DOCSLIB.ORG

Software Configuration Management and Integration

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Software Configuration Management and Integration EGEE Kick-Off Meeting – Cork – 18-22/04/2004 Software www.eu-egee.org Configuration Management and Integration Alberto Di Meglio EGEE JRA1 Integration Manager EGEE is a project funded by the European Union under contract IST-2003-508833 Contents • JRA1 Integration Mandate • Team Objectives • The SCM Plan: an Overview • SCM and Integration Implementation • Configuration and Version Control • Build Systems • Release Process • Other Configuration and Change Control Procedures EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 2 JRA1 Integration Mandate • EGEE JRA1 has a dedicated team for SCM and Integration activities • The vision of the team is that SCM and Integration must start before a single line of code is written and must provide an integrated development and collaboration environment • The mission is to provide a solid, reliable infrastructure to manage changes and release quality software based on industry-standard SCM procedures and tools throughout the entire duration of the project EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 3 Integration Team Objectives • The Integration System must be simple, flexible and solid • Excessive diversity in tools, languages, technologies must be avoided • Centralization of processes and procedures is favoured • Whenever possible industry-standard tools and methods with a large user base and reliable, official support must be used • Making it work well on one platform is preferable to making it available on all platforms (at least initially) • Extension to multiple platforms and usage scenarios will naturally follow for a well designed, developed and integrated software • EGEE Middleware is a complex, multi-disciplinary, highly distributed project. This is part of the novelty and challenge of it and will require a novel approach to old and new problems and some courageous decisions EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 4 SCM Plan Overview • A master Software Configuration Plan is being finalized now [1] • It contains basic principles and rules about the various areas of SCM and Integration (version control, release management, build systems, bug tracking, etc) • Compliant with internationally agreed standards (ISO 10007-2003 E [2], IEEE SCM Guidelines series [3]) • Most EGEE stakeholders have already been involved in the process to make sure everybody is aware of, contributes to and uses the plan • An EGEE JRA1 Developers’s Guide will follow shortly in collaboration with JRA2 (Quality Assurance) based on the SCM Plan • It is of paramount importance to deliver the plan and guide as early as possible in the project lifetime EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 5 SCM and Integration Implementation • As soon as the SCM Plan is finalized, we will start the implementation phase (some steps already taken) • All tools, servers, procedures and communication channels will be put in place • Developer’s and User’s Guides will be produced with clear instructions about how to use and interact with the project and manage changes in the correct way • The complete infrastructure will be in place at the end of Month 3 (30 June) (MJRA1.1) • Goals for the first 12 months are to release incremental code baselines to test with a very rapid lifecycle (weekly) and finally release v. 1.0.0 (main milestone is MJRA1.5 at Month 10: integrated EGEE RC 1 released to testing) EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 6 Version and Configuration Control • Based on CVS using CERN Central IT CVS service • Fixed directory structure for each module • Rules for tagging and branching (e.g. bug fix branches) • Common naming conventions for baseline and release tags • Configuration files to automate creation of workspaces Used to enforce build reproducibility Used to create private workspaces for developers • Authorization based on commitavail and tagavail according to SCM roles (developers, release managers, integrators, etc.) • Supported protocols: K4, SSH (pserver only for anonymous read-only). A CERN AFS account is required EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 7 CVS Structure JRA1 EGEE CVS project org.egee src test org.egee.subsys doc config org.egee.subsys.comp1 interface org.egee.subsys.compN examples EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 8 Workspaces • A Workspace is one of the basic SCM Patterns [4] • It is a private area where a build can be produced under configuration control • More independent workspaces can coexist on the same computer for parallel development • The workspace is created using a Configuration Specification File (CSF) • The CSFs contain all the information necessary to prepare the workspace extracting modules and other dependencies from CVS or the central software repository • There is a CSF file for the overall org.egee Middleware suite and one CSF for each subsystem • CSFs are stored in the corresponding modules in CVS and versioned so that any version