SEI Digital Library
Latest Publications
Understanding the Need for Cyber Resilience
• Webcast
By Matthew J. Butkovic
In this webcast, Matthew Butkovic, Greg Crabb, and Ray Umerley explore how to best plan for maintaining operational resilience when a ransomware incident occurs.
WatchAddressing Today's Software Risks Requires an Assurance-Educated Workforce
• Article
By Carol Woody
The author summarizes gaps in workforce knowledge, skills, and support resources based on recent publications and panel discussions held by the SSCA forum.
ReadSecuring Docker Containers: Techniques, Challenges, and Tools
• Podcast
By Maxwell Trdina , Sasank Vishnubhatla
With the increasing prevalence of cloud computing environments, containers are increasingly providing their underlying architecture.
ListenSecurity Engineering Framework (SEF): Managing Security and Resilience Risks Across the Systems Lifecycle
• Special Report
By Christopher J. Alberts , Charles M. Wallen , Carol Woody , Michael S. Bandor , Tom Merendino
The SEF is a collection of software-focused engineering practices for managing security and resilience risks across the systems lifecycle.
ReadAn Introduction to Software Cost Estimation
• Podcast
By Anandi Hira
Software cost estimation is an important first step when beginning a project. It addresses budget, staffing, scheduling, and whether the current environment will support the project.
ListenDangers of AI for Insider Risk Evaluation (DARE)
• White Paper
By Austin Whisnant
This paper describes the challenges and pitfalls of using artificial intelligence for insider risk analysis and how to thoughtfully and efficiently use AI to find insider threats.
ReadAssurance Evidence of Continuously Evolving Real-Time Systems (ASERT) Workshop 2024
• Special Report
By Dionisio de Niz , Bjorn Andersson , Mark H. Klein , Hyoseung Kim (University of California, Riverside) , John Lehoczky (Carnegie Mellon University) , George Romanski (Federal Aviation Administration) , Jonathan Preston (Lockheed Martin Corporation) , Daniel Shapiro (Institute of Defense Analysis) , Floyd Fazi (Lockheed Martin Corporation) , Ronald Koontz (Boeing Company)
This report summarizes the analysis of the Taiwanese flight CI202 incident from 2020 as well as ideas for future work for ASERT presented at its 2024 workshop.
ReadCyber Challenges in Health Care: Managing for Operational Resilience
• Webcast
By Matthew J. Butkovic
In this webcast, Matthew Butkovic and Darrell Keeling explore approaches to maximize return on cybersecurity investment in the health-care context.
WatchIndependent Verification and Validation for Agile Projects
• Webcast
By Justin Smith
In this webcast, Justin Smith highlights a novel approach to providing independent verification and validation (IV&V) for projects that are using an Agile or iterative software development.
WatchRedemption Tool Demo: View Difference Between Original Code and Repaired Code (Manual Review)
• Video
By Lori Flynn , David Svoboda , Rebecca Beliak
This video shows a manual review of the code repairs done by Redemption in a terminal.
Watch