Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date


Security and Wireless Emergency Alerts

  • Someone can create a fake alert but make it look legitimate. There are real challenges with that in terms of the mechanisms that are controlling authenticity.
  • Listen

    Loading Podcast.....
  • Related

    Technical Report | Wireless Emergency Alerts (WEA) Cybersecurity Risk Management Strategy for Alert Originators

    Technical Report | Maximizing Trust in the Wireless Emergency Alerts Service

    Technical Report | Best Practices in Wireless Emergency Alerts

    Blog | Establishing Trust in the Wireless Emergency Alerts Service

  • Abstract

    The Wireless Emergency Alerts (WEA) service depends on information technology (IT)—computer systems and networks—to convey potentially life-saving information to the public in a timely manner. However, like other cyber-enabled services, the WEA service is susceptible to risks that may enable an attacker to disseminate unauthorized alerts or to delay, modify, or destroy valid alerts. Successful attacks on the alerting process may result in property destruction, financial loss, infrastructure disruption, injury, or death. Such attacks may damage WEA credibility to the extent that users ignore future alerts or disable alerting on their mobile devices. In this podcast, Carol Woody and Christopher Alberts discuss guidelines that they developed to ensure that the WEA service remains robust and resilient against cyber attacks.

  • Transcript

About the Speaker

  • Christopher Alberts

    Christopher Alberts is a principal engineer in the CERT Division at the SEI where he leads applied research and development projects in software assurance and cyber security. His research interests include risk analysis, measurement, and assessment. He has also co-authored two books, Managing Information Security Risks: The OCTAVE Approach and the Continuous Risk Management Guidebook.

  • Carol Woody

    Carol Woody has been a senior member of the technical staff since 2001 and currently serves as the technical manager for the Cybersecurity Engineering team in the SEI’s CERT Division. Woody’s research focuses on building capabilities for defining, acquiring, developing, measuring, managing and sustaining secure software for highly complex network systems as well as systems of systems.

  • Suzanne Miller

    Suzanne Miller