Defense Department cybersecurity managers are urging secretary Donald Rumsfeld to establish a high-assurance software lab serving all of DOD.
The lab would be virtual, drawing on the existing software certification capabilities scattered across DOD research facilities. Joe Jarzombek, deputy director for software assurance in DOD’s Information Assurance Directorate, said the measure is one response to language in the fiscal 2004 Defense authorization bill that requires the department to make sure vulnerabilities in commercial software don’t compromise military missions. Lawmakers “are asking how DOD can enhance the acquisition risk management to improve software integrity. DOD is not up task of protecting missions from software vulnerabilities,” Jarzombek said at the annual Systems and Software Technology Conference. Full Story