The real challenge to DOD & AF is what they will do about requirements
engineering. If they bite that bullet (with all requirements that
Professor Alan Davis identifies) the language requirements will fall into
So far as I know there is no policy enforcing any standard for software
requirements engineering (including the lip service paid by the SEI CMM),
so any COTR can pretty much try to stretch any budget to fit any systems
concept -- no better off than the mid 1960s (IMVHO).
What they need is a magic matrix similar to the NCSC System Security
Levels for SOFTWARE INTEGRITY (current guideline from NIST is helpful, but
has no teeth).
Please, if anyone has corrections or better information,
Mike Berens, CSQE