icon-carat-right menu search cmu-wordmark
Carnegie Mellon University

Data Driven Software Assurance

Podcast
By
In 2012, SEI researchers began investigating vulnerabilities reported to the SEI's CERT Division. A research project was launched to investigate design-related vulnerabilities and quantify their effects.
Publisher

Software Engineering Institute

Topic or Tag

Listen

Abstract

Software vulnerabilities are defects or weaknesses in a software system that, if exploited, can lead to compromise of the control of a system or the information it contains. The problem of vulnerabilities in fielded software is pervasive and serious. In 2012, SEI researchers began investigating vulnerabilities reported to the SEI's CERT Division and determined that a large number of significant and pernicious software vulnerabilities likely had their origins early in the software development lifecycle in the requirements and design phases.

In this podcast, SEI researchers Mike Konrad and Art Mansion discuss a project that was launched to investigate design-related vulnerabilities and quantify their effects.

About the Speaker

Michael Konrad

Michael D. Konrad

Art Manion

Art Manion

Art Manion is an SEI alumni employee.

Art Manion is a senior member of the Vulnerability Analysis team in the CERT Program at the Software Engineering Institute (SEI), Carnegie Mellon University. Since joining CERT in 2001, Manion has studied vulnerabilities, coordinated disclosure efforts, and published advisories, alerts, and vulnerability notes …

Read more
SHARE

Supplemental Materials

Download Transcript
Download Audio
Related Links
Technical Report | Data Driven Software Assurance
Blog | Data Driven Software Assurance
Ask a question about this Podcast