As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recent publications from the SEI in the areas of machine learning, ethical artificial intelligence, cloud adoption, and mixed-criticality systems. These publications highlight the latest work of SEI technologists in these areas.

We have also included links to a recently published book and accompanying podcast that is the result of a multi-year research and development vision and roadmap for engineering next-generation software-reliant systems.

This post includes a listing of each publication, author(s), and links where they can be accessed on the SEI website.

Architecting the Future of Software Engineering: A National Agenda for Software Engineering Research & Development
by Anita Carleton, Mark H. Klein, John E. Robert, Erin Harper, Robert K Cunningham, Dionisio de Niz, John T. Foreman, John B. Goodenough, James D. Herbsleb, Ipek Ozkaya, Douglas Schmidt (Vanderbilt University), Forrest Shull

Software is vital to our country’s global competitiveness, innovation, and national security. It also ensures our modern standard of living and enables continued advances in defense, infrastructure, healthcare, commerce, education, and entertainment. As part of its work as a federally funded research and development center (FFRDC) focused on applied research to improve the practice of software engineering, the Carnegie Mellon University Software Engineering Institute led the community in creating this multi-year research and development vision and roadmap for engineering next-generation software-reliant systems.

An executive summary is also available.

Download the book.

Listen to/view the podcast by Anita Carleton and Forrest Shull detailing this initiative.

Using Machine Learning to Increase NPC Fidelity
by Dustin D. Updyke, Thomas G. Podnar, Geoffrey B. Dobson, John Yarger

Experiences that seem real to players in training and exercise scenarios enhance learning. Improving the fidelity of automated non-player characters (NPCs) can increase the level of realism felt by players. In this report, we describe how we used machine learning (ML) modeling to create decision-making preferences for NPCs. In our research, we test ML solutions and confirm that NPCs can exhibit lifelike computer activity that improves over time.

Download the SEI technical report.

Implementing the DoD’s Ethical AI Principles
by Alexandrea Van Deusen and Carol J. Smith

Alexandrea Van Deusen and Carol Smith, both with the SEI's AI Division, discuss a recent project in which they helped the Defense Innovation Unit (DIU) of the U.S. Department of Defense to develop guidelines for the responsible use of artificial intelligence (AI), based on the DoD's Ethical Principles for AI. These guidelines can serve as a guide for organizations in industry and government to implement responsible AI considerations into practice in real-world programs.
View/listen to the podcast.

A Prototype Set of Cloud Adoption Risk Factors
by Christopher J. Alberts

This report presents the results of a study that the SEI conducted to identify a prototype set of risk factors for the adoption of cloud technologies. These risk factors cover a broad range of potential problems that can affect a cloud initiative, including business strategy and processes, technology management and implementation, and organizational culture.

The publication of this report is an initial step in the development of cloud adoption risk factors rather than the culmination of SEI work in this area. This report identifies a range of potential future development and transition tasks related to the MRD for cloud adoption. The SEI MRD method defines a time-efficient, mission-oriented approach for assessing risk in mission threads, business processes, and organizational initiatives.
Download the white paper.

Cloud Security Best Practices Derived from Mission Thread Analysis
by Timothy Morrow, Vincent LaPiana, Donald Faatz, Angel Luis Hueca, Nathaniel Richmond

This report presents four important security practices that are practical and effective for improving the cybersecurity posture of cloud-deployed information technology (IT) systems. These practices help to address the risks, threats, and vulnerabilities that organizations face in deploying or moving applications and systems to a cloud service provider (CSP).

The practices address cloud security issues that consumers are experiencing, illustrated by several recent cloud security incidents. The report demonstrates the practices through examples using cloud services available from Amazon Web Service (AWS), Microsoft, and Google.

The presented practices are geared toward small and medium-sized organizations; however, all organizations, independent of size, can use these practices to improve the security of their cloud usage. The focus here is on hybrid deployments where some IT applications deploy or move to a CSP while other IT applications remain in the organization’s data center. Small and medium-sized organizations likely have limited resources; where possible, these practices describe implementation approaches that may be effective in limited-resource situations.

This report is a 2021 update of a prior report.
Download the SEI technical report.

Evolvable Technical Reference Frameworks for Mixed-Criticality Systems
by Nickolas Guertin and Douglas Schmidt

Nickolas Guertin and Douglas Schmidt talk with Suzanne Miller about strategies for creating architectures for large-scale, complex systems that comprise functions with a wide range of requirements. This is one of the most challenging areas in U.S. Department of Defense acquisition, and this approach and the strategies discussed are important to the future of our large systems.
Listen to/view the podcast.