Nancy Mead

Nancy R. Mead is a senior member of the technical staff in the NSS Program at the SEI. Mead is also a faculty member in the Master of Software Engineering and Master of Information Systems Management programs at Carnegie Mellon University. She is currently involved in the study of security and privacy requirements engineering and software education. During fiscal year 2005 she served as team lead for the initial BSI website development and launch. She has since continued on the BSI project as technical lead. She also served as director of education for the SEI from 1991 to 1994.

Nancy R. Mead is a senior member of the technical staff in the CERT Secure Software and Systems team at the Software Engineering Institute (SEI).  Mead is also a faculty member in the Master of Software Engineering (MSE) and Master of Information Systems Management (MSIM) programs at Carnegie Mellon University. She is currently involved in the study of security requirements engineering and the development of software assurance curricula. Mead also served as director of education for the SEI from 1991 to 1994. Her research interests are in the areas of information security, software requirements engineering, and software architectures.

Prior to joining the SEI, Mead was a senior technical staff member at IBM Federal Systems, where she spent most of her career in the development and management of large real-time systems. She also worked in IBM's software engineering technology area and managed IBM Federal Systems' software engineering education department. She has developed and taught numerous courses on software engineering topics, both at universities and in professional education courses.

Mead has more than 150 publications and presentations, and is cited in Who’s Who in America. She is a Fellow of the Institute of Electrical and Electronic Engineers, Inc. (IEEE) and the IEEE Computer Society, and a Distinguished Member of the Association of Computer Machinery (ACM). Mead serves on the editorial boards for the International Journal on Secure Software Engineering and the Requirements Engineering Journal, and is a member of numerous advisory boards and committees.

Mead received her PhD in mathematics from the Polytechnic Institute of New York and received a BA and an MS in mathematics from New York University.

Recent Publications

Allen, J., Barnum, S., Ellison, R., McGraw, G., & Mead, N. R. Software Security Engineering: A Guide for Project Managers, Addison-Wesley, 2008 (ISBN 978-0-321-50917-8).

Caulkins, J., Hough, E. D., Mead, N. R., & Osman, H. "Optimizing Investments in Security Countermeasures: A Practical Tool for Fixed Budgets." IEEE Security & Privacy 5, 5 (Sept./Oct. 2007): 24-27.

Ingalsbe, J. A., Kunimatsu, L., Baeten, T., & Mead, N. R. "Threat Modeling: Diving into the Deep End." IEEE Software 5, 1 (Jan./Feb. 2008): 28-34.

Mead, N. R., Hough, E., & Stehney, T. Security Quality Requirements Engineering (SQUARE) Methodology (CMU/SEI-2005-TR-009). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2005.

Mead, N. R., Allen, J., Conklin, W. A., Drommi, A., Harrison, J., Ingalsbe, J., Rainey, J., & Shoemaker, D. Making the Business Case for Software Assurance (CMU/SEI-2009-SR-001). Pittsburgh, PA: Software Engineering Institute, Carnegie Mellon University, 2009.

Mead, N. R. & Shoemaker, D. Ch. VI, "Novel Methods of Incorporating Security Requirements Engineering into Software Engineering Courses and Curricula," 98-113. Software Engineering: Effective Teaching and Learning Approaches and Practices. Edited by Ellis, Demurjian, and Naveda. IGI Global, 2008.

Mead, N. R. "Identifying Security Requirements Using the Security Quality Requirements Engineering (SQUARE) Method," 44-69. Integrating Security and Software Engineering: Advances and Future Visions. Edited by H. Mouratidis and P. Giorgini. Idea Group,  2006 (ISBN 1-59904-147-2).