By Carol Woody
Technical Manager of the Cybersecurity Engineering Team
This post was co-authored by Bill Nichols.
Mitre’s Top 25 Most Dangerous Software Errors
is a list that details quality problems, as well as security problems.
This list aims to help software developers “prevent the kinds of
vulnerabilities that plague the software industry, by identifying and
avoiding all-too-common mistakes that occur before software is even
shipped.” These vulnerabilities often result in software that does not
function as intended, presenting an opportunity for attackers to
compromise a system. This blog post highlights our research in examining
techniques used for addressing software defects in general and how
those can be applied to improve security detection and management.
By Carol Woody
This blog post was co-authored by Robert Ellison.
The Wireless Emergency Alerts (WEA) service went online in April 2012, giving emergency management agencies such as the National Weather Service or a city’s hazardous materials team a way to send messages to mobile phone users located in a geographic area in the event of an emergency. Since the launch of the WEA service, the newest addition to the Federal Emergency Management Agency (FEMA) Integrated Public Alert and Warning System (IPAWS),“trust” has emerged as a key issue for all involved. Alert originators at emergency management agencies must trust WEA to deliver alerts to the public in an accurate and timely manner. The public must also trust the WEA service before it will act on the alerts. Managing trust in WEA is a responsibility shared among many stakeholders who are engaged with WEA. This blog post, the first in a series, highlights recent research aimed at enhancing both the trust of alert originators in the WEA service and the public’s trust in the alerts it receives.