of the MW suite and all its subsystems can be reproduced at any time EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 9 Build System • Common Build System A project-wide build system based on Ant to allow all developers, integrators and testers to manage private builds on their own computers with the same tools and settings (compilers, flags, configurations, etc) Based on the concept of Private Workspaces, more than one independent workspace can be created on the same computer Uses a set of common build and properties files to define targets and properties for all project modules External dependencies are stored and versioned either in CVS or a central repository maintained by CERN SPI. All modules must use the SAME versions of the external dependencies across the project • Central Build System Located at CERN and maintained by the JRA1 Integration Team Based on the Common Build System, but automated by means of CruiseControl and Maven to generate a continuous, automated integration process and the overall project web site (Apache style). EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 10 Build System (2) • The Ant build system provides the common build orchestration for all modules, not only Java • Modules can be built independently and use Ant or Make as specified by project requirements, independently from the module implementation language • A set of common targets has been defined for all modules (environment checks, style checks, compilation, unit tests, distribution, etc) • The entire MW suite, individual subsystems and individual modules can be built with the same set of targets • Quality Assurance checks are built into the build process and are mandatory. Failure to pass a quality check (coding styles, unit testing, minimum test coverage, documentation, etc) fails the build EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 11 Build System (3) • Five main types of builds: Continuous Incremental Builds: every few hours, mail messages are sent to developers who break the build Nightly build: every night from clean snapshot Weekly builds: every week from clean project configurations Maintenance builds: used to fix software defects on existing releases Private builds: whenever needed on the private development computers EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 12 Build Tools • Ant: used for the general build management and all Java modules. The advantages/disadvantages of using it also for C/C++ and other languages modules are under investigation • Make + GNU Autotools: for C/C++ and other languages as necessary. Although this is the standard, familiar approach, it has a lot of drawbacks, especially for large, distributed projects (difficult to maintain and centralize, lots of external dependencies, poor internal dependency tracking, file based instead of task based, etc) • CruiseControl: used to automate the integration builds • Maven: used to automate the project web site, reports and documentation builds EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 13 Packaging and Configuration • Installation packages for the EGEE Middleware will be produced by the integration team • Packages will be provided for the entire middleware and for all subsystems and deployment modules • Supported packaging formats are: Source tarballs with build scripts Native packages for supported platforms (e.g. RPMs for Red Hat Linux Enterprise 3.0, MSIs for Windows XP, etc) • Extracting and using modules directly from CVS is not recommended, since there is no guarantee the dependencies are satisfied outside the build system context • Configuration issues are being investigated with SA1 • The goal is to have a simple, common format for all configuration items, usable by standard installation/configuration tools • Some type of “Middleware Configuration Front-End” may also be provided in collaboration with SA1 EGEE Kick-Off Meeting – Cork – 18-22/04/2004 - 14 Release Process 1. Developers works on code functionality and documentation and produce baseline candidates 2. Baseline candidates are continuously integrated and unit and smoke tested 3. A build is successful if all the functionality contained in the module is properly unit tested and documented. If a build is not successful, the baseline candidate is Functionality finished and unit rejected and control returns to the developers tested No 4. Baselines are automatically tagged if the build process is successful 5. When all baseline candidates in the application build list (Application CSF file) are successfully built, an application baseline is produced and passed to testing 6. If all test, certification and validation procedures are successful, the individual
Load more

Recommended publications
  • International Standards, Approaches and Frameworks Relevant to Software Quality Management and Software Process Improvement
