Developing trusted systems using DOD-STD-2167A

Abstract

A software development process for developing trusted systems under DOD-STD-2167A is described. The process is based on an approach that integrates trusted computer system evaluation criteria (TCSEC) requirements into the software development process required by DOD-STD-2167A. The process described focuses on development of DOD-STD-2167A data item deliverables, which have been tailored to include TCSEC deliverables. The author describes how these items can be produced in a manner which minimizes the impact on cost and budget, while increasing assurance in the product's trustworthiness.<>