Today our civil government, our military, our industry, and our entire population work, communicate, and socialize in a cyber environment that relies on software-reliant global IT architectures, applications, and services.
Gone are the days of the network merely being a support infrastructure to a few basic organizational and societal functions. Today and in the future, this cyber environment is foundational to and connected with almost everything we do.
Our electric power grid relies on it, our telecommunications live within it, our financial system is encompassed by it, and our military operates and fights from it.
Therefore, our singular dependency on assured software as the heart of this cyber environment is more prevalent than ever.
However, as we have come to depend on software more, we face the risks that arise from this dependence. The size and complexity of software, as well as the interconnectedness of software-enabled systems, mean possible exposure to disruptive, damaging events.
These events stem from not only software quality issues, emergent behavior, and unforeseen dependencies—but also cyber attack by hackers, insiders, criminals, nation states, and terrorists.
The best way to assure software quality, security, and resiliency is to design, develop, and integrate software in a way that does not allow defects and vulnerabilities in the first place.