Archive: 2021
Software Engineering for Machine Learning: Characterizing and Detecting Mismatch in Machine-Learning Systems
This post describes how we are creating and assessing empirically validated practices to guide the development of machine-learning-enabled systems.
• By Grace Lewis, Ipek Ozkaya
In Artificial Intelligence Engineering
![Headshot of Grace Lewis.](/media/images/thumb_big_g-lewis_blog_authors_.max-180x180.format-webp.webp)
![Headshot of Ipek Ozkaya.](/media/images/thumb_big_i-ozkaya_blog_authors.max-180x180.format-webp.webp)
Taking DevSecOps to the Next Level with Value Stream Mapping
This post explores the relationship between DevSecOps and value stream mapping, both of which are rooted in the Lean approach to systems and workflow. It also provides guidance on preparing …
• By Nanette Brown
In DevSecOps
![Nanette Brown](/media/images/thumb_big_n-brown_blog_authors_.max-180x180.format-webp.webp)
Accelerating Safety Assurance
Systems in which software components closely interact with physical processes are known as cyber-physical systems. This post describes promising results in assuring the safety of cyber-physical systems.
• By Dionisio de Niz
In Cyber-Physical Systems
![Dionisio de Niz](/media/images/thumb_big_d-deniz_blog_authors_.max-180x180.format-webp.webp)
Anti-Tamper for Software Components
This post explains how to identify software components within systems that are in danger of being exploited and that should be protected by anti-tamper practices.
• By Scott Hissam
In Secure Development
![Headshot of Scott Hissam](/media/images/thumb_big_s-hissam_blog_authors.max-180x180.format-webp.webp)
Potential Implications of the California Consumer Privacy Act (CCPA) for Insider Risk Programs
This blog post reviews the general framework of the California Consumer Privacy Act (CCPA), describes specific implications for insider risk management, and provides recommendations to prepare insider risk programs to …
• By Emily Kessel, Sarah Miller, Carrie Gardner
In Insider Threat
![Emily Kessel](/media/images/thumb_big_e-kessel_blog_authors.max-180x180.format-webp.webp)
![Sarah Miller](/media/images/thumb_big_s-miller_blog_authors.max-180x180.format-webp.webp)
CERT/CC Comments on Standards and Guidelines to Enhance Software Supply Chain Security
This SEI Blog post shares insights from the CERT Coordination Center (CERT/CC) on proposed software supply chain security standards and guidelines.
• By Jonathan Spring
In CERT/CC Vulnerabilities
Vulnerabilities: Everybody’s Got One!
In this post, Leigh Metcalf describes how she pulled data from the malvuln project to explore recent vulnerabilities in both malware and non-malware to study the differences.
• By Leigh B. Metcalf
In CERT/CC Vulnerabilities
Process Concerns When Navigating the Transition from Sustainment to Engineering Software-Reliant Systems
Thomas Evans, Mike Gagliardi, Mena Kostial, Nicholas Reimer, and Douglas C. Schmidt outline process concerns that must be considered when software teams transition from sustainment to engineering.
• By Thomas Evans, Mena Kostial, Michael J. Gagliardi, Nicholas Reimer, Douglas Schmidt (Vanderbilt University)
In Software Engineering Research and Development
![Headshot of Thomas Evans](/media/images/thumb_big_t-evans_blog_authors_.max-180x180.format-webp.webp)
![Headshot of Mena Kostial.](/media/images/thumb_big_j-kostial_blog_author.max-180x180.format-webp.webp)
Considerations for Operator-Feedback Sessions in Government Settings
This post describes a design approach that considers operator feedback and effectively leverages feedback sessions.
• By Michael Szegedy, Timothy A. Chick
In Agile
![Photo of Michael Szegedy](/media/images/thumb_big_m-szegedy_blog_author.max-180x180.format-webp.webp)
![Headshot of Tim Chick](/media/images/thumb_big_t-chick_blog_authors_.max-180x180.format-webp.webp)
Operator-Feedback Sessions in a Government Setting: The Good and Not-So-Good Parts
This post covers good and not-so-good practices and outcomes in operator-feedback sessions in government environments.
• By Michael Szegedy, Timothy A. Chick
In Agile
![Photo of Michael Szegedy](/media/images/thumb_big_m-szegedy_blog_author.max-180x180.format-webp.webp)
![Headshot of Tim Chick](/media/images/thumb_big_t-chick_blog_authors_.max-180x180.format-webp.webp)
SEI Blog Archive
Recent
Year