Follow

Submissions from 2014

PDF

Study of Integration Strategy Considerations for Wireless Emergency Alerts

PDF

Results in Relating Quality Attributes to Acquisition Strategies, Lisa Brownsword, Cecilia Albert, David J. Carney, and Patrick R. Place

PDF

TSP Symposium 2013 Proceedings, Sergio Cardona, João Pascoal Faria, Fernanda Grazioli, Pedro Henriques, James McHale, Silvana Moreno, William R. Nichols, Leticia Pérez, Mushtaq Raza, Rafael Rincón, and Diego Vallespir

PDF

Improving the Security and Resilience of U.S. Postal Service Mail Products and Services Using the CERT® Resilience Management Model, Greg Crabb, Julia H. Allen, Nader Mehravari, and Pamela D. Curtis

PDF

A Proven Method for Identifying Security Gaps in International Postal and Transportation Critical Infrastructure, Gregory Crabb, Julia H. Allen, Pamela D. Curtis, and Nader Mehravari

PDF

Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase II, Expanded Analysis and Recommendations, Lori Flynn, Greg Porter, and Chas DiFatta

PDF

Agile Metrics: Progress Monitoring of Agile Contractors, William Hayes, Suzanne Garcia-Miller, Mary Ann Lapham, Eileen Wrubel, and Timothy A. Chick

PDF

Agile Methods and Request for Change (RFC): Observations from DoD Acquisition Programs, Mary Ann Lapham, Michael S. Bandor, and Eileen Wrubel

PDF

Best Practices in Wireless Emergency, John McGregor, Joseph P. Elm, Elizabeth Trocki Stark, Jennifer Lavan, Rita C. Creel, Christopher J. Alberts, Carol Woody, Robert Ellison, and Tamara Marshall-Keim

PDF

Wireless Emergency Alerts: Trust Model Simulations, Timothy Morrow, Robert W. Stoddard, and Joseph P. Elm

PDF

Unintentional Insider Threats: Social Engineering, Software Engineering Institute

PDF

Wireless Emergency Alerts: Trust Model Technical Report, Robert W. Stoddard, Joseph P. Elm, James McCurley, and Sarah Sheard

PDF

Maximizing Trust in the Wireless Emergency Alerts (WEA) Service, Carol Woody and Robert Ellison

Submissions from 2013

PDF

Results of SEI Line-Funded Exploratory New Starts Projects, Bjorn A. Andersson, Stephany Bellomo, Lisa Brownsword, Sagar J. Chaki, William Claycomb, Corey Cohen, Julie Cohen, Peter Feiler, Robert W. Ferguson, Lori Flynn, David Gluch, Dennis Goldenson, Arie Gurfinkel, Charles Hines, Jeffrey S. Havrilla, Carly Huth, Wesley Jin, Rick Kazman, Mary Ann Lapham, James McCurley, John D. McGregor, David McIntire, Robert Nord, Ipek Ozkaya, Robert W. Stoddard, and David Zubrow

PDF

Mobile SCALe: Rules and Analysis for Secure Java and Android Coding, Lujo Bauer, Lori Flynn, Limin Jia, Will Klieber, Fred Long, Dean F. Sutherland, and David Svoboda

PDF

Isolating Patterns of Failure in Department of Defense Acquisition, Lisa Brownsword, Cecilia Albert, David J. Carney, Patrick R. Place, Charles (Bud) Hammons, and John J. Hudak

PDF

Advancing Cybersecurity Capability Measurement Using the CERT ® -RMM Maturity Indicator Level Scale, Matthew J. Butkovic and Richard A. Caralli

PDF

Unintentional Insider Threats: A Foundational Study, Carnegie Mellon University

PDF

Probabilistic Verification of Coordinated Multi-Robot Missions, Sagar J. Chaki and Joseph A. Giampapa

PDF

Team Software Process (TSP) Coach Certification Guidebook, Timothy A. Chick

PDF

Team Software Process (TSP) Coach Mentoring Program Guidebook, Version 2.0, Timothy A. Chick, James McHale, and William R. Nichols

PDF

Spotlight On: Insider Theft of Intellectual Property Inside the United States Involving Foreign Governments or Organizations, Matthew L. Collins, Derrick Spooner, Dawn Cappelli, Andrew P. Moore, and Randall F. Trzeciak

