TSP-Secure

The SEI Team Software Process (TSP) methodology, known for enabling dramatic improvement in productivity and product quality, is now being used for rapid, economic, and self-sustaining implementation of Capability Maturity Model Integration (CMMI). TSP-Secure extends TSP to achieve the development of secure software systems by institutionalizing guidance offered from the CERT Program, as illustrated below. By implementing TSP-Secure, organizations can efficiently build high-quality, secure software while conforming to CMMI.

TSP-Secure

TSP-Secure incorporates the planning, process, quality, measurement, and tracking frameworks of TSP for secure software development and generates the practices and artifacts required to satisfy a Maturity Level 3 (ML3) appraisal of the CMMI Standard CMMI Appraisal Method for Process Improvement (SCAMPI). TSP-Secure requires the selection of one or more secure coding standards during the requirements phase of the project. TSP-Secure teams apply application conformance testing processes as part of their own development processes to produce demonstrably conforming secure code.