Posted on by Autonomy and Counter-Autonomyin
By Douglas C. Schmidt Principal Researcher
As part of an ongoing effort to keep you informed about our latest work, this blog post summarizes some recently published SEI reports, podcasts, and presentations highlighting our work in virtual integration, blockchain programming, Agile DevOps, software innovations, cybersecurity engineering and software assurance, threat modeling, and blacklist ecosystem analysis. These publications highlight the latest work of SEI technologists in these areas. This post includes a listing of each publication, author(s), and links where they can be accessed on the SEI website.
ROI Analysis of the System Architecture Virtual Integration Initiative
By Peter H. Feiler, Jörgen Hansson (University of Skovde), and Steve Helton (The Boeing Company)
This report presents an analysis of the economic effects of the System Architecture Virtual Integration approach on the development of software-reliant systems for aircraft compared to existing development paradigms.
The System Architecture Virtual Integration (SAVI) initiative is a multiyear, multimillion dollar program that is developing the capability to virtually integrate systems before designs are implemented and tested on hardware. The purpose of SAVI is to develop a means of countering the costs of exponentially increasing complexity in modern aerospace software systems. The program is sponsored by the Aerospace Vehicle Systems Institute, a research center of the Texas Engineering Experiment Station, which is a member of the Texas A&M University System. This report presents an analysis of the economic effects of the SAVI approach on the development of software-reliant systems for aircraft compared to existing development paradigms. The report describes the detailed inputs and results of a return-on-investment (ROI) analysis to determine the net present value of the investment in the SAVI approach. The ROI is based on rework cost-avoidance attributed to earlier discovery of requirements errors through analysis of virtually integrated models of the embedded software system expressed in the SAE International Architecture Analysis and Design Language (AADL) standard architecture modeling language. The ROI analysis uses conservative estimates of costs and benefits, especially for those parameters that have a proven, strong correlation to overall system-development cost. The results of the analysis, in part, show that the nominal cost reduction for a system that contains 27 million source lines of code would be $2.391 billion (out of an estimated $9.176 billion), a 26.1 percent cost savings. The original study, reported here, had a follow-on study to validate and further refine the estimated cost savings.
Download the SEI Technical Report.
Obsidian: A Safer Blockchain Programming Language
By Eliezer Kanal and Michael Coblenz
The Defense Advanced Research Projects Agency (DARPA) and other agencies are expressing significant interest in blockchain technology because it promises inherent transparency, resiliency, forgery-resistance, and nonrepudiation, which can be used to protect sensitive infrastructure. At the same time, numerous high-profile incidents of blockchain coding errors that cause major damage to organizations have raised serious concerns about blockchain adoption. In this podcast, Eliezer Kanal and Michael Coblenz discuss the creation of Obsidian, a novel programming language specifically tailored to secure blockchain software development that significantly reduces the risk of such coding errors.
View the SEI Podcast.
SEI Cyber Minute: CERT Cybersecurity Engineering and Software Assurance
By Carol Woody, PhD
The SEI has launched the CERT Cybersecurity Engineering and Software Assurance Professional Certificate program. This program addresses the growing need to educate the current workforce to make good cybersecurity choices.
Our certificate is designed to prepare the current workforce, especially software acquirers and developers, software and system assurance managers, systems engineers, and software engineers with information and resources to tackle these important challenges in todays acquired systems.
The five components in our program cover major lifecycle aspects of cybersecurity and software assurance including security requirements, supply chain risk management, and threat modeling.
View the SEI Cyber Minute.
Three Software Innovations that the DoD Needs Now
By Jeff Boleng, Robert Schiela, Samuel Procter, Lena Pons, Nathan VanHoudnos
What has been the source of the U.S. Department of Defense's advantage? Pointing to the 1970s-era second offset strategy, some say that the DoD's true advantage rests in an ability to rapidly field and integrate new technologies at a scale none can match. The second offset strategy, though, was dominated by hardware-based or -reliant technologies, such as GPS positioning and stealth. The third offset strategy will rely on software-dominated, leap-ahead technologies. What does rapidly integrating software innovations look like for the DoD?
