Assurance Cases. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Charles B. Weinstock January 26, 2015
|
|
- Bennett Reeves
- 7 years ago
- Views:
Transcription
1 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA Charles B. Weinstock January 26, 2015
2 Report Documentation Page Form Approved OMB No Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington VA Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number. 1. REPORT DATE 26 JAN TITLE AND SUBTITLE 6. AUTHOR(S) Weinstock /Chuck 2. REPORT TYPE N/A 3. DATES COVERED 5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 5d. PROJECT NUMBER 5e. TASK NUMBER 5f. WORK UNIT NUMBER 7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) Software Engineering Institute Carnegie Mellon University Pittsburgh, PA PERFORMING ORGANIZATION REPORT NUMBER 9. SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSOR/MONITOR S ACRONYM(S) 12. DISTRIBUTION/AVAILABILITY STATEMENT Approved for public release, distribution unlimited. 13. SUPPLEMENTARY NOTES The original document contains color images. 14. ABSTRACT 15. SUBJECT TERMS 11. SPONSOR/MONITOR S REPORT NUMBER(S) 16. SECURITY CLASSIFICATION OF: 17. LIMITATION OF ABSTRACT SAR a. REPORT unclassified b. ABSTRACT unclassified c. THIS PAGE unclassified 18. NUMBER OF PAGES 19 19a. NAME OF RESPONSIBLE PERSON Standard Form 298 (Rev. 8-98) Prescribed by ANSI Std Z39-18
3 Copyright 2015 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN AS-IS BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution. This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other use. Requests for permission should be directed to the Software Engineering Institute at permission@sei.cmu.edu. DM
4 Overview Maturity of ISO Assurance Case Standard Goal Structured Notation Example from Industry Confidence Work at the SEI Other Current Work on Closing Thoughts 3
5 Maturity of Assurance Case Technology Developed in late 90s in Europe Used for safety cases in Europe for over 20 years The UK Ministry of Defence requires generation of a compelling case to support claims that specific safety requirements are met: The safety case shall consist of a structured argument, supported by a body of evidence, that provides a compelling, comprehensible and valid case that a system is safe for a given application in a given operating environment. [DEFSTAN (Part 1)/4] ISO standard under development (ISO ) NRC Report: Software for Dependable Systems: Sufficient Evidence? 4
6 ISO/IEC : Assurance Case The assurance case is to be delivered and maintained with the system Claim: A proposition to be assured (e.g., The system is safe ) Evidence: A fact, datum, object, claim, or other assurance case Argument: A reason why the set of evidence shows that the claim is true Justification: A reason why a claim has been chosen Assumption: A claim that appears as evidence An Assurance Case is a quadruple a=(c,j,es,g) where c is a claim, j is a justification, es is a set of evidence, and g is an argument which assures c using es. This definition is recursive 5
7 Goal Structuring Notation (GSN) Kelly 1998 A specific notation for an assurance case consistent with Developed to help organize and structure safety cases in a readily reviewable form Used successfully for over a decade to document safety cases for aircraft avionics, rail signaling, air traffic control, and nuclear reactor shutdown Shows how claims are broken down into sub-claims, and eventually supported by evidence or while making clear the argumentation strategies adopted, the rationale for the approach (assumptions, justifications) and the context in which claims are stated A/J 6
8 Example: Battery Exhaustion Part One C1 Pump is safe for use on patients Cx1 Hazards: over infusion, under infusion,... S1 Argue over hazards to safe pump operation S2 Argue over hazards causing over infusion S3 Argue over hazards causing under infusion Cx4 Hazards: exhaustion of battery power, occlusion of line, faulty pump calibration,... C2 The battery exhaustion hazard has been adequately mitigated 7
