Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type


Publication Date

Showing 1 - 10 of 987 results for Type - Technical Note

Technical Report | October 2018 - Technical Report Composing Effective Software Security Assurance Workflows By William Nichols, Jim McHale, David Sweeney, William Snavely, Aaron Volkmann

In an effort to determine how to make secure software development more cost effective, the SEI conducted a research study to empirically measure the effects that security tools—primarily automated static analysis tools—had on costs and benefits.

Technical Report | April 2018 - Technical Report ROI Analysis of the System Architecture Virtual Integration ... By Jörgen Hansson (University of Skovde), Steve Helton (The Boeing Company), Peter H. Feiler

This report presents an analysis of the economic effects of the System Architecture Virtual Integration approach on the development of software-reliant systems for aircraft compared to existing development paradigms.

Technical Note | March 2018 - Technical Note A Mapping of the Health Insurance Portability and ... By Greg Porter (Heinz College at Carnegie Mellon University), Matthew Trevors, Robert A. Vrtis

This technical note describes mapping of HIPAA Security Rule requirements to practice questions found in the CERT Cyber Resilience Review for organizations' use in HIPAA compliance.

Technical Note | March 2018 - Technical Note A Hybrid Threat Modeling Method By Nancy R. Mead, Forrest Shull, Krishnamurthy Vemuru (University of Virginia), Ole Villadsen (Carnegie Mellon University)

Presents a hybrid method of threat modeling that attempts to meld the desirable features of three methods: Security Cards, Persona non Grata, and STRIDE.

Technical Report | October 2017 - Technical Report 2017 Emerging Technology Domains Risk Survey By Dan J. Klinedinst, Joel Land, Kyle O'Meara

This report describes our understanding of future technologies and helps US-CERT identify vulnerabilities, promote security practices, and understand vulnerability risk.

Technical Report | September 2017 - Technical Report R-EACTR: A Framework for Designing Realistic Cyber ... By Geoffrey B. Dobson, Thomas G. Podnar, Adam D. Cerini, Luke J. Osterritter

Introduces a design framework for cyber warfare exercises. It ensures that in designing team-based exercises, realism is factored into every aspect of the participant experience.

Technical Note | September 2017 - Technical Note Defining a Progress Metric for CERT-RMM Improvement By Gregory Crabb (United States Postal Service), Nader Mehravari (Axio Global), David Tobar

Describes the Cybersecurity Program Progress Metric and how its implementation in a large, diverse U.S. national organization can serve to indicate progress toward improving cybersecurity and resilience capabilities.

Technical Report | July 2017 - Technical Report Department of Defense Software Factbook By Brad Clark, Christopher Miller, James McCurley, David Zubrow, Rhonda Brown, Mike Zuccher (No Affiliation)

In this report, the Software Engineering Institute has analyzed data related to DoD software projects and translated it into information that is frequently sought-after across the DoD.

Technical Report | July 2017 - Technical Report DidFail: Coverage and Precision Enhancement By Karan Dwivedi (No Affiliation), Hongli Yin (No Affiliation), Pranav Bagree (No Affiliation), Xiaoxiao Tang (No Affiliation), Lori Flynn, William Klieber, William Snavely

This report describes recent enhancements to Droid Intent Data Flow Analysis for Information Leakage (DidFail), the CERT static taint analyzer for sets of Android apps.

Technical Report | April 2017 - Technical Report IEEE Computer Society/Software Engineering Institute Watts S ... By Neal Mackertich (Raytheon), Peter Kraus (Raytheon), Kurt Mittelstaedt (Raytheon), Brian Foley (Raytheon), Dan Bardsley (Raytheon), Kelli Grimes (Raytheon), Mike Nolan (Raytheon)

The Raytheon Integrated Defense Systems DFSS team has been recognized with the 2016 Watts Humphrey Software Process Achievement Award.