The Drive Toward Stability
PUBLISHED IN
Software Engineering Research and DevelopmentAs software-intensive systems emerged in the latter half of the 20th century, and matured into ubiquity in the 21st, a number of emerging disruptions to the field have forced those of us concerned with software engineering to adopt new approaches for bringing engineering rigor to software and systems development. These disruptions are of particular concern to the Department of Defense (DoD), which now depends on software to deliver the majority of new capabilities necessary to maintain strategic advantage. As the only federally funded research and development center (FFRDC) focused on software, we share this concern with our sponsors in the DoD. This post will highlight how the SEI has reshaped its research strategy over the past several years to take on emerging disruptions, and how we’ve integrated a number of research threads to multiply our impact.
Software Engineering in an Era of Disruption and Instability
I’ll focus on three disruptions that have had the greatest impact on the DoD and our work here at the SEI. First, we have seen the emergence of communications technology that enables programs to connect directly with one another, demanding an entirely new level of trust. Second, interconnecting systems with multiple intersecting threads of execution have presented new security challenges: there’s no longer a single point of entry and exit to defend, and the complex programs operating in these systems present many more attack surfaces. Third, ultra-large-scale systems are constantly evolving because their component pieces are constantly evolving. Such systems are never static and can never be statically analyzed, allowing for the ever-present the danger of unintended consequences.
All three disruptions present threats to systems that control things in the physical world, and so we must now concern ourselves with dangers such as inadvertent weapons fire, failure of defense systems against an attack, or disinformation that could cause incorrect targeting. Systems that rely on machine learning (ML) can suffer from data poisoning and similar attacks.
The result is an unstable environment that gives rise to effects far more devastating than anything we previously confronted. Our job at the SEI is to address the following questions: How can software engineering help create stability in a world of software disruption? How can software architects design whole systems to be more stable so that there are fewer opportunities for adversaries?
A New SEI Strategy for Tackling Instability: Software Transforming the Mission
In this environment of disruption and instability, the ability of the DoD to produce and evolve software is central to its ability to maintain superiority across domains. Consequently, in 2019, we revised the SEI’s strategy. With our new strategic goal, Software Transforming the Mission, we seek to enable the DoD to realize advantage through software. To achieve this goal, we established four cross-cutting, targeted objectives:
- Automate the software development and DoD acquisition lifecycle to help the DoD produce assured software-enabled systems that are agile and responsive to DoD missions. Examples of this work include
- Automated Continuous Estimation
- Rapid Certifiable Trust
- Automated Design Conformance During Continuous Integration
- Create operational resilience for missions to help the DoD field and operate systems that support DoD missions even when attacked by a capable adversary. Examples of this work include
- Application of Cyber Camouflage Games to Cyber Threat Hunting
- Improving Human Decision Making with AI Decision Support Systems
- AI Robustness
- Certifiable Distributed Runtime Assurance in Cyber-Physical Systems
- Realize artificial intelligence (AI) and future computing to help the DoD ensure it capitalizes on emerging architectures, computing platforms, algorithms, and software-related technologies. Examples of this work include
- Developing the Discipline of AI Engineering
- Resource-Constrained Co-Optimization for High-Performance, Data-Intensive Computing
- Developing Trustworthy AI Systems
- Explainable AI
- Quantum Computing
- Integrate the preceding objectives into mission-capable systems. Examples include
- DevSecOps for AI Engineering
- ML in Cybersecurity
- Enabling Rapid Software Architecture Evolution
- Human-Centered AI
The first objective optimizes the development and acquisition lifecycle that produces software-enabled systems. The second objective ensures that software-enabled systems developed in objective one are resilient once fielded and informs the development and acquisition of future systems based on field experience. The third objective develops and identifies promising software technologies that could be used in the future by objectives one and two. The fourth objective addresses how we pull technical work threads together to improve technologies and development paradigms for systems today and in the future.
Three years after our strategy adjustment, these self-reinforcing objectives have begun to provide the DoD capable, timely, trustworthy, and affordable software.
