Integrating Safety and Security Engineering for Mission-Critical Systems
Critical systems must be both safe from inadvertent harm and secure from malicious actors. However, safety and security practices have historically evolved in isolation. In this blog post, we describe …
• By Sam Procter, Sholom Cohen
In Software Architecture
Aligning DevSecOps and Machine Learning
Luiz Antunes explores the machine learning (ML) and DevSecOps domains and proposes ways to use them in collaboration for increased performance.
• By Luiz Antunes
In DevSecOps
Automating System Security with AADL: 11 Rules for Ensuring a Security Model
This post presents an approach for modeling and validating confidentiality based on the Bell–LaPadula security model using the Architecture Analysis and Design Language (AADL). It also presents 11 analysis rules …
• By Aaron Greenhouse
In Software Architecture
When Your Software’s “Check Engine” Light Is On: Identifying Design Problems that Impact Software Failure
This blog post summarizes an effective roadmap for detecting design problems that can be used to improve software development and performance.
• By Judy Hwang
In Software Architecture
Generating Realistic Non-Player Characters for Training Cyberteams
Since 2010, researchers in the SEI CERT Division have emphasized the crucial need for realism within cyberteam training and exercise events. In this blog post, we describe efforts underway to …
• By Dustin Updyke, Tyler Brooks
In Cyber Workforce Development
The Latest Work from the SEI: Privacy, Ransomware, Digital Engineering, and the Solar Winds Hack
These publications highlight the latest work of SEI technologists in software architecture, digital engineering, and ransomware.
• By Douglas C. Schmidt
The Current State of DevSecOps Metrics
DevSecOps practices yield useful, valuable information about software performance that is likely to lead to innovations in software engineering metrics.
• By Bill Nichols
In DevSecOps
A Game to Assess Human Decision Making with AI Support
In decision-support systems based on AI, humans often make poor choices causing the systems to be abandoned. Rotem Guttman introduces a game that collects data on actual human decision making …
• By Rotem Guttman
In Artificial Intelligence Engineering
Comparing DevSecOps and Systems Engineering Principles
Software developers and sustainers are seeing significant improvement by adopting Lean, Agile and DevSecOps iteration-based approaches. Now similar approaches are being proposed for more complex projects, including embedded software systems …
• By Richard Turner
In DevSecOps
Zero Trust Adoption: Managing Risk with Cybersecurity Engineering and Adaptive Risk Assessment
In this and a series of future posts, we provide an overview of zero trust and management of its risk with SEI's cybersecurity engineering assessment framework. This adaptive framework incorporates …
• By Geoff Sanders
In Cybersecurity Engineering
Explore Topics
- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- CSIRT Development
- Cyber Workforce Development
- Cybersecurity Engineering
- DevSecOps
- Enterprise Risk and Resilience Management
- Insider Threat
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Technical Debt
Get updates on our latest work.
Sign up to have the latest post sent to your inbox weekly.
Get updates on our latest work.
Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.