Welcome Login

You are here

SSCA Winter 2015 Presentations & Special Thank You

Many thanks to all our guest speakers and lively audience for their time and continued interest in this Winter's SSCA WGs!  Please see the attached presentations with approval for public release. 

*** The SSCA extends a warm and heartfelt thank you to Joe Jarzombek for his years of contributions to the community and for founding the SSCA.  As he makes the transition from Federal employment to the private sector, please join us in wishing him well and thanking him for his leadership. ***

 

Presentations

  • History of SSCA
  • SAE Cybersecurity Guidelines
  • SAE Counterfeit
  • Common Quality Enumeration (CQE)
  • Cybersecurity for Manufacturing
  • EastWest Institute and Survey

 

SAVE-THE-DATE

  • Please join us at the Spring SSCA Forum March 7-11 to continue the discussions!

 

CQE Presentation Context

The Common Quality Enumeration (CQE) addresses the quality issues that CWE doesn’t cover.  The CQE collection will be provided publicly and vendors will subsequently adopt CQE Identifiers as part of their respective tool's findings reports. By having a single community driven "dictionary" of the non-security quality issues (complementing the security issues in CWE) there will now be the ability to correlate findings across and amongst tools – and tools will be better able to describe the issues they cover and planned for filling gaps.  CQE also addresses the remaining 7 aspects of quality (families), as illustrated by the CISQ specifications, which CWE doesn’t address.  CQE is not limited to software and also covers hardware and firmware.  MITRE will maintain the CQE database and integrity building upon our success in CWE and CVE.  We are looking for researchers, tool vendors, and practitioners to work with us to build the database.

31
Upload
Files: 
Attachment TitleSizeType
PDF icon SSCA historical perspective Dec2015.pdf7.35 MBPDF
 
 
Attachment TitleSizeType
PDF icon J3061 JP presentation.pdf1.59 MBPDF
 
 
Attachment TitleSizeType
PDF icon SAE Counterfeits Update Dec 2015.pdf437.11 KBPDF
 
 
Attachment TitleSizeType
PDF icon ThuAM1-CQE SSCA WG 2015.pdf521.12 KBPDF
 
 
Attachment TitleSizeType
PDF icon 20151201 SSCA v1.pdf1.41 MBPDF
 
 
Share

Views: 1433

When the government purchases products or services with inadequate in-built cybersecurity, the risks persist throughout the lifespan of the item... More
  • lizden10's picture
    lizden10
  • tburnett@spacebound's picture
    tburnett@spacebound
  • mattaj's picture
    mattaj