PDF

Best Practices Against Insider Threats in All Nations, Lori Flynn, Carly Huth, Randy Trzeciak, and Palma Buttles

PDF

Introduction to the Mission Thread Workshop, Michael J. Gagliardi, William Wood, and Timothy Morrow

PDF

Quantifying Uncertainty in Expert Judgment: Initial Results, Dennis Goldenson and Robert W. Stoddard

PDF

Software Assurance Competency Model, Thomas B. Hilburn, Mark Ardis, Glen Johnson, Andrew J. Kornecki, and Nancy Mead

PDF

Socio-Adaptive Systems Challenge Problems Workshop Report, Scott Hissam, Mark H. Klein, and Gabriel Moreno

PDF

Understanding Patterns for System-of- Systems Integration, Rick Kazman, Claus Nielsen, and Klaus Schmid

PDF

Using Software Development Tools and Practices in Acquisition, Harry Levinson and Richard Librizzi

PDF

Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time, Todd Lewellen, George J. Silowash, and Daniel L. Costa

PDF

Application Virtualizaton as a Strategy for Cyber Foraging in Resource-Constrained Environments, Grace A. Lewis and Dominik Messinger

PDF

The MAL: A Malware Analysis Lexicon, David McIntire and David Mundie

PDF

Software Assurance Measurement – State of the Practice, Nancy Mead and Dan Shoemaker

PDF

Passive Detection of Misbehaving Name Servers, Leigh B. Metcalf and Jonathan M. Spring

PDF

Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders, Andrew P. Moore, David McIntire, David Mundie, and David Zubrow

PDF

PSP-VDC: An Adaptation of the PSP that Incorporates Verified Design by Contract, Silvana Moreno, Álvaro Tasistro, Diego Vallespir, and William R. Nichols

PDF

TSP Performance and Capability Evaluation (PACE): Customer Guide, William R. Nichols, Mark Kasunic, and Timothy A. Chick

PDF

TSP Performance and Capability Evaluation (PACE): Customer Guide, William R. Nichols, Mark Kasunic, and Timothy A. Chick

PDF

Parallel Worlds: Agile and Waterfall Differences and Similarities, Steve Palmquist, Mary Ann Lapham, Suzanne Garcia-Miller, Timothy A. Chick, and Ipek Ozkaya

PDF

Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase I, Greg Porter

PDF

Insider Threat Attributes and Mitigation Strategies, George J. Silowash

PDF

Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources, George J. Silowash and Christopher King

PDF

Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders, George J. Silowash and Todd Lewellen

PDF

Detecting and Preventing Data Exfiltration Through Encrypted Web Sessions via Traffic Inspection, George J. Silowash, Todd Lewellen, Daniel L. Costa, and Todd B. Lewellen

PDF

CERT ® Resilience Management Model (CERT ® -RMM) V1.1: NIST Special Publication 800-66 Crosswalk, Lisa Young and Ma-Nyahn Kromah

Submissions from 2012

PDF

Risk-Based Measurement and Analysis: Application to Software Security, Christopher J. Alberts, Julia H. Allen, and Robert W. Stoddard

PDF

Mission Risk Diagnostic (MRD) Method Description, Christopher J. Alberts and Audrey J. Dorofee

PDF

Analyzing Cases of Resilience Success and Failure—A Research Study, Julia H. Allen, Pamela D. Curtis, Nader Mehravari, Andrew P. Moore, Kevin G. Partridge, Robert W. Stoddard, and Randall F. Trzeciak

PDF

Report from the First CERT-RMM Users Group Workshop Series, Julia H. Allen and Lisa Young

PDF

Results of SEI Line-Funded Exploratory New Starts Projects, Len Bass, Nanette Brown, Gene M. Cahill, William Casey, Sagar Chaki, Corey Cohen, Dionisio de Niz, David French, Arie Gurfinkel, Rick Kazman, Edwin J. Morris, Brad Myers, William R. Nichols, Robert Nord, Ipek Ozkaya, Raghvinder Sangwan, Soumya Simanta, Ofer Strichman, and Peppo Valetto

