search menu icon-carat-right cmu-wordmark

Archive: 2013

2013: The Research Year in Review

2013: The Research Year in Review

• SEI Blog
Douglas C. Schmidt

As part of our mission to advance the practice of software engineering and cybersecurity through research and technology transition, our work focuses on ensuring that software-reliant systems are developed and operated with predictable and improved quality, schedule, and cost. To achieve this mission, the SEI conducts research and development activities involving the Department of Defense (DoD), federal agencies, industry, and academia. As we look back on 2013, this blog posting highlights our many R&D accomplishments...

Read More
Hacking the CERT FOE

Hacking the CERT FOE

• SEI Blog
Will Dormann

Occasionally this blog will highlight different posts from the SEI blogosphere. Today we are highlighting a recent post by Will Dormann, a senior member of the technical staff in the SEI's CERT Division, from the CERT/CC Blog. In this post, Dormann describes how to modify the CERT Failure Observation Engine (FOE),when he encounters apps that "don't play well" with the FOE. The FOE is a software testing tool that finds defects in applications running on...

Read More
Using Scenario-Based Architecture Analysis to Inform Code Quality Measures

Using Scenario-Based Architecture Analysis to Inform Code Quality Measures

• SEI Blog
Robert Nord

As the pace of software delivery increases, organizations need guidance on how to deliver high-quality software rapidly, while simultaneously meeting demands related to time-to-market, cost, productivity, and quality. In practice, demands for adding new features or fixing defects often take priority. However, when software developers are guided solely by project management measures, such as progress on requirements and defect counts, they ignore the impact of architectural dependencies, which can impede the progress of a project...

Read More
Detecting Architecture Traps and Pitfalls in Safety-Critical Software

Detecting Architecture Traps and Pitfalls in Safety-Critical Software

• SEI Blog
Julien Delange

Safety-critical avionics, aerospace, medical, and automotive systems are becoming increasingly reliant on software. Malfunctions in these systems can have significant consequences including mission failure and loss of life. So, they must be designed, verified, and validated carefully to ensure that they comply with system specifications and requirements and are error free. In the automotive domain, for example, cars contain many electronic control units (ECU)--today's standard vehicle can contain up to 30 ECUs--that communicate to control...

Read More
Is Your Organization Ready for Agile? - Part 4

Is Your Organization Ready for Agile? - Part 4

• SEI Blog
Suzanne Miller

This blog post is the fourth in a series on Agile adoption in regulated settings, such as the Department of Defense, Internal Revenue Service, and Food and Drug Administration. Government agencies, including the departments of Defense, Veteran Affairs, and Treasury, are being asked by their government program office to adopt Agile methods. These are organizations that have traditionally utilized a "waterfall" life cycle model (as epitomized by the engineering "V" charts). Programming teams in these...

Read More
The Architectural Evolution of DoD Combat Systems

The Architectural Evolution of DoD Combat Systems

• SEI Blog
Douglas C. Schmidt

To deliver enhanced integrated warfighting capability at lower cost across the enterprise and over the lifecycle, the Department of Defense (DoD) must move away from stove-piped solutions and towards a limited number of technical reference frameworks based on reusable hardware and software components and services. There have been previous efforts in this direction, but in an era of sequestration and austerity, the DoD has reinvigorated its efforts to identify effective methods of creating more affordable...

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in Secure Java and Android Coding, Cybersecurity Capability Measurement, Managing Insider Threat, the CERT Resilience Management Model, Network Situational Awareness, and Security and Survivability. This post includes a listing of each report, author(s), and links where...

Read More
Using V Models for Testing

Using V Models for Testing

• SEI Blog
Donald Firesmith

The verification and validation of requirements are a critical part of systems and software engineering. The importance of verification and validation (especially testing) is a major reason that the traditional waterfall development cycle underwent a minor modification to create the V model that links early development activities to their corresponding later testing activities. This blog post introduces three variants on the V model of system or software development that make it more useful to testers,...

Read More
Prioritizing Malware Analysis

Prioritizing Malware Analysis

• SEI Blog
Jose Morales

In early 2012, a backdoor Trojan malware named Flame was discovered in the wild. When fully deployed, Flame proved very hard for malware researchers to analyze. In December of that year, Wired magazine reported that before Flame had been unleashed, samples of the malware had been lurking, undiscovered, in repositories for at least two years. As Wired also reported, this was not an isolated event. Every day, major anti-virus companies and research organizations are inundated...

