2006 CERT Research Report

The CERT Program at Carnegie Mellon University’s Software Engineering Institute concentrates on the technical basis for preventing security flaws and vulnerabilities from occurring in the f irst place, for identifying them once they have occurred, and for preserving essential services if a system is penetrated and compromised. We recognize that we must focus on multiple strategies for prevention, detection, and recovery from cybersecurity attacks. Our agenda consists of three elements: research, technology development, and technology transfer.

In our research activities, we aim to replace informal methods with precise software and security engineering. In our technology development work, we create software and security standards, technologies, and automation. In technology transfer, we work with clients to incorporate results into key acquisition and development projects. We also provide training and other materials such as published books and articles to support technology transfer.

While all of these elements are necessary to achieve success, the focus of this report is on CERT’s research work. Our research agenda is driven by the need to develop theoretical foundations and engineering methods to ensure the security of critical systems and systems of systems. We believe the projects described in this report are necessary elements in support of this agenda. We provide brief abstracts for our major research projects, followed by more detailed descriptions of the projects. We also describe additional research activities, our publications, and technical leadership activities.