The document was issued by industry or industrial organization.
news
NSA-approved cybersecurity law and policy course now available online
Cyber Scoop
Shannon Vavra
August 27th, 2019
Anyone who is interested in cybersecurity law and policy can now take an online course that was partly shaped by National Security Agency.
news
NSA-approved cybersecurity law and policy course now available online
Cyber Scoop
Shannon Vavra
August 27th, 2019
Anyone who is interested in cybersecurity law and policy can now take an online course that was partly shaped by National Security Agency.
file
Certification of avionics software is achieved by following a rigorous, prescriptive development process, defined in Software Considerations in Airborne Systems and Equipment Certification, commonly referred to as DO-178C .This process prescribes software development and verification activities that result in airworthy software. Developing compliant software that adheres to the standard is costly and time consuming; for the most-critical avionics software there are 69 objectives that must be satisfied.
file
PKCS11 is an industry standard API for communicating with cryptographic devices such as hardware security modules (HSMs). PKCS11 is a security critical API, and so implementation errors can have serious consequences. However, the PKCS11 standard is large and complex, with 100 pages of documentation for almost 50 functions. As a result, it is very challenging for developers to avoid API implementation errors. This is the problem that our work addresses.
file
Cybersecurity's human adversarial engagement is often lost in discussions of cybersecurity. We discuss how defenders' focus on technology unintentionally creates vulnerabilities which can be exploited by threat actors. In particular, we discuss how the convergence of cyber awareness training and defensive technologies is exploited by threat actors with devastating consequences.
