Public Group
active 6 hours, 16 minutes ago
Enable Department of Defense (DoD), civilian government, and industry organizations to acquire, develop, operate, and sustain software systems that are innovative, affordable, enduring, trustworthy and employ Software Engineering (SE) as solutions to unravel real-world problems. Software Intensive Systems Engineering (SE) includes the entire field of software and systems engineering and related technologies; specifically as related to information, documentation, databases, model and architecture repositories, analysis, training, testing, data synthesis, hardware, software, standards, economic consideration of selection of techniques and processes, and interoperability in support of the acquisition and RDT&E communities
Group Admins
-
NIST Releases the Second Public Draft of Special Publication (SP) 800-125A, Security Recommendations for Hypervisor Deployment is now available for public comment. See below for further details. Full details and links to Draft SP 800-125A can be found on the NIST CSRC Draft Publications page: https://beta.csrc.nist.gov/publications/detail/sp/800-125A/draft (See “Please Note” below for important information regarding the…
-
With the increasing rate of security breaches, today’s applications need to be built more securely at the code level, and that code needs to be tested regularly. The Software Assurance Marketplace was developed to make it easier to consistently test the quality and security of applications and bring a transformative change to the software assurance… -
Learn how encryption is used to provide electronic credentials. This short video explains digital certificates and how they are issued. This is part 2 of a 3 part series on the topic of encryption. -
CSIAC provides hardcopies of technical journals and other products to the community. Most publications are free and only require shipping and handling fees. -
CSIAC provides up to four hours of FREE technical research and analysis to answer users’ most pressing technical questions. Learn more and submit a technical inquiry. -
CSIAC.org group members can discuss technical topics and ask questions in the Group Forums. It is one way a CSIAC.org member can contribute to the community of practice. -
This video shows you how to create an account and explains some of the benefits of having an account on CSIAC.org -
Do you want a record of all the CSIAC webinars you have attended? This short video shows you how. -
The DoD has outlined a Strategic Vision and goals for DoD Modeling and Simulation (M&S). One of the goals is to "Promote the sharing of tools, data, and information across the DoD Enterprise," to enable reuse and interoperability of models, simulations, and associated data. Providing visibility into the Modeling & Simulation (M&S) resources across the… -
Learn the basics about what encryption is and how it works. This short video describes symmetric and asymmetric encryption. This is part 1 of a 3 part series on the topic of encryption. -
Design and Development Process for Assured Software - Volume 1
Volume 5 Issue 2
Welcome to this special Software Assurance (SwA) edition of the Journal of Cyber Security & Information Systems, published by the Cyber Security & Information Systems Information Analysis Center (CSIAC).Posted: 07/13/2017 18:46:56Journal -
Embedded devices are increasingly connected to network resources for additional functionality with the ultimate goal of greater mission capability. Recently, security of connected devices is being scrutinized with highly publicized vulnerabilities of various consumer devices. While several domains are starting to publish new guidelines for cybersecurity there is not a standardized risk assessment framework for… -
This webinar covers the realities of the Enterprise Mission Assurance Support Service (eMASS): what works well, what does not work, and how to best make it work for you. The webinar discusses how to categorize your system, select applicable controls, and leverage eMASS to assist in this process. Two specific topics that are covered are how inheritance works in eMASS (and does not work) and the tricky business of uploading STIGs/CKLs (and the painful lessons associated with doing it the wrong way). For those attending who don't have eMASS access but will have systems being added to eMASS in the future, we discuss how to best prepare your system for import into eMASS. There are some tricks to the trade that will make life easier for everyone on the project! -
CSIAC Webinars - Democratize Anomaly Detection Technologies: Challenges, Advances, and Opportunities
This webinar highlights recent success in demonstrating substantial improvements in the accuracy under control-flow and data-oriented attacks in Linux, including malicious code reuse, security bypass, and service abuse. The webinar also describes exciting future research directions on hardware-assisted fast tracing, anomaly-detection as a service, supporting domain experts for inter-disciplinary anomaly discovery, and standardizing evaluation. -
NIST-approved cryptographic standards were designed to perform well on general-purpose computers. In recent years, there has been increased deployment of small computing devices that have limited resources with which to implement cryptography. When current NIST-approved algorithms can be engineered to fit into the limited resources of constrained environments, their performance may not be acceptable. For…
-
The Cyber Proving Ground (CPG) is a collaborative effort between 24th Air Force, 25th Air Force, and the Air Force Life Cycle Management Center. It enables and supports high performance teams assembled from the breadth of the Air Force cyber community of interest and external partners to rapidly assess the applicability of emerging concepts and…
-
Modern weapons systems have depended on microelectronics since the inception of integrated circuits over fifty years ago. Today, most electronics contain programmable components of ever increasing complexity. At the same time, the Department of Defense (DoD) has become a far less influential buyer in a vast, globalized supplier base.3 Consequently, assuring that defense electronics are…
-
Cyber Science & Technology at the Army Research Laboratory (ARL)
Volume 5 Issue 1
U.S. Army Research Laboratory has established a Collaborative Research Alliance, or CRA, which will include an alliance of ARL, U.S. Army Communications-Electronics Research, Development and Engineering Center, academia and industry researchers to explore the basic foundations of cyber science issues in the context of Army networks. ARL cyber research efforts will increasingly focus on developing the models, methods, and understanding to overcome existing barriers to the realization of effective cyber fires and maneuvers in a tactical environment.Posted: 01/26/2017 22:38:32Journal -
What is the difference between a Virus, a Worm, and a Trojan? Don't know? Find out in this short video. -
Incorporating security into the design of components used in the Internet of Things (IoT) is essential for securing the cyber-physical infrastructure upon which society depends. This webinar presents the challenges involved in securing IoT components and provides possible solutions by drawing inspiration from the past. - Load More
