System Verification and Validation
Blog Posts
Comments on NIST IR 8269: A Taxonomy and Terminology of Adversarial Machine Learning
The U.S. National Institute of Standards and Technology (NIST) recently held a public comment period on their draft report on proposed taxonomy and terminology of Adversarial Machine Learning (AML)....
• By Jonathan Spring
In CERT/CC Vulnerabilities
Improving Insider Threat Detection Methods Through Software Engineering Principles
Tuning detective controls is a key component of implementing and operating an insider threat program, and one we have seen many organizations struggle with....
• By Daniel L. Costa
In Insider Threat
Enabling Shift-Left Testing from Small Teams to Large Systems
Shift left is a familiar exhortation to teams and organizations engaged in Agile and Lean software development. It most commonly refers to incorporating test practices....
• By Nanette Brown
In Agile
The Modern Software Factory and Independent V&V for Machine Learning: Two Key Recommendations for Improving Software in Defense Systems
This post highlights recommendations from a Defense Science Board report on how to improve software acquisition in defense.
• By Paul Nielsen
In Artificial Intelligence Engineering
Rapid Software Composition by Assessing Untrusted Components
Today, organizations build applications on top of existing platforms, frameworks, components, and tools; no one constructs software from scratch....
• By Rick Kazman
In Software Architecture
Certifiable Distributed Runtime Assurance in Cyber-Physical Systems
Runtime assurance (RA) has become a promising technique for ensuring the safe behavior of autonomous systems (such as drones or self-driving vehicles) whose behavior cannot be fully determined at design …
• By Dionisio de Niz
Infrastructure as Code: Moving Beyond DevOps and Agile
Citing the need to provide a technical advantage to the warfighter, the Department of Defense (DoD) has recently made the adoption of cloud computing technologies a priority....
• By John Klein
In Agile
Why Is Measurement So Hard?
Developing security metrics within an organization is an ongoing challenge. Organizations want to know "Am I secure enough?" While this is the common question, it lacks context....
• By Katie C. Stewart
Bitcoin, Blockchain, Machine Learning, and Ransomware: The Top 10 Posts of 2017
Each year since the blog's inception, we present the 10 most-visited posts of the year in descending order ending with the most popular post. In this blog post, we present …
• By Douglas Schmidt (Vanderbilt University)
Cyber Warfare, Technical Debt, Network Border Protection, and Insider Threat: The Latest Work from the SEI
This SEI Blog post highlights recent SEI publications in cyber warfare, emerging technologies, network protection, and more.
• By Douglas Schmidt (Vanderbilt University)
In Artificial Intelligence Engineering