This snapshot, taken on 12/03/2012, shows web content selected for preservation by The National Archives. External links, forms and search boxes may not work in archived websites.
CERT
about us
CERT, the home of the well-known CERT(R) Coordination Center, is located at Carnegie Mellon University's Software Engineering Institute. We study internet security vulnerabilities, research long-term changes in networked systems, and develop information and training to help you improve security. 		take the tour

CERT Spotlight: Building Security In from the Ground Up

Building Security In When security is built into software from the ground up, software is more resistant to attacks. Organizations that have focused on security in the early stages have seen major reductions in operational vulnerabilities, resulting in reductions in software patching. Our research from one case study showed that the cost to fix requirement problems identified later in the project cost close to $2.5 million; the cost to fix these problems early in the life cycle was $500,000.

The CERT Cyber Security Engineering (CSE) team focuses on research and education to help software and systems acquirers, managers, developers, and operators address security and survivability throughout the development and acquisition life cycles—especially in the early stages. The team has created methods and solutions that can be integrated into existing practices.

The CSE team also provides resources for the Build Security In (BSI) website, which it manages for the Department of Homeland Security. BSI was noted in Trustworthy Cyberspace: Strategic Plan for the Federal Cybersecurity Research and Development Program (pdf), released in December 2011 from the Executive Office of the U.S. President.

Announcements

March 7, 2012

Principles of Trust for Embedded Systems Technical Note Published
This paper gives substance and explicit meaning to the terms trust and trustworthy as they relate to automated systems and to embedded systems in particular.

March 1, 2012

CERT Staff Guide New Information Networking Institute Master’s Program
Newly offered, the Executive Master of Science in Information Assurance (ExecMSIA) offers concentrations in Cyber Forensics and Incident Response and Resilience Management for current and aspiring executives seeking to propel their careers. The CERT Program’s Rich Caralli and Rich Nolan bring deep knowledge and hands-on experiences to launch this program. Apply online.

February 28, 2012

New Podcast Released
Implementing secure coding standards to reduce the number of vulnerabilities that can escape into operational systems is a sound business decision.

more announcements

headlines headlines