Read More
AADL: SAVI and Beyond

AADL: SAVI and Beyond

• SEI Blog
Julien Delange

The size and complexity of aerospace software systems has increased significantly in recent years. When looking at source lines of code (SLOC), the size of systems has doubled every four years since the mid 1990s, according to a recent SEI technical report. The 27 million SLOC that will be produced from 2010 to 2020 is expected to exceed $10 billion. These increases in size and cost have also been accompanied by significant increases in errors...

Read More
Analyzing Routing Tables

Analyzing Routing Tables

• SEI Blog
Timur Snoke

Occasionally this blog will highlight different posts from the SEI blogosphere. Today we are highlighting a post from the CERT/CC Blog by Timur Snoke, a member of the technical staff in the SEI's CERT Division. This post describes maps that Timur has developed using Border Gateway Protocol (BGP) routing tables to show the evolution of public-facing autonomous system numbers (ASN). These maps help analysts inspect the BPG routing tables to reveal disruptions to an organization's...

Read More
Addressing the Software Engineering Challenges of Big Data

Addressing the Software Engineering Challenges of Big Data

• SEI Blog
Ian Gorton

New data sources, ranging from diverse business transactions to social media, high-resolution sensors, and the Internet of Things, are creating a digital tidal wave of big data that must be captured, processed, integrated, analyzed, and archived. Big data systems storing and analyzing petabytes of data are becoming increasingly common in many application areas. These systems represent major, long-term investments requiring considerable financial commitments and massive scale software and system deployments....

Read More
AADL: Initial Foundations

AADL: Initial Foundations

• SEI Blog
Julien Delange

When life- and safety-critical systems fail (and this happens in many domains), the results can be dire, including loss of property and life. These types of systems are increasingly prevalent, and can be found in the altitude and control systems of a satellite, the software-reliant systems of a car (such as its cruise control and anti-lock braking system), or medical devices that emit radiation. When developing such systems, software and systems architects must balance the...

Read More
Agile and Architecture Practices for Rapid Delivery

Agile and Architecture Practices for Rapid Delivery

• SEI Blog
Stephany Bellomo

Agile projects with incremental development lifecycles are showing greater promise in enabling organizations to rapidly field software compared to waterfall projects. There is a lack of clarity, however, regarding the factors that constitute and contribute to success of Agile projects. A team of researchers from Carnegie Mellon University's Software Engineering Institute, including Ipek Ozkaya, Robert Nord, and myself, interviewed project teams with incremental development lifecycles from five government and commercial organizations. This blog posting summarizes...

Read More
Deterrence for Malware: Towards a Deception-Free Internet

Deterrence for Malware: Towards a Deception-Free Internet

• SEI Blog
William Casey

Exclusively technical approaches toward attaining cyber security have created pressures for malware attackers to evolve technical sophistication and harden attacks with increased precision, including socially engineered malware and distributed denial of service (DDoS) attacks. A general and simple design for achieving cybersecurity remains elusive and addressing the problem of malware has become such a monumental task that technological, economic, and social forces must join together to address this problem. At the Carnegie Mellon University Software...

Read More
Architecting Systems of the Future

Architecting Systems of the Future

• SEI Blog
Eric Werner

The power and speed of computers have increased exponentially in recent years. Recently, however, modern computer architectures are moving away from single-core and multi-core (homogenous) central processing units (CPUs) to many-core (heterogeneous) CPUs. This blog post describes research I've undertaken with my colleagues at the Carnegie Mellon Software Engineering Institute (SEI)--including colleagues Jonathan Chu and Scott McMillan of the Emerging Technology Center (ETC) as well as Alex Nicoll, a researcher with the SEI's CERT Division--to...

Read More
Towards Affordable DoD Combat Systems in the Age of Sequestration

Towards Affordable DoD Combat Systems in the Age of Sequestration

• SEI Blog
Douglas C. Schmidt

Department of Defense (DoD) program managers and associated acquisition professionals are increasingly called upon to steward the development of complex, software-reliant combat systems. In today's environment of expanded threats and constrained resources (e.g., sequestration), their focus is on minimizing the cost and schedule of combat-system acquisition, while simultaneously ensuring interoperability and innovation. A promising approach for meeting these challenging goals is Open Systems Architecture (OSA), which combines (1) technical practices designed to reduce the cycle...

