Dr. Gandhi is an Associate Professor of Information Assurance at the University of Nebraska at Omaha. He received his Ph.D. from The University of North Carolina at Charlotte. His research, teaching, and publications are in the areas of software assurance, regulatory requirements modeling and analysis and certification and accreditation. AFOSR, NIST, NASA, NSF, DHS S&T and AFRL have supported his research. He is a member of IEEE and ACM professional communities and the DHS Software Assurance Workforce Education and Training Group. His recent activities have brought software assurance requirements to the forefront of the US federal assessment and authorization process for IT systems.
Checkout NIST SP 800-160 Appendix J Sofware Security and Assurance for controls relevant to software security engineering.