Follow

Submissions from 2014

PDF

Study of Integration Strategy Considerations for Wireless Emergency Alerts

PDF

An Introduction to the Mission Risk Diagnostic for Incident Management Capabilities (MRD-IMC), Christopher J. Alberts, Audrey J. Dorofee, Robin R. Ruefle, and Mark Zajicek

PDF

A Systematic Approach for Assessing Workforce Readiness, Christopher J. Alberts and David McIntire

PDF

Using Malware Analysis to Tailor SQUARE for Mobile Platforms, Gregory Paul Alice and Nancy R. Mead

PDF

CERT Resilience Management Model—Mail-Specific Process Areas: International Mail Transportation (Version 1.0), Julia H. Allen, Greg Crabb, Pamela D. Curtis, Sam Lin, Nader Mehravari, and Dawn Wilkes

PDF

CERT Resilience Management Model—Mail-Specific Process Areas: Mail Induction (Version 1.0), Julia H. Allen, Greg Crabb, Pamela D. Curtis, Nader Mehravari, and David W. White

PDF

CERT Resilience Management Model—Mail-Specific Process Areas: Mail Revenue Assurance (Version 1.0), Julia H. Allen, Greg Crabb, Pamela D. Curtis, Nader Mehravari, and David W. White

PDF

A Method for Aligning Acquisition Strategies and Software Architectures, Lisa Brownsword, Cecilia Albert, David J. Carney, and Patrick R. Place

PDF

Results in Relating Quality Attributes to Acquisition Strategies, Lisa Brownsword, Cecilia Albert, David J. Carney, and Patrick R. Place

PDF

TSP Symposium 2013 Proceedings, Sergio Cardona, João Pascoal Faria, Fernanda Grazioli, Pedro Henriques, James McHale, Silvana Moreno, William R. Nichols, Leticia Pérez, Mushtaq Raza, Rafael Rincón, and Diego Vallespir

PDF

A Taxonomy of Operational Cyber Security Risks Version 2, James J. Cebula, Mary Popeck, and Lisa Young

PDF

Unintentional Insider Threats: A Review of Phishing and Malware Incidents by Economic Sector, CERT Insider Threat Team

PDF

Job Analysis Results for Malicious-Code Reverse Engineers: A Case Study, Jennifer Cowley

PDF

Improving the Security and Resilience of U.S. Postal Service Mail Products and Services Using the CERT® Resilience Management Model, Greg Crabb, Julia H. Allen, Nader Mehravari, and Pamela D. Curtis

PDF

A Proven Method for Identifying Security Gaps in International Postal and Transportation Critical Infrastructure, Gregory Crabb, Julia H. Allen, Pamela D. Curtis, and Nader Mehravari

PDF

AADL Fault Modeling and Analysis Within an ARP4761 Safety Assessment, Julian Delange, Peter Feiler, David Gluch, and John J. Hudak

PDF

Assuring Software Reliability, Robert Ellison

PDF

The Business Case for Systems Engineering: Comparison of Defense-Domain and Non-Defense Projects, Joseph P. Elm and Dennis Goldenson

PDF

International Implementation of Best Practices for Mitigating Insider Threat: Analyses for India and Germany, Lori Flynn, Carly Huth, Palma Buttles, Michael Theis, George J. Silowash, Tracy Cassidy, Travis Wright, and Randy Trzeciak

PDF

Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase II, Expanded Analysis and Recommendations, Lori Flynn, Greg Porter, and Chas DiFatta

PDF

Development of an Intellectual Property Strategy: Research Notes to Support Department of Defense Programs, Charlene Gross

PDF

Agile Metrics: Progress Monitoring of Agile Contractors, William Hayes, Suzanne Garcia-Miller, Mary Ann Lapham, Eileen Wrubel, and Timothy A. Chick

PDF

Smart Collection and Storage Method for Network Traffic Data, Angela Horneman and Nathan Dell

PDF

Performance of Compiler-Assisted Memory Safety Checking, David Keaton and Robert Seacord

PDF

Data-Driven Software Assurance: A Research Study, Michael D. Konrad, Art Manion, Andrew P. Moore, Julia L. Mullaney, William R. Nichols, Michael Orlando, and Erin A. Harper

