An Approach for Integrating the Security Engineering Risk Analysis (SERA) Method with Threat Modeling
• White Paper
This report examines how cybersecurity data generated by a threat modeling method can be integrated into a mission assurance context using the SERA Method.
Publisher
Software Engineering Institute
Topic or Tag
Abstract
In this report, the authors explore the link between the SERA Method and threat modeling, which has become a popular engineering practice across industry and government organizations in the past decade. A threat modeling method defines an approach for identifying countermeasures that can be engineered into a software system. In this report, Alberts and Woody specifically examine how the system-focused cybersecurity data generated by a threat modeling method can be integrated into a mission assurance context using the SERA Method.