SEI Technologies Forum

SEI Technologies Forum

 
Watch the Recordings of the SEI Technology Forum

Reasons to Watch the Presentations

Solutions: The opportunity to learn about the SEI’s areas of work and how we can help organizations achieve strategic advantages

Experts: Complimentary, on-demand access to recordings from SEI’s top researchers who discuss emerging technologies in the software industry

Insights: The chance to gain new knowledge from the convenience of your office and learn how the SEI can help your organization apply improved software technologies

Since 1984, the SEI has worked closely with organizations globally to continually improve software-intensive systems. Our core purpose is to help organizations to improve software engineering capabilities and to develop or acquire the right software, defect free, within budget and on time, every time.

Learn about the latest research in software, systems, and security from technologists of the Carnegie Mellon Software Engineering Institute.

The SEI Technologies Forum, held on October 20, 2011, is a virtual event that brought participants from five continents and more than 50 countries from around the globe. Attendees engaged  with experts and be introduced to state-of-the-art work in the fields of cloud computing, insider threat, Agile, software architecture, security, measurement, process improvement, and acquisition.

The SEI Technologies Forum included eight in-depth presentations from SEI technologists on the latest solutions that are meeting the needs of our customers and partners in government and industry.

Even though the event is over, the presentations are archived for continued, on-demand viewing.


Paul Nielsen

Opening Remarks

Paul Nielsen

Nielsen, director and CEO of the SEI, served in the U.S. Air Force, retiring as a major general after 32 years of distinguished service. As commander of the Air Force Research Laboratory at Wright-Patterson Air Force Base in Ohio for more than four years, he managed the Air Force's science and technology budget of more than $3 billion annually. He also served as the Air Force's technology executive officer, determining the investment strategy for the full spectrum of Air Force science and technology activities. Prior to his command of the Air Force Research Laboratory, Nielsen served as vice commander of the Aeronautical Systems Center, the Air Force's center responsible for developing fighters, bombers, transports, reconnaissance aircraft, training systems, and unmanned aerospace vehicles. Among his previous assignments, he served at the National Security Agency, the Department of Energy's Lawrence Livermore National Laboratory, the Secretary of the Air Force's Office of Special Projects, and the Air Force's Electronic Systems Center. Nielsen was a military assistant in the Office of the Secretary of Defense and the Commander of Rome Laboratory. He was operations chief for the Cheyenne Mountain Operations Center and director of plans for the North American Aerospace Defense Command. In 2010, Nielsen was elected as a member of the U. S. National Academy of Engineering (NAE). He is a fellow of the American Institute of Aeronautics and Astronautics (AIAA) and a fellow of the Institute of Electrical and Electronic Engineers (IEEE). He served as the AIAA president from 2007-2008. Nielsen serves on several advisory boards including the Air Force Scientific Advisory Board and is a member of the Board of Directors for the Hertz Foundation, a non-profit that awards graduate school fellowships in the applied sciences.

Eileen Forrester

CMMI-SVC: The Strategic Landscape for Service

The majority of the global economy is now service, rather than manufacturing or trading of tangible goods. Even the development of goods and systems increasingly takes on the character of service. This is a reality for all of the major players in the world, and it even offers a unique opportunity for emerging markets and industries. Eileen Forrester, manager of the CMMI for Services (CMMI-SVC) Project at the SEI, will talk about not only the current state of CMMI-SVC, but the larger strategic choices open to those who consider how superior service can revolutionize both work and business results. Innovative approaches already working in the United States, Latin America, Asia, and Europe can be tailored to your needs and make you a service leader in your markets.

Eileen Forrester

Forrester is the manager of the CMMI for Services Project at the Software Engineering Institute, and the lead author of the Addison-Wesley book, CMMI for Services, Guidelines for Superior Service. She was the co-chair of the International Process Research Consortium (IPRC) and the editor of the IPRC Process Research Framework. Forrester is the developer of TransPlant, a transition-planning process; and her current research area is in process-oriented approaches to service delivery, technology change, risk management, and emergent system types. These approaches include GAIT, CMMI for Services, OCTAVE, MDA, and multi-model improvement approaches. She has more than 35 years of experience in technology transition, strategic planning, applied research, process improvement, communication planning, and managing product, service, and non-profit organizations.

Read

Publications CMMI-SVC

CMMI-SVC Model, Translations, Summaries, Interviews, Presentations, Excerpts, and more...

