search menu icon-carat-right cmu-wordmark

SEI Blog

The Latest Research in Software Engineering and Cybersecurity

Latest Posts

Semantic Code Analysis for Malware Code Deobfuscation

Semantic Code Analysis for Malware Code Deobfuscation

• SEI Blog
Cory Cohen

In 2012, Symantec blocked more than 5.5 billion malware attacks (an 81 percent increase over 2010) and reported a 41 percent increase in new variants of malware, according to January 2013 Computer World article. To prevent detection and delay analysis, malware authors often obfuscate their malicious programs with anti-analysis measures. Obfuscated binary code prevents analysts from developing timely, actionable insights by increasing code complexity and reducing the effectiveness of existing tools. This blog post describes...

Read More
An Investment Model for Software Sustainment

An Investment Model for Software Sustainment

• SEI Blog
Robert Ferguson

Software sustainment involves coordinating the processes, procedures, people, information, and databases required to support, maintain, and operate software-reliant aspects of DoD systems. The 2011 book Examination of the U.S. Air Force's Aircraft Sustainment Needs in the Future and its Strategy to Meet Those Needs states...

Read More
AADL in the Medical Domain

AADL in the Medical Domain

• SEI Blog
Julien Delange

When life- and safety-critical systems fail, the results can be dire, including loss of property and life. These types of systems are increasingly prevalent, and can be found in the altitude and control systems of a satellite, the software-reliant systems of a car (such as its cruise control and GPS), or a medical device. When developing such systems, software and systems architects must balance the need for stability and safety with stakeholder demands and time-to-market...

Read More
Application Virtualization for Cloudlet-Based Cyber-Foraging at the Edge

Application Virtualization for Cloudlet-Based Cyber-Foraging at the Edge

• SEI Blog
Grace Lewis

Soldiers and emergency workers who carry smartphones in the battlefield, or into disaster recovery sites (such as Boston following the marathon bombing earlier this year) often encounter environments characterized by high mobility, rapidly-changing mission requirements, limited computing resources, high levels of stress, and limited network connectivity. At the SEI, we refer to these situations as "edge environments." Along with my colleagues at the SEI, my research aims to increase the computing power of mobile devices...

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in acquisition, socio-adaptive systems, application virtualization, insider threat, software assurance, and the Personal Software Process (PSP). This post includes a listing of each report, author(s), and links where the published reports can be accessed on the...

Read More
Understanding How Network Security Professionals Perceive Risk

Understanding How Network Security Professionals Perceive Risk

• SEI Blog
James Cebula

Risk inherent in any military, government, or industry network system cannot be completely eliminated, but it can be reduced by implementing certain network controls. These controls include administrative, management, technical, or legal methods. Decisions about what controls to implement often rely on computed-risk models that mathematically calculate the amount of risk inherent in a given network configuration. These computed-risk models, however, may not calculate risk levels that human decision makers actually perceive....

Read More
A New CTO and Technical Strategy for the SEI

A New CTO and Technical Strategy for the SEI

• SEI Blog
Kevin Fall

I recently joined the Carnegie Mellon Software Engineering Institute (SEI) as deputy director and chief technology officer (CTO). My goal in this new role is to help the SEI advance computer science, software engineering, cybersecurity, and related disciplines to help ensure that the acquisition, development, and operation of software-dependent systems have lower cost, higher quality, and better security. I have spent the past two decades conducting a range of research and development activities, and I...

Read More
 Jun 10 2013 Situational Awareness Mashups at the Tactical Edge

Jun 10 2013 Situational Awareness Mashups at the Tactical Edge

• SEI Blog
Soumya Simanta

Warfighters in a tactical environment face many constraints on computational resources, such as the computing power, memory, bandwidth, and battery power. They often have to make rapid decisions in hostile environments. Many warfighters can access situational awareness data feeds on their smartphones to make critical decisions. To access these feeds, however, warfighters must contend with an overwhelming amount of information from multiple, fragmented data sources that cannot be easily combined on a small smartphone screen....

Read More