Operator-Feedback Sessions in a Government Setting: The Good and Not-So-Good Parts
This post covers good and not-so-good practices and outcomes in operator-feedback sessions in government environments.
• By Michael Szegedy, Timothy Chick
In Agile
Agile Metrics: Assessing Progress to Plans
The role of metrics in a government program’s assessment of progress in an iterative, incremental delivery of a system.
• By Will Hayes, Patrick Place, Keith Korzec
In Agile
Architecting the Future of Software Engineering: A Research and Development Roadmap
As the DoD’s federally funded research and development center (FFRDC) focused on improving the practice of software engineering, the SEI is leading the community in creating a multi-year research and …
• By Anita Carleton
In Software Engineering Research and Development
The Latest Work from the SEI: Artificial Intelligence, DevSecOps, and Security Incident Response
As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, and webcasts highlighting our work in …
• By Douglas C. Schmidt
Considerations for Operator-Feedback Sessions in Government Settings
This post describes a design approach that considers operator feedback and effectively leverages feedback sessions.
• By Michael Szegedy, Timothy Chick
In Agile
Anti-Tamper for Software Components
This post explains how to identify software components within systems that are in danger of being exploited and that should be protected by anti-tamper practices.
• By Scott Hissam
In Secure Development
Vulnerabilities: Everybody’s Got One!
In this post, Leigh Metcalf describes how she pulled data from the malvuln project to explore recent vulnerabilities in both malware and non-malware to study the differences.
• By Leigh Metcalf
In CERT/CC Vulnerabilities
Process Concerns When Navigating the Transition from Sustainment to Engineering Software-Reliant Systems
Thomas Evans, Mike Gagliardi, Joe Kostial, Nicholas Reimer, and Douglas C. Schmidt outline process concerns that must be considered when software teams transition from sustainment to engineering.
• By Thomas Evans
In Software Engineering Research and Development
Accelerating Safety Assurance
Systems in which software components closely interact with physical processes are known as cyber-physical systems. This post describes promising results in assuring the safety of cyber-physical systems.
• By Dionisio de Niz
In Cyber-Physical Systems
CERT/CC Comments on Standards and Guidelines to Enhance Software Supply Chain Security
Art Manion, Eric Hatleback, Allen Householder, Jonathan Spring, and Laurie Tyzenhaus, recently submitted comments to the National Institute of Standards and Technology (NIST), which is seeking positions related to executive …
• By Jonathan Spring
In CERT/CC Vulnerabilities
Explore Topics
- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- CSIRT Development
- Cyber Workforce Development
- Cyber-Physical Systems
- Cybersecurity Engineering
- DevSecOps
- Enterprise Risk and Resilience Management
- Insider Threat
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Software Engineering Research and Development
- Technical Debt
Get updates on our latest work.
Sign up to have the latest post sent to your inbox weekly.
Get updates on our latest work.
Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.