CETIC’s Software and System Engineering department is actively helping
enterprises and organisations to improve the quality of their IT- or IS-related processes and software products, throughout the software life-cycle process.
We also help our customers reduce safety and security risks in simple to critical production environments.
Development Process Assessment
We provide the following organisational-level audit:
- IT software development process improvement model (OWPL) evaluation, to identify weaknesses and correct them using micro- and full
IT Project Quality Improvement
We provide ad hoc support and project assistance in specifi c life-cycle
stages, such as:
- Requirements analysis: production of precise requirements documents;
for example, for an invitation-to-tender process.
- Software development effort estimation: functional size, effort and
cost estimation services based on requirements, for end-customers
and software factories (COSMIC).
- Software analysis and design: reverse engineering activities, software
architecture review and advice.
- Code quality: punctual/continuous code quality assessment and
improvement advice, as part of internal quality procedures or for the acceptance of code developed externally, using a large set of static analysis tools (CQC, CAST, etc.).
CETIC also offers global project guidance: retro-documentation, knowledge
management, OWPL assessment and the Agile development methodologies.
Security & Safety Standards Readiness and Certification
- Code analysis for security (vulnerability detection) using advanced tools.
- ISO 27002-based light security micro-assessment to evaluate security
maturity related to security practices and to prioritize security investments from a risk management perspective.
- Common Criteria for Information Technology Security Evaluation (ISO/
IEC 15408): helping companies prepare their protection profi les or security targets prior to a Common Criteria evaluation.
- Code analysis for reliability (run-time errors, exceptions) using advanced tools.
- Safety assessment/coaching based on generic IEC 61508 or domain specific standards, such as DO-178B for the aeronautics domain or
Gamp for biotech/clinical research.