In this panel discussion you will learn
• key reasons why the DoD struggles to rapidly integrate software innovations
• proven ways to bring software innovation to the DoD's doorstep
• three software technologies that have been piloted in DoD settings.
View the SEI Webinar.
By Eileen Wrubel and Will Hayes
DevOps breaks down software development silos to encourage free communication and constant collaboration. Agile, an iterative approach to development, emphasizes frequent deliveries of software. In this podcast, Eileen Wrubel, technical lead for the SEI's Agile-in-Government program, and Hasan Yasar, technical manager of the Secure Lifecycle Solutions Group in the SEI's CERT Division, discuss how Agile and DevOps can be deployed together to meet organizational needs.
View the SEI Podcast.
A Hybrid Threat Modeling Method
By Nancy R. Mead, Forrest Shull, Krishnamurthy Vemuru (University of Virginia), Ole Villadsen (Carnegie Mellon University)
This note presents a hybrid method of threat modeling that attempts to meld the desirable features of three methods: Security Cards, Persona non Grata, and STRIDE.
In FY 2016, the research team evaluated Security Cards, STRIDE (Spoofing identity, Tampering with data, Repudiation, Information disclosure, Denial of service, Elevation of privilege), and persona non grata (PnG) for effectiveness in threat identification. Security Cards is an approach that emphasizes creativity and brainstorming over more structured approaches such as checklists. STRIDE involves modeling a system and subsystem and related data flows. PnGs represent archetypal users who behave in unwanted, possibly nefarious ways. The team used two scenarios: an aircraft maintenance scenario and a drone swarm scenario, both described in this technical note in detail, along with the project outcomes. No individual threat modeling method included all identified threats.
The research team subsequently developed the Hybrid Threat Modeling Method (hTMM), considering the desirable characteristics for a Threat Modeling Method. At a high level, the hTMM includes the following steps, described in detail in the technical note: (1) Identify the system you will be threat modeling. (2) Apply Security Cards according to developers' suggestions. (3) Prune PnGs that are unlikely or for which no realistic attack vectors could be identified. (4) Summarize results from the above steps, utilizing tool support. (5) Continue with a formal risk assessment method.
Download the SEI Technical Note.
Blacklist Ecosystem Analysis: July - December 2017
By Eric Hatleback, Leigh B. Metcalf
This short report provides a summary of the various analyses of the blacklist ecosystem performed from July 1, 2017, through December 31, 2017.
This report is the latest in a series of works dedicated to documenting and exploring the blacklist ecosystem. Whereas previous full reports were composed partly of updates and partly of fresh analysis, we have decided to address those two goals in separate reports henceforth. These smaller update reports are dedicated strictly to updating the previously-implemented methods with the latest data. For an incremental view of the accumulation of the results, see the previous update reports. Separate full reports introduce novel analyses as they are developed, and when those novel analyses yield results that warrant continual updating, those analyses are added to the spectrum covered by the update reports. The update reports are planned for release in conjunction with every six months' worth of data collection. This update covers the data collected from July 1, 2017 through December 31, 2017. Because the aim of the semi-annual updates is the efficient communication of the latest data, and because all of the methods implemented in this report remain identical to the methods employed in previous reports, we have omitted the "Method" section that appeared in the previous full reports. In lieu of that section, for each analysis type, we direct the reader to the previous reports, which contain the full method for each analysis type. The references, too, are restricted merely to the previous full reports and update reports. Full details of relevant literature for each of the analysis methods can be found within the previous full reports.
Additionally, in order to facilitate consistent treatment of the data, we have reprocessed the data from the first three annual reports into uniform 6-month sets for the results presented in the Persistence in Blacklists analysis (Section 2.5).
Download the White Paper