Learn

Introduction to CMMI
for Services v1.3

Upcoming: January 10-12, 2012


William E. Novak

Software Acquisition Program Dynamics

Analysis work by the SEI on data collected from more than 100 Independent Technical Assessments (ITAs) of software-reliant acquisition programs has produced insights into the most common ways that programs encounter difficulties. Programs regularly experience recurring cost, schedule, and quality failures, and progress and outcomes often appear to be unpredictable and unmanageable. Furthermore, many acquisition leaders and staffers neither recognize these recurring issues nor realize that known solutions exist for many of these problems. In this area of work, the SEI is trying to mitigate the effects of misaligned acquisition program organizational incentives and adverse software-reliant acquisition structural dynamics by improving program staff decision making. To do this, we are modeling and analyzing both the adverse acquisition dynamics that we have encountered in actual programs, as well as candidate solutions to resolve those dynamics. Building on past work with acquisition archetypes that present qualitative models of adverse acquisition dynamics, we are now building executable system dynamics models, which allow those behaviors to be analyzed and validated. Potential solutions are then constructed and connected to the problem model, allowing us to evaluate the ability of each approach to mitigate the dynamic. Ultimately, the objective is not only to assess the relative merits of different solution approaches and identify those that perform best, but to develop interactive acquisition simulations that offer acquisition practitioners the chance to "learn by doing." This involves recognizing, experiencing, and resolving complex acquisition dynamics in the classroom, rather than during the development of mission-critical systems. By improving program decision making, we can help programs overcome counterproductive behaviors that stem from misaligned incentives and underlying dynamics, and thus deploy higher-quality systems to the field in a more timely and cost-effective manner.

William E. Novak

Novak is a senior member of the technical staff at the SEI. He is a researcher, consultant, and instructor in the acquisition and development of software-reliant systems. Novak has more than 25 years of experience with real-time embedded software product development, government acquisition, and business management. Prior to coming to the SEI, he worked at GTE, GE Corporate Research and Development, GE Aerospace, and Texas Instruments. His technical background includes research and development work in software engineering, development environments, software reuse, and digital signal processing. Novak has received a Master of Science in Computer Engineering from Rensselaer Polytechnic Institute and a Bachelor of Science in Computer Science from the University of Illinois at Urbana-Champaign.

Read

Misaligned Incentives

Learn

Software Acquisition Survival Skills

Upcoming: February 22-24, 2012

Explore

Tools and Methods Acquisition

Acquisition Strategy Development Tool, Quality Assessment of Systems Architecture Requirements, CMMI for Acquisition...


Grace Lewis

Architectural Implications of Cloud Computing

Cloud computing is being adopted by commercial, government, and Department of Defense (DoD) organizations, driven by a need to reduce the operational cost of their information technology (IT) resources. From an engineering perspective, cloud computing is a distributed computing paradigm that focuses on providing a wide range of users with distributed access to virtualized hardware and/or software infrastructure over the Internet. From a business perspective, it is the availability of computing resources that are scalable and billed on a usage basis as opposed to acquired, which leads to potential cost savings in IT infrastructure. From a software architecture perspective, what this means is that some elements of the software system will be outside the organization, and the control over these elements depends on technical aspects such as the provided resource interface, to business aspects such as the service-level agreement (SLA) with the resource provider. Therefore, systems will have to be designed and architected to account for lack of full control over important quality attributes. This presentation will briefly define cloud computing, the different types of cloud computing environments, and drivers and barriers for cloud computing adoption. It will also focus on examples of architecture and design decisions in the cloud such as data location and synchronization, user authentication models, and multi-tenancy support.

Grace Lewis

Lewis is a senior member of the technical staff at the SEI in the Research, Technology, and System Solutions (RTSS) Program. Her current interests and projects are in service-oriented architecture (SOA), cloud computing, and context-aware mobile applications. Her latest publications include multiple reports and articles on these subjects and a book in the SEI Software Engineering Series. She is also a member of the technical faculty for the Master in Software Engineering Program at Carnegie Mellon University (CMU). Grace holds a Bachelor of Science in Systems Engineering and an Executive Master of Business Administration from Icesi University in Cali, Colombia; and a Master of Science in Software Engineering from CMU.

Explore

Tools and Methods Systems of Systems

Governance and aquisition diagnositc tools; SOA migration, adoption, and reuse technique; web service verification...

Read

Cloud Computing
for the Battlefield


Randy Trzeciak

The Insider Threat: Lessons Learned from Actual Insider Attacks

The Insider Threat Center at CERT, which has been researching insider threats since 2001, has built an extensive library and comprehensive database containing more than 700 actual cases of insider cyber crimes. This presentation will describe findings from our analysis of three primary types of insider cyber crimes: IT sabotage, theft of information, and fraud. All CERT insider threat research focuses on both the technical and behavioral aspects of actual compromises. This presentation will describe who committed the crimes, their motivation, organizational issues surrounding the incidents, methods of carrying out the attacks, impacts, and precursors that could have served as indicators to the organization in preventing the incident or detecting it earlier. It will also convey the "big picture" of the insider threat problem - the complex interactions, relative degree of risk, and unintended consequences of policies, practices, technology, insider psychological issues, and organizational culture over time.

