Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

White Paper

An Approach for Integrating the Security Engineering Risk Analysis (SERA) Method with Threat Modeling

  • Abstract

    In this report, the authors explore the link between the SERA Method and threat modeling, which has become a popular engineering practice across industry and government organizations in the past decade. A threat modeling method defines an approach for identifying countermeasures that can be engineered into a software system. In this report, Alberts and Woody specifically examine how the system-focused cybersecurity data generated by a threat modeling method can be integrated into a mission assurance context using the SERA Method.

  • Download