PDF

Agile Methods and Request for Change (RFC): Observations from DoD Acquisition Programs, Mary Ann Lapham, Michael S. Bandor, and Eileen Wrubel

PDF

Best Practices in Wireless Emergency, John McGregor, Joseph P. Elm, Elizabeth Trocki Stark, Jennifer Lavan, Rita C. Creel, Christopher J. Alberts, Carol Woody, Robert Ellison, and Tamara Marshall-Keim

PDF

An Evaluation of A-SQUARE for COTS Acquisition, Nancy R. Mead

PDF

Wireless Emergency Alerts: Trust Model Simulations, Timothy Morrow, Robert W. Stoddard, and Joseph P. Elm

PDF

Potential Use of Agile Methods in Selected DoD Acquisitions: Requirements Development and Management, Kenneth Nidiffer, Suzanne Garcia-Miller, and David J. Carney

PDF

CERT® Resilience Management Model (CERT®-RMM) V1.1: NIST Special Publication Crosswalk Version 2, Kevin Partridge, Mary Popeck, and Lisa Young

PDF

Improving the Automated Detection and Analysis of Secure Coding Violations, Daniel Plakosh, Robert Seacord, Robert W. Stoddard, David Svoboda, and David Zubrow

PDF

Agile Methods in Air Force Sustainment: Status and Outlook, Colleen Regan, Mary Ann Lapham, Eileen Wrubel, Stephen Beck, and Michael S. Bandor

PDF

Investigating Advanced Persistent Threat 1 (APT1), Deana Shick and Angela Horneman

PDF

Unintentional Insider Threats: Social Engineering, Software Engineering Institute

PDF

Wireless Emergency Alerts: Trust Model Technical Report, Robert W. Stoddard, Joseph P. Elm, James McCurley, and Sarah Sheard

PDF

Patterns and Practices for Future Architectures, Eric Werner, Scott McMillan, and Jonathan Chu

PDF

Maximizing Trust in the Wireless Emergency Alerts (WEA) Service, Carol Woody and Robert Ellison

PDF

Agile Software Teams: How They Engage with Systems Engineering on DoD Acquisition Programs, Eileen Wrubel, Suzanne Garcia-Miller, Mary Ann Lapham, and Timothy A. Chick

PDF

Evaluation of the Applicability of HTML5 for Mobile Applications in Resource- Constrained Edge Environments, Bryan Yan and Grace A. Lewis

Submissions from 2013

PDF

Results of SEI Line-Funded Exploratory New Starts Projects, Bjorn A. Andersson, Stephany Bellomo, Lisa Brownsword, Sagar J. Chaki, William Claycomb, Corey Cohen, Julie Cohen, Peter Feiler, Robert W. Ferguson, Lori Flynn, David Gluch, Dennis Goldenson, Arie Gurfinkel, Charles Hines, Jeffrey S. Havrilla, Carly Huth, Wesley Jin, Rick Kazman, Mary Ann Lapham, James McCurley, John D. McGregor, David McIntire, Robert Nord, Ipek Ozkaya, Robert W. Stoddard, and David Zubrow

PDF

Mobile SCALe: Rules and Analysis for Secure Java and Android Coding, Lujo Bauer, Lori Flynn, Limin Jia, Will Klieber, Fred Long, Dean F. Sutherland, and David Svoboda

PDF

Isolating Patterns of Failure in Department of Defense Acquisition, Lisa Brownsword, Cecilia Albert, David J. Carney, Patrick R. Place, Charles (Bud) Hammons, and John J. Hudak

PDF

Advancing Cybersecurity Capability Measurement Using the CERT ® -RMM Maturity Indicator Level Scale, Matthew J. Butkovic and Richard A. Caralli

PDF

Unintentional Insider Threats: A Foundational Study, Carnegie Mellon University

PDF

Probabilistic Verification of Coordinated Multi-Robot Missions, Sagar J. Chaki and Joseph A. Giampapa

PDF

Team Software Process (TSP) Coach Certification Guidebook, Timothy A. Chick

PDF

Team Software Process (TSP) Coach Mentoring Program Guidebook, Version 2.0, Timothy A. Chick, James McHale, and William R. Nichols

PDF

Spotlight On: Insider Theft of Intellectual Property Inside the United States Involving Foreign Governments or Organizations, Matthew L. Collins, Derrick Spooner, Dawn Cappelli, Andrew P. Moore, and Randall F. Trzeciak