Randy Trzeciak

Trzeciak is currently a senior member of the technical staff at CERT. He is the technical team lead of the Insider Threat Research team; a team focusing on insider threat research; threat analysis and modeling; assessments; and training. Trzeciak has more than 20 years experience in software engineering; database design, development, and maintenance; project management; and information security. He also is an adjunct professor at Carnegie Mellon's Heinz College, Graduate School of Information Systems and Management. Trzeciak holds a master's degree in management from the University of Maryland and bachelor's degrees in management information systems and business administration from Geneva College.

Explore

Insider Threat Research: Modeling and Simulation

Learn

Insider Threat Workshop

Upcoming: March 21 - 22, 2012

Listen

Protecting Against Insider Threat


Douglas C. Schmidt

Opening Remarks

Douglas C. Schmidt

Before joining the SEI, Schmidt was a tenured professor and associate chair of the Department of Electrical Engineering and Computer Science at Vanderbilt University. He was previously a professor at the University of California, Irvine, and Washington University in St. Louis. He also served as chief technology officer for Zircon Computing and Prism Technologies, where he was responsible for the companies' technical vision, strategic directions, and growth. Schmidt was a deputy office director and a program manager at the Defense Advanced Research Projects Agency (DARPA), where he led the national research and development effort on middleware for distributed real-time and embedded (DRE) systems. He also co-chaired the Software Design and Productivity (SDP) Coordinating Group of the U.S. government's multi-agency Information Technology Research and Development (IT R&D) Program, which formulated the national multi-agency software research agenda. Schmidt has published 9 books and more than 450 technical papers covering a range of software-related R&D topics including patterns, optimization techniques, and empirical analyses of object-oriented frameworks and domain-specific modeling environments that facilitate the development of DRE middleware and applications running over data networks and embedded system interconnects. In addition to his academic research, commercial experience, and government service, Schmidt has two decades of experience leading the development of ACE, TAO, CIAO, and CoSMIC, which are widely used DRE middleware frameworks and model-driven tools used successfully by thousands of developers at hundreds of companies worldwide on national defense and security, datacom/telecom, financial services, medical engineering, and online gaming projects. Schmidt holds bachelor's and master's degrees in sociology from the College of William and Mary, as well as a master's degree and doctorate in computer science from the University of California, Irvine.

David White

Smart Grid Maturity Model: A Vision for the Future of Smart Grid

The smart grid represents a whole new framework for improved management of electricity generation, transmission, and distribution. A reliable, secure energy supply is vital to our economy, our security, and our well being. With the support of the U.S. Department of Energy, the SEI is the steward of the Smart Grid Maturity Model (SGMM), a management tool for the utility industry to plan their smart grid journey. This presentation will offer insight into the past year's use of the SGMM and show how utilities are working with the model. The presentation will also describe the release of the SGMM V1.2 Product Suite. As more and more utilities around the globe participate and the SGMM experience base grows, the SGMM becomes an increasingly valuable resource for helping to inform the industry's smart grid transformation.

David White

White is a member of the Resilient Enterprise Management (REM) team in the CERT Program at the SEI. The REM team performs research and development in the areas of operational resilience, critical infrastructure protection, and smart grid deployment. He is the project manager and a core member of the development team for the SEI Smart Grid Maturity Model (SGMM), a business tool to assist utilities in planning and tracking progress on their grid modernization efforts. White is also a core member of the development team for the CERT Resilience Management Model (RMM), a process improvement model that provides guidelines for converging and managing security and business continuity from an operational risk perspective. He is an instructor for the Introduction to the CERT Resilience Management Model course and a lead appraiser for the RMM capability appraisal method. He has a bachelor's and a master's degree in engineering from Carnegie Mellon University. White is currently based in New York City. *David White photo courtesy of Richard L. Kuper

Read

Smart Grid Maturity Model Update, 2011

This Update offers insight into the past year's use of the SGMM and shows how utilities are working with the model.

Explore

Tools and Methods Smart Grid Maturity Model

Model Definition, Compass Assesment Survey, Matrix, Navigator Process, version artifacts...

Learn

SEI-certified SGMM Navigator

Navigators guide and manage an organization's Navigation process to determine its smart grid maturity.


