At the turn of the last century, Time–Life magazine picked Johannes Gutenberg's invention of the printing press as the most important invention of the second millennium. Their pick outranked many other inventions that have changed humankind. Anesthesia and vaccinations that have revolutionized the medical field, automobiles and airplanes that have increased mobility, and even the electric light that has powered countless social changes all ranked below Gutenberg's invention, which allowed the great expansion of literacy.

The concept of interchangeable parts in the printing press was what made the press adaptable and such a revolutionary change. Previously, books were hand copied and could easily take a year's labor to produce, making their cost prohibitive to all but a few. Gutenberg didn't invent printing or movable type. Printing had been around for many thousands of years. Movable type had been in existence for well over a thousand years before Gutenberg. Although he did invent the process for mass-producing movable type and is credited with introducing movable-type printing to Europe, his most significant contribution, and the one for which he was recognized, was tying all of these pieces together into a revolutionary new use that imparted incredible social change.

Nearer to the interests of the readers of this book are computers, which ranked well below Gutenberg's invention on the Time-Life list. This is not surprising, for computers only appeared at the twilight of the last millennium and their impact is just starting to be felt. We've only experienced a tiny portion of the changes that computers are bringing to the world. Every day new adaptations and uses for computers are rapidly changing our world. But, as with any rapid and revolutionary change, there is a dark side. Computers can be usurped by attackers, and the code on which we depend for our safety and privacy can have flaws that make the code operate in unintended or unexpected ways.

Many security professionals are attempting to make the use of computers more secure. Dr. Nikolai Mansourov and Ms. Djenana Campara's contributions to the OMG Software Assurance Ecosystem and their work on the supporting standards described in this book are providing the basis for a revolutionary change in the way knowledge about software is determined and demonstrated. From this knowledge, the potential exists for gaining a deep understanding of the software and identifying potential vulnerabilities.

One of the major strengths of the Ecosystem is the fact that it is based on internationally developed and recognized standards. The standards-based approach allows for components of the Ecosystem to be exchanged for other components for reasons such as being able to process a different computer language or for better performance. This approach provides for the interchange of the components similar to the process invented by Gutenberg and used to create most of the products we use today. In a similar way, the interchangeability offered by the Ecosystem has the potential to drastically change how weaknesses in software are identified and evidenced.

The standards on which the SwA is based are, by necessity, not trivial. Through this book, Nick and Djenana have provided a good introduction to these underlying standards and how they fit together to form the SwA EcoSystem. I applaud Dr. Mansourv and Ms. Campara as they continue their contributions to the essential task of making computing safer and more secure for the world.

Dr. Larry Wagoner