search menu icon-carat-right cmu-wordmark

SEI Blog

The Latest Research in Software Engineering and Cybersecurity

Latest Posts

Common Infrastructure and Joint Programs, Fourth in a Series

Common Infrastructure and Joint Programs, Fourth in a Series

• SEI Blog
Bill Novak

Background: Over the past decade, the U.S. Air Force has asked the SEI's Acquisition Support Program (ASP) to conduct a number of Independent Technical Assessments (ITAs) on acquisition programs related to the development of IT systems; communications, command and control; avionics; and electronic warfare systems. This blog posting is the latest installment in a series that explores common themes across acquisition programs that we identified as a result of our ITA work. Previous themes explored...

Read More
Improving Testing Outcomes Through Software Architecture

Improving Testing Outcomes Through Software Architecture

• SEI Blog
Paul Clements

Testing plays a critical role in the development of software-reliant systems. Even with the most diligent efforts of requirements engineers, designers, and programmers, faults inevitably occur. These faults are most commonly discovered and removed by testing the system and comparing what it does to what it is supposed to do. This blog posting summarizes a method that improves testing outcomes (including efficacy and cost) in a software-reliant system by using an architectural design approach, which...

Read More
The Growing Importance of Sustaining Software for the DoD: Part 2

The Growing Importance of Sustaining Software for the DoD: Part 2

• SEI Blog
Douglas C. Schmidt

Software sustainment is growing in importance as the inventory of DoD systems continues to age and greater emphasis is placed on efficiency and productivity in defense spending. In part 1 of this series, I summarized key software sustainment challenges facing the DoD. In this blog posting, I describe some of the R&D activities conducted by the SEI to address these challenges....

Read More
Protecting Against Insider Threats with Enterprise Architecture Patterns

Protecting Against Insider Threats with Enterprise Architecture Patterns

• SEI Blog
Andrew Moore

The 2011 CyberSecurity Watch survey revealed that 27 percent of cybersecurity attacks against organizations were caused by disgruntled, greedy, or subversive insiders, employees, or contractors with access to that organization's network systems or data. Of the 607 survey respondents, 43 percent view insider threat attacks as more costly and cited not only a financial loss but also damage to reputation, critical system disruption, and loss of confidential or proprietary information. For the Department of Defense...

Read More
The Growing Importance of Sustaining Software for the DoD: Part 1

The Growing Importance of Sustaining Software for the DoD: Part 1

• SEI Blog
Douglas C. Schmidt

Department of Defense (DoD) programs have traditionally focused on the software acquisition phase (initial procurement, development, production, and deployment) and largely discounted the software sustainment phase (operations and support) until late in the lifecycle. The costs of software sustainment are becoming too high to discount since they account for 60 to 90 percent of the total software lifecycle effort....

Read More
Lean Principles and Software Architecture: The Waste of Information Transformation

Lean Principles and Software Architecture: The Waste of Information Transformation

• SEI Blog
Nanette Brown

Occasionally this blog will highlight different posts from the SEI blogosphere. Today's post is from the SATURN Network blog by Nanette Brown, a senior member of the technical staff in the SEI's Research, Technology, and System Solutions program. This post, the third in a series on lean principles and architecture, continues the discussion on the eight types of waste identified in Lean manufacturing and how these types of waste manifst themselves in software development. The...

Read More
Improving Data Quality Through Anomaly Detection

Improving Data Quality Through Anomaly Detection

• SEI Blog
Mark Kasunic

Organizations run on data. They use it to manage programs, select products to fund or develop, make decisions, and guide improvement. Data comes in many forms, both structured (tables of numbers and text) and unstructured (emails, images, sound, etc.). Data are generally considered high quality if they are fit for their intended uses in operations, decision making, and planning. This definition implies that data quality is both a subjective perception of individuals involved with the...

Read More
Obstacles in Engineering Safety- and Security-Related Requirements, Second in a Three-Part Series

Obstacles in Engineering Safety- and Security-Related Requirements, Second in a Three-Part Series

• SEI Blog
Donald Firesmith

Background: In our research and acquisition work on commercial and Department of Defense (DoD) programs, ranging from relatively simple two-tier data-processing applications to large-scale multi-tier weapons systems, one of the primary problems that we see repeatedly is that acquisitionand development organizations encounter the following three obstacles concerning safety- and security-related requirements:...

Read More