Technical Issues in Navigating the Transition from Sustainment to Engineering Software-Reliant Systems

This post explores technical issues that must be addressed as sustainment teams transition to organic software engineering responsibilities.

Read More

December 6, 2021 • By Thomas Evans, Michael Gagliardi, Mena Kostial, Nicholas Reimer, Douglas C. Schmidt

In Software Engineering Research and Development

Operating at the Edge

Concepts and challenges for operating in remote locations away from central computing resources where resources are constrained (the edge).

Read More

November 29, 2021 • By Marc Novakouski, Grace Lewis

In Cloud Computing

From Model-Based Systems and Software Engineering to ModDevOps

Introduction to ModDevOps, an extension of DevSecOps that embraces model-based systems engineering (MBSE) technology

Read More

November 22, 2021 • By Jerome Hugues, Joe Yankel

In DevSecOps

Software Engineering as a Strategic Advantage: A National Roadmap for the Future

The SEI led the community in creating this multi-year research and development vision and roadmap for engineering next-generation software-reliant systems.

Read More

November 15, 2021 • By Anita Carleton, John Robert, Mark Klein, Erin Harper

In Software Engineering Research and Development

11 Leading Practices When Implementing a Container Strategy

While containers are frequently lauded in the latest software development trends, switching from using virtual machines and deploying an organization-wide container strategy remains non-trivial.

Read More

November 8, 2021 • By Andrew Mellinger, William Nichols, Jay Palat

In Secure Development

Two Tools for Malware Analysis and Reverse Engineering in Ghidra

This post presents two tools for malware analysis and reverse engineering in Ghidra, the National Security Agency’s software reverse engineering tool suite.

Read More

November 1, 2021 • By Jeffrey Gennari

In Reverse Engineering for Malware Analysis

Release of SCAIFE System Version 2.0.0 Provides Support for Continuous-Integration (CI) Systems

Key features in new release of SCAIFE System Version 2.0.0 including support for continuous-integration (CI) systems, and status of evolving SEI SCAIFE work

Read More

October 25, 2021 • By Lori Flynn

In Secure Development

GhiHorn: Path Analysis in Ghidra Using SMT Solvers

We believe that many common challenges in malware analysis and reverse engineering can be framed in terms of finding a path to a specific point in a program.

Read More

October 18, 2021 • By Jeffrey Gennari

In Reverse Engineering for Malware Analysis

A Technique for Decompiling Binary Code for Software Assurance and Localized Repair

The DoD has a significant amount of software available only in binary form. It is impractical to ensure that this software is free from vulnerabilities and malicious code.

Read More

October 11, 2021 • By Will Klieber

In Secure Development

The Role of DevSecOps in Continuous Authority to Operate

DevSecOps favors rapid development and deployment. Such rapid development and deployment must be balanced against the need to ensure software systems are secure with minimal risk, thus enabling them to …

Read More

October 4, 2021 • By Thomas Scanlon

In DevSecOps