The event started with a keynote from Bob Kolasky, Assistant Director of the National Risk Management Center (NRMC) with the Cybersecurity and Infrastructure Security Agency (CISA). Bob started by explaining the main priorities for NRMC which include federal network security, election security, industrial control security, and supply chain security. ... Read more →
10/27/2019
Takeaways from CISQ’s 7th Annual Cyber Resilience Summit
Posted at 1:58 am in Uncategorized, | Permalink
10/07/2019
Is the Software Industry Approaching Its “Silver Bridge” Moment?
We think of life as being measured in years not inches, but on the night of 15th December 1967 for Charlene Wood life, or death, would be a matter of inches. Charlene was looking forward to getting home after 8 hours on her feet at the local hair salon, a long time given Charlene was pregnant with her first child. As Charlene approached the Sliver Bridge over the Ohio River that cold Friday evening, the last thing on her mind was a design decision made 39 years ago, a decade before she was even born.... Read more →
Posted at 10:23 am in Uncategorized, | Permalink
07/29/2019
Q&A with David Norton on CISQ’s State of the Industry Survey
CISQ is launching its State of the Nation survey on software quality. I sat down with Dave Norton, Executive Director of CISQ and lead author of the survey, to draw out his insights and rationale for launching the survey and its subsequent report. Continue reading... - Tracie Berardi, Program Manager, CISQ... Read more →
Posted at 2:33 am in Uncategorized, | Permalink
05/20/2019
Could A New ISO Standard and Old Foe Solve the Gordian Knot of Agile/DevOps Sizing and Estimation?
David Norton, Executive Director, CISQ Note: This blog first appeared on Dave's LinkedIn on May 16, 2019 in a longer, more wittier form The following comes with a warning! I am about to suggest something that many in the agile world will hate. Even as I type, I can already... Read more →
Posted at 2:16 am in Uncategorized, | Permalink
05/14/2019
Cyber Standards for Modern IT – The Case for Standards in Software Development and Acquisition
Tracie Berardi, Program Manager, CISQ On May 1 in Washington, DC, CISQ presented at Cyber Standards for Modern IT, an event co-hosted with the Homeland Security Dialogue Forum and Center for Public Policy Innovation. The purpose of the meeting was to educate members of Congress and their staff on standards... Read more →
Posted at 11:19 am in Uncategorized, | Permalink
05/13/2019
Dr. Bill Curtis from CISQ joins UL 2900 Standards Technical Panels
Dr. Bill Curtis, Founding Executive Director of the Consortium for IT Software Quality (CISQ), has joined the Standards Technical Panels (STPs) for the UL 2900 series of standards. UL 2900 is a set of software cybersecurity standards for network-connectable products.... Read more →
Posted at 10:40 am in Uncategorized, | Permalink
05/06/2019
Presentations from SPICON ’19
Tracie Berardi, Program Manager, CISQ SPICON is an annual conference organized by the Chennai chapter of Software Systems Process Improvement Network (SPIN). An international forum that promotes various high-maturity quality and management practices, processes, frameworks and models, SPICON attracts thought leaders in software and systems process improvement from around the..... Read more →
Posted at 5:07 am in Uncategorized, | Permalink
03/25/2019
CISQ’s week at OMG and a standard proposal
Dr. Bill Curtis, Executive Director, Consortium for IT Software Quality (CISQ) The OMG Technical meeting this past week in Reston, Virginia (DC area) was very productive for CISQ. On Monday, March 18, the Automated Source Code Quality Measures specification that extends the CISQ Quality Characteristic Measures to embedded software was... Read more →
Posted at 2:47 am in Uncategorized, | Permalink
12/03/2018
CISQ’s Automated Function Points: History and Calculation
After requests from numerous commercial enterprises, the Consortium for IT Software Quality (CISQ) was formed in 2010 by the Software Engineering Institute at Carnegie Mellon University and the Object Management Group (OMG), an international IT standards organization. CISQ was chartered to create international standards for automating the measurement of size and structural quality from software source code. During early executive forums held in Washington DC, Frankfurt, and Bangalore, five measures were selected for initial specification, among which was a request to automate the counting of Function Points from source code based as closely as possible on counting guidelines from the International Function Points User Group (IFPUG)... Read more →
Posted at 11:10 am in Uncategorized, | Permalink
11/26/2018
Applying Coding Standards to the NIST Cybersecurity Framework
The NIST Cybersecurity Framework was first published in 2014 for operators of U.S. critical infrastructure and is now the de facto cybersecurity framework for a wide range of businesses and organizations across industries. Organizations link their cyber approaches to the Framework’s core functions of Identify, Protect, Detect, Respond and Recover... Read more →
Posted at 11:09 am in Uncategorized, | Permalink