U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.


Robert J. Ellison

CERT, Software Engineering Institute

As a member of the Survivable Systems Engineering Team at the Software Engineering Institute, Ellison has served in a number of technical and management roles. He was a project leader for the evaluation of software engineering development environments and associated software development tools. He was also a member of the Carnegie Mellon University team that wrote the proposal for the SEI; he joined the new FFRDC in 1985 as a founding member.

Before coming to Carnegie Mellon, Ellison taught mathematics at Brown University, Williams College, and Hamilton College. At Hamilton, he directed the creation of the Computer Science curriculum. Ellison belongs to the Association for Computing Machinery (ACM) and the IEEE Computer Society.

Ellison regularly participates in the evaluation of software architectures and contributes from the perspective of security and reliability measures. His research draws on that experience to integrate security issues into the overall architecture design process. His current work explores developing reasoning frameworks to help architects select and refine design tactics to mitigate the impact of a class of cyber attacks. He continues to work on refinements to the Systems Analysis Method.

Recent Publications

Ellison, R.J.; Fisher, D.A.; Linger, R.C.; Lipson, H.F.; Longstaff, T.A.; Mead, N.R.; "Survivability: Protecting Your Critical Systems," IEEE Internet Computing, Volume 3, Issue 6, (Nov.-Dec. 1999), pp. 55-63.

"TRIAD: A Framework for Survivability Architecting," with Andy Moore, presented at the ACM 2003 Workshop on Survivable and Self-Regenerative Systems. This paper is an overview of the SEI Technical Report Trustworthy Refinement Through Intrusion-Aware Design, available at http://www.sei.cmu.edu/publications/documents/03.reports/03tr002.html


Namesort descending Content Areas
A Systemic Approach for Assessing Software Supply-Chain Risk Best Practices/Acquisition
Acquisition Overview: The Challenges Best Practices/Acquisition
Improving Software Assurance Knowledge/Assurance Cases
Introduction to System Strategies Best Practices/System Strategies
Scale: System Development Challenges Best Practices/System Strategies
Security and Project Management Best Practices/Project Management
Software Security Engineering: A Guide for Project Managers Best Practices/Project Management
Supply-Chain Risk Management: Incorporating Security into Software Development Best Practices/Acquisition
System Strategies References Best Practices/System Strategies
System-of-Systems Influences on Acquisition Strategy Development Best Practices/Acquisition
The Influence of System Properties on Software Assurance and Project Management Best Practices/Project Management
Trustworthy Composition: The System Is Not Always the Sum of Its Parts Best Practices/Assembly, Integration, and Evolution
Back to Top