PDF

Competency Lifecycle Roadmap: Toward Performance Readiness, Sandra Behrens, Christopher J. Alberts, and Robin M. Ruefle

PDF

DoD Information Assurance and Agile: Challenges and Recommendations Gathered Through Interviews with Agile Program Managers and DoD Accreditation Reviewers, Stephany Bellomo and Carol C. Woody

PDF

Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector, Adam Cummings, Todd Lewellen, David McIntire, Andrew P. Moore, and Randall F. Trzeciak

PDF

A Virtual Upgrade Validation Method for Software-Reliant Systems, Dionisio de Niz, Peter H. Feiler, and David Gluch

PDF

The Business Case for Systems Engineering Study: Assessing Project Performance from Sparse Data, Joseph P. Elm

PDF

The Business Case for Systems Engineering Study: Results of the Systems Engineering Effectiveness Survey, Joseph P. Elm and Dennis Goldenson

PDF

Reliability Improvement and Validation Framework, Peter H. Feiler, John Goodenough, Arie Gurfinkel, Charles B. Weinstock, and Lutz Wrage

PDF

What’s New in V2 of the Architecture Analysis & Design Language Standard?, Peter H. Feiler, Joe Seibel, and Lutz Wrage

PDF

Principles of Trust for Embedded Systems, David Fisher

PDF

SEPG Europe 2012 Conference Proceedings, Jose Maria Garcia, Javier Garcia-Guzman, Javier Garzas, Amit Arun Javadekar, Patrick Kirwan, Joaquin Lasheras, Fuensanta Medina-Dominguez, Erich Meier, Arturo Mora-Soto, Ana M. Moreno, Radouane Oudrhiri, Fabrizio Pellizzetti, Alejandro Ruiz-Robles, Maria-Isabel Sanchez-Segura, Prasad M. Shrasti, and Aman Kumar Singhal

PDF

Toward a Theory of Assurance Case Confidence, John Goodenough, Charles B. Weinstock, and Ari Z. Klein

PDF

Resource Allocation in Dynamic Environments, Jeffrey Hansen, Scott Hissam, B. Craig Meyers, Gabriel A. Moreno, Daniel Plakosh, Joe Seibel, and Lutz Wrage

PDF

Well There’s Your Problem: Isolating the Crash-Inducing Bits in a Fuzzed File, Allen D. Householder

PDF

Probability-Based Parameter Selection for Black-Box Fuzz Testing, Allen D. Householder and Jonathan M. Foote

PDF

Spotlight On: Malicious Insiders and Organized Crime Activity, Christopher King

PDF

Agile Methods and Request for Change (RFC): Observations from DoD Acquisition Programs, Mary Ann Lapham, Michael S. Bandor, and Eileen Wrubel

PDF

The Role of Standards in Cloud- Computing Interoperability, Grace A. Lewis

PDF

Insider Threat Security Reference Architecture, Joji Montelibano and Andrew P. Moore

PDF

A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders, Andrew P. Moore, Michael Hanley, and David Mundie

PDF

An Optimal Real-Time Voltage and Frequency Scaling for Uniform Multiprocessors, Gabriel A. Moreno and Dionisio de Niz

PDF

Supporting the Use of CERT® Secure Coding Standards in DoD Acquisitions, Timothy Morrow, Robert Seacord, John K. Bergey, and Philip Miller

PDF

TSP Symposium 2012 Proceedings, William R. Nichols, Álvaro Tasistro, Diego Vallespir, João Pascoal Faria, Mushtaq Raza, Pedro Castro Henriques, César Duarte, Elias Fallon, Lee Gazlay, Shigeru Kusakabe, Yoichi Omori, Keijiro Araki, Fernanda Grazioli, and Silvana Moreno

PDF

Interoperability in the e-Government Context, Marc Novakouski and Grace A. Lewis

PDF

Best Practices for Artifact Versioning in Service-Oriented Systems, Marc Novakouski, Grace A. Lewis, William B. Anderson, and Jeff Davenport

PDF

The Evolution of a Science Project: A Preliminary System Dynamics Model of a Recurring Software-Reliant Acquisition Behavior, William E. Novak, Andrew P. Moore, and Christopher J. Alberts

