Follow

Submissions from 2012

PDF

Toward a Theory of Assurance Case Confidence, John Goodenough, Charles B. Weinstock, and Ari Z. Klein

PDF

Resource Allocation in Dynamic Environments, Jeffrey Hansen, Scott Hissam, B. Craig Meyers, Gabriel A. Moreno, Daniel Plakosh, Joe Seibel, and Lutz Wrage

PDF

Well There’s Your Problem: Isolating the Crash-Inducing Bits in a Fuzzed File, Allen D. Householder

PDF

Probability-Based Parameter Selection for Black-Box Fuzz Testing, Allen D. Householder and Jonathan M. Foote

PDF

Spotlight On: Malicious Insiders and Organized Crime Activity, Christopher King

PDF

Agile Methods and Request for Change (RFC): Observations from DoD Acquisition Programs, Mary Ann Lapham, Michael S. Bandor, and Eileen Wrubel

PDF

The Role of Standards in Cloud- Computing Interoperability, Grace A. Lewis

PDF

Insider Threat Security Reference Architecture, Joji Montelibano and Andrew P. Moore

PDF

A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders, Andrew P. Moore, Michael Hanley, and David Mundie

PDF

An Optimal Real-Time Voltage and Frequency Scaling for Uniform Multiprocessors, Gabriel A. Moreno and Dionisio de Niz

PDF

Supporting the Use of CERT® Secure Coding Standards in DoD Acquisitions, Timothy Morrow, Robert Seacord, John K. Bergey, and Philip Miller

PDF

TSP Symposium 2012 Proceedings, William R. Nichols, Álvaro Tasistro, Diego Vallespir, João Pascoal Faria, Mushtaq Raza, Pedro Castro Henriques, César Duarte, Elias Fallon, Lee Gazlay, Shigeru Kusakabe, Yoichi Omori, Keijiro Araki, Fernanda Grazioli, and Silvana Moreno

PDF

Interoperability in the e-Government Context, Marc Novakouski and Grace A. Lewis

PDF

Best Practices for Artifact Versioning in Service-Oriented Systems, Marc Novakouski, Grace A. Lewis, William B. Anderson, and Jeff Davenport

PDF

The Evolution of a Science Project: A Preliminary System Dynamics Model of a Recurring Software-Reliant Acquisition Behavior, William E. Novak, Andrew P. Moore, and Christopher J. Alberts

PDF

Source Code Analysis Laboratory (SCALe), Robert Seacord, Will Dormann, James McCurley, Philip Miller, Robert W. Stoddard, David Svoboda, and Jefferson Welch

PDF

Common Sense Guide to Mitigating Insider Threats, 4th Edition, George J. Silowash, Dawn M. Cappelli, Andrew P. Moore, Randall F. Trzeciak, Timothy Shimeall, and Lori Flynn

PDF

Cloud Computing at the Tactical Edge, Soumya Simanta, Grace A. Lewis, Edwin J. Morris, Kiryong Ha, and Mahadev Satyanarayanan

PDF

Communication Among Incident Responders–A Study, Brett Tjaden and Robert Floodeen

PDF

Network Profiling Using Flow, Austin Whisnant and Sid Faber

Submissions from 2011

PDF

A Framework for Evaluating Common Operating Environments: Piloting, Lessons Learned, and Opportunities, Cecilia Albert and Steven Rosemergy

PDF

Measures for Managing Operational Resilience, Julia H. Allen and Pamela D. Curtis

PDF

Using Defined Processes as a Context for Resilience Measures, Julia H. Allen, Pamela D. Curtis, and Linda Parker Gates

PDF

Results of SEI Independent Research and Development Projects (FY 2010), William Anderson, Archie D. Andrews, Nanette Brown, Cory Cohen, Christopher Craig, Tim Daly, Dionisio De Niz, Andres Diaz-Pace, Peter H. Feiler, David Fisher, David Gluch, Jeffrey Hansen, Jorgen Hansson, John J. Hudak, Karthik Lakshmanan, Richard C. Linger, Howard F. Lipson, Gabriel A. Moreno, Edwin J. Morris, Onur Mutlu, Robert Nord, Ipek Ozkaya, Daniel Plakosh, Mark G. Pleszkoch, Raj Rajkumar, Joe Seibel, Soumya Simanta, Charles B. Weinstock, and Lutz Wrage

