--->

New Technical Reports Published: April 2011

« More Announcements

May 2, 2011—The following technical reports, special reports, and technical notes were published recently by the Software Engineering Institute. For the latest SEI technical reports and papers, see http://www.sei.cmu.edu/library/reportspapers.cfm.

Trusted Computing in Embedded Systems Workshop

Archie Andrews & Jonathan McCune

This report describes the November 2010 Trusted Computing in Embedded Systems Workshop held at Carnegie Mellon University. This workshop brought together various groups concerned with advancing research into improving the trustworthiness in embedded systems. The workshop format provided the opportunity to focus on embedded systems while examining the application of related trust technologies in order to foster collaborative approaches and information exchange in this area. Presentations and discussion addressed the capabilities and limitations of effectively employing trusted hardware-enabled components in embedded systems. This included, but was not restricted to, the following areas: new research and development in enabling trust in embedded systems, methods and techniques for establishing trust in embedded systems, lessons learned from research and development projects on embedded systems security, and gaps in current research. The workshop resulted in identification of gaps in current research and recommendations for potential research directions.

CMU/SEI-2011-SR-002
PDF Download

Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0

John Haller, Samuel A. Merrell, Matthew J. Butkovic, & Bradford J. Willke

As nations recognize that their critical infrastructures have integrated sophisticated information and communications technologies (ICT) to provide greater efficiency and reliability, they quickly realize the need to effectively manage risk arising from the use of these technologies. Establishing a national computer security incident management capability can be an important step in managing that risk. In this document, this capability is referred to as a National Computer Security Incident Response Team (CSIRT), although the specific organizational form may vary among nations. Nations face various challenges when working to strengthen incident management, such as the lack of information providing guidance for establishing a national capability, determining how this capability can support national cyber security, and managing the national incident management capability. This document, first in the Best Practices for National Cyber Security series, provides information that interested organizations and governments can use to develop a national incident management capability. The document explains the need for national incident management and provides strategic goals, enabling goals, and additional resources pertaining to the establishment of National CSIRTs and organizations like them.

CMU/SEI-2011-TR-015
PDF Download

Appraisal Requirements for CMMI Version 1.3 (ARC, V1.3)

SCAMPI Upgrade Team

This report, the Appraisal Requirements for CMMI, Version 1.3 (ARC, V1.3), defines the requirements for appraisal methods intended for use with Capability Maturity Model Integration (CMMI) and with the People CMM. The ARC may also be useful when defining appraisals with other reference models. The ARC defines three appraisal classes distinguished by the degree of rigor associated with the application of the method. These classes are intended primarily for people who develop appraisal methods to use with reference models such as those in the CMMI product suite.

CMU/SEI-2011-TR-006
PDF Download

Issues and Opportunities for Improving the Quality and Use of Data in the Department of Defense

Mark Kasunic, David Zubrow, & Erin Harper

The Department of Defense (DoD) is becoming increasingly aware of the importance of data quality to its operations, leading to an interest in methods and techniques that can be used to determine and improve the quality of its data. The Office of the Secretary of Defense for Acquisition, Technology, and Logistics (OSD [AT&L]), Director, Defense Research & Engineering (DDR&E) sponsored a workshop to bring together leading researchers and practitioners to identify opportunities for research focused on data quality, data analysis, and data use. Seventeen papers were accepted for presentation during the workshop. During workshop discussion, participants were asked to identify challenging areas that would address technology gaps and to discuss research ideas that would support future DoD policies and practices. The Software Engineering Institute formed three primary recommendations for areas of further research from the information produced at the workshop. These areas were integrating data from disparate sources, employing provenance analytics, and developing models, methods, and tools that support data quality by design.

CMU/SEI-2011-SR-004
PDF Download

Software Assurance Curriculum Project Volume III: Master of Software Assurance Course Syllabi

Nancy R. Mead, Julia H. Allen, Mark A. Ardis, Thomas B. Hilburn, Andrew J. Kornecki, & Richard C. Linger

This report, the third volume in the Software Assurance Curriculum Project sponsored by the U.S. Department of Homeland Security, provides sample syllabi for the nine core courses in the Master of Software Assurance Reference Curriculum.

CMU/SEI-2011-TR-013
PDF Download

Find Us Here

Find us on Youtube  Find us on LinkedIn  Find us on twitter  Find us on Facebook

Share This Page

Share on Facebook  Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Media Contacts: 

Richard Lynch

public-relations@sei.cmu.edu

412-268-4793

Help us improve

Visitor feedback helps us continually improve our site.

Please tell us what you
think with this short
(< 5 minute) survey.