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. Three of these reports highlight the latest work of SEI technologists on insider threat in international contexts, unintentional insider threats, and attributes and mitigation strategies. The last report provides the results of several exploratory research initiatives conducted by SEI staff in fiscal year 2012. This...

Read More
Is Your Organization Ready for Agile? - Part 3

Is Your Organization Ready for Agile? - Part 3

• SEI Blog
Suzanne Miller

This blog post is the third in a series on Agile adoption in regulated settings, such as the Department of Defense, Internal Revenue Service, and Food and Drug Administration. In our work with the Department of Defense (DoD) and other government agencies such as the U.S. Department of Veteran Affairs and the U.S. Department of the Treasury, we often encounter organizations that have been asked by their government program office to adopt agile methods. These...

Read More
A Strategic Approach to Software Assurance

A Strategic Approach to Software Assurance

• SEI Blog
Mike McLendon

Software is the principal, enabling means for delivering system and warfighter performance across a spectrum of Department of Defense (DoD) capabilities. These capabilities span the spectrum of mission-essential business systems to mission-critical command, control, communications, computers, intelligence, surveillance, and reconnaissance (C4ISR) systems to complex weapon systems. Many of these systems now operate interdependently in a complex net-centric and cyber environment. The pace of technological change continues to evolve along with the almost total system reliance...

Read More
Assurance Cases and Confidence

Assurance Cases and Confidence

• SEI Blog
Charles Weinstock

From the braking system in your automobile to the software that controls the aircraft that you fly in, safety-critical systems are ubiquitous. Showing that such systems meet their safety requirements has become a critical area of work for software and systems engineers. "We live in a world in which our safety depends on software-intensive systems," editors of IEEE Software wrote in the magazine's May/June issue. "Organizations everywhere are struggling to find cost-effective methods to deal...

Read More
A Multi-Dimensional Approach to Insider Threat

A Multi-Dimensional Approach to Insider Threat

• SEI Blog
David Mundie

Researchers on the CERT Division's insider threat team have presented several of the 26 patterns identified by analyzing our insider threat database, which is based on examinations of more than 700 insider threat cases and interviews with the United States Secret Service, victims' organizations, and convicted felons. Through our analysis, we identified more than 100 categories of weaknesses in systems, processes, people, or technologies that allowed insider threats to occur. One aspect of our research...

Read More
Semantic Code Analysis for Malware Code Deobfuscation

Semantic Code Analysis for Malware Code Deobfuscation

• SEI Blog
Cory Cohen

In 2012, Symantec blocked more than 5.5 billion malware attacks (an 81 percent increase over 2010) and reported a 41 percent increase in new variants of malware, according to January 2013 Computer World article. To prevent detection and delay analysis, malware authors often obfuscate their malicious programs with anti-analysis measures. Obfuscated binary code prevents analysts from developing timely, actionable insights by increasing code complexity and reducing the effectiveness of existing tools. This blog post describes...

Read More
An Investment Model for Software Sustainment

An Investment Model for Software Sustainment

• SEI Blog
Robert Ferguson

Software sustainment involves coordinating the processes, procedures, people, information, and databases required to support, maintain, and operate software-reliant aspects of DoD systems. The 2011 book Examination of the U.S. Air Force's Aircraft Sustainment Needs in the Future and its Strategy to Meet Those Needs states...

Read More
AADL in the Medical Domain

AADL in the Medical Domain

• SEI Blog
Julien Delange

When life- and safety-critical systems fail, the results can be dire, including loss of property and life. These types of systems are increasingly prevalent, and can be found in the altitude and control systems of a satellite, the software-reliant systems of a car (such as its cruise control and GPS), or a medical device. When developing such systems, software and systems architects must balance the need for stability and safety with stakeholder demands and time-to-market...