    International standards, approaches and frameworks relevant to Software Quality Management and Software Process Improvement To help organizations managing software quality and improving software processes several standards, models, approaches and frameworks have been developed during the last decades. The most widely known and recognized of them are presented in this document. • Capability Maturity Model (CMM) • CMM Integration (CMMI) • Personal Software Process (PSP) and Team Software Process (TSP) • ISO 9000 standards family • TickIT • ISO/IEC TR 15504 Information Technology - Software Process Assessment (SPICE) • ISO/IEC 12207 Information Technology - Software Life-Cycle Processes • BOOSTRAP • Rational Unified Process CMM Publication Date: Version 1.1 - February 1993 Description: The Capability Maturity Model for Software (SW-CMM or CMM) is a model used by organizations for appraising the maturity of their software processes and for identifying practices that will increase the maturity of those processes. It was developed by the Software Engineering Institute, in cooperation with industry representatives. The Software CMM has become a de facto standard for assessing and improving software processes. Through the SW-CMM, the SEI and community have put in place an effective means for modeling, defining, and measuring the maturity of the processes used by software professionals. The Capability Maturity Model for Software describes the principles and practices underlying software process maturity and is intended to help software organizations
    [Show full text]
  • A Stone Man Version
    Guide to the Software Engineering Body of Knowledge AA SSttoonnee MMaann Veerrssiioonn (Version 0.7) April 2000 A project of the Software Engineering Coordinating Committee (Joint IEEE Computer Society - ACM committee ) Corporate support by: Project managed by: Executive Editors: Alain Abran, Université du Québec à Montréal James W. Moore, The MITRE Corp. Editors: Pierre Bourque, Université du Québec à Montréal Robert Dupuis, Université du Québec à Montréal Chair of the Software Engineering Coordinating Committee Leonard L. Tripp, IEEE Computer Society Copyright © 2000, Institute of Electrical and Electronics Engineers, Inc. All rights reserved. PREFACE TO THE SWEBOK GUIDE 1. Software engineering is an emerging discipline but there are unmistakable trends indicating an 10. Purpose increasing level of maturity: 11. The purpose of this Guide is to provide a 2. w McMaster University (Canada), the consensually-validated characterization of the Rochester Institute of Technology (US), the bounds of the software engineering discipline University of Sheffield (UK), the and to provide a topical access to the Body of University of New South Wales (Australia) Knowledge supporting that discipline. The Body and other universities around the world now of Knowledge is subdivided into ten Knowledge offer undergraduate degrees in software Areas (KA) and the descriptions of the KAs are engineering. designed to discriminate among the various important concepts, permitting readers to find 3. w The Software Capability Maturity Model and ISO 9000 are used to certify their way quickly to subjects of interest. Upon organizational capability for software finding a subject, readers are referred to key engineering. papers or book chapters selected because they succinctly present the knowledge.
    [Show full text]
  • Guide to the Software Engineering Body of Knowledge
    Guide to the Software Engineering Body of Knowledge AA SSttoonnee MMaann VVeerrssiioonn (Version 0.5) October 1999 A project of the Software Engineering Coordinating Committee (Joint IEEE Computer Society - ACM committee ) Corporate support by: Project managed by: Co-Executive Editors: Alain Abran, Université du Québec à Montréal James W. Moore, The MITRE Corp. Editors: Pierre Bourque, Université du Québec à Montréal Robert Dupuis, Université du Québec à Montréal Project Champion: Leonard L. Tripp, IEEE Computer Society Table of Contents INTRODUCTORY TEXT FROM THE EDITORIAL TEAM KNOWLEDGE AREA DESCRIPTION : - Software Configuration Management - Software Construction - Software Design - Software Engineering Infrastructure - Software Engineering Management - Software Engineering Process - Software Evolution and Maintenance - Software Quality Analysis - Software Requirement Analysis - Software Testing APPENDIX A KNOWLEDGE AREA DESCRIPTION SPECIFICATIONS FOR THE STONE MAN VERSION OF THE GUIDE TO THE SOFTWARE ENGINEERING BODY OF KNOWLEDGE – VERSION 0.25 INTRODUCTORY TEXT FROM THE EDITORIAL TEAM The IEEE Computer Society and the Association for Computing Machinery are working on a joint project to develop a guide to the Software Engineering Body Of Knowledge (SWEBOK). This is the current draft (version 0.5 completed in September 1999) of the Stoneman version of the Guide1. Articulating a body of knowledge is an essential step toward developing a profession because it represents a broad consensus regarding the contents of the discipline. Without such a consensus, there is no way to validate a licensing examination, set a curriculum to prepare individuals for the examination, or formulate criteria for accrediting the curriculum. The project team is currently working on an update to this draft version of the Guide based on the results of the second review cycle.
