Project Description

As a federally funded research and development center (FFRDC), the Software Engineering Institute (SEI) at Carnegie Mellon University is at the forefront of the world’s effort to advance and improve the state of the software engineering and cyber security practices. With offices around the world, a best-in-class education and training program and a global presence at a full spectrum of research- and industry-centric events, tradeshows and international conferences, the SEI’s mission is to be world leaders in research and transition of knowledge.

As part of their Secure Coding initiative, the CERT division at the SEI produced this series of video podcasts, released on iTunesU and on their Secure Coding website. I provided creative direction, assisted with writing, created all informational and conceptual graphics and coordinated deployment of final video podcasts.

Part 1 | Project
Part 1 covers the project team’s involvement in international standards bodies, their managed string and secure integer libraries, their collaborations with various government and commercial organizations, and other areas of work.

Part 2 | Standards
Part 2 talks about the CERT secure coding standards, a collection of rules and recommendations for secure coding in C, C++, and other programming languages that is being developed through a community process.

Part 3 | Training
Part 3 describes training in C and C++ secure coding practices that he and other members of the project are providing to software developers, undergraduate and graduate secure coding courses, and other training activities.