Read More
Application Virtualization for Cloudlet-Based Cyber-Foraging at the Edge

Application Virtualization for Cloudlet-Based Cyber-Foraging at the Edge

• SEI Blog
Grace Lewis

Soldiers and emergency workers who carry smartphones in the battlefield, or into disaster recovery sites (such as Boston following the marathon bombing earlier this year) often encounter environments characterized by high mobility, rapidly-changing mission requirements, limited computing resources, high levels of stress, and limited network connectivity. At the SEI, we refer to these situations as "edge environments." Along with my colleagues at the SEI, my research aims to increase the computing power of mobile devices...

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in acquisition, socio-adaptive systems, application virtualization, insider threat, software assurance, and the Personal Software Process (PSP). This post includes a listing of each report, author(s), and links where the published reports can be accessed on the...

Read More
Understanding How Network Security Professionals Perceive Risk

Understanding How Network Security Professionals Perceive Risk

• SEI Blog
James Cebula

Risk inherent in any military, government, or industry network system cannot be completely eliminated, but it can be reduced by implementing certain network controls. These controls include administrative, management, technical, or legal methods. Decisions about what controls to implement often rely on computed-risk models that mathematically calculate the amount of risk inherent in a given network configuration. These computed-risk models, however, may not calculate risk levels that human decision makers actually perceive....

Read More
A New CTO and Technical Strategy for the SEI

A New CTO and Technical Strategy for the SEI

• SEI Blog
Kevin Fall

I recently joined the Carnegie Mellon Software Engineering Institute (SEI) as deputy director and chief technology officer (CTO). My goal in this new role is to help the SEI advance computer science, software engineering, cybersecurity, and related disciplines to help ensure that the acquisition, development, and operation of software-dependent systems have lower cost, higher quality, and better security. I have spent the past two decades conducting a range of research and development activities, and I...

Read More
 Jun 10 2013 Situational Awareness Mashups at the Tactical Edge

Jun 10 2013 Situational Awareness Mashups at the Tactical Edge

• SEI Blog
Soumya Simanta

Warfighters in a tactical environment face many constraints on computational resources, such as the computing power, memory, bandwidth, and battery power. They often have to make rapid decisions in hostile environments. Many warfighters can access situational awareness data feeds on their smartphones to make critical decisions. To access these feeds, however, warfighters must contend with an overwhelming amount of information from multiple, fragmented data sources that cannot be easily combined on a small smartphone screen....

Read More
Improving Safety-critical Systems with a Reliability Validation & Improvement Framework

Improving Safety-critical Systems with a Reliability Validation & Improvement Framework

• SEI Blog
Peter Feiler

Aircraft and other safety-critical systems increasingly rely on software to provide their functionality. The exponential growth of software in safety-critical systems has pushed the cost for building aircraft to the limit of affordability. Given this increase, the current practice of build-then-test is no longer feasible. This blog posting describes recent work at the SEI to improve the quality of software-reliant systems through an approach known as the Reliability Validation and Improvement Framework that will lead...

Read More
National Deployment of the Wireless Emergency Alerts System

National Deployment of the Wireless Emergency Alerts System

• SEI Blog
William Anderson

The ubiquity of mobile devices provides new opportunities to warn people of emergencies and imminent threats using location-aware technologies. The Wireless Emergency Alerts (WEA) system, formerly known as the Commercial Mobile Alert Service (CMAS), is the newest addition to the Federal Emergency Management Agency (FEMA) Integrated Public Alert and Warning System (IPAWS), which allows authorities to broadcast emergency alerts to cell phone customers with WEA-enabled devices in an area affected by a disaster or a...

Read More
The Value of Systems Engineering

The Value of Systems Engineering

• SEI Blog
Joseph Elm

Building a complex weapon system in today's environment may involve many subsystems--propulsion, hydraulics, power, controls, radar, structures, navigation, computers, and communications. Design of these systems requires the expertise of engineers in particular disciplines, including mechanical engineering, electrical engineering, software engineering, metallurgical engineering, and many others. But some activities of system development are interdisciplinary, including requirements development, trade studies, and architecture design, to name a few. These tasks do not fit neatly into the traditional engineering...

Read More
Don't Sign that Applet!

Don't Sign that Applet!

• SEI Blog
Will Dormann

Occasionally this blog will highlight different posts from the SEI blogosphere. Today's post by Will Dormann, a senior member of the technical staff in the SEI's CERT Program, is from the CERT/CC (Coordination Center) blog. This post explores Dormann's investigation into the state of signed Java applet security....