    [Show full text]
  • Voluntary Voting System Guidelines VVSG 2.0 Recommendations for Requirements for the Voluntary Voting System Guidelines 2.0
    Voluntary Voting System Guidelines VVSG 2.0 Recommendations for Requirements for the Voluntary Voting System Guidelines 2.0 February 29, 202010, 2021 Prepared for the Election Assistance Commission At the direction of the Technical Guidelines Development Committee 1 Acknowledgements Chair of the TGDC: Dr. Walter G. Copan Director of the National Institute of Standards and Technology (NIST) Gaithersburg, MD Representing the EAC Standards Board: Robert Giles Paul Lux Director Supervisor of Elections New Jersey Division of Elections Okaloosa County Trenton, NJ Crestview, FL Representing the EAC Board of Advisors: Neal Kelley Linda Lamone Registrar of Voters Administrator of Elections Orange County Maryland State Board of Orange County, CA ElectionElections Annapolis, MD Representing the Architectural and Transportation Barrier, and Compliance Board (Access Board): Marc Guthrie Sachin Pavithran Public Board Member Public Board Member Newark, OH Logan, UT Representing the American National Standards Institute (ANSI): Mary Saunders Vice President, Government Relations & Public Policy American National Standards Institute Washington, DC Representing the Institute of Electrical and Electronics Engineers: Dan Wallach Professor, Electrical & Engineering Computer Science Rice University Houston, TX Representing the National Association of State Election Directors (NASED): Lori Augino Judd Choate Washington State Director of Elections State Elections Director Washington Secretary of State Colorado Secretary of State Olympia, WA Denver, CO 2 Requirements
    [Show full text]
  • Appendix A: Quality Models and Verification Methods
    Appendix A: Quality Models and Verification Methods As indicated in previous chapters, we have excluded discussions on the various verification methods which still exist in many publications. The following table may be useful in researching appropriate methods to deal with the different artefacts in the product lifecycle. We do not claim completeness in the methods but have provided common verification methods which we apply in our projects. Artefact type Quality model Verification methods Documentation DocQMod • Peer Review • Structured Group Review • Inspection • Walk Through • Technical Review • Informal Review Business BPQMod • Peer Review processes • Structured Group Review • Formal Inspection (on business process models, e.g. swimlanes, business and application process models) • Walk Through • GUI Prototyping • Test Modelling (based on business processes) • Early Test Case Design • Usability Testing Requirements ReqQMod • Management Review • Peer Review • Structured Group Review • Audit • Inspection • Walk Through • Technical Review • Informal review • GUI Prototyping • Test Modelling (based on requirements) • Test Case Specification (based on requirements) (continued) M. Wieczorek et al., Systems and Software Quality, 165 DOI 10.1007/978-3-642-39971-8, © Springer-Verlag Berlin Heidelberg 2014 166 Appendix A: Quality Models and Verification Methods Artefact type Quality model Verification methods Architecture ArchQMod • Peer Review • Structured Group Review • Formal Inspection • ATAM • Prototyping (including functional and non-functional testing) • FMEA Database DataQMod • Formal Inspection (on e.g. normalisation) • Peer Review (on indexing, SQL statements, stored procedures) • Structured Group Review • Functional Testing (by application) • Non-functional testing (including performance and security) Source code CodeQMod • Peer Review • Walk Through • Formal Inspection (e.g. style guides, coding standards) • Static Source Code Analysis (tool based) • Profiling (e.g.
    [Show full text]
  • Appendix G Systems General Requirements
    BROADWAY SUBWAY PROJECT Commercial in Confidence PROJECT AGREEMENT EXECUTION COPY SCHEDULE 4 Appendix G Systems General Requirements BROADWAY SUBWAY PROJECT Commercial in Confidence PROJECT AGREEMENT EXECUTION COPY SCHEDULE 4: APPENDIX G: SYSTEM GENERAL REQUIREMENTS - 2 - Table of Contents 1 APPENDIX G – Systems GENERAL REQUIREMENTS .................................................................. 7 1.1 Introduction .......................................................................................................................................... 7 1.2 Requirements Delivery ........................................................................................................................ 7 1.3 Standards .............................................................................................................................................. 8 1.4 Systems Plan ........................................................................................................................................ 8 1.5 Design Life of the Systems .................................................................................................................. 9 1.6 Systems Design Management .............................................................................................................. 9 1.6.1 Requirements Specification Overview ............................................................................................ 10 1.6.2 Requirements Analysis Overview ..................................................................................................
    [Show full text]
  • The Evolution of Software Configuration Management
    ISSN 2278-3091 Syahrul Fahmy et al., International Journal of AdvancedVolume Trends 9, No.1. in Computer3, 2020 Science and Engineering, 9(1.3), 2020, 50 - 63 International Journal of Advanced Trends in Computer Science and Engineering Available Online at http://www.warse.org/IJATCSE/static/pdf/file/ijatcse0891.32020.pdf https://doi.org/10.30534/ijatcse/2020/0891.32020 The Evolution of Software Configuration Management 1 2 3 1 1 Syahrul Fahmy , Aziz Deraman , Jamaiah Yahaya , Akhyari Nasir , Nooraida Shamsudin 1University CollegeTATI, Malaysia, [email protected] 2Universiti Malaysia Terengganu, Malaysia 3Universiti Kebangsaan Malaysia, Malaysia processing and implementation status, and verify compliance ABSTRACT with specified requirements” [3]. Software Configuration Management (SCM) is a discipline in “a management activity that applies technical and software engineering for managing changes to software administrative direction over the life cycle of a product, its products using standard processes and tools. This article configuration items, and related product configuration presents the evolution of SCM since its inception, information. It provides identification and traceability, the highlighting the components, application to other areas, status of achievement, and access to accurate information in change management and software quality. Research and all phases of the life cycle” [4]. development in SCM are highly motivated by the problems at hand in software development. SCM process and activities are This paper presents the evolution of SCM, discussing its sound, guided by international standards and industry best components, application to other areas, change management practice. Commercial and proprietary tools are aplenty, and and software quality. the underlying techniques are no longer confined to SCM.
