Blog Posts
The Hybrid Threat Modeling Method
Modern software systems are constantly exposed to attacks from adversaries that, if successful, could prevent a system from functioning as intended or could result in exposure of confidential information....
• By Nancy Mead, Forrest Shull
Cyber Threat Modeling: An Evaluation of Three Methods
Cyber threat modeling, the creation of an abstraction of a system to identify possible threats, is a required activity for DoD acquisition. Identifying potential threats to a system, cyber or …
• By Forrest Shull, Nancy Mead
Seven Principles for Software Assurance
The exponential increase in cybercrime is a perfect example of how rapidly change is happening in cyberspace and why operational security is a critical need. In the 1990s, computer crime …
• By Nancy Mead
Addressing the Shortfall of Secure Software Developers through Community College Education
The (ISC)2 Global Information Security Workforce Study (GISWS) forecasts a shortfall of 1.5 million cybersecurity professionals by 2020. Government sources also project critical shortages of cybersecurity professionals. This predicted shortfall …
• By Nancy Mead
Using Quality Metrics and Security Methods to Predict Software Assurance
To ensure software will function as intended and is free of vulnerabilities (aka software assurance), software engineers must consider security early in the lifecycle, when the system is being designed …
• By Carol Woody, Nancy Mead
In Artificial Intelligence Engineering
Development of a Master of Software Assurance Reference Curriculum
The federal government is facing a shortage of cybersecurity professionals that puts our national security at risk, according to recent research. This blog post presents an overview of the SEI's …