Wireless Emergency Alerts Commercial Mobile Service Provider (CMSP) Cybersecurity Guidelines
Abstract
The Wireless Emergency Alerts (WEA) service is a collaborative partnership that enables local, tribal, state, territorial, and federal public safety officials to disseminate geographically targeted emergency alerts to users of capable mobile devices in an affected geographic area. The end-to-end WEA alerting pipeline comprises the following four major elements: (1) alert originators, (2)Integrated Public Alert and Warning System Open Platform for Emergency Networks (IPAWSOPEN),(3) commercial mobile service providers (CMSPs), and (4) alert recipients. This report presents the results of a study of the CMSP element of the WEA pipeline conducted by researcher sat the Software Engineering Institute (SEI). The goal of the study is to provide members of the CMSP community with practical guidance that they can use to better manage their cybersecurity risk exposure. To conduct the study, the SEI research team used the Security Engineering Risk Analysis (SERA) Method to assess high-priority cybersecurity risks in the CMSP WEA infrastructure. The research team used the results of the risk analysis to develop a set of cybersecurity guidelines tailored to the needs of CMSPs.
Document Details
- Document Type
- Technical Report
- Publication Date
- Jun 16, 2016
- Accession Number
- AD1046664
Entities
People
- Audrey J. Dorofee
- Carol C. Woody
- Christopher J. Alberts
Organizations
- Carnegie Mellon University