Cybersecurity Engineering Research Collection
• Collection
Publisher
Software Engineering Institute
Topic or Tag
Abstract
This collection describes work that CERT researchers are conducting in the field of cybersecurity engineering.
- Using Malware Analysis in Security Requirements Elicitation: This research uses information about previous cyberattacks to enhance requirements elicitation for software development.
- Security Engineering Risk Analysis (SERA): This research is focused on developing methods for analyzing security-related design weaknesses that cannot be corrected easily during operations.
- Cybersecurity Quality Metrics: This research evaluates the feasibility of using specialized software quality models to improve the security of software and of using available quality and vulnerability data to effectively calibrate a specialized quality model to track and forecast security defects.
- Security Quality Requirements Engineering (SQUARE): This research and its resulting tool helps organizations to build security into the early stages of the production and acquisition lifecycles, including privacy.
- Supply Chain and COTS Assurance: This research aims to help you evaluate and reduce supply chain risk, provides guidance you can use to manage these risks, and improve your use of resources in reducing these risks.
- Cybersecurity and Software Assurance Measurement and Analysis: The goal of this research is to develop a risk-based approach for measuring and monitoring the security characteristics of interactively complex, software-reliant systems across the lifecycle and supply chain.
- Software Assurance Ecosystem: This research involves investigating and developing viable, reasoned ways to describe problem complexity within the security assurance ecosystem with sufficient insight to identify opportunities for real improvement.
See the following publications for more information about cybersecurity research efforts.
Collection Items
Cybersecurity Engineering Research: Malware Analysis Collection
• Collection
By Software Engineering Institute
This research uses information about previous cyberattacks to enhance requirements elicitation for software development.
Learn MoreCybersecurity Engineering Research: Security Engineering Risk Analysis (SERA) Collection
• Collection
By Software Engineering Institute
This research develops methods for analyzing security-related design weaknesses that cannot be corrected easily during operations.
Learn MoreCybersecurity Engineering Research: Cybersecurity Quality Metrics Collection
• Collection
By Software Engineering Institute
This research evaluates the feasibility of using 1) using software quality models to improve software security and 2) available data to calibrate a specialized quality model to track and forecast …
Learn MoreCybersecurity Engineering Research: Security Quality Requirements Engineering (SQUARE) Collection
• Collection
By Software Engineering Institute
This research helps organizations to build security into the early stages of the production and acquisition lifecycles, including privacy.
Learn MoreCybersecurity Engineering Research: Supply Chain and Commercial-Off-the-Shelf (COTS) Assurance Collection
• Collection
By Software Engineering Institute
This research focuses on methods for analyzing security-related design weaknesses that cannot be corrected easily during operations.
Learn MoreCybersecurity Engineering Research: Software Assurance Measurement and Analysis Collection
• Collection
By Software Engineering Institute
This research is a risk-based approach for measuring and monitoring the security characteristics of interactively complex, software-reliant systems.
Learn MoreCybersecurity Engineering Research: Software Assurance Ecosystem Collection
• Collection
By Software Engineering Institute
These software assurance frameworks help organizations identify opportunities for improving operational assurance.
Learn More