Founded in the start of the industrial revolution in $1901$ by the Congress with a goal to prevent trade disputes and encourage standardization, the NIST develops technologies, measurement methods, and standards to aid U$.$S$.$ companies in the global marketscape. Although NIST is specific to the United States, in outsourced situations, the company to which software development is outsourced may be required to comply with these standards. This is often contractually enforced.

NIST programs assist in improving the quality and capabilities of software used by business, research institutions, and consumers. They help secure electronic data and maintain availability of critical electronic services by identifying vulnerabilities and cost$-$effective security measures.

One of the core competencies of NIST is the development and use of standards. They have the statutory responsibility to set security standards and guidelines for sensitive federal systems, but these standards are selectively adopted and used by the private sector on a voluntary basis as well. The computer security division information technology laboratory $($ITL$)$ periodically publishes bulletins and the Special Publications $($SP$)500$ and $800$ series. While the SP $500$ series are more generic IT$-$related publications, the SP $800$ series was established in order to organize information technology security publications separately. NIST also includes computer security$-$related FIPS. Many of these publications are of interest to a security professional within the context of software security. One SP that is noteworthy is the SP $800-64$ publication, which discusses security considerations in the information systems development life cycle.

From page $35$ to $40,$ the book introduces various SP $800$ series publications that have considerable implications for software security.

For this assignment:

Pick one of the publications introduced and find the document online.

Review the NIST publication.

Post a one page summary of the publication and include how the standard addresses software security. Make sure to introduce the NIST publication and include a link to the publication.