search menu icon-carat-right cmu-wordmark

SEI Blog

The Latest Research in Software Engineering and Cybersecurity

Latest Posts

The Importance of Software Architecture in Big Data Systems

The Importance of Software Architecture in Big Data Systems

• SEI Blog
Ian Gorton

Many types of software systems, including big data applications, lend them themselves to highly incremental and iterative development approaches. In essence, system requirements are addressed in small batches, enabling the delivery of functional releases of the system at the end of every increment, typically once a month. The advantages of this approach are many and varied. Perhaps foremost is the fact that it constantly forces the validation of requirements and designs before too much progress...

Read More
Eliminative Argumentation: A Means for Assuring Confidence in Safety-Critical Systems

Eliminative Argumentation: A Means for Assuring Confidence in Safety-Critical Systems

• SEI Blog
Charles Weinstock

Software used in safety-critical systems--such as automotive, avionics, and healthcare applications, where failures could result in serious harm or loss of life--must perform as prescribed. How can software developers and programmers offer assurance that the system will perform as needed and with what level of confidence? In the first post in this series, I introduced the concept of the assurance case as a means to justify safety, security, or reliability claims by relating evidence to...

Read More
2013: The Research Year in Review

2013: The Research Year in Review

• SEI Blog
Douglas C. Schmidt

As part of our mission to advance the practice of software engineering and cybersecurity through research and technology transition, our work focuses on ensuring that software-reliant systems are developed and operated with predictable and improved quality, schedule, and cost. To achieve this mission, the SEI conducts research and development activities involving the Department of Defense (DoD), federal agencies, industry, and academia. As we look back on 2013, this blog posting highlights our many R&D accomplishments...

Read More
Hacking the CERT FOE

Hacking the CERT FOE

• SEI Blog
Will Dormann

Occasionally this blog will highlight different posts from the SEI blogosphere. Today we are highlighting a recent post by Will Dormann, a senior member of the technical staff in the SEI's CERT Division, from the CERT/CC Blog. In this post, Dormann describes how to modify the CERT Failure Observation Engine (FOE),when he encounters apps that "don't play well" with the FOE. The FOE is a software testing tool that finds defects in applications running on...

Read More
Using Scenario-Based Architecture Analysis to Inform Code Quality Measures

Using Scenario-Based Architecture Analysis to Inform Code Quality Measures

• SEI Blog
Robert Nord

As the pace of software delivery increases, organizations need guidance on how to deliver high-quality software rapidly, while simultaneously meeting demands related to time-to-market, cost, productivity, and quality. In practice, demands for adding new features or fixing defects often take priority. However, when software developers are guided solely by project management measures, such as progress on requirements and defect counts, they ignore the impact of architectural dependencies, which can impede the progress of a project...

Read More
Detecting Architecture Traps and Pitfalls in Safety-Critical Software

Detecting Architecture Traps and Pitfalls in Safety-Critical Software

• SEI Blog
Julien Delange

Safety-critical avionics, aerospace, medical, and automotive systems are becoming increasingly reliant on software. Malfunctions in these systems can have significant consequences including mission failure and loss of life. So, they must be designed, verified, and validated carefully to ensure that they comply with system specifications and requirements and are error free. In the automotive domain, for example, cars contain many electronic control units (ECU)--today's standard vehicle can contain up to 30 ECUs--that communicate to control...

Read More
Is Your Organization Ready for Agile? - Part 4

Is Your Organization Ready for Agile? - Part 4

• SEI Blog
Suzanne Miller

This blog post is the fourth in a series on Agile adoption in regulated settings, such as the Department of Defense, Internal Revenue Service, and Food and Drug Administration. Government agencies, including the departments of Defense, Veteran Affairs, and Treasury, are being asked by their government program office to adopt Agile methods. These are organizations that have traditionally utilized a "waterfall" life cycle model (as epitomized by the engineering "V" charts). Programming teams in these...

Read More
The Architectural Evolution of DoD Combat Systems

The Architectural Evolution of DoD Combat Systems

• SEI Blog
Douglas C. Schmidt

To deliver enhanced integrated warfighting capability at lower cost across the enterprise and over the lifecycle, the Department of Defense (DoD) must move away from stove-piped solutions and towards a limited number of technical reference frameworks based on reusable hardware and software components and services. There have been previous efforts in this direction, but in an era of sequestration and austerity, the DoD has reinvigorated its efforts to identify effective methods of creating more affordable...

Read More