Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Podcast

Threat Modeling and the Internet of Things

  • May 2016
  • By Art Manion, Allen D. Householder
  • Art Manion and Allen Householder of the CERT Vulnerability Analysis team, talk about threat modeling and its use in improving the security of the Internet of Things (IoT).
  • Vulnerability Analysis
  • Publisher: Software Engineering Institute
  • The manufacturers making these things might have been a business for 50 or 60 years. They are great at making cars or refrigerators or light bulbs. They have now, in some cases, literally bolted on a small embedded computer with a number of network connections.
  • Watch

  • Listen

    Loading Podcast.....
  • Related

    Coordinating Vulnerabilities in IoT Devices | CERT Blog Post

  • Abstract

    Threat modeling, which has been popularized by Microsoft in the last decade, provides vulnerability analysts a means to analyze a system and identify various attack surfaces and use that knowledge to bolster a system against vulnerabilities. In this podcast, Art Manion and Allen Householder of  CERT’s vulnerability analysis team, talk about threat modeling and its use in improving security of the Internet of Things.

  • Transcript
  • Audio

About the Speaker

  • Art Manion

    Art Manion is a senior member of the Vulnerability Analysis team in the CERT Program at the Software Engineering Institute (SEI), Carnegie Mellon University. Since joining CERT in 2001, Manion has studied vulnerabilities, coordinated disclosure efforts, and published advisories, alerts, and vulnerability notes for CERT/CC and US-CERT. Manion currently focuses on vulnerability discovery and other areas of applied research, including ways to automate and improve operational vulnerability response. Prior to joining the SEI, Manion was the Director of Network Infrastructure at Juniata College.

  • Allen D. Householder

    Allen Householder is a senior vulnerability and incident researcher at the SEI’s CERT Division. His recent work includes being the technical lead developer for the CERT Basic Fuzzing Framework, or BFF, and Failure Observation Engine, also called FOE, and research into the security of the Internet of Things. His research interests include applications of machine learning and software and system security, fuzzing, and modeling of information sharing and trust among computer security incident response teams.