SEI News Archive
Eoin Woods to Discuss Putting Software Architecture in Its Place at SATURN 2008
Woods, a software architect at Barclays Global Investors, will give a keynote presentation on Fitting Software Architecture Into the Enterprise Technology Landscape.
SEPG Europe 2008 Program and Registration Information Now Available
SEPG Europe, an annual event that focuses on performance improvement through process capability, will be held June 10-13, 2008 in Munich, Germany.
SEI Announces Fifth Annual Member Award Winners
The annual awards program honors those members who demonstrate strong representation, contribution, and advocacy to the SEI Membership program.
Phillippe Kruchten to Speak on Software Architecture, Agility, Cost, and Value
Kruchten, a professor of software engineering at the University of British Columbia, will give a keynote address at SATURN 2008.
CERT Researchers to Present Insider Threat Trends and Patterns
Dawn Cappelli and Andrew Moore will present CERT research findings for the first time regarding insider theft of confidential and sensitive information such as social security numbers, credit card numbers, and personally identifiable information and industrial espionage.
Don't Miss SATURN 2008 - Special Group and Course Rates Available
When you attend this year's SEI SATURN Workshop along with three of your coworkers, you can save 10% on the price of two SEI courses that will be colocated with the workshop April 28th and 29th: Documenting Software Architectures (DSA) and Software Architecture: Principles and Practices (SAPP).
SEI Report: Incident Management Mission Diagnostic Method
This report explains how to perform IMMD - a risk-based approach for determining the potential for success of an organization's incident management capability.
SEI and Lockheed-Martin to Host Process Improvement in Multimodel Environments Workshop
All effective businesses face challenges to achieving and sustaining competitive advantage while complying with regulations. To meet these challenges, the highest performing organizations apply reference models, standards, and improvement technologies. This workshop will share current research and methods for multimodel process improvement and to gauge the current state of the practice in commercial, government, and defense organizations.
SMART Ultra-Large-Scale Systems Forum: Scale Changes Everything
Held on March 6 at Carnegie Mellon University, the event brought experts involved in the ULS systems study together with community leaders interested in the growing trend toward ultra-large scale systems.
SEI Announces Release of the CERT Resiliency Engineering Framework
This framework provides a comprehensive roadmap that enables organizations of all sizes to establish, manage, and evaluate operational resiliency which encompasses both security and business continuity.
Mead's contributions to software education and training will be acknowledged with a track devoted to her. Conference registration is open.
Mission Diagnostic Protocol: A Risk-Based Approach for Assessing the Potential for Success
The Mission Diagnostic Protocol, part of the SEI's suite of risk-based methods for assessing and managing complex projects and processes, provides a time-efficient means of analyzing the potential for success in complex and uncertain environments.
SEI Report: Lessons Learned Applying the Mission Diagnostic
This technical note describes the adaptation of the Mission Diagnostic to a project for the development and broad deployment of a software application. The team also derived the basis for a new success-driven framework with an integrated risk perspective.
New Ultra-Large-Scale Systems Website Launched
To establish a comprehensive online destination for ultra-large-scale (ULS) systems, the SEI is introducing an expanded ULS website.
SEI Announces Exciting Keynote Lineup for 20th Annual SEPG North America 2008 Conference
Video-gaming systems, long-term advances in software development for the U.S. military, and what the future holds for software development will be the featured keynote topics at the SEI's 20th Annual SEPG North America 2008 Conference at the Tampa Convention Center in Tampa, Fla., March 17–20, 2008.
FIRST and CERT Coordination Center Unveil New Security Awards
The first-ever international competition honoring best practices and advances in safeguarding the security of computer systems and networks is announced.
SEI Advocates Aggressive Research Agenda to Prepare for the Software-Intensive Systems of the Future
The SEI and the Strengthening the Mid-Atlantic Region for Tomorrow (SMART) Organization will host an expert panel of researchers, industry, and government representatives at the SMART Ultra-Large-Scale Systems Forum to highlight a research study the SEI led on ultra-large-scale (ULS) software-intensive systems.
SEI Paper Selected for International Conference of Complex Computer Systems
The SEI paper From PIMs to PSMs has been selected for the Proceedings of the 12th International Conference on Engineering of Complex Computer Systems (ICECCS07). It is one of only five selected for the proceedings from the UML&AADL'2007 Workshop that was co-located with ICECCS07.
SEI to Host Premier Software and Systems Process Management Conference in Tampa, Florida
The SEI has served as the leader in software and systems engineering research since 1988. This year, the SEI will host more than 1,500 software and systems engineering professionals from around the world at the Tampa Convention Center for four information-filled days of professional development and networking opportunities.
SEI Releases Groundbreaking Best-Practices Model for Acquisition
Developed in collaboration with General Motors, IT industry, and government, CMMI for Acquisition is poised to revolutionize the way organizations acquire or outsource their IT and technical products and services.
Visit the CMMI-ACQ Press Room for complete covereage, including an audio file of the news conference.
A collaborative effort from Carnegie Mellon’s School of Computer Science, Heinz School of Public Policy and Management, and the Software Engineering Institute (SEI), the new degree program offers a multi-disciplinary view of software engineering that can give managers a unique edge in today’s complex marketplace.
Computer Forensics for Business Leaders: Building Robust Policies and Processes
Business leaders can play a key role in computer forensics by establishing strong policies and proactively testing to ensure those policies work in tough situations.
Business Resilience: A More Compelling Argument for Information Security
A business resilience argument can bridge the communication gap that often exists between information security officers and business leaders.
