Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Showing 1 - 10 of 18 results for Supply Chain Assurance

CERT Research Report | September 2011 - CERT Research Report Supply Chain Assurance Overview By Robert J. Ellison, Christopher J. Alberts, Rita C. Creel, Audrey J. Dorofee, Carol Woody

In this section of the research report, the authors attempt to integrate development and acquisition practices with risk-based evaluations and mitigations.

Collection | January 2017 - Collection Cybersecurity Engineering Research: Supply Chain and ...

This research focuses on methods for analyzing security-related design weaknesses that cannot be corrected easily during operations.

Webinar | June 2010 - Webinar Securing Global Software Supply Chains By Robert J. Ellison

In this 2010 webinar, Bob Ellison examines the software side pf supply chain and provides examples to help acquirers manage supply chains.

White Paper | May 2013 - White Paper A Systemic Approach for Assessing Software Supply-Chain ... By Audrey J. Dorofee, Carol Woody, Christopher J. Alberts, Rita C. Creel, Robert J. Ellison

In this paper, the authors highlight the approach being implemented by SEI researchers and provides a summary of the status of this work.

Article | May 2017 - Article Assessing DoD System Acquisition Supply Chain Risk ... By Christopher J. Alberts, John Haller, Charles M. Wallen, Carol Woody - PhD

In this Crosstalk article, the authors discuss the growing challenge of cyber risks in the defense supply chain.

Technical Note | July 2012 - Technical Note Supporting the Use of CERT Secure Coding Standards in ... By Timothy Morrow, Robert C. Seacord, John K. Bergey, Philip Miller

In this report, the authors provide guidance for helping DoD acquisition programs address software security in acquisitions.

Presentation | March 2017 - Presentation Risks in the Software Supply Chain By Mark Sherman

This presentation describes the parts of the software supply chain, how vulnerabilities have been introduced, and the actions developers can employ to avoid or mitigate the risks inherent in an assembly-based software development strategy.

Webinar | December 2014 - Webinar Lessons in External Dependency and Supply Chain Risk ... By John Haller, Matthew J. Butkovic

In this webinar, John Haller and Matthew Butkovic of the CERT Division of the Software Engineering Institute will discuss real-world incidents, including recent industrial control system attacks and incidents affecting Department of Defense capabilities.

Brochure | November 2017 - Brochure Better Manage Your Supply Chain

This brochure describes the Acquisition Security Framework (ASF), which enables you to achieve a secure, resilient, and survivable supply chain.

Technical Note | December 2010 - Technical Note Software Supply Chain Risk Management: From Products to ... By Robert J. Ellison, Christopher J. Alberts, Rita C. Creel, Audrey J. Dorofee, Carol Woody

In this report, the authors consider current practices in software supply chain analysis and suggest some foundational practices.