icon-carat-right menu search cmu-wordmark

An Approach for Integrating the Security Engineering Risk Analysis (SERA) Method with Threat Modeling

White Paper
This report examines how cybersecurity data generated by a threat modeling method can be integrated into a mission assurance context using the SERA Method.
Publisher

Software Engineering Institute

Abstract

In this report, the authors explore the link between the SERA Method and threat modeling, which has become a popular engineering practice across industry and government organizations in the past decade. A threat modeling method defines an approach for identifying countermeasures that can be engineered into a software system. In this report, Alberts and Woody specifically examine how the system-focused cybersecurity data generated by a threat modeling method can be integrated into a mission assurance context using the SERA Method.