9 Example: Battery Exhaustion Part Two C2 The battery exhaustion hazard has been adequately mitigated C4 When operating on battery power visual and auditory alarms are launched at least {x} minutes prior to battery exhaustion but no more than {x+y} minutes prior C3 Caregiver is notified sufficiently soon (but not too soon) prior to battery exhaustion S4 Argue over hazards causing failure to notify caregiver in a timely manner Cx3 A late warning won't give the caregiver time to stop current activities and plug the pump in. An early warning may be ignored. This depends on the clinical setting. Cx2 Caregiver doesn't notice alarm; amount of warning time too little for the anticipated clinical setting C5 C6 Visual and auditory alarms are loud enough to be heard and identified in the anticipated clinical setting {x} minutes warning prior to battery exhaustion is sufficient time to allow corrective action in the anticipated clinical setting 8
10 02 The Task We were asked to assure the safety of a system for gu iding aircraft onto ships in bad weather. This was to consider the whole sh ip/equipment/aircraft system of systems, taking into account: Human factors. The operating environment. Operating procedures. Maintenance & Management. An Operational Safety Case (OSC) was needed. Extracted from Assuring Operational Systems A Safety Case Study by Simon Di Nucci, Systems and Software Technology 2015 Carnegie Mellon Conference, University
11 This image cannot currently be displayed. 05 Approach - OSC Safety Strategy +-' >< Q) +-' c 0 () Safety Targets and Report Requirements Definition of flde<j.jately Safe Top Goal System is Pdequately Safe fa" Jli raaft to Locate& Ppproach Ship Shavvall elements and i nteradions are safe ~tern Description Jliraaft Desaiption () 0 :::J r-+ CD >< r-+ Goals ~tern Equipments are Safe to QJerate System is Safe in c:peration />II ~tern Safety Requirements are Satisfied ~tem/jliraaft!sh i p Interactions are Safe Extracted from Assuring Operational Systems A Safety Case Study by Simon Di Nucci, Systems and Software Technology 2015 Carnegie Mellon Conference, University
12 What confidence should be placed on an AC? Given the evidence, how confident should we be in the claim C1? Why? What does it mean to have confidence in the claim? What could be done to improve confidence? Why? 11
13 The Basis for Confidence in a Claim A classic philosophical problem: Justify belief in a hypothesis Use Induction Enumerative: Support increases as confirming instances are found? Using past experience as the basis for predicting future behavior 12
14 Eliminative Induction Support for a claim increases as reasons for doubt are eliminated CLAIM: The light turns on (when the switch is flicked). Bulb OK? Power? Wired?? Confidence increases as doubts are eliminated 13
15 What confidence should be placed on an AC? How confident in C1? Why? (Number of uneliminated doubts) What does it mean to have confidence? (Lack of doubt) What could be done to improve confidence? Why? (Elim. more doubts) C1 The system is safe C2 Hazard A has been eliminated C3 Hazard B has been eliminated Ev1 Evidence Ev2 Evidence Ev3 Evidence 14
16 A Small Example Rebutting defeaters (R) attack claim validity C1.1 The system is secure from sql injection Inference rule (IR) for validating a claim Cx2.1a A parameter is unrestricted if it can cause an unintended modification to the sql query when used R2.1 Unless there is unrestricted user input to a query IR2.2 If user input is properly restricted, then the system is safe from sql injection IR3.1 If all user input is sanitized then there is no unrestricted user input to a query Ev3.2 Evidence showing that all user input is properly sanitized before being used in an sql query UC3.3 Unless there is another way sql injection could occur Undercutting defeaters (UC) attack rule sufficiency Undermining defeaters (UM) attack evidence validity UM4.1 But the evidence is based upon faulty sanitation rules UM4.2 But the evidence is not for the system under consideration IR4.3 If these reasons are not true, then the evidence is valid
17 Key Ideas Confidence grows as doubts are identified and eliminated Doubts about a claim (rebutting defeater) Why claim may be invalid R2.1 Unless there is unrestricted user input to a query Doubts about evidence (undermining defeater) Why evidence may be invalid UM4.1 But the evidence is based upon faulty sanitation rules Doubts about reasoning (undercutting defeater) Premise ok; conclusion uncertain UC3.3 Unless there is another way sql injection could occur 16
18 Other State of the Art John Knight University of Virginia Confidence cases: a confidence argument created in parallel to the safety argument that documents the confidence in the structure and basis of the safety argument. Tim Kelly University of York Evidence elaboration: modeling evidence to better understand it and its evaluation for the purpose of explicit integration of the source data of evidence and the safety case argument. 17
