Showing 1 - 10 of 18 results for Supply Chain Assurance
In this section of the research report, the authors attempt to integrate development and acquisition practices with risk-based evaluations and mitigations.
This research focuses on methods for analyzing security-related design weaknesses that cannot be corrected easily during operations.
In this section of the research report, the authors summarize the research that focuses on addressing security in early phases of acquisition and software development.
In this paper, the authors highlight the approach being implemented by SEI researchers for assessing and managing software supply-chain risks and provides a summary of the status of this work.
In this Crosstalk article, the authors discuss the growing challenge of cyber risks in the defense supply chain.
In this report, the authors provide guidance for helping DoD acquisition programs address software security in acquisitions.
This brochure describes the Acquisition Security Framework (ASF), which enables you to achieve a secure, resilient, and survivable supply chain.
This presentation describes the parts of the software supply chain, how vulnerabilities have been introduced, and the actions developers can employ to avoid or mitigate the risks inherent in an assembly-based software development strategy.
In this webinar, John Haller and Matthew Butkovic of the CERT Division of the Software Engineering Institute will discuss real-world incidents, including recent industrial control system attacks and incidents affecting Department of Defense capabilities.
In this report, the authors consider current practices in software supply chain analysis and suggest some foundational practices.