 |
An Introduction to Trusted Software Development
Dr. Ben Calloni, P.E., CISSP
Fellow for Software Security, Lockheed Martin, US
The ever expanding need for trusted software from longer and international supply chains affects all large commercial Enterprises as well as the Defense Industrial Base (DIB) contractors. Over the last decade, major integrators like Lockheed Martin have been moving to more open architectures while relying more heavily on open standards based Commercial-Off-the-Shelf (COTS) products to reduce initial cost and improve long term affordability and sustainability in its major system’s development for delivery to its DoD and US Government customers. In an effort to insure such standards and its resulting products meet the needs of the DIB as well as commercial Enterprise, companies like Lockheed Martin actively participate in not-for-profit standards consortia, such as the Object Management Group, The Open Group, and the Association for Aeronautics and Astronautics AIAA.
An increasing number of those products are being utilized within the security boundary of the DIB contractor’s internal and delivered systems. Many COTS products are developed to specifically provide Information Assurance (IA) functionality and in some cases even undergo the rigor of Common Criteria Evaluation. However there are many COTS products that, while not providing specific IA support, will be included within the Trusted Computing boundary of a given system. In many cases those COTS suppliers are not as well trained in many of the software / system development techniques necessary to provide higher quality, trusted and assured software, even though many of those techniques are publicly well documented. This tutorial will provide the attendees the opportunity for a quick introduction to some of the rigor necessary by the DIB to produce Trusted Software internally. Such interaction will increase the likelihood of the COTS vendors feeding products into DoD and US Government supply chains to proactively pursue and adopt more software assurance rigor into their own software development processes. Obviously to the degree that these vendors improve the quality of their products for the DIB will also benefit the Enterprise Market as well as the quality of the standards that come from the consortia.
 Ben Calloni
Dr. Ben Calloni is a Lockheed Martin Fellow for Software Security and a Certified Information Systems Security Professional (CISSP). He is a senior research program manager of Aeronautics Company in Fort Worth, Texas assigned to the Advanced Development Programs, formerly known as “The Skunk Works". His research interests are in the area of Software Security and Safety Assurance. He is partnered with the Air Force Research Labs, the National Security Agency, OSD/NII and several commercial off the shelf suppliers, to provide more robust products, such as NIAP evaluated, Multi Level Security Real Time Operating Systems and RT-CORBA and automated tools for establishing software assurance, vulnerability assessment, and trust.
Dr. Calloni serves as the LM Corporate representative to the Object Management Group (OMG), where he currently serves on the Board of Directors and co-chairs the System Assurance Task Force. He is active in The Open Group RTES and Security Forums and was part of the ACS Initiative which has become the Open Group’s newest Forum, Trusted Technology. Ben served for 6 years on The Open Group Governing Board and as Chairman of the Customer Council.
Dr. Calloni is licensed by the State of Texas as a Professional Engineer in Software Engineering. He was the first software engineer nationally in Lockheed Martin Corporation to achieve software engineering licensing.
Prior to joining Lockheed Martin, Dr. Calloni served as a USAF Fighter Pilot in the F-4 Phantom with 2000 hours. He served tours in Europe, South East Asia, and as a top gun instructor. He has a Ph.D. and M.S in Computer Science (Texas Tech University), an M.A. in Theology (Wayland Baptist University) and a B.S. in Industrial Engineering (Purdue University).
|
 Return to previous page
|
|
|