PDF

Trusted Computing in Embedded Systems Workshop, Archie D. Andrews Jr. and Jonathan M. McCune

PDF

A Closer Look at 804: A Summary of Considerations for DoD Program Managers, Stephany Bellomo

PDF

Architecting Service-Oriented Systems, Philip Bianco, Grace A. Lewis, Paulo Merson, and Soumya Simanta

PDF

An Acquisition Perspective on Product Evaluation, Grady Campbell and Harry Levinson

PDF

Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, Sagar Chaki, Rita C. Creel, Jeff Davenport, Mike Kinney, Benjamin McCormick, and Mary Popeck

PDF

Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update, Sagar Chaki, Rita C. Creel, Jeff Davenport, Mike Kinney, and Mary Popeck

PDF

Quantifying Uncertainty in Early Lifecycle Cost Estimation (QUELCE), Robert W. Ferguson, Dennis Goldenson, James M. McCurley, Robert W. Stoddard, David Zubrow, and Debra Anderson

PDF

Trust and Trusted Computing Platforms, David Fisher, Jonathan M. McClune, and Archie D. Andrews Jr.

PDF

A Decision Framework for Selecting Licensing Rights for Noncommercial Computer Software in the DoD Environment, Charlene Gross

PDF

Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0, John Haller, Samuel A. Merrell, Matthew J. Butkovic, and Bradford J. Willke

PDF

An Analysis of Technical Observations in Insider Theft of Intellectual Property Cases, Michael Hanley, Tyler Dean, Will Schroeder, Matt Houy, Randall F. Trzeciak, and Juan Montelibano

PDF

Insider Threat Control: Using Centralized Logging to Detect Data Exfiltration Near Insider Termination, Michael Hanley and Joji Montelibano

PDF

Network Monitoring for Web-Based Threats, Matthew Heckathorn

PDF

An Investigation of Techniques for Detecting Data Anomalies in Earned Value Management Data, Mark Kasunic, James McCurley, Dennis Goldenson, and David Zubrow

PDF

Issues and Opportunities for Improving the Quality and Use of Data in the Department of Defense, Mark Kasunic, David Zubrow, and Erin A. Harper

PDF

Architecture Evaluation without an Architecture: Experience with the Smart Grid, Rick Kazman, Len Bass, James Ivers, and Gabriel A. Moreno

PDF

IEEE Computer Society/Software Engineering Institute Software Process Achievement (SPA) Award 2009, Satyendra Kumar and Ramakrishnan M

PDF

Agile Methods: Selected DoD Management and Acquisition Concerns, Mary Ann Lapham, Suzanne Garcia-Miller, Lorraine Nemeth-Adams, Nanette Brown, Bart L. Hackemack, Charles (Bud) Hammons, Linda Levine, and Alfred R. Schenker

PDF

Proceedings of the Fourth International Workshop on a Research Agenda for Maintenance and Evolution of Service-Oriented Systems (MESOA 2010), Grace A. Lewis, Dennis B. Smith, and Kostas Kontogiannis

PDF

Function Extraction (FX) Research for Computation of Software Behavior: 2010 Development and Application of Semantic Reduction Theorems for Behavior Analysis, Richard C. Linger, Tim Daly, and Mark G. Pleszkoch

PDF

Software Assurance Curriculum Project Volume III: Master of Software Assurance Course Syllabi, Nancy R. Mead, Julia H. Allen, Mark Ardis, Thomas B. Hilburn, Andrew J. Kornecki, and Richard C. Linger

PDF

Software Assurance Curriculum Project Volume IV: Community College Education, Nancy R. Mead, Elizabeth K. Hawthorne, and Mark A. Ardis

PDF

A Preliminary Model of Insider Theft of Intellectual Property, Andrew P. Moore, Dawn Cappelli, Thomas C. Caron, Eric D. Shaw, Derrick Spooner, and Randall F. Trzeciak

PDF

Understanding and Leveraging a Supplier’s CMMI® Efforts: A Guidebook for Acquirers (Revised for V1.3), Lawrence T. Osiecki, D. Michael Phillips, and John Scibilia

