Cybersecurity Engineering Research
This research uses information about previous cyberattacks to enhance requirements elicitation for software development.
This research is focused on developing methods for analyzing security-related design weaknesses that cannot be corrected easily during operations. The goal is to enable the early detection and remediation of design weaknesses, thereby reducing residual security risk when a system is deployed.
This research evaluates the feasibility of using specialized software quality models to improve the security of software and of using available quality and vulnerability data to effectively calibrate a specialized quality model to track and forecast security defects.
This research and its resulting tool helps organizations to build security into the early stages of the production and acquisition lifecycles, including privacy.
This research aims to help you evaluate and reduce supply chain risk, provides guidance you can use to manage these risks, and improve your use of resources in reducing these risks.
The goal of this research is to develop a risk-based approach for measuring and monitoring the security characteristics of interactively complex, software-reliant systems across the lifecycle and supply chain.
This research involves investigating and developing viable, reasoned ways to describe problem complexity within the security assurance ecosystem with sufficient insight to identify opportunities for real improvement.