19 Concluding Thoughts This has been a quick overview of assurance cases and confidence and an introduction to the concept eliminative argumentation as developed by the SEI. It is not a comprehensive review of all that is happening in the area. The SEI has been applying Baconian probabilities to confidence maps to show how much different portions of the argument contribute to overall confidence something that may prove useful for incremental certification. Assurance cases have been proven effective in the safety domain. The effectiveness of confidence cases and eliminative induction have yet to be demonstrated in practice. 18
20 Contact Information Charles B. Weinstock Principal Researcher Software Solutions Division Telephone: U.S. Mail Software Engineering Institute 4500 Fifth Avenue Pittsburgh, PA USA 19
Overview Presented by: Boyd L. Summers
Overview Presented by: Boyd L. Summers Systems & Software Technology Conference SSTC May 19 th, 2011 1 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection
More informationCERT Virtual Flow Collection and Analysis
CERT Virtual Flow Collection and Analysis For Training and Simulation George Warnagiris 2011 Carnegie Mellon University Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden
More informationAssurance Cases for Design Analysis of Complex System of Systems Software
Assurance Cases for Design Analysis of Complex System of Systems Software Presented at AIAA Infotech@Aerospace Conference Software Assurance Session 8 April 2009 Stephen Blanchette, Jr. Problem: SoS are
More informationUsing the Advancement Degree of Difficulty (AD 2 ) as an input to Risk Management
Using the Advancement Degree of Difficulty (AD 2 ) as an input to Risk Management James W. Bilbro JB Consulting International Huntsville, AL Multi-dimensional Assessment of Technology Maturity Technology
More informationMerging Network Configuration and Network Traffic Data in ISP-Level Analyses
Merging Network Configuration and Network Traffic Data in ISP-Level Analyses Timothy J. Shimeall, Ph.D. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Presentation Title
More informationSoftware Security Engineering: A Guide for Project Managers
Software Security Engineering: A Guide for Project Managers Gary McGraw Julia H. Allen Nancy Mead Robert J. Ellison Sean Barnum May 2013 ABSTRACT: Software is ubiquitous. Many of the products, services,
More informationHeadquarters U.S. Air Force
Headquarters U.S. Air Force I n t e g r i t y - S e r v i c e - E x c e l l e n c e Air Force Technology Readiness Assessment (TRA) Process for Major Defense Acquisition Programs LtCol Ed Masterson Mr
More informationAn Application of an Iterative Approach to DoD Software Migration Planning
An Application of an Iterative Approach to DoD Software Migration Planning John Bergey Liam O Brien Dennis Smith September 2002 Product Line Practice Initiative Unlimited distribution subject to the copyright.
More informationEvaluating the Quality of Software Engineering Performance Data
Evaluating the Quality of Software Engineering Performance Data James Over Software Engineering Institute Carnegie Mellon University July 2014 Copyright 2014 Carnegie Mellon University This material is
More informationReport Documentation Page
(c)2002 American Institute Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information is estimated to average 1 hour per response, including the
More informationMoving Target Reference Implementation
CYBER SECURITY DIVISION 2014 R&D SHOWCASE AND TECHNICAL WORKSHOP Moving Target Reference Implementation Software Engineering Institute, Carnegie Mellon University Andrew O. Mellinger December 17, 2014
More informationAsset Management- Acquisitions
Indefinite Delivery, Indefinite Quantity (IDIQ) contracts used for these services: al, Activity & Master Plans; Land Use Analysis; Anti- Terrorism, Circulation & Space Management Studies; Encroachment
More informationDEFENSE CONTRACT AUDIT AGENCY
DEFENSE CONTRACT AUDIT AGENCY Fundamental Building Blocks for an Acceptable Accounting System Presented by Sue Reynaga DCAA Branch Manager San Diego Branch Office August 24, 2011 Report Documentation Page
More informationGuide to Using DoD PKI Certificates in Outlook 2000
Report Number: C4-017R-01 Guide to Using DoD PKI Certificates in Outlook 2000 Security Evaluation Group Author: Margaret Salter Updated: April 6, 2001 Version 1.0 National Security Agency 9800 Savage Rd.