PDF

CERT® Resilience Management Model (CERT®-RMM) V1.1: NIST Special Publication Crosswalk Version 1, Kevin G. Partridge and Lisa Young

PDF

CERT® Resilience Management Model (RMM) v1.1: Code of Practice Crosswalk Commercial Version 1.1, Kevin G. Partridge and Lisa Young

PDF

CMMI for Acquisition (CMMI-ACQ) Primer, Version 1.3, Mike Phillips

PDF

CERT® Resilience Management Model Capability Appraisal Method (CAM) Version 1.1, Resilient Enterprise Management Team, CERT Program, Carnegie Mellon University

PDF

Appraisal Requirements for CMMI® Version 1.3 (ARC, V1.3), SCAMPI Upgrade Team

PDF

Standard CMMI Appraisal Method for Process Improvement (SCAMPI) A, Version 1.3: Method Definition Document, SCAMPI Upgrade Team

PDF

Integrating the Master of Software Assurance Reference Curriculum into the Model Curriculum and Guidelines for Graduate Degree Programs in Information Systems, Dan Shoemaker, Nancy R. Mead, and Jeff Ingalsbe

PDF

Smart Grid Maturity Model, Version 1.2: Model Definition, The SGMM Team

Submissions from 2010

PDF

Integrated Measurement and Analysis Framework for Software Security, Christopher J. Alberts, Julia H. Allen, and Robert W. Stoddard

PDF

Risk Management Framework, Christopher J. Alberts and Audrey J. Dorofee

PDF

Measuring Operational Resilience Using the CERT Resilience Management Model, Julia H. Allen and Noopur Davis

PDF

Software Product Lines: Report of the 2010 U.S. Army Software Product Line Workshop, John K. Bergey, Gary J. Chastek, Sholom Cohen, Patrick Donohoe, Lawrence G. Jones, and Linda Northrop

PDF

Adapting the SQUARE Process for Privacy Requirements Engineering, Ashwini Bijwe and Nancy R. Mead

PDF

Evaluating the Software Design of a Complex System of Systems, Stephen Blanchette Jr., Steven Crossen, and Barry Boehm

PDF

A Framework for Modeling the Software Assurance Ecosystem: Insights from the Software Assurance Landscape Project, Lisa Brownsword, Carol C. Woody, Christopher J. Alberts, and Andrew P. Moore

PDF

Specifications for Managed Strings, Second Edition, Hal Burch, Fred Long, Raunak Rungta, Robert C. Seacord, and David Svoboda

PDF

CERT® Resilience Management Model, Version 1.0, Richard Caralli, Julia H. Allen, Pamela D. Curtis, David W. White, and Lisa R. Young

PDF

Extending Team Software Process (TSP) to Systems Engineering: A NAVAIR Experience Report, Anita Carleton, James W. Over, Jeff Schwalb, Delwyn Kellogg, and Timothy A. Chick

PDF

COVERT: A Framework for Finding Buffer Overflows in C Programs via Software Verification, Sagar Chaki and Arie Gurfinkel

PDF

Team Software Process (TSP) Coach Mentoring Program Guidebook Version 1.1, Timothy A. Chick, Robert Cannon, James McHale, William R. Nichols, Marsha Pomeroy-Huff, Jefferson Welch, and Alan Willett

PDF

Security Requirements Reusability and the SQUARE Methodology, Travis Christian and Nancy R. Mead

PDF

Relating Business Goals to Architecturally Significant Requirements for Software Systems, Paul Clements and Len Bass

PDF

CMMI for Acquisition, Version 1.3, CMMI Product Team

PDF

CMMI for Development, Version 1.3, CMMI Product Team

PDF

CMMI for Services, Version 1.3, CMMI Product Team

PDF

Data Rights for Proprietary Software Used in DoD Programs, Julie Cohen, Bonnie Troup, and Henry Ouyang

PDF

Managing Variation in Services in a Software Product Line Context, Sholom Cohen and Robert Krut

PDF

As-If Infinitely Ranged Integer Model, Second Edition, Roger Dannenberg, Will Dormann, David Keaton, Thomas Plum, Robert Seacord, David Svoboda, Alex Volkovitsky, and Timothy Wilson