Read More
Common Testing Problems: Pitfalls to Prevent and Mitigate

Common Testing Problems: Pitfalls to Prevent and Mitigate

• SEI Blog
Donald Firesmith

In the first blog entry of this two part series on common testing problems, I addressed the fact that testing is less effective, less efficient, and more expensive than it should be. This second posting of a two-part series highlights results of an analysis that documents problems that commonly occur during testing. Specifically, this series of posts identifies and describes 77 testing problems organized into 14 categories; lists potential symptoms by which each can be...

Read More
AADL Tools: Leveraging the Ecosystem

AADL Tools: Leveraging the Ecosystem

• SEI Blog
Julien Delange

Software and systems architects face many challenges when designing life- and safety-critical systems, such as the altitude and control systems of a satellite, the auto pilot system of a car, or the injection system of a medical infusion pump. Architects in software and systems answer to an expanding group of stakeholders and often must balance the need to design a stable system with time-to-market constraints. Moreover, no matter what programming language architects choose, they cannot...

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in quantifying expert judgment, insider threat, detecting and preventing data exfiltration, and developing a common vocabulary for malware analysts. This post includes a listing of each report, author(s), and links where the published reports can be...

Read More
Architecting Service-Oriented Systems

Architecting Service-Oriented Systems

• SEI Blog
Grace Lewis

In 2009, a popular blogger published a post entitled "SOA is Dead," which generated extensive commentary among those who work in the field of service-oriented architecture (SOA). Many practitioners in this field completely misinterpreted the post; some read the title and just assumed that the content referenced the demise of SOA. Quite the opposite, the post was inviting people to stop thinking about SOA as a set of technologies and start embracing SOA as an...

Read More
Architecting Service-Oriented Systems

Architecting Service-Oriented Systems

• SEI Blog
Grace Lewis

In 2009, a popular blogger published a post entitled "SOA is Dead," which generated extensive commentary among those who work in the field of service-oriented architecture (SOA). Many practitioners in this field completely misinterpreted the post; some read the title and just assumed that the content referenced the demise of SOA. Quite the opposite, the post was inviting people to stop thinking about SOA as a set of technologies and start embracing SOA as an...

Read More
Common Testing Problems: Pitfalls to Prevent and Mitigate

Common Testing Problems: Pitfalls to Prevent and Mitigate

• SEI Blog
Donald Firesmith

A widely cited study for the National Institute of Standards & Technology (NIST) reports that inadequate testing methods and tools annually cost the U.S. economy between $22.2 and $59.5 billion, with roughly half of these costs borne by software developers in the form of extra testing and half by software users in the form of failure avoidance and mitigation efforts. The same study notes that between 25 and 90 percent of software development budgets are...

Read More
The SEI Blog: A Two-Year Retrospective

The SEI Blog: A Two-Year Retrospective

• SEI Blog
Douglas C. Schmidt

In launching the SEI blog two years ago, one of our top priorities was to advance the scope and impact of SEI research and development projects, while increasing the visibility of the work by SEI technologists who staff these projects. After 114 posts, and 72,608 visits from readers of our blog, this post reflects on some highlights from the last two years and gives our readers a preview of posts to come....

Read More
Using the Pointer Ownership Model to Secure Memory Management in C and C++

Using the Pointer Ownership Model to Secure Memory Management in C and C++

• SEI Blog
David Svoboda

This blog post describes a research initiative aimed at eliminating vulnerabilities resulting from memory management problems in C and C++. Memory problems in C and C++ can lead to serious software vulnerabilities including difficulty fixing bugs, performance impediments, program crashes (including null pointer deference and out-of-memory errors), and remote code execution....

Read More
Is Your Organization Ready for Agile? - Part 2

Is Your Organization Ready for Agile? - Part 2

• SEI Blog
Suzanne Miller

This blog post is the second in a series on Agile adoption in regulated settings, such as the Department of Defense, Internal Revenue Service, and Food and Drug Administration. The adoption of new practices, such as agile or any new practice for that matter, is a task that is best undertaken with both eyes open. There are often disconnects between the adopting organization's current practice and culture and the new practices being adopted. This posting...