The SEI, with support from General Motors Information Systems & Services (IS&S) Department, will discuss a new best practices model in its CMMI Product Suite that the SEI believes will revolutionize the way governments and business worldwide acquire their software systems and services.
SEI Report Details Skills Needed to be a Successful SCAMPI Lead Appraiser
The SCAMPI Lead Appraiser Body of Knowledge is a driver for the SEI Appraisal Program's approach to ensure quality of SCAMPI appraisals.
COTS and Reusable Software Management Planning: A Template for Life-Cycle Management
This report can serve as a guide for how to manage multiple COTS and other reusable software components in complex systems.
Evaluating a Service-Oriented Architecture
SOA design considerations and tradeoffs are identified that can help the architecture evaluator determine and mitigate risks.
Developing AADL Models for Control Systems: A Practitioner's Guide
This report's primary goal is to describe an approach for and the mechanics of constructing an architectural model that can be analyzed based on the AADL.
2008 Software Architecture Workshop Call for Proposals
Interested participants are encouraged to submit a proposal, including a title and an abstract, for a 20-minute presentation about their work and its relation to software architecture technology.
New Tool Assists With Software Architecture Design
The Architecture Expert tool serves as a software architecture design assistant. It embodies knowledge of quality attributes and the relation between the achievement of quality attribute requirements and architecture design.
Process Improvement Should Link to Security
This report identifies the appropriate ties between improvement and security as well as several subsequent steps underway toward strengthening those ties.
Resiliency Engineering: Integrating Security, IT Operations, and Business Continuity
By taking a holistic view of business resilience – similar in many ways to classical engineering – business leaders can help their operations stand up to known and unknown threats.
CERT Introduces Framework to Help Organizations Manage Operational Resiliency
The Resiliency Engineering Framework is a result of ongoing work at CERT and collaboration with the FSTC. It is intended to help organizations like financial institutions to improve their ability to adapt to and manage risks from day-to-day operations.
A T-Check is a simple and cost-efficient way to understand what a technology can and cannot do in a specific context. This report describes a T-Check exploration of the feasibility of using OGSA in the context of data management.
SEPG North America and Europe 2008 Call for Papers
The call for abstracts for the 2008 technical program is now open.
The Human Side of Security Trade-Offs
It’s easy to think of security as a collection of technologies and tools – but people are the real key to any security effort.
CERT Report: Using Ranged Integers Results in More Reliable and Secure C Programs
The use of ranged integers within the C programming language will help prevent integer overflow errors.
The survey shows that security incidents, electronic crimes and their impact are steady versus last year. It also indicates that over-confidence is pervasive amongst security professionals.
CERT Issues Guide to Implementing Governing for Enterprise Security
Governing for enterprise security means viewing adequate security as a non-negotiable business requirement. CERT's guide provides prescriptive guidance for creating and sustaining an enterprise security governance program.
SEI Report Illustrates How to Use AADL to Model System Families
AADL is an industry-standard, architecture-modeling notation specifically designed to support a component-based approach to modeling embedded systems.
SEI Explains Error Model Annex and Using it with AADL
This report explains the capabilities of the Error Model Annex and provides guidance on using AADL and the error model in modeling dependability aspects of embedded system architectures.
Dual Perspectives: A CIO's and CISO's Take on Security
Given that you can't secure everything, managing security risk to a "commercially reasonable degree" can lead to the best possible solution.
SEI Advances Model for Successful Software Product Lines
The SEI studied organizations and worked with leading practitioners deeply involved with building and using product lines to develop a new version of the Framework for Software Product Line Practice. Version 5.0 reflects current trends and new experiences in software engineering and is now available online.
Information security costs can be significantly reduced by enforcing standard configurations for widely deployed systems.
How To Compare the Security Quality Requirements Engineering (SQUARE) Method with Other Methods
The Security Quality Requirements Engineering (SQUARE) method, developed at the SEI, provides a systematic way to identify security requirements in a software development project.
Microsoft Recognizes CERT Analyst
Microsoft has acknowledged Will Dormann of the CERT/CC for identifying and helping to remediate security vulnerabilities in their online services. Will is one of eleven individuals recognized for their efforts.
CERT's Podcast Series: Real-World Security for Business Leaders
Security is not an option - but it may be time to start viewing it as a business enabler, rather than just a cost of doing business.
Reminder of the CMMI Product Suite Version 1.1 and SW-CMM Sunset Dates
This message from the SEI is a reminder to the process improvement community about the sunset dates for the Capability Maturity Model Integration (CMMI) Version 1.1, Software-CMM (SW-CMM), and their accompanying training materials and appraisal methods.
SEI's Linda Northrop Receives ACM SIGPLAN Distinguished Service Award
Linda Northrop, director of the SEI Product Line Systems Program, was recently awarded the Distinguished Service Award by the Association of Computing Machinery (ACM) SIGPLAN, the subgroup of ACM that focuses on programming languages.
CERT's Podcast Series: Using Standards to Build an Information Security Program
Business leaders can use international standards to create a business and risk-based information security program.
Army Engineering Center Chooses SMART Approach to SOA Planning
Recently, the SEI introduced a new method for planning the migration of legacy components to services called the SEI Service Migration and Reuse Technique (SMART) method.
A look at the work currently under way by the CMMI Team-government, industry, and SEI-to seek ideas for further improvements in the CMMI Product Suite over the next several years.
CERT's Podcast Series: Getting Real About Security Governance
Enterprise security governance is not just a vague idea - it can be achieved by implementing a defined, repeatable process with specific activities.