    [Show full text]
  • Manual on the Quality Management System for Aeronautical Information Services ______
    Doc 9839 AN/xxx Manual on the Quality Management System for Aeronautical Information Services ________________________________ Approved by the Secretary General and published under his authority First Edition — XXXX International Civil Aviation Organization Published in English, .................... by the INTERNATIONAL CIVIL AVIATION ORGANIZATION 999 University Street, Montréal, Quebec, Canada H3C 5H7 For ordering information and for a complete listing of sales agents and booksellers, please go to the ICAO website at www.icao.int Doc 9839, Manual on the Quality Management System for Aeronautical Information Services Order Number: ISBN © ICAO 2010 All rights reserved. No part of this publication may be reproduced, stored in a retrieval system or transmitted in any form or by any means, without prior permission in writing from the International Civil Aviation Organization. AMENDMENTS Amendments are announced in the supplements to the Catalogue of ICAO Publications; the Catalogue and its supplements are available on the ICAO website at www.icao.int. The space below is provided to keep a record of such amendments. RECORD OF AMENDMENTS AND CORRIGENDA AMENDMENTS CORRIGENDA No. Date Entered by No. Date Entered by TABLE OF CONTENTS Page Foreword .......................................................................................................................................................... (vii) Acronyms ........................................................................................................................................................
    [Show full text]
  • Parameterization, Analysis, and Risk Management in a Comprehensive Management System with Emphasis on Energy and Performance (ISO 50001: 2018)
    energies Article Parameterization, Analysis, and Risk Management in a Comprehensive Management System with Emphasis on Energy and Performance (ISO 50001: 2018) P. Pablo Poveda-Orjuela 1,*, J. Carlos García-Díaz 2 , Alexander Pulido-Rojano 3 and Germán Cañón-Zabala 4 1 ASTEQ Technology, 53 Street No. 53-15, Barranquilla 080020, Colombia 2 Centre for Quality and Change Management, Universitat Politècnica de València, Camino de Vera, s/n. 46022 Valencia, Spain; [email protected] 3 Industrial Engineering Department, Universidad Simón Bolívar, Av. 59 No. 59-92, Barranquilla 080020, Colombia; [email protected] 4 QUARA Group, 157 Street No. 13 B-20, Bogotá 110121, Colombia; [email protected] * Correspondence: [email protected] or [email protected]; Tel.: +57-3008897111 Received: 7 September 2020; Accepted: 13 October 2020; Published: 26 October 2020 Abstract: The future of business development relies on the effective management of risks, opportunities, and energy and water resources. Here, we evaluate the application of best practices to identify, analyze, address, monitor, and control risks and opportunities (R/O) according to ISO 31000 and 50000. Furthermore, we shed light on tools, templates, ISO guides, and international documents that contribute to classifying, identifying, formulating control, and managing R/O parameterization in a comprehensive management system model, namely CMS QHSE3+, which consists of quality (Q), health and safety (HS), environmental management (E), energy efficiency (E2), and other risk components (+) that include comprehensive biosecurity and biosafety. By focusing on the deployment of R/O-based thinking (ROBT) at strategic and operational levels, we show vulnerability reduction in CMS QHSE3+ by managing energy, efficiency, and sustainability.
