- As part of the PLEIADES-HR ground segment components' development contracts, CNES (Centre National d'Études Spatiales – French National Space Agency) has issued software security assurance requirements inspired on Common Criteria assurance requirements as well as on its own existing software security practices.
Based on interviews with CNES and prime contractors project managers (e.g. THALES, CAPGEMINI, CS-SI, EADS-Astrium), CESTI-AQL has developed a security expertise methodology, backing up CNES high-level security requirements with concrete evaluation methods and tasks. This methodology has been applied by CESTI-AQL since 2005 on fifteen components ranging from satellite functional chains to infrastructure support services, with the aim of preparing security integration of ground segment software. Thus, CESTI-AQL has helped CNES and other regulatory bodies to build up the final security acceptance decision on the ground segment system.
- A large leading European banking and insurance group has developed, thanks to CESTI-AQL's, a security approval policy for all the new application services that were to be connected to their corporate backbone.
Since 2000, this process has been applied to the approval of more than fifty software application projects, on the basis of security expertise services performed by either CESTI-AQL or by other ITSEFs having committed to the security expertise methodology developed by CESTI-AQ.
|
|
|
Print