SEI's current research in the discipline of risk management is being conducted jointly with the CERT Cyber Security Engineering Team. The CSE Team is using the MRD to assess software security risk across the life cycle and supply chain. As part of this work, the team is also conducting research into risk-based measurement and analysis, where the MRD is being used to direct an organization's measurement and analysis efforts. The CSE Team has chartered the Software Security Measurement and Analysis (SSMA) Project to conduct this research.

Software Security Measurement and Analysis

Without established methods to measure how secure software is, decision makers lack confidence in the security of their software-reliant systems. The Software Security Measurement and Analysis (SSMA) project is exploring how to use risk analysis to direct an organization's software security measurement and analysis efforts. The overarching goal is to develop a risk-based approach for measuring and monitoring the security characteristics of interactively complex, software-reliant systems across the life cycle and supply chain. The SEI Integrated Measurement and Analysis Framework (IMAF) and the SEI Mission Risk Diagnostic (MRD) are part of this work. The IMAF helps decision makers by integrating performance data for individual components, including targeted analysis, status reporting, and measurement activities, to provide a consolidated view of the performance of software-reliant systems. The MRD (a product of earlier MSCE work) analyzes the risk to the system as a whole, providing a comprehensive view of the overall risk to a system's mission.

We encourage anyone interested in working with us on the research, development and piloting in these areas contact us.

Find Us Here

Find us on Youtube  Find us on LinkedIn  Find us on twitter  Find us on Facebook

Share This Page

Share on Facebook  Send to your Twitter page  Save to  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Contact Us


Help us improve

Visitor feedback helps us continually improve our site.

Please tell us what you
think with this short
(< 5 minute) survey.