Archive: 2021
Software Engineering for Machine Learning: Characterizing and Detecting Mismatch in Machine-Learning Systems
This post describes how we are creating and assessing empirically validated practices to guide the development of machine-learning-enabled systems.
Read More•By Grace Lewis, Ipek Ozkaya
In Artificial Intelligence Engineering
Taking DevSecOps to the Next Level with Value Stream Mapping
This post explores the relationship between DevSecOps and value stream mapping, both of which are rooted in the Lean approach to systems and workflow. It also provides guidance on preparing …
Read More•By Nanette Brown
In DevSecOps
Accelerating Safety Assurance
Systems in which software components closely interact with physical processes are known as cyber-physical systems. This post describes promising results in assuring the safety of cyber-physical systems.
Read More•By Dionisio de Niz
In Cyber-Physical Systems
Anti-Tamper for Software Components
This post explains how to identify software components within systems that are in danger of being exploited and that should be protected by anti-tamper practices.
Read More•By Scott Hissam
In Secure Development
Potential Implications of the California Consumer Privacy Act (CCPA) for Insider Risk Programs
This blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to …
Read More•By Emily Kessel, Sarah Miller, Carrie Gardner
In Insider Threat
CERT/CC Comments on Standards and Guidelines to Enhance Software Supply Chain Security
This SEI Blog post shares insights from the CERT Coordination Center (CERT/CC) on proposed software supply chain security standards and guidelines.
Read More•By Jonathan Spring
In CERT/CC Vulnerabilities
Vulnerabilities: Everybody’s Got One!
In this post, Leigh Metcalf describes how she pulled data from the malvuln project to explore recent vulnerabilities in both malware and non-malware to study the differences.
Read More•By Leigh B. Metcalf
In CERT/CC Vulnerabilities
Process Concerns When Navigating the Transition from Sustainment to Engineering Software-Reliant Systems
Thomas Evans, Mike Gagliardi, Mena Kostial, Nicholas Reimer, and Douglas C. Schmidt outline process concerns that must be considered when software teams transition from sustainment to engineering.
Read More•By Thomas Evans, Mena Kostial, Michael J. Gagliardi, Nicholas Reimer, Douglas Schmidt (Vanderbilt University)
In Software Engineering Research and Development
Considerations for Operator-Feedback Sessions in Government Settings
This post describes a design approach that considers operator feedback and effectively leverages feedback sessions.
Read More•By Michael Szegedy, Timothy A. Chick
In Agile
Operator-Feedback Sessions in a Government Setting: The Good and Not-So-Good Parts
This post covers good and not-so-good practices and outcomes in operator-feedback sessions in government environments.
Read More•By Michael Szegedy, Timothy A. Chick
In Agile
SEI Blog Archive
Recent
Year