search menu icon-carat-right cmu-wordmark

Archive: April 2020

System Resilience Part 7: 16 Guiding Principles for System Resilience

System Resilience Part 7: 16 Guiding Principles for System Resilience

• SEI Blog
Donald Firesmith

Adverse events and conditions can disrupt a system, causing it to fail to provide essential capabilities and services. As I outlined in previous posts in this series, resilience is an essential quality attribute of most systems because they provide critical capabilities and services that must continue despite the inevitable adversities. These adversities are often unavoidable and come in many forms. Typical examples include coding defects (robustness), hazards and accidents (safety), vulnerabilities and attacks (cybersecurity and...

Read More
System Resilience Part 6: Verification and Validation

System Resilience Part 6: Verification and Validation

• SEI Blog
Donald Firesmith

Adverse events and conditions can disrupt a system, causing it to fail to provide essential capabilities and services. As I outlined in previous posts in this series, resilience is an essential quality attribute of most systems because they provide critical capabilities and services that must continue despite the inevitable adversities. In the first post in this series, I defined system resilience as the degree to which a system rapidly and effectively protects its critical capabilities...

Read More
Automatically Detecting Technical Debt Discussions with Machine Learning

Automatically Detecting Technical Debt Discussions with Machine Learning

• SEI Blog
Robert Nord

Technical debt (TD) refers to choices made during software development that achieve short-term goals at the expense of long-term quality. Since developers use issue trackers to coordinate task priorities, issue trackers are a natural focal point for discussing TD. In addition, software developers use preset issue types, such as feature, bug, and vulnerability, to differentiate the nature of the task at hand. We have recently started seeing developers explicitly use the phrase "technical debt" or...

Read More
7 Quick Steps to Using Containers Securely

7 Quick Steps to Using Containers Securely

• SEI Blog
Thomas Scanlon

Richard Laughlin co-authored this blog post. The use of containers in software development and deployment continues to trend upwards. There is good reason for this climb in usage as containers offer many benefits, such as being lightweight, modular, portable, and scalable, all while enabling rapid and flexible deployments with application isolation. However, as use of this technology increases, so does the likelihood that adversaries will target it as a means to compromise systems. Such concerns...

Read More