Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Rita C. Creel
February 2014 - Special Report Best Practices in Wireless Emergency Alerts

Topics: Cyber Risk and Resilience Management

Authors: John McGregor, Joseph P. Elm, Elizabeth Trocki Stark (SRA International, Inc.), Jennifer Lavan (SRA International, Inc.), Rita C. Creel, Christopher J. Alberts, Carol Woody, Robert J. Ellison, Tamara Marshall-Keim

This report presents four best practices for the Wireless Emergency Alerts (WEA) service, including implementing WEA in a local jurisdiction, training emergency staff in using WEA, cross-jurisdictional governance of WEA, and cybersecurity risk management.

July 2013 - White Paper System-of-Systems Influences on Acquisition Strategy Development

Topics: Acquisition Support, Cybersecurity Engineering, Software Assurance

Authors: Rita C. Creel, Robert J. Ellison

In this paper, the authors discuss significant new sources of risk and recommend ways to address them.

July 2013 - White Paper Assuring Software Systems Security: Life Cycle Considerations for Government Acquisitions

Topics: Cybersecurity Engineering, Acquisition Support

Authors: Rita C. Creel

In this paper, Rita Creel identifies acquirer activities and resources necessary to support contractor efforts to build secure software-intensive systems.

May 2013 - White Paper A Systemic Approach for Assessing Software Supply-Chain Risk

Topics: Acquisition Support, Cybersecurity Engineering, Software Assurance

Authors: Audrey J. Dorofee, Carol Woody, Christopher J. Alberts, Rita C. Creel, Robert J. Ellison

In this paper, the authors highlight the approach being implemented by SEI researchers and provides a summary of the status of this work.

December 2011 - Special Report Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update

Topics: Acquisition Support

Authors: Sagar Chaki, Rita C. Creel, Jeff Davenport, Mike Kinney (National Security Agency), Benjamin McCormick, Mary Popeck

In this report, the authors describe work to develop standards for automated remediation of vulnerabilities and compliance issues on DoD networked systems.

September 2011 - CERT Research Report Supply Chain Assurance Overview

Topics: Cybersecurity Engineering

Authors: Robert J. Ellison, Christopher J. Alberts, Rita C. Creel, Audrey J. Dorofee, Carol Woody

In this section of the research report, the authors attempt to integrate development and acquisition practices with risk-based evaluations and mitigations.

July 2011 - Special Report Standards-Based Automated Remediation: A Remediation Manager Reference Implementation

Topics: Acquisition Support

Authors: Sagar Chaki, Rita C. Creel, Jeff Davenport, Mike Kinney (National Security Agency), Benjamin McCormick, Mary Popeck

In this report, the authors describe work to develop standards for vulnerability and compliance remediation on DoD networked systems.

December 2010 - Technical Note Software Supply Chain Risk Management: From Products to Systems of Systems

Topics: Cybersecurity Engineering

Authors: Robert J. Ellison, Christopher J. Alberts, Rita C. Creel, Audrey J. Dorofee, Carol Woody

In this report, the authors consider current practices in software supply chain analysis and suggest some foundational practices.

November 2009 - Technical Note A Method for Assessing Technical Progress and Quality Throughout the System Life Cycle

Topics: Measurement and Analysis, Process Improvement

Authors: Robert Ferguson, Summer C. Fowler, Rita C. Creel

This 2009 paper provides a framework for evaluating a system from several perspectives for a comprehensive picture of progress and quality.

September 2005 - Technical Note A Taxonomy of Operational Risks

Topics: Acquisition Support

Authors: Brian P. Gallagher, Pamela J. Case, Rita C. Creel, Susan Kushner, Ray C. Williams

This report presents a taxonomy-based method for identifying and classifying risks to operational aspects of an enterprise.

June 2004 - White Paper Acquisition Overview: The Challenges

Topics: Cybersecurity Engineering, Acquisition Support, Software Assurance

Authors: Rita C. Creel, Robert J. Ellison

In this paper, the authors raise issues involving how systems are integrated to provide required capabilities.