More information2012 CyberSecurity Watch Survey
2012 CyberSecurity Watch Survey Unknown How 24 % Bad is the Insider Threat? 51% 2007-2013 Carnegie Mellon University 2012 Carnegie Mellon University NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY
More informationMeasuring Assurance Case Confidence using Baconian Probabilities
Measuring Assurance Case Confidence using Baconian Probabilities Charles B. Weinstock, John B. Goodenough, Ari Z. Klein Software Engineering Institute Carnegie Mellon University Pittsburgh, PA, USA weinstock
More informationContracting Officer s Representative (COR) Interactive SharePoint Wiki
Contracting Officer s Representative (COR) Interactive SharePoint Wiki James Smith Andy Boyd Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material
More informationEAD Expected Annual Flood Damage Computation
US Army Corps of Engineers Hydrologic Engineering Center Generalized Computer Program EAD Expected Annual Flood Damage Computation User's Manual March 1989 Original: June 1977 Revised: August 1979, February
More informationELECTRONIC HEALTH RECORDS. Fiscal Year 2013 Expenditure Plan Lacks Key Information Needed to Inform Future Funding Decisions
United States Government Accountability Office Report to Congressional July 2014 ELECTRONIC HEALTH RECORDS Fiscal Year 2013 Expenditure Plan Lacks Key Information Needed to Inform Future Funding Decisions
More informationApplying Software Quality Models to Software Security
Applying Software Quality Models to Software Security Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Carol Woody, Ph.D. April 21, 2015 Copyright 2015 Carnegie Mellon University
More informationTHE MIMOSA OPEN SOLUTION COLLABORATIVE ENGINEERING AND IT ENVIRONMENTS WORKSHOP
THE MIMOSA OPEN SOLUTION COLLABORATIVE ENGINEERING AND IT ENVIRONMENTS WORKSHOP By Dr. Carl M. Powe, Jr. 2-3 March 2005 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden
More informationA Systematic Method for Big Data Technology Selection
A Systematic Method for Big Data Technology Selection John Klein Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material is based upon work funded
More informationCAPTURE-THE-FLAG: LEARNING COMPUTER SECURITY UNDER FIRE
CAPTURE-THE-FLAG: LEARNING COMPUTER SECURITY UNDER FIRE LCDR Chris Eagle, and John L. Clark Naval Postgraduate School Abstract: Key words: In this paper, we describe the Capture-the-Flag (CTF) activity
More informationElectricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) (Case Study) James Stevens Senior Member, Technical Staff - CERT Division
Electricity Subsector Cybersecurity Capability Maturity Model (ES-C2M2) (Case Study) James Stevens Senior Member, Technical Staff - CERT Division James Stevens is a senior member of the technical staff
More informationDoD Software Migration Planning
DoD Software Migration Planning John Bergey Liam O Brien Dennis Smith August 2001 Product Line Practice Initiative Technical Note CMU/SEI-2001-TN-012 Unlimited distribution subject to the copyright. The
More informationPROBLEM STATEMENT: Will reducing the ASD for Kadena AB F-15 C/Ds increase the CPFH for this Mission Design Series (MDS)?
CONSULTING REPORT Kadena F-15 C/D Cost per Flying Hour Analysis PROJECT MANAGERS: Capt Jeremy Howe and Capt Kevin Dawson AFLMA PROJECT NUMBER: LM200520700 16 August 2005 BACKGROUND: Kadena AB is currently
More informationMonitoring Trends in Network Flow for Situational Awareness
Monitoring Trends in Network Flow for Situational Awareness SEI CERT NetSA 2011 Carnegie Mellon University NO WARRANTY THIS MATERIAL OF CARNEGIE MELLON UNIVERSITY AND ITS SOFTWARE ENGINEERING INSTITUTE
More informationMr. Steve Mayer, PMP, P.E. McClellan Remediation Program Manger Air Force Real Property Agency. May 11, 2011
Mr. Steve Mayer, PMP, P.E. McClellan Remediation Program Manger Air Force Real Property Agency May 11, 2011 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection
More information2010 2011 Military Health System Conference
2010 2011 Military Health System Conference Population Health Management The Missing Element of PCMH Sharing The Quadruple Knowledge: Aim: Working Achieving Together, Breakthrough Achieving Performance
More information73rd MORSS CD Cover Page UNCLASSIFIED DISCLOSURE FORM CD Presentation
73rd MORSS CD Cover Page UNCLASSIFIED DISCLOSURE FORM CD Presentation 21-23 June 2005, at US Military Academy, West Point, NY 712CD For office use only 41205 Please complete this form 712CD as your cover
More informationRT 24 - Architecture, Modeling & Simulation, and Software Design
RT 24 - Architecture, Modeling & Simulation, and Software Design Dennis Barnabe, Department of Defense Michael zur Muehlen & Anne Carrigy, Stevens Institute of Technology Drew Hamilton, Auburn University
More informationAdvanced Micro Ring Resonator Filter Technology
Advanced Micro Ring Resonator Filter Technology G. Lenz and C. K. Madsen Lucent Technologies, Bell Labs Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection
More informationMobile Robot Knowledge Base
Mobile Robot Knowledge Base Tracy Heath Pastore* a, Mitchell Barnes** a, Rory Hallman b b SPAWAR Systems Center, San Diego, Code 2371, 53560 Hull Street, San Diego, CA 92152; b Computer Sciences Corporation,
