Rita C. Creel
Software Engineering Institute
Publications by Rita C. Creel
-
What Is Cybersecurity Engineering and Why Do I Need It?
November 18, 2020 • Webinar
Carol Woody, PhDRita C. Creel
In this webcast, Carol Woody and Rita Creel discuss how cybersecurity engineering knowledge, methods, and tools throughout the lifecycle of software-intensive systems will reduce their inherent cyber risk and increase their operational cyber resilience.
watch -
Best Practices in Wireless Emergency Alerts
February 19, 2014 • Special Report
John McGregorJoseph P. ElmElizabeth Trocki Stark (SRA International, Inc.)
This report presents four best practices for the Wireless Emergency Alerts (WEA) service, including implementing WEA in a local jurisdiction, training emergency staff in using WEA, cross-jurisdictional governance of WEA, and cybersecurity risk management.
read -
System-of-Systems Influences on Acquisition Strategy Development
July 02, 2013 • White Paper
Rita C. CreelRobert J. Ellison
In this paper, the authors discuss significant new sources of risk and recommend ways to address them.
read -
Assuring Software Systems Security: Life Cycle Considerations for Government Acquisitions
July 02, 2013 • White Paper
Rita C. Creel
In this paper, Rita Creel identifies acquirer activities and resources necessary to support contractor efforts to build secure software-intensive systems.
read -
A Systemic Approach for Assessing Software Supply-Chain Risk
May 14, 2013 • White Paper
Audrey J. DorofeeCarol WoodyChristopher J. Alberts
In this paper, the authors highlight the approach being implemented by SEI researchers for assessing and managing software supply-chain risks and provides a summary of the status of this work.
read -
Standards-Based Automated Remediation: A Remediation Manager Reference Implementation, 2011 Update
December 01, 2011 • Special Report
Sagar ChakiRita C. CreelJeff Davenport
In this report, the authors describe work to develop standards for automated remediation of vulnerabilities and compliance issues on DoD networked systems.
read -
Supply Chain Assurance Overview
September 01, 2011 • CERT Research Report
Robert J. EllisonChristopher J. AlbertsRita C. Creel
In this section of the research report, the authors attempt to integrate development and acquisition practices with risk-based evaluations and mitigations.
read -
Standards-Based Automated Remediation: A Remediation Manager Reference Implementation
July 01, 2011 • Special Report
Sagar ChakiRita C. CreelJeff Davenport
In this report, the authors describe work to develop standards for vulnerability and compliance remediation on DoD networked systems.
read -
Software Supply Chain Risk Management: From Products to Systems of Systems
December 01, 2010 • Technical Note
Robert J. EllisonChristopher J. AlbertsRita C. Creel
In this report, the authors consider current practices in software supply chain analysis and suggest some foundational practices.
read -
A Method for Assessing Technical Progress and Quality Throughout the System Life Cycle
November 01, 2009 • Technical Note
Robert FergusonSummer C. FowlerRita C. Creel
This 2009 paper provides a framework for evaluating a system from several perspectives for a comprehensive picture of progress and quality.
read -
A Taxonomy of Operational Risks
September 01, 2005 • Technical Note
Brian P. GallagherPamela J. CaseRita C. Creel
This report presents a taxonomy-based method for identifying and classifying risks to operational aspects of an enterprise.
read -
Acquisition Overview: The Challenges
June 01, 2004 • White Paper
Rita C. CreelRobert J. Ellison
In this paper, the authors raise issues involving how systems are integrated to provide required capabilities.
read