U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.


Howard F. Lipson

Howard F. Lipson is a senior member of the technical staff in the CERT Program in the Software Engineering Institute at Carnegie Mellon University. Lipson has been a computer security researcher at CERT for 18 years.

He is also an adjunct professor in Carnegie Mellon’s Department of Engineering and Public Policy, and an adjunct research faculty member of the Carnegie Mellon Electricity Industry Center. He has played a major role in extending security research at the SEI and Carnegie Mellon into the new realm of survivability, developing many of the foundational concepts and definitions, and making key contributions to the creation of new survivability methodologies. Lipson has been a chair of three IEEE Information Survivability Workshops. His current research interests include further developing the software engineering foundations needed to build highly secure and survivable systems, in particular survivable critical infrastructures. He was a co-principal investigator on a National Science Foundation grant to investigate “Secure and Robust IT Architectures to Improve the Survivability of the Power Grid.” He originated, and has been the team leader for, two content areas on the DHS Build Security In website: Assurance Cases and Assembly, Integration, and Evolution.

Prior to joining CERT, Lipson was a systems design consultant, helping to manage the complexity and improve the usability of leading-edge software systems. Earlier, he was a computer scientist at AT&T Bell Labs, where he did exploratory development work on programming environments, executive information systems, and integrated network management tools. Lipson holds a PhD in computer science from Columbia University. He is a member of the IEEE and the ACM.


Namesort descending Content Areas
"Assembly, Integration, and Evolution Overview" Best Practices/Assembly, Integration, and Evolution
"Security Concepts, Challenges, and Design Considerations for Web Services Integration" Best Practices/Assembly, Integration, and Evolution
Application Firewalls and Proxies - Introduction and Concept of Operations Best Practices/Assembly, Integration, and Evolution
Arguing Security - Creating Security Assurance Cases Knowledge/Assurance Cases
Assurance Cases Overview Knowledge/Assurance Cases
Evidence of Assurance: Laying the Foundation for a Credible Security Case Knowledge/Assurance Cases
Source Code Analysis Tools - Example Programs Tools/Source Code Analysis
Source Code Analysis Tools - References Tools/Source Code Analysis
Back to Top