More informationJohn Mathieson US Air Force (WR ALC) Systems & Software Technology Conference Salt Lake City, Utah 19 May 2011
John Mathieson US Air Force (WR ALC) Systems & Software Technology Conference Salt Lake City, Utah 19 May 2011 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the
More informationFIRST IMPRESSION EXPERIMENT REPORT (FIER)
THE MNE7 OBJECTIVE 3.4 CYBER SITUATIONAL AWARENESS LOE FIRST IMPRESSION EXPERIMENT REPORT (FIER) 1. Introduction The Finnish Defence Forces Concept Development & Experimentation Centre (FDF CD&E Centre)
More informationToward a Theory of Assurance Case Confidence
Toward a Theory of Assurance Case Confidence John B. Goodenough Charles B. Weinstock Ari Z. Klein September 2012 TECHNICAL REPORT CMU/SEI-2012-TR-002 ESC-TR-2012-002 Research, Technology, and System Solutions
More informationIssue Paper. Wargaming Homeland Security and Army Reserve Component Issues. By Professor Michael Pasquarett
Issue Paper Center for Strategic Leadership, U.S. Army War College May 2003 Volume 04-03 Wargaming Homeland Security and Army Reserve Component Issues By Professor Michael Pasquarett Background The President
More informationAUSTRALIAN INNOVATIONS
AUSTRALIAN INNOVATIONS Recent Developments in Australian EVM Practices Jim Muir & Kirsty McLean October 1998 REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704-0188 Public reporting burder for this collection
More informationAFRL-RX-WP-TP-2008-4023
AFRL-RX-WP-TP-2008-4023 HOW KILLDEER MOUNTAIN MANUFACTURING IS OPTIMIZING AEROSPACE SUPPLY CHAIN VISIBILITY USING RFID (Postprint) Jeanne Duckett Killdeer Mountain Manufacturing, Inc. FEBRUARY 2008 Final
More informationHow To Use Elasticsearch
Elasticsearch, Logstash, and Kibana (ELK) Dwight Beaver dsbeaver@cert.org Sean Hutchison shutchison@cert.org January 2015 2014 Carnegie Mellon University This material is based upon work funded and supported
More informationPenetration Testing Tools
Penetration Testing Tools Ken van Wyk January 2007 ABSTRACT: This article provides a primer on the most commonly used tools for traditional penetration testing. (A related article provides an overview
More informationVoIP in Flow A Beginning
VoIP in Flow A Beginning Nathan Dell CERT/NetSA 2013 Carnegie Mellon University Legal Copyright 2013 Carnegie Mellon University This material is based upon work funded and supported by the Department of
More informationBuilding Resilient Systems: The Secure Software Development Lifecycle
Building Resilient Systems: The Secure Software Development Lifecycle Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213, PhD Technical Director, CERT mssherman@sei.cmu.edu
More informationExperiences in Migrations of Legacy Systems
Experiences in Migrations of Legacy Systems Bill Wood, Mike Gagliardi, and Phil Bianco Software Solutions Conference 2015 November 16 18, 2015 Copyright 2015 Carnegie Mellon University This material is
More informationIn June 1998 the Joint Military Intelligence. Intelligence Education for Joint Warfighting A. DENIS CLIFT
Defense Intelligence Analysis Center, home of JMIC. Intelligence Education for Joint Warfighting Courtesy Joint Military Intelligence College By A. DENIS CLIFT In June 1998 the Joint Military Intelligence
More informationDCAA and the Small Business Innovative Research (SBIR) Program
Defense Contract Audit Agency (DCAA) DCAA and the Small Business Innovative Research (SBIR) Program Judice Smith and Chang Ford DCAA/Financial Liaison Advisors NAVAIR 2010 Small Business Aviation Technology
More informationModel Checking Distributed Software
Model Checking Distributed Software Sagar Chaki September 19, 2014 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Model Checking and Me 1997 : Ed visits IIT Kharagpur Just
More informationCancellation of Nongroup Health Insurance Policies
Cancellation of Nongroup Health Insurance Policies Bernadette Fernandez Specialist in Health Care Financing Annie L. Mach Analyst in Health Care Financing November 19, 2013 Congressional Research Service
More informationOptical Blade Position Tracking System Test
National Renewable Energy Laboratory Innovation for Our Energy Future A national laboratory of the U.S. Department of Energy Office of Energy Efficiency & Renewable Energy Optical Blade Position Tracking
More informationHow To Ensure Security In A System
Software Assurance vs. Security Compliance: Why is Compliance Not Enough? Carol Woody, Ph.D. Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 2012 Carnegie Mellon University
More informationTHE NATIONAL SHIPBUILDING RESEARCH PROGRAM
SHIP PRODUCTION COMMITTEE FACILITIES AND ENVIRONMENTAL EFFECTS SURFACE PREPARATION AND COATINGS DESIGN/PRODUCTION INTEGRATION HUMAN RESOURCE INNOVATION MARINE INDUSTRY STANDARDS WELDING INDUSTRIAL ENGINEERING
More informationPima Community College Planning Grant For Autonomous Intelligent Network of Systems (AINS) Science, Mathematics & Engineering Education Center
Pima Community College Planning Grant For Autonomous Intelligent Network of Systems (AINS) Science, Mathematics & Engineering Education Center Technical Report - Final Award Number N00014-03-1-0844 Mod.
