search menu icon-carat-right cmu-wordmark

Subject: Team Software Process (TSP)

Data-Driven Software Assurance

Data-Driven Software Assurance

• SEI Blog
Michael Konrad

As recent news headlines about Shellshock, Sony, Anthem, and Target have demonstrated, software vulnerabilities are on the rise. The U.S. General Accounting Office in 2013 reported that "operational vulnerabilities have increased 780 percent over the past six years." These vulnerabilities can be hard and expensive to eradicate, especially if introduced during the design phase. One issue is that design defects exist at a deeper architectural level and thus can be hard to find and address....

Read More
Incorporating Verified Design by Contract into PSP

Incorporating Verified Design by Contract into PSP

• SEI Blog
Bill Nichols

As software continues to grow in size and complexity, software programmers continue to make mistakes during development. These mistakes can result in defects in software products and can cause severe damage when the software goes into production. Through the Personal Software Process (PSP), the Carnegie Mellon University Software Engineering Institute has long advocated incorporating discipline and quantitative measurement into the software engineer's initial development work to detect and eliminate defects before the product is delivered...

Read More
Heartbleed: Q&A

Heartbleed: Q&A

• SEI Blog
Will Dormann

The Heartbleed bug, a serious vulnerability in the Open SSL crytographic software library, enables attackers to steal information that, under normal conditions, is protected by the Secure Socket Layer/Transport Layer Security(SSL/TLS) encryption used to secure the internet. Heartbleed and its aftermath left many questions in its wake: Would the vulnerability have been detected by static analysis tools? If the vulnerability has been in the wild for two years, why did it take so long to...

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I would like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in systems of systems integration from an architectural perspective, unintentional insider threat that derives from social engineering, identifying physical security gaps in international mail processing centers and similar facilities, countermeasures used by cloud service providers, the...

Read More
The Latest Research from the SEI

The Latest Research from the SEI

• SEI Blog
Douglas C. Schmidt

As part of an ongoing effort to keep you informed about our latest work, I'd like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in information assurance and agile, the Team Software Process (TSP), CERT secure coding standards, resource allocation, fuzzing, cloud computing interoperability, and cloud computing at the tactical edge. This post includes a listing of each report, author(s), and...

Read More
Addressing the Challenges of Agile with TSP: A Case Study

Addressing the Challenges of Agile with TSP: A Case Study

• SEI Blog
Bill Nichols

This post is the third and final installment in a three-part series that explains how Nedbank, one of the largest banks in South Africa, is rolling out the SEI's Team Software Process (TSP) throughout its IT organization. In the first post of this series, I examined how Nedbank addressed issues of quality and productivity among its software engineering teams using TSP at the individual and team level. In the second post, I discussed how the...

Read More
Rolling Out TSP Organizational Performance Improvement: A Case Study

Rolling Out TSP Organizational Performance Improvement: A Case Study

• SEI Blog
Bill Nichols

This post is the second installment in a three-part series that explains how Nedbank, one of the largest banks in South Africa, is rolling out the SEI's Team Software Process (TSP)--a disciplined and agile software process improvement method--throughout its IT organization. In the first postof this series, I examined how Nedbank addressed issues of quality and productivity among its software engineering teams using TSP at the individual and team level. In this post, I will...

Read More
Balancing Agility and Discipline at Scale

Balancing Agility and Discipline at Scale

• SEI Blog
Douglas C. Schmidt

While agile methods have become popular in commercial software development organizations, the engineering disciplines needed to apply agility to mission-critical, software-reliant systems are not as well defined or practiced. To help bridge this gap, the SEI recently hosted the Agile Research Forum. The event brought together researchers and practitioners from around the world to discuss when and how to best apply agile methods in mission-critical environments found in government and many industries....

Read More
Improving Software Team Performance with TSP

Improving Software Team Performance with TSP

• SEI Blog
Bill Nichols

In his book Drive, Daniel Pink writes that knowledge workers want autonomy, purpose, and mastery in their work. A big problem with any change in processes is getting the people who do the work to change how they work. Too often, people are told what to do instead of being given the information, autonomy, and authority to analyze and adopt the new methods for themselves. This posting--the first in a two-part series--describes a case study...

Read More
Toward Efficient and Effective Software Sustainment, Second in a Series

Toward Efficient and Effective Software Sustainment, Second in a Series

• SEI Blog
Mike Phillips

In my preceding blog post, I promised to provide more examples highlighting the importance of software sustainmentin the US Department of Defense (DoD). My focus is on certain configurations of weapons systems that are no longer in production for the United States Air Force, but are expected to remain a key component of our defense capability for decades to come, and thus software upgrade cycles need to refresh capabilities every 18 to 24 months. Throughout...

Read More
High Maturity Software Engineering Measurement and Analysis

High Maturity Software Engineering Measurement and Analysis

• SEI Blog
David Zubrow

The SEI has been actively engaged in defining and studying high maturity software engineering practices for several years. Levels 4 and 5 of the CMMI (Capability Maturity Model Integration) are considered high maturity and are predominantly characterized by quantitative improvement. This blog posting briefly discusses high maturity and highlights several recent works in the area of high maturity measurement and analysis, motivated in part by a recent comment on a Jan. 30 postasking about the...

Read More
An Overview of the SEI Technologies Forum

An Overview of the SEI Technologies Forum

• SEI Blog
Douglas C. Schmidt

We use the SEI Blog to inform you about the latest work at the SEI, so this week I'm summarizing some video presentations recently posted to the SEI website from the SEI Technologies Forum. This virtual event held in late 2011 brought together participants from more than 50 countries to engage with SEI researchers on a sample of our latest work, including cloud computing, insider threat, Agile development, software architecture, security, measurement, process improvement, and...

Read More
Developing Architecture-Centric Engineering Within TSP

Developing Architecture-Centric Engineering Within TSP

• SEI Blog
Felix Bachmann

Bursatec, the technology arm of Groupo Bolsa Mexicana de Valores (BMV, the Mexican Stock Exchange), recently embarked on a project to replace three existing trading engines with one system developed in house. Given the competitiveness of global financial markets and recent interest in Latin American economies, Bursatec needed a reliable and fast new system that could work ceaselessly throughout the day and handle sharp fluctuations in trading volume. To meet these demands, the SEI suggested...

Read More