Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date


Security Engineering Risk Analysis (SERA)

  • Abstract

    SEI researchers developed the Security Engineering Risk Analysis (SERA) Framework, a security risk-analysis approach that addresses software security risks as early in the development lifecycle, to advance the state-of-the-practice. The SERA Framework incorporates two important technical perspectives: (1) system and software engineering and (2) operational security. The framework requires system and software engineers to consider operational security risks early in the lifecycle. This approach blends multiple technical disciplines to define an engineering-oriented risk-analysis practice consistent with the NIST Risk Management Framework (RMF).

  • Download