Read More
Introduction to the Architecture Analysis & Design Language

Introduction to the Architecture Analysis & Design Language

• SEI Blog
Julien Delange

When a system fails, engineers too often focus on the physical components, but pay scant attention to the software. In software-reliant systems ignoring or deemphasizing the importance of software failures can be a recipe for disaster. This blog post is the first in a series on recent developments with the Architecture Analysis Design Language (AADL) standard. Future posts will explore recent tools and projects associated with AADL, which provides formal modeling concepts for the description...

Read More
Standards in Cloud Computing Interoperability

Standards in Cloud Computing Interoperability

• SEI Blog
Grace Lewis

In 2011, Col. Timothy Hill, director of the Futures Directorate within the Army Intelligence and Security Command, urged industry to take a more open-standards approach to cloud computing. "Interoperability between clouds, as well as the portability of files from one cloud to another, has been a sticking point in general adoption of cloud computing," Hill said during a panel at the AFCEA International 2011 Joint Warfighting Conference. Hill's view has been echoed by many in...

Read More
Evaluation and Validity for SEI Research Projects

Evaluation and Validity for SEI Research Projects

• SEI Blog
Bill Scherlis

Some of the principal challenges faced by developers, managers, and researchers in software engineering and cybersecurity involve measurement and evaluation. In two previous blog posts, I summarized some features of the overall SEI Technology Strategy. This post focuses on how the SEI measures and evaluates its research program to help ensure these activities address the most significant and pervasive problems for the Department of Defense (DoD). Our goal is to conduct projects that are technically...

Read More
Network Profiling Using Flow

Network Profiling Using Flow

• SEI Blog
Austin Whisnant

Knowing what assets are on a network, particularly which assets are visible to outsiders, is an important step in achieving network situational awareness. This awareness is particularly important for large, enterprise-class networks, such as those of telephone, mobile, and internet providers. These providers find it hard to track hosts, servers, data sets, and other vulnerable assets in the network....

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I'd like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in and systems engineering, resilience, and insider threat. This post includes a listing of each report, author(s), and links where the published reports can be accessed on the SEI website....

Read More
Looking Ahead: The SEI Technical Strategic Plan, Part 2

Looking Ahead: The SEI Technical Strategic Plan, Part 2

• SEI Blog
Bill Scherlis

The Department of Defense (DoD) has become deeply reliant on software. As a federally funded research and development center (FFRDC), the SEI is chartered to work with the DoD to meet the challenges of designing, producing, assuring, and evolving software-reliant systems in an affordable and dependable manner. This blog post is the second in a multi-part series that describes key elements of our forthcoming Strategic Research Plan that address these challenges through research, acquisition support,...

Read More
Building Next-generation Autonomous Systems

Building Next-generation Autonomous Systems

• SEI Blog
James Edmondson

An autonomous system is a computational system that performs a desired task, often without human guidance. We use varying degrees of autonomy in robotic systems for manufacturing, exploration of planets and space debris, water treatment, ambient sensing, and even cleaning floors. This blog post discusses practical autonomous systems that we are actively developing at the SEI. Specifically, this post focuses on a new research effort at the SEI called Self-governing Mobile Adhocs with Sensors and...

Read More
Reflections in Software Architecture: Presentations by Jeromy Carriere & Ian Gorton

Reflections in Software Architecture: Presentations by Jeromy Carriere & Ian Gorton

• SEI Blog
Bill Pollak

It's undeniable that the field of software architecture has grown during the past 20 years. In 2010, CNN/Money magazine identified "software architect" as the most desirable job in the U.S. Since 2004, the SEI has trained people from more than 900 organizations in the principles and practices of software architecture, and more than 1,800 people have earned the SEI Software Architecture Professional certificate. It is widely recognized today that architecture serves as the blueprint for...

Read More
Looking Ahead: The SEI Technical Strategic Plan

Looking Ahead: The SEI Technical Strategic Plan

• SEI Blog
Bill Scherlis

The Department of Defense (DoD) has become deeply and fundamentally reliant on software. As a federally funded research and development center (FFRDC), the SEI is chartered to work with the DoD to meet the challenges of designing, producing, assuring, and evolving software-reliant systems in an affordable and dependable manner. This blog post--the first in a multi-part series--outlines key elements of the forthcoming SEI Strategic Research Plan that addresses these challenges through research and acquisition support...

Read More