search menu icon-carat-right cmu-wordmark

Archive: November 2019

System Resilience: What Exactly is it?

System Resilience: What Exactly is it?

• SEI Blog
Donald Firesmith

Over the past decade, system resilience (a.k.a., system resiliency) has been widely discussed as a critical concern, especially in terms of data centers and cloud computing. It is also vitally important to cyber-physical systems, although the term is less commonly used in that domain. Everyone wants their systems to be resilient, but what does that actually mean? And how does resilience relate to other quality attributes, such as availability, reliability, robustness, safety, security, and survivability?...

Read More
Situational Awareness for Cybersecurity: Three Key Principles of Effective Policies and Controls

Situational Awareness for Cybersecurity: Three Key Principles of Effective Policies and Controls

• SEI Blog
Angela Horneman

Security measures are most effective when it is clear how assets are supposed to be used and by whom. When this information is documented in clearly written organizational policies, these policies can then be implemented in the form of enforceable security controls. In this third post in our series of blog posts on cyber situational awareness for the enterprise, I discuss how policies and controls contribute to asset protection and to the know what should...

Read More
Six Best Practices for Developer Testing

Six Best Practices for Developer Testing

• SEI Blog
Robert V. Binder

Code coverage represents the percent of certain elements of a software item that have been exercised during its testing. As I explained in my first post in this series on developer testing, there are many ideas about which code elements are important to test and therefore many kinds of code coverage. In this post, the second post in the series, I explain how you can use coverage analysis to routinely achieve consistently effective testing....

Read More
Could Blockchain Improve the Cybersecurity of Supply Chains?

Could Blockchain Improve the Cybersecurity of Supply Chains?

• SEI Blog
Eliezer Kanal

A September 2018 report to the President, Assessing and Strengthening the Manufacturing and Defense Industrial Base and Supply Chain Resiliency of the United States, raised concerns about cybersecurity in light of the reliance on complex supply chains in defense applications. Gaps in the cybersecurity sector lead to pervasive and persistent vulnerabilities to the industrial base, [...] unauthorized access to any facet of manufacturing information could create rippling effects and cause innumerable negative economic and national...

Read More