PDF

Source Code Analysis Laboratory (SCALe), Robert Seacord, Will Dormann, James McCurley, Philip Miller, Robert W. Stoddard, David Svoboda, and Jefferson Welch

PDF

Common Sense Guide to Mitigating Insider Threats, 4th Edition, George J. Silowash, Dawn M. Cappelli, Andrew P. Moore, Randall F. Trzeciak, Timothy Shimeall, and Lori Flynn

PDF

Cloud Computing at the Tactical Edge, Soumya Simanta, Grace A. Lewis, Edwin J. Morris, Kiryong Ha, and Mahadev Satyanarayanan

PDF

Communication Among Incident Responders–A Study, Brett Tjaden and Robert Floodeen

PDF

Network Profiling Using Flow, Austin Whisnant and Sid Faber

Submissions from 2011

PDF

A Framework for Evaluating Common Operating Environments: Piloting, Lessons Learned, and Opportunities, Cecilia Albert and Steven Rosemergy

PDF

Measures for Managing Operational Resilience, Julia H. Allen and Pamela D. Curtis

PDF

Using Defined Processes as a Context for Resilience Measures, Julia H. Allen, Pamela D. Curtis, and Linda Parker Gates

PDF

Results of SEI Independent Research and Development Projects (FY 2010), William Anderson, Archie D. Andrews, Nanette Brown, Cory Cohen, Christopher Craig, Tim Daly, Dionisio De Niz, Andres Diaz-Pace, Peter H. Feiler, David Fisher, David Gluch, Jeffrey Hansen, Jorgen Hansson, John J. Hudak, Karthik Lakshmanan, Richard C. Linger, Howard F. Lipson, Gabriel A. Moreno, Edwin J. Morris, Onur Mutlu, Robert Nord, Ipek Ozkaya, Daniel Plakosh, Mark G. Pleszkoch, Raj Rajkumar, Joe Seibel, Soumya Simanta, Charles B. Weinstock, and Lutz Wrage

PDF

Trusted Computing in Embedded Systems Workshop, Archie D. Andrews Jr. and Jonathan M. McCune

PDF

A Closer Look at 804: A Summary of Considerations for DoD Program Managers, Stephany Bellomo

PDF

Architecting Service-Oriented Systems, Philip Bianco, Grace A. Lewis, Paulo Merson, and Soumya Simanta

PDF

An Acquisition Perspective on Product Evaluation, Grady Campbell and Harry Levinson

PDF

Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, Sagar Chaki, Rita C. Creel, Jeff Davenport, Mike Kinney, Benjamin McCormick, and Mary Popeck

PDF

Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update, Sagar Chaki, Rita C. Creel, Jeff Davenport, Mike Kinney, and Mary Popeck

PDF

Quantifying Uncertainty in Early Lifecycle Cost Estimation (QUELCE), Robert W. Ferguson, Dennis Goldenson, James M. McCurley, Robert W. Stoddard, David Zubrow, and Debra Anderson

PDF

Trust and Trusted Computing Platforms, David Fisher, Jonathan M. McClune, and Archie D. Andrews Jr.

PDF

A Decision Framework for Selecting Licensing Rights for Noncommercial Computer Software in the DoD Environment, Charlene Gross

PDF

Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0, John Haller, Samuel A. Merrell, Matthew J. Butkovic, and Bradford J. Willke

PDF

An Analysis of Technical Observations in Insider Theft of Intellectual Property Cases, Michael Hanley, Tyler Dean, Will Schroeder, Matt Houy, Randall F. Trzeciak, and Juan Montelibano

PDF

Insider Threat Control: Using Centralized Logging to Detect Data Exfiltration Near Insider Termination, Michael Hanley and Joji Montelibano

PDF

Network Monitoring for Web-Based Threats, Matthew Heckathorn

PDF

An Investigation of Techniques for Detecting Data Anomalies in Earned Value Management Data, Mark Kasunic, James McCurley, Dennis Goldenson, and David Zubrow

PDF

Issues and Opportunities for Improving the Quality and Use of Data in the Department of Defense, Mark Kasunic, David Zubrow, and Erin A. Harper

PDF

Architecture Evaluation without an Architecture: Experience with the Smart Grid, Rick Kazman, Len Bass, James Ivers, and Gabriel A. Moreno