Archive: 2023
Software Isolation: Why It Matters to Software Evolution and Why Everybody Puts It Off
This SEI Blog post discusses the practice of software isolation, which is one of the steps in large-scale refactoring efforts that most software development organizations go through.
Read More•By Mario Benitez Preciado
In Software Architecture
How to Use Docker and NS-3 to Create Realistic Network Simulations
This post provides a tutorial with code samples on using Docker and NS-3 to Create Realistic Network Simulations.
Read More•By Alejandro Gomez
In Software Architecture
Security Analytics: Using SiLK and Mothra to Identify Data Exfiltration via the Domain Name Service
This post explores how the DNS protocol can be abused to exfiltrate data by adding bytes of data onto DNS queries.
Read More•By Timothy J. Shimeall
In Cybersecurity Engineering
Cybersecurity of Quantum Computing: A New Frontier
This post details issues related to creating the discipline of cyber protection of quantum computing and also outlines six areas of future research in the field of quantum cybersecurity.
Read More•By Tom Scanlon
In Quantum Computing
Actionable Data from the DevSecOps Pipeline
In this blog post, we explore decisions that program managers make and information they need to confidently make decisions with data from DevSecOps pipelines.
Read More•By Bill Nichols, Julie B. Cohen
In DevSecOps
Designing Great Challenges for Cybersecurity Competitions
This blog post highlights the SEI’s experience developing cybersecurity challenges for the President’s Cup Cybersecurity Competition and general-purpose guidelines and best practices for developing effective challenges.
Read More•By Jarrett Booz, Josh Hammerstein, Matt Kaar
In Cyber Workforce Development
8 Areas of Future Research in Zero Trust
The National Cybersecurity Strategy was released on March 1st, 2023 to improve federal cybersecurity through the implementation of a zero trust architecture.
Read More•By Matthew Nicolai, Trista Polaski, Timothy Morrow
In Cybersecurity Engineering
Process and Technical Vulnerabilities: 6 Key Takeaways from a Chemical Plant Disaster
Weak processes can be as risky as technical vulnerabilities. This post describes how both of them worsened a cyber attack on a chemical plant.
Read More•By Daniel J. Kambic
In Enterprise Risk and Resilience Management
The Challenge of Adversarial Machine Learning
This SEI Blog post examines how machine learning systems can be subverted through adversarial machine learning, the motivations of adversaries, and what researchers are doing to mitigate their attacks.
Read More•By Matt Churilla, Nathan M. VanHoudnos, Robert W. Beveridge
In Artificial Intelligence Engineering
How Can Causal Learning Help to Control Costs?
This post describes how to apply causal-modeling algorithms and tools to project data to identify, measure, and test causality.
Read More•By Michael D. Konrad
In Software Engineering Research and Development
SEI Blog Archive
Recent
Year