Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Timothy Morrow
October 2018 - Podcast Best Practices for Security in Cloud Computing

Don Faatz and Tim Morrow, researchers with the SEI’s CERT Division, outline best practices that organizations should use to address the vulnerabilities and risks in moving applications and data to cloud services.

October 2018 - Podcast Risks, Threats, and Vulnerabilities in Moving to the Cloud

Tim Morrow and Donald Faatz outline the risks, threats, and vulnerabilities that organizations face when moving applications or data to the cloud.

November 2015 - Presentation SoS Architectures - Identifying Architecture, Engineering and Capability Challenges Early in the Lifecycle

The SEI has applied its Mission Thread Workshop (MTW) approach on a variety of system of systems (SoS) architectures in DoD organizations. This talk presents the MTW in the context of a DoD mission-critical SoS example.

November 2015 - Presentation Paying Due Diligence to Software Architecture in Acquisition

This presentation describes approaches that the SEI has used with program offices to adopt software architecture and quality attribute practices in acquisition contexts.

April 2015 - Presentation When and Where to Apply the Family of Architecture-Centric Methods

This talk covers the family of architecture-centric methods that we have developed and used with DoD and commercial customers to clarify requirements and identify risks.

November 2014 - Presentation Architecture Best Practices for Project and Technical Leaders

This TSP Symposium 2014 presentation describes a set of architecture best practices based on commercial and government experiences in software development.

February 2014 - Special Report Wireless Emergency Alerts: Trust Model Simulations

Topics: Measurement and Analysis

This report presents four types of simulations run on the public trust model and the alert originator trust model developed for the Wireless Emergency Alerts (WEA) service, focusing on how to increase both alert originators' and the public's trust in WEA.

October 2013 - Technical Report Introduction to the Mission Thread Workshop

Topics: Software Architecture, System of Systems

This report introduces the Mission Thread Workshop, a method for understanding architectural and engineering considerations for developing and sustaining systems of systems. It describes the three phases of the workshop and explains the steps of each.

June 2013 - Special Report Socio-Adaptive Systems Challenge Problems Workshop Report

Topics: Ultra-Large-Scale Systems

This report presents a summary of the findings of the Socio-Adaptive Systems Challenge Problem Workshop, held in Pittsburgh, PA, on April 12-13, 2012.

May 2013 - Presentation Mission Thread Workshop (MTW): Preparation and Execution

Topics: Software Architecture, System of Systems

This presentation describes the Mission Thread Workshop (MTW) and its benefits. The three phases for conducting an MTW are explained, as well as how the MTW fits into system-of-systems architecture development and analysis.

May 2013 - Presentation Mission Thread Workshop: Preparation and Execution

Authors: Timothy Morrow

A presentation from the ninth annual SATURN conference, held in Minneapolis, MN, April 29 - May 3, 2013.

July 2012 - Technical Note Supporting the Use of CERT Secure Coding Standards in DoD Acquisitions

Topics: Secure Coding

In this report, the authors provide guidance for helping DoD acquisition programs address software security in acquisitions.

May 2011 - Presentation Mission Thread Workshops: Lessons Learned in End-to-End Capability and Quality Attribute Specification for SoS Architecture Development

A presentation from SATURN 2011 that explains lessons learned from mission thread workshops (MTW) as an early architecture development step.

December 2009 - Presentation Implementing Secure Coding Standards in a System Acquisition

Topics: Secure Coding

In this December 2009 presentation, John Bergey and Tim Morrow explore how required secure coding standards can be specified and integrated in a system acquisition.

October 2009 - Presentation System of Systems Quality Attribute Specification and Architecture Evaluation

Topics: System of Systems

This tutorial presentation describes an SoS Architecture Engagement in the context of a DoD mission-critical SoS example.

July 2006 - Handbook QUASAR: A Method for the Quality Assessment of Software-Intensive System Architectures

Topics: Acquisition Support

This 2006 handbook documents the QUASAR (QUality Assessment of System ARchitectures) method for assessing the quality of the architecture of a software-intensive system.

April 2005 - Presentation Integrating Software Architecture Evaluation in a DoD System Acquisition

Topics: Acquisition Support, Software Architecture

Authors: Timothy Morrow

This SATURN 2005 presentation by John Bergey and Timothy Morrow of the Software Engineering Institute (SEI) discusses how to integrate software architecture evaluation in a DoD system acquisition.