Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Thomas A. Longstaff
June 2009 - White Paper Computational Evaluation of Software Security Attributes

Authors: Gwendolyn H. Walton, Thomas A. Longstaff, Richard C. Linger (Oak Ridge National Laboratory)

This paper provides an introduction to the CSA approach, provides behavioral requirements for security attributes, and discusses possible application of the CSA approach.

December 2006 - Podcast Evolving Business Models, Threats, and Technologies: A Conversation with CERT's Deputy Director for Technology

Authors: Thomas A. Longstaff, Julia H. Allen

In this podcast, participants discuss how business models are evolving as security threats become more covert and technology enables information migration.

December 2006 - Technical Report Technology Foundations for Computational Evaluation of Software Security Attributes

Authors: Gwendolyn H. Walton, Thomas A. Longstaff, Richard C. Linger (Oak Ridge National Laboratory)

In this 2006 report, the authors describe foundations for computational security attributes technology.

July 2004 - Presentation Wish List

Topics: Network Situational Awareness

Authors: Thomas A. Longstaff

In this article, Soumyo D. Moitra describes the data needed to plan network security, particularly related to acquiring and deploying network sensors systems.

October 2002 - Technical Report SEI Independent Research and Development Projects

Authors: Steve Cross, Kurt C. Wallnau, Eileen C. Forrester, Scott Hissam, Rick Kazman, Linda Levine, Richard C. Linger (Oak Ridge National Laboratory), Thomas A. Longstaff, Ira Monarch, Dennis B. Smith

This report describes the IR&D projects that were conducted during fiscal year 2002 (October 2001 through September 2002).

September 2000 - Technical Report Survivable Network Analysis Method

Authors: Nancy R. Mead, Robert J. Ellison, Richard C. Linger (Oak Ridge National Laboratory), Thomas A. Longstaff, John McHugh

This report, published in 2000, describes the SNA method developed at the SEI's CERT Coordination Center. The SNA method guides stakeholders through an analysis process intended to improve system survivability when a system is threatened.

September 1998 - Technical Report Case Study in Survivable Network System Analysis

Topics: Network Situational Awareness

Authors: Robert J. Ellison, Richard C. Linger (Oak Ridge National Laboratory), Thomas A. Longstaff, Nancy R. Mead

In this report, the authors present a method for analyzing the survivability of distributed network systems and an example of its application.

July 1998 - Technical Report The Architecture Tradeoff Analysis Method

Topics: Software Architecture

Authors: Rick Kazman, Mark H. Klein, Mario R. Barbacci, Thomas A. Longstaff, Howard F. Lipson, Jeromy Carriere

This 2008 paper presents the Architecture Tradeoff Analysis Method (ATAM), a structured technique for understanding the tradeoffs inherent in the architectures of software-intensive systems.

May 1998 - Technical Report Steps in an Architecture Tradeoff Analysis Method: Quality Attribute Models and Analysis

Topics: Software Architecture

Authors: Mario R. Barbacci, Peter H. Feiler, Mark H. Klein, Howard F. Lipson, Thomas A. Longstaff, Charles B. Weinstock, Jeromy Carriere

This paper presents some of the steps in an emerging architecture tradeoff analysis method (ATAM).

April 1998 - White Paper The Architecture Tradeoff Analysis Method

Authors: Rick Kazman, Mark H. Klein, Mario R. Barbacci, Thomas A. Longstaff, Howard F. Lipson, Jeromy Carriere

This paper presents the Architecture Tradeoff Analysis Method (ATAM), a structured technique for understanding the tradeoffs inherent in design.

November 1997 - Technical Report Survivable Network Systems: An Emerging Discipline

Authors: David Fisher, Richard C. Linger (Oak Ridge National Laboratory), Howard F. Lipson, Thomas A. Longstaff, Nancy R. Mead, Robert J. Ellison

This 1997 report describes the survivability approach to helping assure that a system that must operate in an unbounded network is robust in the presence of attack and will survive attacks that result in successful intrusions.

January 1997 - Special Report Report to the President's Commission on Critical Infrastructure Protection

Authors: James Ellis, David Fisher, Thomas A. Longstaff, Linda Pesante, Richard D. Pethia

This 1997 report identifies threats to and vulnerabilities of the Internet and estimates the cascade effect that a successful, sustained attack on the Internet would have on the critical national infrastructures set out in Executive Order 13010.

January 1996 - White Paper A Case Study in Requirements for Survivable Systems

Authors: Robert J. Ellison, Richard C. Linger (Oak Ridge National Laboratory), Thomas A. Longstaff, Nancy R. Mead

This case study summarizes the application and results of applying the SNA method to a subsystem of a large-scale, distributed healthcare system.

December 1995 - Technical Report Quality Attributes

Topics: Software Architecture

Authors: Mario R. Barbacci, Mark H. Klein, Thomas A. Longstaff, Charles B. Weinstock

This report describes efforts to develop a unifying approach for reasoning about multiple software quality attributes.

September 1993 - Special Report Results of a Workshop on Research in Incident Handling

Authors: Thomas A. Longstaff

This document contains the results of the first CERT Invitational Workshop on Research in Incident Handling, held at the Software Engineering Institute in November 1992.