More informationSupply-Chain Risk Management Framework
Supply-Chain Risk Management Framework Carol Woody March 2010 Scope of SEI Work Context Significantly reduce the risk (any where in the supply chain) that an unauthorized party can change the behavior
More informationWhat Makes a Message Stick? - The Role of Content and Context in Social Media Epidemics
ANU College of Engineering and Computer Science Building 108, North Road ANU, Canberra 0200, Australia Final Report for AOARD Grant 124041 What Makes a Message Stick? - The Role of Content and Context
More informationExploring the Interactions Between Network Data Analysis and Security Information/Event Management
Exploring the Interactions Between Network Data Analysis and Security Information/Event Management Timothy J. Shimeall CERT Network Situational Awareness (NetSA) Group January 2011 2011 Carnegie Mellon
More informationKurt Wallnau Senior Member of Technical Staff
Engineering Realistic Synthetic Insider Threat (Cyber-Social) Test Data Kurt Wallnau Senior Member of Technical Staff Dr. Kurt Wallnau joined the SEI in 1993. He joined CERT Science of Cyber-Security (SoCS)
More informationRisk Management Framework
Risk Management Framework Christopher J. Alberts Audrey J. Dorofee August 2010 TECHNICAL REPORT CMU/SEI-2010-TR-017 ESC-TR-2010-017 Acquisition Support Program Unlimited distribution subject to the copyright.
More informationA Manager's Checklist for Validating Software Cost and Schedule Estimates
Special Report CMU/SEI-95-SR-004 January 1995 A Manager's Checklist for Validating Software Cost and Schedule Estimates Robert E. Park Approved for public release. Distribution unlimited. Carnegie Mellon
More informationResolving Chaos Arising from Agile Software Development
Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 523 Author Date High Level Alternatives Approach. Blame the Agile development process, fire the folks who are controlling it and
More informationInsider Threat Control: Using Centralized Logging to Detect Data Exfiltration Near Insider Termination
Insider Threat Control: Using Centralized Logging to Detect Data Exfiltration Near Insider Termination Michael Hanley Joji Montelibano October 2011 TECHNICAL NOTE CMU/SEI-2011-TN-024 CERT Program http://www.sei.cmu.edu
More informationA GPS Digital Phased Array Antenna and Receiver
A GPS Digital Phased Array Antenna and Receiver Dr. Alison Brown, Randy Silva; NAVSYS Corporation ABSTRACT NAVSYS High Gain Advanced GPS Receiver (HAGR) uses a digital beam-steering antenna array to enable
More informationDepartment of Homeland Security Cyber Resilience Review (Case Study) Matthew Butkovic Technical Manager - Cybersecurity Assurance, CERT Division
Department of Homeland Security Cyber Resilience Review (Case Study) Matthew Butkovic Technical Manager - Cybersecurity Assurance, CERT Division Matthew Butkovic is a Technical Manager Cybersecurity Assurance
More informationNetwork Analysis with isilk
Network Analysis with isilk Presented at FloCon 2011 Ron Bandes CERT Network Situational Awareness (NetSA) Group 2011 Carnegie Mellon University 2011 Carnegie Mellon University NO WARRANTY THIS MATERIAL
More informationAssurance in Service-Oriented Environments
Assurance in Service-Oriented Environments Soumya Simanta Research, Technology, and System Solutions (RTSS) Program Software Engineering Institute Carnegie Mellon University Pittsburgh 15232 28 th October,
More informationMonitoring of Arctic Conditions from a Virtual Constellation of Synthetic Aperture Radar Satellites
DISTRIBUTION STATEMENT A. Approved for public release; distribution is unlimited. Monitoring of Arctic Conditions from a Virtual Constellation of Synthetic Aperture Radar Satellites Hans C. Graber RSMAS
More informationDEFENSE BUSINESS PRACTICE IMPLEMENTATION BOARD
Defense Business Practice Implementation Board DEFENSE BUSINESS PRACTICE IMPLEMENTATION BOARD Report to the Senior Executive Council, Department of Defense MANAGEMENT INFORMATION TASK GROUP Report FY02-3
More informationA New Empirical Relationship between Thrust Coefficient and Induction Factor for the Turbulent Windmill State
National Renewable Energy Laboratory Innovation for Our Energy Future A national laboratory of the U.S. Department of Energy Office of Energy Efficiency & Renewable Energy A New Empirical Relationship
More informationCyber Intelligence Workforce
Cyber Intelligence Workforce Troy Townsend Melissa Kasan Ludwick September 17, 2013 Agenda Project Background Research Methodology Findings Training and Education Project Findings Workshop Results Objectives
More informationTowards an Assurance Case Practice for Medical Devices
Towards an Assurance Case Practice for Medical Devices Charles B. Weinstock John B. Goodenough October 2009 TECHNICAL NOTE CMU/SEI-2009-TN-018 Research, Technology, and System Solutions Program Unlimited
More informationNAVSUP FLC NORFOLK PHILADELPHIA OFFICE
