em
http://br.mobile.yahoo.com/mailalertas/
_______________________________________________
Secure Coding mailing list (SC-L) SC-L@securecoding.org
List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l
List charter available at - http://www.securecoding.org/list/charter.php
SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com)
as a free, non-commercial service to the software security community.
_______________________________________________