PDF

Software Supply Chain Risk Management: From Products to Systems of Systems, Robert J. Ellison, Christopher J. Alberts, Rita C. Creel, Audrey J. Dorofee, and Carol C. Woody

PDF

Evaluating and Mitigating Software Supply Chain Security Risks, Robert J. Ellison, John Goodenough, Charles B. Weinstock, and Carol C. Woody

PDF

Survivability Analysis Framework, Robert J. Ellison and Carol C. Woody

PDF

Case Study: Model-Based Analysis of the Mission Data System Reference Architecture, Peter H. Feiler, David Gluch, and Kurt Woodham

PDF

Profiling Systems Using the Defining Characteristics of Systems of Systems (SoS), Donald Firesmith

PDF

Programmatic and Constructive Interdependence: Emerging Insights and Predictive Indicators of Development Resource Demand, Robert M. Flowe, Mark Kasunic, Mary Maureen Brown, Paul L. Harding III, James M. McCurley, David Zubrow, and William B. Anderson

PDF

Adaptive Flow Control for Enabling Quality of Service in Tactical Ad Hoc Wireless Networks, Jeffrey Hansen, Scott A. Hissam, B. Craig Meyers, Edwin J. Morris, Daniel Plakosh, Soumya Simanta, and Lutz Wrage

PDF

Team Software Process℠ (TSP℠) Body of Knowledge (BOK), Watts S. Humphrey, Timothy A. Chick, William R. Nichols, and Marsha Pomeroy-Huff

PDF

Measurement and Analysis Infrastructure Diagnostic, Version 1.0: Method Definition Document, Mark Kasunic

PDF

A Workshop on Analysis and Evaluation of Enterprise Architectures, John Klein and Michael J. Gagliardi

PDF

Designing for Incentives: Better Information Sharing for Better Software Engineering, Mark Klein, Gabriel A. Moreno, David C. Parkes, and Kurt Wallnau

PDF

Resource Allocation in Distributed Mixed-Criticality Cyber-Physical Systems, Karthik Lakshmanan, Dionisio De Niz, Ragunathan (Raj) Rajkumar, and Gabriel A. Moreno

PDF

Considerations for Using Agile in DoD Acquisition, Mary Ann Lapham, Ray Williams, Charles (Bud) Hammons, Daniel Burton, and Alfred R. Schenker

PDF

Emerging Technologies for Software-Reliant Systems of Systems, Grace A. Lewis

PDF

A Research Agenda for Service-Oriented Architecture (SOA): Maintenance and Evolution of Service-Oriented Systems, Grace A. Lewis, Dennis B. Smith, and Kostas Kontogiannis

PDF

Java Concurrency Guidelines, Fred Long, Dhruv Mohindra, Robert Seacord, and David Svoboda

PDF

Performance Effects of Measurement and Analysis: Perspectives from CMMI High Maturity Organizations and Appraisers, James McCurley and Dennis Goldenson

PDF

Building Assured Systems Framework, Nancy R. Mead and Julia H. Allen

PDF

Software Assurance Curriculum Project Volume I: Master of Software Assurance Reference Curriculum, Nancy R. Mead, Julia H. Allen, Mark Ardis, Thomas B. Hilburn, Andrew J. Kornecki, Richard C. Linger, and James McDonald

PDF

Software Assurance Curriculum Project Volume II: Undergraduate Course Outlines, Nancy R. Mead, Thomas B. Hilburn, and Richard C. Linger

PDF

Characterizing Technical Software Performance Within System of Systems Acquisitions: A Step-Wise Methodology, Bryce L. Meyer and James T. Wessel

PDF

Testing in Service-Oriented Environments, Edwin J. Morris, William B. Anderson, Sriram Balasubramanian, David J. Carney, John Morley, Patrick R. Place, and Soumya Simanta

PDF

Combining Architecture-Centric Engineering with the Team Software Process, Robert Nord, James McHale, and Felix Bachmann

PDF

Performance Analysis of WS-Security Mechanisms in SOAP-Based Web Services, Mark Novakouski, Soumya Simanta, Gunnar Peterson, Edwin J. Morris, and Grace A. Lewis