NAVSUP FLC NORFOLK PHILADELPHIA OFFICE Gerald Furey Deputy for Small Business Ready. Resourceful. Responsive! 1 Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the
More informationAircraft Cleanability and Corrosion Issues 26 February 2008. Craig Matzdorf NAVAIR
Aircraft Cleanability and Corrosion Issues 26 February 2008 Craig Matzdorf NAVAIR Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information is
More informationData Management Maturity (DMM) Model Update
Data Management Maturity (DMM) Model Update Rawdon Young November 2012 Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Contents / Agenda The DMM SEI Observations on Core
More informationOPTICAL IMAGES DUE TO LENSES AND MIRRORS *
1 OPTICAL IMAGES DUE TO LENSES AND MIRRORS * Carl E. Mungan U.S. Naval Academy, Annapolis, MD ABSTRACT The properties of real and virtual images formed by lenses and mirrors are reviewed. Key ideas are
More informationSoftware Architecture for Big Data Systems. Ian Gorton Senior Member of the Technical Staff - Architecture Practices
Software Architecture for Big Data Systems Ian Gorton Senior Member of the Technical Staff - Architecture Practices Ian Gorton is investigating issues related to software architecture at scale. This includes
More informationSoftware Vulnerabilities in Java
Software Vulnerabilities in Java Fred Long October 2005 CERT Unlimited distribution subject to the copyright. Technical Note CMU/SEI-2005-TN-044 This work is sponsored by the U.S. Department of Defense.
More informationSimulation of Air Flow Through a Test Chamber
Simulation of Air Flow Through a Test Chamber by Gregory K. Ovrebo ARL-MR- 0680 December 2007 Approved for public release; distribution unlimited. NOTICES Disclaimers The findings in this report are not
More informationmini w Requirements Analysis Defense Commissary Agency Credit Card Program Logistics Management Institute Credit Card Terminals and Printers v / i
Logistics Management Institute Requirements Analysis Defense Commissary Agency Credit Card Program Credit Card Terminals and Printers CA303LN32 Andrew T. Rothstein ^^Mj^msmmnz mini w I v / i November 1995
More informationThe CERT Approach to Cybersecurity Workforce Development
The CERT Approach to Cybersecurity Workforce Development Josh Hammerstein Christopher May December 2010 TECHNICAL REPORT CMU/SEI-2010-TR-045 ESC-TR-2010-110 Enterprise and Workforce Development Unlimited
More informationIISUP-. NAVAL SUPPLY SVSTE:MS COMMAND. Ready. Resourceful. Responsive!
~ IISUP-. NAVAL SUPPLY SVSTE:MS COMMAND Ready. Resourceful. Responsive! Report Documentation Page Form Approved OMB No. 0704-0188 Public reporting burden for the collection of information is estimated
More informationArmy Environmental Policy and ISO 14001
Army Environmental Policy and ISO 14001 Army Environmental Policy and ISO 14001 Rick Sinclair and Rochie Tschirhart Since the 1970s, the U.S. Army has instituted environmental policies, programs, regulations,
More informationTITLE: The Impact Of Prostate Cancer Treatment-Related Symptoms On Low-Income Latino Couples
AD Award Number: W81WH-07-1-0069 TITLE: The Impact Of Prostate Cancer Treatment-Related Symptoms On Low-Income Latino Couples PRINCIPAL INVESTIGATOR: Sally L. Maliski, Ph.D., R.N. CONTRACTING ORGANIZATION:
More informationObsolescence Considerations for Materials in the Lower Sub-Tiers of the Supply Chain
INSTITUTE FOR DEFENSE ANALYSES Obsolescence Considerations for Materials in the Lower Sub-Tiers of the Supply Chain Jay Mandelbaum Christina M. Patterson April 2015 Approved for public release; distribution
More informationAgile Development and Software Architecture: Understanding Scale and Risk
Agile Development and Software Architecture: Understanding Scale and Risk Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Robert L. Nord SSTC, April 2012 In collaboration
More informationDr. Gary S. E. Lagerloef Earth and Space Research, 1910 Fairview Ave E
Establishing a NOAA Operational Data Center for Surface Currents Derived from Satellite Altimeters and Scatterometers; Pilot Study for the Tropical Pacific Including the Hawaiian Islands and US Territorial
More informationREPORT DOCUMENTATION PAGE
REPORT DOCUMENTATION PAGE Form Approved OMB NO. 0704-0188 The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions,
More informationRegional Field Verification Operational Results from Four Small Wind Turbines in the Pacific Northwest
National Renewable Energy Laboratory Innovation for Our Energy Future A national laboratory of the U.S. Department of Energy Office of Energy Efficiency & Renewable Energy Regional Field Verification Operational
More informationDynamic IR Scene Projector Based Upon the Digital Micromirror Device
Dynamic IR Scene Projector Based Upon the Digital Micromirror Device D. Brett Beasley, Matt Bender, Jay Crosby, Tim Messer, and Daniel A. Saylor Optical Sciences Corporation www.opticalsciences.com P.O.
