search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

  1. SEI
  2. Publications
  3. Digital Library
  4. An Approach for Integrating the Security Engineering Risk Analysis (SERA) Method with Threat Modeling

An Approach for Integrating the Security Engineering Risk Analysis (SERA) Method with Threat Modeling

February 2019 White Paper
Christopher J. Alberts, Carol Woody, PhD

This report examines how cybersecurity data generated by a threat modeling method can be integrated into a mission assurance context using the SERA Method.

Publisher:

Software Engineering Institute
Subjects

Abstract

In this report, the authors explore the link between the SERA Method and threat modeling, which has become a popular engineering practice across industry and government organizations in the past decade. A threat modeling method defines an approach for identifying countermeasures that can be engineered into a software system. In this report, Alberts and Woody specifically examine how the system-focused cybersecurity data generated by a threat modeling method can be integrated into a mission assurance context using the SERA Method.