Cyber Risk and Related OMG Standards
The System Assurance Task Force has been working to create a suite of complimentary OMG specifications to address the important field of System and Software Assurance. The specifications will allow multiple tool vendors that offer various technologies in the Safety Assurance and CyberSecurity markets to provide an interoperability mechanism whereby large, medium and small system builders and integrators can leverage the “best of breed” in an integrated manner to achieve Certification and Accreditation of systems, be it for a country’s government, defense, or enterprise markets. Such a suite of collaborating tools will allow for a more full automation of what is now a very costly and time consuming manual process.
This presentation will provide an overview of the System Assurance modeling specifications that exist or are in development. It will also include some Lockheed Martin analysis data for flaw remediation using KDM Analytics Tool Output Integration Framework product which conforms to the recently released TOIF Specification. No Magic has plans to integrate this Static Code Analysis framework into their products to simply execution and standardize reporting for any TOIF adapted SCA vendor’s tool.