search menu icon-carat-right cmu-wordmark

SEI Blog

The Latest Research in Software Engineering and Cybersecurity

Latest Posts

Testing, Agile Metrics, Fuzzy Hashing, Android, and Big Data: The SEI Blog Mid-Year Review (Top 10 Posts)

Testing, Agile Metrics, Fuzzy Hashing, Android, and Big Data: The SEI Blog Mid-Year Review (Top 10 Posts)

• SEI Blog
Douglas C. Schmidt

The SEI Blog continues to attract an ever-increasing number of readers interested in learning more about our work in agile metrics, high-performance computing, malware analysis, testing, and other topics. As we reach the mid-year point, this blog posting highlights our 10 most popular posts, and links to additional related resources you might find of interest (Many of our posts cover related research areas, so we grouped them together for ease of reference.) Before we take...

Read More
The SPRUCE Series: 8 Recommended Practices in the Software-Development of Safety-Critical Systems

The SPRUCE Series: 8 Recommended Practices in the Software-Development of Safety-Critical Systems

• SEI Blog
SPRUCE Project

This is the second installment of two blog posts highlighting recommended practices for developing safety-critical systems that was originally published on the Cyber Security & Information Systems Information Analysis Center (CSIAC) website. The first post in the series by Peter Feiler, Julien Delange, and Charles Weinstock explored challenges to developing safety critical systems and presented the first three practices: Use quality attribute scenarios and mission-tread analyses to identify safety-critical requirements. Specify safety-critical requirements, and prioritize...

Read More
The SPRUCE Series: Recommended Practices in the Software Development of Safety-Critical Systems

The SPRUCE Series: Recommended Practices in the Software Development of Safety-Critical Systems

• SEI Blog
SPRUCE Project

Software and acquisition professionals often have questions about recommended practices related to modern software development methods, techniques, and tools, such as how to apply agile methods in government acquisition frameworks, systematic verification and validation of safety-critical systems, and operational risk management. In the Department of Defense (DoD), these techniques are just a few of the options available to face the myriad challenges in producing large, secure software-reliant systems on schedule and within budget....

Read More
AADL Code Generation for Avionics Systems

AADL Code Generation for Avionics Systems

• SEI Blog
Julien Delange

Using the Architecture Analysis & Design Language (AADL) modeling notation early in the development process not only helps the development team detect design errors before implementation, but also supports implementation efforts and produces high-quality code. Our recent blog posts and webinar have shown how AADL can identify potential design errors and help avoid propagating them through the development process, where remediation can require massive re-engineering, delay the schedule, and increase costs....

Read More
Aircraft Systems: Three Principles for Mitigating Complexity

Aircraft Systems: Three Principles for Mitigating Complexity

• SEI Blog
Sarah Sheard

This post is the first in a series introducing our research into software and system complexity and its impact in avionics. On July 6, 2013, an Asiana Airlines Boeing 777 airplane flying from Seoul, South Korea, crashed on final approach into San Francisco International airport. While 304 of the 307 passengers and crew members on board survived, almost 200 were injured (10 critically) and three young women died. The National Transportation Safety Board (NTSB) blamed...

Read More
The SPRUCE Series: 9 Recommended Practices for Managing Operational Resilience

The SPRUCE Series: 9 Recommended Practices for Managing Operational Resilience

• SEI Blog
SPRUCE Project

Software and acquisition professionals often have questions about recommended practices related to modern software development methods, techniques, and tools, such as how to apply agile methods in government acquisition frameworks, systematic verification and validation of safety-critical systems, and operational risk management. In the Department of Defense (DoD), these techniques are just a few of the options available to face the myriad challenges in producing large, secure software-reliant systems on schedule and within budget....

Read More
The SPRUCE Series: Challenges to Managing Operational Resilience

The SPRUCE Series: Challenges to Managing Operational Resilience

• SEI Blog
SPRUCE Project

Software and acquisition professionals often have questions about recommended practices related to modern software development methods, techniques, and tools, such as how to apply agile methods in government acquisition frameworks, systematic verification and validation of safety-critical systems, and operational risk management. In the Department of Defense (DoD), these techniques are just a few of the options available to face the myriad challenges in producing large, secure software-reliant systems on schedule and within budget....

Read More
Applying the 12 Agile Principles in the Department of Defense

Applying the 12 Agile Principles in the Department of Defense

• SEI Blog
Suzanne Miller

In 2010, the Office of Management and Budget (OMB) issued a 25-point plan to reform IT that called on federal agencies to employ "shorter delivery time frames, an approach consistent with Agile" when developing or acquiring IT. OMB data suggested Agile practices could help federal agencies and other organizations design and acquire software more effectively, but agencies needed to understand the risks involved in adopting these practices....

Read More