Howard F. Lipson

Author

Software Engineering Institute

August 2013 - White Paper Evidence of Assurance: Laying the Foundation for a Credible Security Case

Topics: Cybersecurity Engineering, Software Assurance

Authors: Charles B. Weinstock, Howard F. Lipson

In this paper, the authors provide examples of several of the kinds of evidence that can contribute to a security case.

July 2013 - White Paper Arguing Security - Creating Security Assurance Cases

Topics: Cybersecurity Engineering, Software Assurance

Authors: Charles B. Weinstock, Howard F. Lipson, John B. Goodenough

In this paper, the authors explain an approach to documenting an assurance case for system security.

May 2013 - White Paper Assembly, Integration, and Evolution Overview

Topics: Cybersecurity Engineering, Software Assurance

Authors: Howard F. Lipson

In this paper, Howard Lipson describes the objective of the Assembly, Integration & Evolution content area.

May 2013 - White Paper Assurance Cases Overview

Topics: Cybersecurity Engineering, Software Assurance

Authors: Howard F. Lipson

In this paper, Howard Lipson introduces the concepts and benefits of developing and maintaining assurance cases for security.

February 2011 - Technical Report Results of SEI Independent Research and Development Projects (FY 2010)

Authors: William Anderson, David Fisher, David P. Gluch, Jeffrey Hansen, Jörgen Hansson (University of Skovde), John J. Hudak, Karthik Lakshmanan, Richard C. Linger (Oak Ridge National Laboratory), Howard F. Lipson, Gabriel Moreno, Edwin J. Morris, Archie D. Andrews, Onur Mutlu, Robert Nord, Ipek Ozkaya, Daniel Plakosh, Mark Pleszkoch, Ragunathan Rajkumar, Joe Seibel, Soumya Simanta, Charles B. Weinstock, Lutz Wrage, Nanette Brown, Cory Cohen, Christopher Craig, Tim Daly, Dionisio de Niz, Andres Diaz-Pace, Peter H. Feiler

This report describes results of independent research and development (IRAD) projects undertaken in fiscal year 2010.

September 2008 - White Paper Application Firewalls and Proxies - Introduction and Concept of Operations

Topics: Cybersecurity Engineering, Software Assurance

Authors: Howard F. Lipson, Ken Van Wyk (No Affiliation)

In this paper, the authors describe one of the many potential topic areas involving the integration of business applications into a supporting IT security infrastructure.

September 2006 - Technical Note Evolutionary Systems Design: Recognizing Changes in Security and Survivability Risks

Topics: Cybersecurity Engineering, Software Assurance

Authors: Howard F. Lipson

In this 2006 report, Howard Lipson uses an example to illustrate the critical importance of evolutionary design changes in secure and survivable systems.

August 2005 - White Paper Simulating Insider Cyber-Threat Risks: A Model-Based Case and a Case-Based Model

Topics: Insider Threat

Authors: Eliot Rich (University at Albany State University of New York), Howard F. Lipson, Dave Mundie, Jose M. Sarriegui (University of Navarra Spain), Agata Sawicka (Agder University College Norway), Thomas R. Stewart (University at Albany State University of New York), Jose M. Torres (University of Navarra Spain), Elise A. Weaver (Worcester Polytechnic Institute), Johannes Wiik (Agder University College Norway), Ignacio J. Martinez-Moyano (University at Albany State University of New York), Paul Conrad, Dawn Cappelli, Andrew P. Moore, Timothy J. Shimeall, David F. Andersen (University at Albany State University of New York), Jose J. Gonzalez (Agder University College Norway), Robert J. Ellison

In this paper, the authors identify actions that may inadvertently lead to increased vulnerability to threats from employees, contractors, and clients.

October 2004 - Technical Report Results of SEI Independent Research and Development Projects and Report on Emerging Technologies and Technology Trends (FY 2004)

Authors: John K. Bergey, Edwin J. Morris, Jeannine Siviy, Dennis B. Smith, William O'Brien, Carol Woody, Sven Dietrich, Donald Firesmith, Eileen C. Forrester, Angel Jordan, Rick Kazman, Grace Lewis, Howard F. Lipson, Nancy R. Mead

This report describes the IR&D projects that were conducted during fiscal year 2004 (October 2003 through September 2004).

November 2002 - Special Report Tracking and Tracing Cyber-Attacks: Technical Challenges and Global Policy Issues

Topics: Insider Threat

Authors: Howard F. Lipson

In this report, Howard Lipson describes the technical challenges and global policy issues related to cyber attacks.

October 2002 - Technical Report Life-Cycle Models for Survivable Systems

Topics: Cybersecurity Engineering, Software Assurance

Authors: Richard C. Linger (Oak Ridge National Laboratory), Howard F. Lipson, John McHugh, Nancy R. Mead, Carol A. Sledge

In this 2002 report, the authors describe a software development life-cycle model for survivability and illustrate techniques to support survivability goals.

December 2001 - Technical Note Can We Ever Build Survivable Systems from COTS Components?

Authors: Howard F. Lipson, Nancy R. Mead, Andrew P. Moore

In this 2001 report, the authors describe a risk-mitigation framework for deciding when and how COTS components can be used to build survivable systems.

July 1998 - Technical Report The Architecture Tradeoff Analysis Method

Topics: Software Architecture

Authors: Rick Kazman, Mark H. Klein, Mario R. Barbacci, Thomas A. Longstaff, Howard F. Lipson, Jeromy Carriere

This paper presents the Architecture Tradeoff Analysis Method (ATAM), a structured technique for understanding the tradeoffs inherent in the architectures of software-intensive systems.

May 1998 - Technical Report Steps in an Architecture Tradeoff Analysis Method: Quality Attribute Models and Analysis

Topics: Software Architecture

Authors: Mario R. Barbacci, Peter H. Feiler, Mark H. Klein, Howard F. Lipson, Thomas A. Longstaff, Charles B. Weinstock, Jeromy Carriere

This paper presents some of the steps in an emerging architecture tradeoff analysis method (ATAM).

April 1998 - White Paper The Architecture Tradeoff Analysis Method

Authors: Rick Kazman, Mark H. Klein, Mario R. Barbacci, Thomas A. Longstaff, Howard F. Lipson, Jeromy Carriere

This paper presents the Architecture Tradeoff Analysis Method (ATAM), a structured technique for understanding the tradeoffs inherent in design.

November 1997 - Technical Report Survivable Network Systems: An Emerging Discipline

Authors: David Fisher, Richard C. Linger (Oak Ridge National Laboratory), Howard F. Lipson, Thomas A. Longstaff, Nancy R. Mead, Robert J. Ellison

This 1997 report describes the survivability approach to helping assure that a system that must operate in an unbounded network is robust in the presence of attack and will survive attacks that result in successful intrusions.

Digital Library

Advanced Search

Content Type

Subjects

Publication Date

Howard F. Lipson