Abstract Details

<< Back to Schedule

9/26/2017  |   11:15 AM - 12:00 PM   |  Track 2 - Systems Engineering

From Continuous Integration to Continuous Assurance

Continuous assurance extends the concept of continuous integration into the software assurance space. The goal is to naturally integrate the security assessment of software into the software development workflow. The Software Assurance Marketplace (SWAMP) was established to support continuous assurance, helping to simplify and automate the process of running code analysis tools, especially static code analysis (SCA) tools. We describe how the SWAMP (https://continuousassurance.org) can be integrated easily into the continuous assurance workflow, providing direct access from integrated development environments (IDEs) such as Eclipse, source code management systems such as git and Subversion, and continuous integration systems such as Jenkins.

Presentation:
17141_7299JamesKupsch.pdf

Handouts:
No handouts have been uploaded.

Barton Miller (Author), University of Wisconsin, bart@cs.wisc.edu;
Vilas Distinguished Achievement Professor; Amar & Belindar Sohi Professor in Computer Sciences; Chief Scientist, DHS Software Assurance Marketplace (SWAMP); University of Wisconsin-Madison.

Vamshi Basupalli (Author), University of Wisconsin-Madison, vamshi@cs.wisc.edu;
Associate Researcher, SWAMP Project, University of Wisconsin-Madison

Josef Burger (Author), University of Wisconsin-Madison, bolo@cs.wisc.edu;
Researcher, SWAMP Project, University of Wisconsin-Madison

James Kupsch (Primary Presenter,Author), University of Wisconsin-Madison, kupsch@cs.wisc.edu;
Researcher, SWAMP Project, University of Wisconsin-Madison

2017 Sponsors: IEEE and IEEE Computer Society