We don’t just sit down and start writing code anymore! We follow a Software Development Life Cycle (SDLC) which begins with planning.
CMM – Capability Maturity Model. A model aimed at improving process and quality. CMM assigns one of 5 levels.
• Level One, Initial: uses terms like “chaotic.”
• Level Two, Repeatable: Some repeatable processes have been defined. Basic project management.
• Level Three, Defined: A standard software process for both engineering and management is defined and all projects use an approved tailored version.
• Level Four, Quantitatively Managed: Adds detailed metrics.
• Level Five, Optimizing: Focused on continual process improvement.
CMMI – Capability Maturity Model Integration. A recent version of CMM with the same 5 levels as the original CMM.
SDLC – Software Development Life Cycle. Instead of
simply sitting down and starting to write code, unfortunately a common
technique used in software development historically and still somewhat
today, software development should follow a lifecycle, beginning with
planning and eventually ending in retirement of the system.
It also stands for Synchronous Data Link Control, an old IBM mainframe technology.
RAD – Rapid Application Development.
XP – eXtreme Programming, an Agile development method.
CASE tools – Computer Aided Software Engineering tools.
IDE – Integrated Development Environment. A development environment that provides an integrated workspace which commonly includes source code control, debugging, and compiling.
DevOps – The concept, practice, and philosophy that development and operations are integrated; code is developed with the operational environment in mind.
SDL – Security Development Lifecycle
MS SDL – Microsoft Security Development Lifecycle. Microsoft is the name most closely associated with SDL. Their approach has 16 SDL practices.
SD3+C – Secure by Design, by Default, by Deployment and Communications. A centerpiece of MS SDL.
RPC – Remote Procedure Call.
ORB – Object Request Broker. A middleware service, commonly implemented as a server process per machine, which takes object references and resolves them regardless of where the object may reside in the network.
CORBA – Common Object Request Broker Architecture. An industry standard for ORBs from the OMG (below) that was a good first attempt but was so vague that CORBA compliant ORB implementations from different vendors like IBM, Sun, and HP, simply did not interoperate.
OMG – Object Management Consortium. A bunch of smart folks from Framingham Mass that had the “Object Religion” a bit too intensely and developed CORBA. Apparently they still exist but no one really cares.
COM/DCOM – Component Object Model/Distributed Component Object Model. A Microsoft proprietary technology similar to CORBA. Good stuff, and they let out the source code and people started implementing on other platforms like Unix/Linux but the WWW protocols took over.
QA – Quality Assurance. A type of dynamic application testing.
UAT – User Acceptance Testing. A type of dynamic
Get a PDF of The CISSP Acronym Edge: CISSP Study & Review Guide - signup below & I'll send it to you.