Advanced Search

Content Type

Topics

Publication Date

Security and Survivability

May 2014

  • An Evaluation of A-SQUARE for COTS Acquisition May 2014 - Technical Note An evaluation of the effectiveness of Software Quality Requirements Engineering for Acquisition (A-SQUARE) in a project to select a COTS product for the advanced metering infrastructure of a smart grid.

August 2013

April 2013

November 2012

  • Source Code Analysis Laboratory (SCALe) November 2012 - Webinar In this webinar, Robert Seacord discusses SCALe, a demonstration that software systems can be conformance tested against secure coding standards.
  • Source Code Analysis Laboratory (SCALe) November 2012 - Webinar In this webinar, Robert Seacord discusses SCALe, a demonstration that software systems can be tested for conformance to secure coding standards.

August 2012

May 2014

  • An Evaluation of A-SQUARE for COTS Acquisition May 2014 - Technical Note An evaluation of the effectiveness of Software Quality Requirements Engineering for Acquisition (A-SQUARE) in a project to select a COTS product for the advanced metering infrastructure of a smart grid.

August 2013

April 2013

November 2012

  • Source Code Analysis Laboratory (SCALe) November 2012 - Webinar In this webinar, Robert Seacord discusses SCALe, a demonstration that software systems can be conformance tested against secure coding standards.
  • Source Code Analysis Laboratory (SCALe) November 2012 - Webinar In this webinar, Robert Seacord discusses SCALe, a demonstration that software systems can be tested for conformance to secure coding standards.

August 2012

July 2012

April 2012

  • Source Code Analysis Laboratory (SCALe) April 2012 - Technical Note In this report, the authors describe the CERT Program's Source Code Analysis Laboratory (SCALe), a conformance test against secure coding standards.

March 2012

  • Principles of Trust for Embedded Systems March 2012 - Technical Note In this report, David Fisher provides substance and explicit meaning to the terms trust and trustworthy as they relate to automated systems.

December 2011

October 2011

  • Measuring Operational Resilience October 2011 - Podcast In this podcast, Julia Allen explains that measures of operational resilience should answer key questions, inform decisions, and affect behavior.

September 2011

August 2011

March 2011

February 2011

December 2010

November 2010

May 2010

April 2010

October 2009

  • Secure Design Patterns October 2009 - Technical Report In this report, the authors describe a set of general solutions to software security problems that can be applied in many different situations.

July 2009

  • As-if Infinitely Ranged Integer Model July 2009 - Technical Note In this report, the authors present the as-if infinitely ranged (AIR) integer model, which eliminates integer overflow and integer truncation in C and C++ code.

March 2009

  • Mainstreaming Secure Coding Practices March 2009 - Podcast In this podcast, Robert Seacord explains how requiring secure coding practices when building or buying software can dramatically reduce vulnerabilities.

January 2009

October 2008

  • CERT C Secure Coding Standard October 2008 - Book In this book, Robert Seacord releases the CERT C Secure Coding Standard, which itemizes coding errors that are the root causes of software vulnerabilities in C.
  • Virtual Communities: Risks and Opportunities October 2008 - Podcast In this podcast, Jan Wolynski advises business leaders to evaluate risks and opportunities when considering conducting business in online, virtual communities.

June 2008

January 2008