PDF

Best Practices Against Insider Threats in All Nations, Lori Flynn, Carly Huth, Randy Trzeciak, and Palma Buttles

PDF

Introduction to the Mission Thread Workshop, Michael J. Gagliardi, William Wood, and Timothy Morrow

PDF

Quantifying Uncertainty in Expert Judgment: Initial Results, Dennis Goldenson and Robert W. Stoddard

PDF

Software Assurance Competency Model, Thomas B. Hilburn, Mark Ardis, Glen Johnson, Andrew J. Kornecki, and Nancy Mead

PDF

Socio-Adaptive Systems Challenge Problems Workshop Report, Scott Hissam, Mark H. Klein, and Gabriel Moreno

PDF

Understanding Patterns for System-of- Systems Integration, Rick Kazman, Claus Nielsen, and Klaus Schmid

PDF

Using Software Development Tools and Practices in Acquisition, Harry Levinson and Richard Librizzi

PDF

Insider Threat Control: Using Plagiarism Detection Algorithms to Prevent Data Exfiltration in Near Real Time, Todd Lewellen, George J. Silowash, and Daniel L. Costa

PDF

Application Virtualizaton as a Strategy for Cyber Foraging in Resource-Constrained Environments, Grace A. Lewis and Dominik Messinger

PDF

The MAL: A Malware Analysis Lexicon, David McIntire and David Mundie

PDF

Software Assurance Measurement – State of the Practice, Nancy Mead and Dan Shoemaker

PDF

Passive Detection of Misbehaving Name Servers, Leigh B. Metcalf and Jonathan M. Spring

PDF

Justification of a Pattern for Detecting Intellectual Property Theft by Departing Insiders, Andrew P. Moore, David McIntire, David Mundie, and David Zubrow

PDF

PSP-VDC: An Adaptation of the PSP that Incorporates Verified Design by Contract, Silvana Moreno, Álvaro Tasistro, Diego Vallespir, and William R. Nichols

PDF

TSP Performance and Capability Evaluation (PACE): Customer Guide, William R. Nichols, Mark Kasunic, and Timothy A. Chick

PDF

TSP Performance and Capability Evaluation (PACE): Customer Guide, William R. Nichols, Mark Kasunic, and Timothy A. Chick

PDF

Parallel Worlds: Agile and Waterfall Differences and Similarities, Steve Palmquist, Mary Ann Lapham, Suzanne Garcia-Miller, Timothy A. Chick, and Ipek Ozkaya

PDF

Cloud Service Provider Methods for Managing Insider Threats: Analysis Phase I, Greg Porter

PDF

Insider Threat Attributes and Mitigation Strategies, George J. Silowash

PDF

Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources, George J. Silowash and Christopher King

PDF

Insider Threat Control: Using Universal Serial Bus (USB) Device Auditing to Detect Possible Data Exfiltration by Malicious Insiders, George J. Silowash and Todd Lewellen

PDF

Detecting and Preventing Data Exfiltration Through Encrypted Web Sessions via Traffic Inspection, George J. Silowash, Todd Lewellen, Daniel L. Costa, and Todd B. Lewellen

PDF

CERT ® Resilience Management Model (CERT ® -RMM) V1.1: NIST Special Publication 800-66 Crosswalk, Lisa Young and Ma-Nyahn Kromah

Submissions from 2012

PDF

Risk-Based Measurement and Analysis: Application to Software Security, Christopher J. Alberts, Julia H. Allen, and Robert W. Stoddard

PDF

Mission Risk Diagnostic (MRD) Method Description, Christopher J. Alberts and Audrey J. Dorofee

PDF

Analyzing Cases of Resilience Success and Failure—A Research Study, Julia H. Allen, Pamela D. Curtis, Nader Mehravari, Andrew P. Moore, Kevin G. Partridge, Robert W. Stoddard, and Randall F. Trzeciak

PDF

Report from the First CERT-RMM Users Group Workshop Series, Julia H. Allen and Lisa Young

