search menu icon-carat-right cmu-wordmark

SEI Blog

The Latest Research in Software Engineering and Cybersecurity

Latest Posts

Towards Common Operating Platform Environments, Second in a Series

Towards Common Operating Platform Environments, Second in a Series

• SEI Blog
Douglas C. Schmidt

Common operating platform environments (COPEs) are reusable software infrastructures that incorporate open standards; define portable interfaces, interoperable protocols, and data models; offer complete design disclosure; and have a modular, loosely coupled, and well-articulated software architecture that provides applications and end users with many shared capabilities. COPEs can help reduce recurring engineering costs, as well as enable developers to build better and more powerful applications atop a COPE, rather than wrestling repeatedly with tedious and error-prone...

Read More
Towards Common Operating Platform Environments

Towards Common Operating Platform Environments

• SEI Blog
Douglas C. Schmidt

Mission-critical operations in the Department of Defense (DoD) increasingly depend on complex software-reliant systems-of-systems (abbreviated as "systems" below). These systems are characterized by a rapidly growing number of connected platforms, sensors, decision nodes, and people. While facing constrained budget, expanded threat, and engineering workforce challenges, the DoD is trying to obtain greater efficiency and productivity in defense spending needed to acquire and sustain these systems. This blog posting--the first in a three-part series--motivates the need...

Read More
Developing Controls to Prevent Theft of Intellectual Property

Developing Controls to Prevent Theft of Intellectual Property

• SEI Blog
Randy Trzeciak

According to the 2011 CyberSecurity Watch Survey, approximately 21 percent of cyber crimes against organizations are committed by insiders. Of the 607 organizations participating in the survey, 46 percent stated that the damage caused by insiders was more significant than the damage caused by outsiders. Over the past 11 years, CERT Insider Threat researchers have collected incidents related to malicious activity by insiders obtained from a number of sources, including media reports, the courts, the...

Read More
Thread Role Analysis

Thread Role Analysis

• SEI Blog
Dean Sutherland

Many modern software systems employ shared-memory multi- threading and are built using software components, such as libraries and frameworks. Software developers must carefully control the interactions between multiple threads as they execute within those components. To manage this complexity, developers use information hiding to treat components as "black boxes" with known interfaces that explicitly specify all necessary preconditions and postconditions of the design contract, while using an appropriate level of abstraction to hide unnecessary detail....

Read More
Rapid Lifecycle Development in an Agile Context

Rapid Lifecycle Development in an Agile Context

• SEI Blog
Robert Nord

New acquisition guidelines from the Department of Defense (DoD) aimed at reducing system lifecycle time and effort are encouraging the adoption of Agile methods. There is a general lack, however, of practical guidance on how to employ Agile methods effectively for DoD acquisition programs. This blog posting describes our research on providing software and systems architects with a decision making framework for reducing integration risk with Agile methods, thereby reducing the time and resources needed...

Read More
Improving Software Team Performance with TSP

Improving Software Team Performance with TSP

• SEI Blog
Bill Nichols

In his book Drive, Daniel Pink writes that knowledge workers want autonomy, purpose, and mastery in their work. A big problem with any change in processes is getting the people who do the work to change how they work. Too often, people are told what to do instead of being given the information, autonomy, and authority to analyze and adopt the new methods for themselves. This posting--the first in a two-part series--describes a case study...

Read More
Toward Efficient and Effective Software Sustainment, Second in a Series

Toward Efficient and Effective Software Sustainment, Second in a Series

• SEI Blog
Mike Phillips

In my preceding blog post, I promised to provide more examples highlighting the importance of software sustainmentin the US Department of Defense (DoD). My focus is on certain configurations of weapons systems that are no longer in production for the United States Air Force, but are expected to remain a key component of our defense capability for decades to come, and thus software upgrade cycles need to refresh capabilities every 18 to 24 months. Throughout...

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I'd like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in embedded systems, risk management, risk-based measurement and analysis, early lifecycle cost estimation, and techniques for detecting data anomalies. This post includes a listing of each report, author(s), and links where the published reports can be accessed...

Read More