Introducing Research Results Through Innovative Practices
To achieve these objectives, we close the loop between research and practice. The SEI facilitates the transition of research results to practice in DoD programs and OSD Science & Technology (S&T) initiatives and the transfer of those results to non-DoD U.S. government organizations where improvements will also benefit the DoD. By doing so, we gain deeper insight into mission needs that forms the basis for new research. In addition, we transition matured technologies more broadly to Defense Industrial Base organizations and others in the DoD software supply chain. Figure 1 highlights our primary technical activities: applied research and development (AR&D), engagement in the field, and transition.
The SEI’s applied research and advanced technology development, our AR&D, align with DoD priorities. Beyond basic research, these activities include the exploration of unexploited technologies and engagements with customers from which we learn more about our customers’ needs.
Our field work with customers produces results such as prototypes, practices, and pilots —all of which benefit from real users and real data. Work with end users enhances SEI AR&D activities with an understanding of the state of the art and practice, current and future challenges and gaps, adoption considerations, and access to real-world data and environments to support experimentation, validation, and maturation of research approaches.
During transition activities, we generalize or scale prototypes or practices initially built in AR&D for DoD-wide use. Those results are also made available more broadly to industry through transfer mechanisms such as licensing. We retain insufficiently mature technologies for further incubation and collaboration with academia and other laboratories.
One example of this process is our work to help the DoD understand and adopt multicore processing, something it has been reluctant to do owing to the risks posed by the nuances of multicore timing and consequences of timing mishaps. Real-world experiences informed our research in this area which, in turn, informed our efforts to educate the U.S. Army Aviation and Missile Center (AvMC) on multicore timing techniques and tools. Our expertise on multicore processor timing has also influenced the air vehicle certification and qualification guidance of the U.S. Air Force and AvMC. The ultimate objective of this work is to provide the DoD with a general-purpose technology that unlocks the capabilities of multicore processors in almost all warfighting systems.
Our Success Rests on How We Meet Customer Software Challenges
To measure the success of our strategy, we assess our projects to ensure they do the following:
- Bring Capabilities that make new missions possible or improve the likelihood of success of existing ones.
- Be Timely, so that the cadence of acquisition, delivery, and fielding is responsive to and anticipatory of the operational tempo of DoD warfighters and that the DoD is able to field these new software-enabled systems and their upgrades faster than our adversaries.
- Be Trustworthy in construction and implementation, and resilient in the face of operational uncertainties including known and yet unseen adversary capabilities.
- Be Affordable, such that the cost of acquisition and operations, despite increased capability, is reduced, predictable and provides a cost advantage over our adversaries.
We prioritize work where we can insert innovative capabilities into the practices of those acquiring software, securing data and information, or bringing new skills to the DoD workforce. We engage at multiple levels (e.g., policy, program executive office, and program) and with multiple organizations to broaden our impact and foster the continuing development of innovative tools, technologies, and methods. The ultimate aim of all of this activity is to bring more and more stability and predictability to an ever-more-complex and disrupted software environment.
The SEI FFRDC as Research Leader and Trusted Advisor
I encourage you to keep an eye out for future SEI blog posts, podcasts, and webinars examining the ways in which various SEI research threads join and complement each other to address the nation’s toughest software challenges. And I remind you that we collaborate at the nexus of government, industry, and academia to accelerate innovation in AI, software, and cybersecurity by developing and piloting prototype tools; building, applying, and transitioning innovative solutions; and providing input for our sponsor’s policy decisions about software and related technologies. I encourage interested parties to contact us about collaborative opportunities.
Additional Resources
The 2021 SEI Year in Review highlights the work of the institute in software engineering, cybersecurity, and artificial intelligence undertaken during the fiscal year spanning October 1, 2020, to September 30, 2021.
More By The Author
More In Software Engineering Research and Development
The Latest Work from the SEI: Counter AI, Coordinated Vulnerability Disclosure, and Artificial Intelligence Engineering
• By Bill Scherlis
PUBLISHED IN
Software Engineering Research and DevelopmentGet updates on our latest work.
Sign up to have the latest post sent to your inbox weekly.
Subscribe Get our RSS feedMore In Software Engineering Research and Development
The Latest Work from the SEI: Counter AI, Coordinated Vulnerability Disclosure, and Artificial Intelligence Engineering
• By Bill Scherlis
Get updates on our latest work.
Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.
Subscribe Get our RSS feed