CyLab Seminar: New Software Security Research Directions

    Time: March 26, 2012 - 12:00 PM - 1:00 PM

    Location: CIC Building, Pittsburgh


    Speaker: Nancy Mead

    Talk Abstract: This talk will introduce two new CERT software security research initiatives that are under consideration by the Cybersecurity Engineering team: “Identifying security requirements for acquisition of COTS, including mobile apps”, and “Improving operational system security by measurably reducing security vulnerabilities early in the development lifecycle”. The first initiative focuses on development of methods and tools for identifying security requirements for purchase of COTS and mobile apps. The second addresses analysis of data gathered during development, especially in early life-cycle steps, to measure reduction in vulnerabilities. We are interested in feedback to refine the technical aspects of the research, information about other related areas of research, and input about potential sponsorship.
    Speaker Bio:

    Nancy R. Mead is a senior member of the technical staff in the CERT Program at the Software Engineering Institute (SEI). Mead is also a faculty member in the Master of Software Engineering and Master of Information Systems Management programs at Carnegie Mellon University. She is currently involved in the study of security requirements engineering and the development of software assurance curricula.

    Mead has more than 150 publications and invited presentations, and has a biographical citation in Who’s Who in America. She is a Fellow of the Institute of Electrical and Electronic Engineers, Inc. (IEEE) and a Distinguished Member of the Association for Computing Machinery (ACM). Dr. Mead received her PhD in mathematics from the Polytechnic Institute of New York, and received a BA and an MS in mathematics from New York University.