Software Process Improvement Environment
Today, in accordance with the bigger complexity of the system, the security concerns of a system have increased rapidly. One of the main concerns of the high security information system is the security evaluation to define the security function. Security evaluation of information security system is broadly used with respect to Common Criteria (CC) as ISO standards (ISO/IEC 15408:1999). The standardization of process assessment results is a key point for solving the problems. This paper suggests XML-based approach to introduce the establishment of compatible environments for process improvement on the Web. In this paper, we focus on creating SPIE (Software Process Improvement Environments) for wide acceptance of process improvement on the Web. SPIE DTD was defined to satisfy assessment output requirements in the ISO/IEC 15504. SPIE provides interoperability between applications that exchange process assessment results in machine-understandable XML format on the Web.
KeywordsProcess Improvement Security Evaluation Security Function Capability Maturity Model Capability Level
Unable to display preview. Download preview PDF.
- 1.Rout, T.: SPICE: A Framework for Software Process Assessment. Software Process Improvement and Practice Journal, Pliot Issue, 57–66 (August 1995)Google Scholar
- 2.Cattaneo, F., Fuggetta, A., Sciuto, D.: Pursuing coherence in software process assessment and improvement. Software Process: Improvement and Practice 6(1) (2001)Google Scholar
- 3.Campbell, M.: Tool Support for Software Process Improvement and Capability Determination: Changing the Paradigm of Assessment. Software Process Newsletter 4, 12–15 (1995)Google Scholar
- 4.Bocler, G.A., Talylor, R.N.: Endeavors: A Process System Integration Infrastructure. In: Proceedings of the Fourth International Conference on the Software Process, Brighton, England (December 1996)Google Scholar
- 5.Rubin, H.: Software Process Maturity. Computer Channel Inc. (1993)Google Scholar
- 6.Zahran, S.: Software Process Improvement. Addision-wesley, London (1998)Google Scholar
- 7.Paulk, M.C.: The Evolution of the SEI’s Capability Maturity Model for Software. Software Process: Improvement and Practice, Pilot issue, 3–15 (1995)Google Scholar
- 8.Maclennan, F., Ostrolenk, G.: The SPICE Trials: Validating the Framework. In: Proceedings of 2nd International SPICE Symposium (1995)Google Scholar
- 9.ISO/IEC 15504 TR2:1998, Part 2: A reference model for processes and process capability, ISO/IEC JTC1/SC7 (1998)Google Scholar
- 10.W3 Consortium, W3C Recommendation: Extensible Markup Language 1.0 (1998), http://www.w3.org/TR/1998/REC-xml-19980210