New Technical Reports Published: July 2011

« More Announcements

August 1, 2011—The following technical reports, special reports, and technical notes were published recently by the Software Engineering Institute. For the latest SEI technical reports and papers, see http://www.sei.cmu.edu/library/reportspapers.cfm.

Measures for Managing Operational Resilience

Julia H. Allen & Pamela D. Curtis

In this report, Resilient Enterprise Management (REM) team members suggest a set of top 10 strategic measures for managing operational resilience. These measures derive from high-level objectives of the operational resilience management system defined in the CERT Resilience Management Model, Version 1.1 (CERT-RMM). The report also provides measures for each of the 26 process areas of CERT-RMM, as well as a set of global measures that apply to all process areas. This report thus serves as an addendum to CERT-RMM Version 1.1.

CMU/SEI-2011-TR-019
PDF Download

Standards-Based Automated Remediation: A Remediation Manager Reference Implementation

Sagar Chaki, Rita Creel, Jeff Davenport, Mike Kinney, Benjamin McCormick, & Mary Popeck

This report describes the SEI's 2010 work for the National Security Agency Computer Network Defense Research and Technology Program Management Office to develop standards for remediation of vulnerabilities and compliance issues on Department of Defense (DoD) networked systems. The overall goals are to assist in the development of remediation standards, demonstrate the functionality that the DoD would like in a remediation manager, and increase efficiency and effectiveness of remediation by automating the remediation process.

CMU/SEI-2011-SR-007
PDF Download

A Decision Framework for Selecting Licensing Rights for Noncommercial Computer Software in the DoD Environment

Charlene Gross

A major acquisition challenge for a program where computer software is a critical element of the system is the upfront determination of an appropriate licensing rights strategy. This report describes standard noncommercial software licensing alternatives as defined by U.S. government and Department of Defense (DoD) regulations. It also suggests an approach for objectively identifying agency needs for license rights and the appropriate license type for systems with noncommercial computer software or as standalone software in the DoD environment. There are three standard license types for noncommercial computer software: Unlimited, Government Purpose, and Restricted. Each of these license types for noncommercial computer software conveys different rights to the agency. This report presents distinguishing characteristics of the three standard license types, a method to develop the supporting rationale or traceability for DoD agency needs, a high-level description of circumstances that fall outside of standard license types, and a discussion of the importance of deliverables as necessary components for implementing license rights.

CMU/SEI-2011-TR-014
PDF Download

Find Us Here

Find us on Youtube  Find us on LinkedIn  Find us on twitter  Find us on Facebook

Share This Page

Share on Facebook  Send to your Twitter page  Save to del.ico.us  Save to LinkedIn  Digg this  Stumble this page.  Add to Technorati favorites  Save this page on your Google Home Page 

For more information

Media Contacts: 

Richard Lynch

public-relations@sei.cmu.edu

412-268-4793

Help us improve

Visitor feedback helps us continually improve our site.

Please tell us what you
think with this short
(< 5 minute) survey.