    [Show full text]
  • Guideline for Applying Functional Safety to Autonomous Systems in Mining
    20200709_Guideline_for_Applying_Functional_Safety_to_Autonomous_Systems- GMG-AM-FS-v01-r01 GUIDELINE FOR APPLYING FUNCTIONAL SAFETY TO AUTONOMOUS SYSTEMS IN MINING SUBMITTED BY Functional Safety for Autonomous Equipment Sub-committee VERSION DATE 09 Jul 2020 APPROVED BY Autonomous Mining Working Group 31 Jul 2020 and GMG Executive Council 12 Aug 2020 PUBLISHED 18 Aug 2020 DATE DOCUMENT TO BE REVIEWED 18 Aug 2022 PREPARED BY THE FUNCTIONAL SAFETY FOR AUTONOMOUS EQUIPMENT SUB-COMMITTEE OF THE AUTONOMOUS MINING WORKING GROUP Global Mining Guidelines Group (GMG) ii | GUIDELINE FOR APPLYING FUNCTIONAL SAFETY TO AUTONOMOUS SYSTEMS IN MINING DISCLAIMER Although the Global Mining Guidelines Group (GMG) believes that the information on https://gmggroup.org, which includes guidelines, is reliable, GMG and the organizations involved in the preparation of the guidelines do not guarantee that it is accu- rate or complete. While the guidelines are developed by participants across the mining industry, they do not necessarily rep- resent the views of all of the participating organizations. This information does not replace or alter requirements of any national, state, or local governmental statutes, laws, regulations, ordinances, or other requirements. Your use of GMG guide- lines is entirely voluntary. CREDITS Organizations Involved in the Preparation of these Guidelines ABB, Abbott Risk Consulting, Agnico Eagle, Airobiotics, Alex Atkins & Associates, Ambuja Cements, AMOG Consulting, Antofa- gasta Minerals, Australian Droid + Robot, Autonomous Solutions,
    [Show full text]
  • IAEA Nuclear Energy Series Technical Challenges In
    IAEA Nuclear Energy Series No. NP-T-1.13 Basic Technical Challenges Principles in the Application and Licensing of Digital Objectives Instrumentation and Control Systems in Guides Nuclear Power Plants Technical Reports INTERNATIONAL ATOMIC ENERGY AGENCY VIENNA ISBN 978–92–0–102915–7 ISSN 1995–7807 @ 15-37681_PUB1695_cover.indd 1,3 2015-11-17 09:15:48 IAEA NUCLEAR ENERGY SERIES PUBLICATIONS STRUCTURE OF THE IAEA NUCLEAR ENERGY SERIES Under the terms of Articles III.A and VIII.C of its Statute, the IAEA is authorized to foster the exchange of scientific and technical information on the peaceful uses of atomic energy. The publications in the IAEA Nuclear Energy Series provide information in the areas of nuclear power, nuclear fuel cycle, radioactive waste management and decommissioning, and on general issues that are relevant to all of the above mentioned areas. The structure of the IAEA Nuclear Energy Series comprises three levels: 1 — Basic Principles and Objectives; 2 — Guides; and 3 — Technical Reports. The Nuclear Energy Basic Principles publication describes the rationale and vision for the peaceful uses of nuclear energy. Nuclear Energy Series Objectives publications explain the expectations to be met in various areas at different stages of implementation. Nuclear Energy Series Guides provide high level guidance on how to achieve the objectives related to the various topics and areas involving the peaceful uses of nuclear energy. Nuclear Energy Series Technical Reports provide additional, more detailed information on activities related to the various areas dealt with in the IAEA Nuclear Energy Series. The IAEA Nuclear Energy Series publications are coded as follows: NG — general; NP — nuclear power; NF — nuclear fuel; NW — radioactive waste management and decommissioning.
    [Show full text]
  • Guide for Security-Focused Configuration Management of Information Systems
    NIST Special Publication 800-128 Guide for Security-Focused Configuration Management of Information Systems Arnold Johnson Kelley Dempsey Ron Ross Sarbari Gupta Dennis Bailey This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-128 I N F O R M A T I O N S E C U R I T Y NIST Special Publication 800-128 Guide for Security-Focused Configuration Management of Information Systems Arnold Johnson Kelley Dempsey Ron Ross Computer Security Division Information Technology Laboratory Sarbari Gupta Dennis Bailey Electrosoft Services, Inc. Reston, VA This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-128 August 2011 INCLUDES UPDATES AS OF 10-10-2019; SEE PAGE IV U.S. Department of Commerce Wilbur L. Ross, Jr., Secretary National Institute of Standards and Technology Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology Authority This publication has been developed by NIST to further its statutory responsibilities under the Federal Information Security Modernization Act of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular. Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority.
    [Show full text]