Best Practices for Trust in the Wireless Emergency Alerts Service
April 2014 • Podcast
Robert Ellison, Carol Woody Interviewer Suzanne Miller
In this podcast, CERT researchers Robert Ellison and Carol Woody discuss research aimed at increasing alert originators' trust in the WEA service and the public's trust in the alerts that they receive.
Software Engineering Institute
“The capability itself just went live last April, and all of these alert originators are now adding this to their systems to try and understand what capability they need, and how they can integrate it with what they're already using. ”
Trust is a key factor in the effectiveness of the Wireless Emergency Alerts (WEA) service. Alert originators at emergency management agencies must trust WEA to deliver alerts to the public in an accurate and timely manner. The public must also trust the WEA service before they will act on the alerts that they receive. Managing trust in WEA is a responsibility shared among many stakeholders who are engaged with WEA. In this podcast, Robert Ellison and Carol Woody discuss research aimed at developing recommendations for alert originators, the Federal Emergency Management Agency, commercial mobile service providers, and suppliers of message-generation software that would enhance both alert originators' trust in the WEA service and the public's trust in the alerts that they receive.
About the Speaker
As a member of the cyber security engineering group within the SEI CERT program, Robert Ellison has served in a number of technical and management roles. He was a project leader for the evaluation of software engineering development environments and associated software development tools. He also was a member of the Carnegie Mellon University team that wrote the actual proposal for the SEI to be convened and joined this new FFRDC in 1985 as a founding member.
Carol Woody has been a senior member of the technical staff since 2001. She currently serves as the technical lead for the survivability analysis team, whose research focuses on cyber security engineering building capabilities and defining, acquiring, developing, measuring, managing and sustaining secure software for highly complex network systems as well as systems of systems.