Public reporting burden for the collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering and maintaining the data needed, and completing and reviewing the collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information, including suggestions for reducing this burden, to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington VA 22202-4302. Respondents should be aware that notwithstanding any other provision of law, no person shall be subject to a penalty for failing to comply with a collection of information if it does not display a currently valid OMB control number.
REPORT DATE
SEP 20112. REPORT TYPE 3. DATES COVERED 00-00-2011 to 00-00-2011
TITLE AND SUBTITLE
CERT Research Report5a. CONTRACT NUMBER 5b. GRANT NUMBER 5c. PROGRAM ELEMENT NUMBER 6. AUTHOR (S) 5d. PROJECT NUMBER 5e. TASK NUMBER 5f. WORK UNIT NUMBER
PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES)Carnegie Mellon University,Software Engineering Institute,Pittsburgh,PA,152138. PERFORMING ORGANIZATION REPORT NUMBER
SPONSORING/MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSOR/MONITOR'S ACRONYM(S)
SPONSOR/MONITOR'S REPORT NUMBER(S)
DISTRIBUTION/AVAILABILITY STATEMENTApproved for public release; distribution unlimited
CERT Research VisionToday we live in a world in which the threat of cyber attacks is ever-growing, and where threats from unknown sources are dynamic and constantly changing. It is seldom that a week goes by when articles on cyber security are not prominent in technical publications and popular media. The mission of CERT ® , part of the Software Engineering Institute (SEI), a federally funded research and development center at Carnegie Mellon University (CMU), is to enable the survival of critical networked systems against contemporary threats and attacks by removing technical, maturity, information, and capacity barriers in cyber security and incident response.Our stakeholders include the U.S. Department of Defense, the Department of Homeland Security, law enforcement, intelligence community, other U.S. federal agencies, state and local governments, and other operators of infrastructures critical to the national defense, cyber security, and the national economy; the providers of information communications technologies (ICTs) and services that support these system and network operators; the software development community; and computer security incident response teams with national responsibilities.The overall goal of our program is improved practices and technologies that are widely understood and routinely used to protect, detect, and respond to attacks, accidents, and failures on networked systems. Better informed, trained, and equipped people will produce better systems that will be better managed to reduce operational risk and the impact of cyber attacks.Our research strategy has been to...
