Software Engineering Institute

In this report, the authors explore the link between the SERA Method and threat modeling, which has become a popular engineering practice across industry and government organizations in the past decade. A threat modeling method defines an approach for identifying countermeasures that can be engineered into a software system. In this report, Alberts and Woody specifically examine how the system-focused cybersecurity data generated by a threat modeling method can be integrated into a mission assurance context using the SERA Method.