More informationREPORT DOCUMENTATION PAGE *
REPORT DOCUMENTATION PAGE * Form Approved OMBNo. 07040188 Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions,
More informationInteragency National Security Knowledge and Skills in the Department of Defense
INSTITUTE FOR DEFENSE ANALYSES Interagency National Security Knowledge and Skills in the Department of Defense June 2014 Approved for public release; distribution is unlimited. IDA Document D-5204 Log:
More informationOverview. CMU/SEI Cyber Innovation Center. Dynamic On-Demand High-Performance Computing System. KVM and Hypervisor Security.
KVM and Hypervisor Security David Shepard and Matt Gaston CMU/SEI Cyber Innovation Center February 2012 2012 by Carnegie Mellon University. Published SEI PROPRIETARY INFORMATION. Distribution: Director
More informationUMass at TREC 2008 Blog Distillation Task
UMass at TREC 2008 Blog Distillation Task Jangwon Seo and W. Bruce Croft Center for Intelligent Information Retrieval University of Massachusetts, Amherst Abstract This paper presents the work done for
More informationCopyright 2014 Carnegie Mellon University The Cyber Resilience Review is based on the Cyber Resilience Evaluation Method and the CERT Resilience
Copyright 2014 Carnegie Mellon University The Cyber Resilience Review is based on the Cyber Resilience Evaluation Method and the CERT Resilience Management Model (CERT-RMM), both developed at Carnegie
More informationExtending AADL for Security Design Assurance of the Internet of Things
Extending AADL for Security Design Assurance of the Internet of Things Presented by Rick Kazman, PhD Team: Carol Woody (PI), Rick Kazman, Robert Ellison, John Hudak, Allen Householder Software Engineering
More informationAchieving QoS for Aeronautical Telecommunication Networks Over Differentiated Services
NASA/TM 2001-210754 Achieving QoS for Aeronautical Telecommunication Networks Over Differentiated Services Haowei Bai and Mohammed Atiquzzaman The University of Dayton, Dayton, Ohio William Ivancic Glenn
More informationAn Oil-Free Thrust Foil Bearing Facility Design, Calibration, and Operation
NASA/TM 2005-213568 An Oil-Free Thrust Foil Bearing Facility Design, Calibration, and Operation Steve Bauman Glenn Research Center, Cleveland, Ohio March 2005 The NASA STI Program Office... in Profile
More informationUsing Domain Name Registrant Information To Identify Malicious Domains
Using Domain Name Registrant Information To Identify Malicious Domains Mark Langston Software Engineering Institute Carnegie Mellon University Pittsburgh, PA 15213 Do Bad Actors Use Fake Addresses? Copyright
More informationInsider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources
Insider Threat Control: Understanding Data Loss Prevention (DLP) and Detection by Correlating Events from Multiple Sources George J. Silowash Christopher King January 2013 TECHNICAL NOTE CMU/SEI-2013-TN-002
More informationMultiple Network Marketing coordination Model
REPORT DOCUMENTATION PAGE Form Approved OMB No. 0704-0188 The public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions,
More informationAn Overview of Romanian Command and Control Systems
Col. eng. Stefan Cantaragiu, Ph. D. Military Equipment and Technologies Research Agency P.O. Box 51-16 76550 Bucharest ROMANIA Tel.: +40 1 4231483 Fax: +40 1 4231030 scantaragiu@acttm.ro Lt. eng. Adrian
More information