http://www.sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching Security-Related Requirementsen-usMon, 14 Mar 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/how-easy-is-it-to-make-and-detect-a-deepfake/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe technology underlying the creation and detection of deepfakes and assessment of current and future threat levelsCatherine Bernaciak, Dominic RossMon, 14 Mar 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/how-easy-is-it-to-make-and-detect-a-deepfake/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecurity VulnerabilitiesVulnerability DiscoveryVulnerability MitigationSecurity-Related RequirementsArtificial Intelligence EngineeringAdvanced Computinghttps://www.sei.cmu.edu/blog/integrating-safety-and-security-engineering-for-mission-critical-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCritical systems must be safe from harm and secure, but safety and security practices have evolved in isolation. The SEI is improving coordination between safety and security engineering.Sam Procter, Sholom CohenMon, 10 May 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/integrating-safety-and-security-engineering-for-mission-critical-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSafety-Related RequirementsSecurity-Related Requirementshttps://www.sei.cmu.edu/blog/automating-system-security-with-aadl-11-rules-for-ensuring-a-security-model/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post presents an approach for modeling and validating confidentiality using AADL, and 11 analysis rules for ensuring security model consistency.Aaron GreenhouseMon, 26 Apr 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/automating-system-security-with-aadl-11-rules-for-ensuring-a-security-model/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecurity-Related RequirementsArchitecture Analysis and Design Language (AADL)https://www.sei.cmu.edu/blog/how-to-use-static-analysis-to-enforce-sei-cert-coding-standards-for-iot-applications/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe Jeep hack, methods to hack ATMs, and even hacks to a casino's fish tank provide stark evidence of the risks associated with the Internet of Things (IoT)....David SvobodaMon, 01 Apr 2019 00:00:00 -0400https://www.sei.cmu.edu/blog/how-to-use-static-analysis-to-enforce-sei-cert-coding-standards-for-iot-applications/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecurity-Related RequirementsSecure CodingCyber Risk and Resilience ManagementStatic AnalysisCybersecuritySecure DevelopmentCyber MissionsBest Practices in Network Securityhttps://www.sei.cmu.edu/blog/using-the-sei-cert-coding-standards-to-improve-security-of-the-internet-of-things/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe Internet of Things (IoT) is insecure. The Jeep hack received a lot of publicity, and there are various ways to hack ATMs, with incidents occurring with increasing regularity....David SvobodaMon, 11 Feb 2019 00:00:00 -0500https://www.sei.cmu.edu/blog/using-the-sei-cert-coding-standards-to-improve-security-of-the-internet-of-things/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSecurity-Related RequirementsSecure CodingSecure DevelopmentCyber MissionsInternet of Thingshttps://www.sei.cmu.edu/blog/evaluating-threat-modeling-methods-for-cyber-physical-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAddressing cybersecurity for a complex system, especially for a cyber-physical system of systems (CPSoS), requires a strategic approach during the entire lifecycle of the system....Nataliya ShevchenkoMon, 04 Feb 2019 00:00:00 -0500https://www.sei.cmu.edu/blog/evaluating-threat-modeling-methods-for-cyber-physical-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVulnerability AnalysisSecurity-Related RequirementsOCTAVECyber Risk and Resilience ManagementNetwork Situational AwarenessEnterprise Risk and Resilience ManagementCyber MissionsThreat Modeling Best Practices in Network SecurityRiskCyber-Physical SystemsCritical Infrastructure Protectionhttps://www.sei.cmu.edu/blog/threat-modeling-12-available-methods/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAlmost all software systems today face a variety of threats, and the number of threats grows as technology changes....Nataliya ShevchenkoMon, 03 Dec 2018 00:00:00 -0500https://www.sei.cmu.edu/blog/threat-modeling-12-available-methods/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVulnerability AnalysisSecurity-Related RequirementsOCTAVECyber Risk and Resilience ManagementNetwork Situational AwarenessEnterprise Risk and Resilience ManagementCyber MissionsThreat Modeling Best Practices in Network SecurityRiskCyber-Physical SystemsCritical Infrastructure Protectionhttps://www.sei.cmu.edu/blog/decision-making-factors-for-selecting-application-security-testing-tools/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIn the first post in this series, I presented 10 types of application security testing (AST) tools and discussed when and how to use them....Tom ScanlonMon, 20 Aug 2018 00:00:00 -0400https://www.sei.cmu.edu/blog/decision-making-factors-for-selecting-application-security-testing-tools/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesCyber MissionsCybersecuritySecure CodingSecurity-Related RequirementsSoftware and Information AssuranceTestingVulnerability AnalysisSecure Developmenthttps://www.sei.cmu.edu/blog/ipv6-adoption-4-questions-and-answers/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesIPv6 deployment is on the rise. Google reported that as of July 14 2018, 23.94 percent of users accessed its site via IPv6, up 6.16 percent from that same date in 2017....Joseph MayesMon, 13 Aug 2018 00:00:00 -0400https://www.sei.cmu.edu/blog/ipv6-adoption-4-questions-and-answers/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesBest Practices in Network SecurityCyber MissionsSecure CodingSecurity-Related RequirementsIPV6Secure Developmenthttps://www.sei.cmu.edu/blog/the-need-to-specify-requirements-for-off-nominal-behavior/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesExplore off-nominal behavior in requirements engineering, addressing incomplete specifications and defining system behavior in abnormal situations in this SEI Blog.Donald FiresmithMon, 16 Jan 2012 00:00:00 -0500https://www.sei.cmu.edu/blog/the-need-to-specify-requirements-for-off-nominal-behavior/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSafety-Related RequirementsSecurity-Related RequirementsAcquisition Transformationhttps://www.sei.cmu.edu/blog/obstacles-in-engineering-safety-and-security-related-requirements-second-in-a-three-part-series/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe 2nd part of this SEI Blog series dives deeper into key obstacles organizations encounter concerning safety and security related requirements.Donald FiresmithMon, 18 Jul 2011 00:00:00 -0400https://www.sei.cmu.edu/blog/obstacles-in-engineering-safety-and-security-related-requirements-second-in-a-three-part-series/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSafety-Related RequirementsSecurity-Related RequirementsAcquisition Transformation