PDF

Results of SEI Line-Funded Exploratory New Starts Projects, Len Bass, Nanette Brown, Gene M. Cahill, William Casey, Sagar Chaki, Corey Cohen, Dionisio de Niz, David French, Arie Gurfinkel, Rick Kazman, Edwin J. Morris, Brad Myers, William R. Nichols, Robert Nord, Ipek Ozkaya, Raghvinder Sangwan, Soumya Simanta, Ofer Strichman, and Peppo Valetto

PDF

Competency Lifecycle Roadmap: Toward Performance Readiness, Sandra Behrens, Christopher J. Alberts, and Robin M. Ruefle

PDF

DoD Information Assurance and Agile: Challenges and Recommendations Gathered Through Interviews with Agile Program Managers and DoD Accreditation Reviewers, Stephany Bellomo and Carol C. Woody

PDF

Insider Threat Study: Illicit Cyber Activity Involving Fraud in the U.S. Financial Services Sector, Adam Cummings, Todd Lewellen, David McIntire, Andrew P. Moore, and Randall F. Trzeciak

PDF

A Virtual Upgrade Validation Method for Software-Reliant Systems, Dionisio de Niz, Peter H. Feiler, and David Gluch

PDF

The Business Case for Systems Engineering Study: Assessing Project Performance from Sparse Data, Joseph P. Elm

PDF

The Business Case for Systems Engineering Study: Results of the Systems Engineering Effectiveness Survey, Joseph P. Elm and Dennis Goldenson

PDF

Reliability Improvement and Validation Framework, Peter H. Feiler, John Goodenough, Arie Gurfinkel, Charles B. Weinstock, and Lutz Wrage

PDF

What’s New in V2 of the Architecture Analysis & Design Language Standard?, Peter H. Feiler, Joe Seibel, and Lutz Wrage

PDF

Principles of Trust for Embedded Systems, David Fisher

PDF

SEPG Europe 2012 Conference Proceedings, Jose Maria Garcia, Javier Garcia-Guzman, Javier Garzas, Amit Arun Javadekar, Patrick Kirwan, Joaquin Lasheras, Fuensanta Medina-Dominguez, Erich Meier, Arturo Mora-Soto, Ana M. Moreno, Radouane Oudrhiri, Fabrizio Pellizzetti, Alejandro Ruiz-Robles, Maria-Isabel Sanchez-Segura, Prasad M. Shrasti, and Aman Kumar Singhal

PDF

Toward a Theory of Assurance Case Confidence, John Goodenough, Charles B. Weinstock, and Ari Z. Klein

PDF

Resource Allocation in Dynamic Environments, Jeffrey Hansen, Scott Hissam, B. Craig Meyers, Gabriel A. Moreno, Daniel Plakosh, Joe Seibel, and Lutz Wrage

PDF

Well There’s Your Problem: Isolating the Crash-Inducing Bits in a Fuzzed File, Allen D. Householder

PDF

Probability-Based Parameter Selection for Black-Box Fuzz Testing, Allen D. Householder and Jonathan M. Foote

PDF

Spotlight On: Malicious Insiders and Organized Crime Activity, Christopher King

PDF

Agile Methods and Request for Change (RFC): Observations from DoD Acquisition Programs, Mary Ann Lapham, Michael S. Bandor, and Eileen Wrubel

PDF

The Role of Standards in Cloud- Computing Interoperability, Grace A. Lewis

PDF

Insider Threat Security Reference Architecture, Joji Montelibano and Andrew P. Moore

PDF

A Pattern for Increased Monitoring for Intellectual Property Theft by Departing Insiders, Andrew P. Moore, Michael Hanley, and David Mundie

PDF

An Optimal Real-Time Voltage and Frequency Scaling for Uniform Multiprocessors, Gabriel A. Moreno and Dionisio de Niz

PDF

Supporting the Use of CERT® Secure Coding Standards in DoD Acquisitions, Timothy Morrow, Robert Seacord, John K. Bergey, and Philip Miller

PDF

TSP Symposium 2012 Proceedings, William R. Nichols, Álvaro Tasistro, Diego Vallespir, João Pascoal Faria, Mushtaq Raza, Pedro Castro Henriques, César Duarte, Elias Fallon, Lee Gazlay, Shigeru Kusakabe, Yoichi Omori, Keijiro Araki, Fernanda Grazioli, and Silvana Moreno

PDF

Interoperability in the e-Government Context, Marc Novakouski and Grace A. Lewis