SSE Services

CETIC’s Software and System Engineering department is actively helping
enterprises and organisations to improve the quality of their IT- or IS-related processes and software products, throughout the software life-cycle process.

We also help our customers reduce safety and security risks in simple to critical production environments.

Development Process Assessment

We provide the following organisational-level audit:

  • IT software development process improvement model (OWPL) evaluation, to identify weaknesses and correct them using micro- and full

IT Project Quality Improvement

We provide ad hoc support and project assistance in specifi c life-cycle
stages, such as:

  • Requirements analysis: production of precise requirements documents;
    for example, for an invitation-to-tender process.
  • Software development effort estimation: functional size, effort and
    cost estimation services based on requirements, for end-customers
    and software factories (COSMIC).
  • Software analysis and design: reverse engineering activities, software
    architecture review and advice.
  • Code quality: punctual/continuous code quality assessment and
    improvement advice, as part of internal quality procedures or for the acceptance of code developed externally, using a large set of static analysis tools (CQC, CAST, etc.).

CETIC also offers global project guidance: retro-documentation, knowledge
management, OWPL assessment and the Agile development methodologies.

Security & Safety Standards Readiness and Certification

Security-related services:

  • Code analysis for security (vulnerability detection) using advanced tools.
  • ISO 27002-based light security micro-assessment to evaluate security
    maturity related to security practices and to prioritize security investments from a risk management perspective.
  • Common Criteria for Information Technology Security Evaluation (ISO/
    IEC 15408): helping companies prepare their protection profi les or security targets prior to a Common Criteria evaluation.

Safety-related services:

  • Code analysis for reliability (run-time errors, exceptions) using advanced tools.
  • Safety assessment/coaching based on generic IEC 61508 or domain specific standards, such as DO-178B for the aeronautics domain or
    Gamp for biotech/clinical research.