Ipek Ozkaya

Agile Development and Architecture: Understanding Scale and Risk

Over the past decade, Agile software development and software architecture practices have received significant attention from both industry and government. The complementary nature of Agile development and software architecture practices is also increasingly better recognized and appreciated. However, applying Agile development with a concurrent focus on architecture is still experimental and experiential rather than a proven practice based on sound engineering techniques. Challenges are exacerbated when organizations must deal with increased system software size and increased complexity in orchestrating larger engineering and development teams, and when they have to ensure that the systems developed will be viable in the market for several decades. In this presentation, we will examine tactics that can help identify and mitigate key risks of large-scale, complex software development when there is a need to use Agile development and architecture-centric practices in concert.

Ipek Ozkaya

Ozkaya is a senior member of the SEI technical staff within the Architecture-Centric Engineering (ACE) Initiative in the Research, Technology, and System Solutions (RTSS) Program. Her current interests and projects are in developing empirical methods for improving software development efficiency and system evolution with a focus on software architecture practices, software economics, and requirements management. Her latest publications include multiple articles on these subjects focusing on Agile architecting, dependency management, and architectural technical debt. She also serves on the advisory board of the IEEE Software magazine and is a member of the technical faculty for the Master in Software Engineering Program at Carnegie Mellon University (CMU).Ozkaya holds master's and doctoral degrees in computational design, both from CMU.

Julia Allen

Measuring Operational Resilience

Traditional operational security metrics such as number of machines patched, vulnerability scan results, number of incidents, and number of staff trained are easy to collect and can be useful. However, if your objectives are to inform decisions, affect behavior, and determine control effectiveness in support of business objectives, you'll need to consider a set of more strategic resilience measures. This presentation suggests 10 such measures and a means for deriving them.

Julia Allen

Allen is a principal researcher within the CERT Program at the SEI. Allen's areas of interest include operational resilience, software security and assurance, and measurement and analysis. Prior to this technical assignment, Allen served as acting director of the SEI for an interim period of six months as well as deputy director/chief operating officer for three years. She earned a bachelor's degree in computer Science from the University of Michigan and a master's degree in electrical engineering from the University of Southern California. Allen is the author of The CERT Guide to System and Network Security Practices (Addison-Wesley 2001) and moderator for the CERT Podcast Series: Security for Business Leaders. She is a co-author of Software Security Engineering: A Guide for Project Managers (Addison-Wesley 2008) and CERT Resilience Management Model (RMM): A Maturity Model for Managing Operational Resilience (Addison-Wesley 2011).

Explore

Tools and Methods Resilience Management

RMM Model, Process Area Documents, Requirements Development and Management...

Learn

Introduction to the
CERT Resilience Management Model

Upcoming: February 14-16, 2012

Read

Measures for Managing Operational Resilience

This Update offers insight into the past year's use of the SGMM and shows how utilities are working with the model.


James McHale

A Brief Survey of the Team Software Process (TSP)

In his 2010 book Software Engineering Best Practices, Capers Jones identifies the Team Software Process (TSP) as one of the most effective practices for software developers. This presentation briefly describes training and introduction of TSP practices, including the Personal Software Process (PSP), the results and benefits potentials inherent in the methods, and the common use of TSP methods in combination with other popular practices, including Agile (Scrum, TDD, XP), architecture, secure coding, RUP, Six Sigma, and CMMI.

James McHale

McHale is a senior member of the technical staff at the SEI. Prior to joining the SEI in 1999, he spent more than 20 years in industry as a software engineer, system designer, project leader, and development manager working on control systems for diverse applications such as steel mills, power plants, robotics, and transportation. McHale holds a Bachelor of Science in Electrical Engineering. He is an authorized TSP coach and a SCAMPI Lead Appraiser candidate, and he teaches the PSP and TSP course suites as well as Introduction to CMMI. He has also co-authored several technical reports relating TSP to process improvement models such as CMM and CMMI, most recently as lead author of Implementation Guide for the Accelerated Improvement Method (AIM).

Explore

Tools and Methods Team Software Process

Introduction to Team Software Process, Personal Software Book of Knoweldge, Self-Study PSP, Academic PSP...

Learn

Personal Software Process (PSP) Fundamentals

Upcoming: March 5-9, 2012


Lisa Masciantonio

SEI Partner Network: A Global Network of Trusted Providers

The SEI Partner Network is a premier group of organizations that deliver time-tested, proven services developed by the SEI. Whether you are currently a Partner, interested in becoming a Partner, or interested in working with an SEI Partner, this overview will highlight what it means to be an SEI Partner, how to find one, and the services offered.

Lisa Masciantonio

Masciantonio joined the SEI in 2001. As a Partner Network manager, she is responsible for managing and evolving the SEI's Partner Network. Her previous job responsibilities at the SEI focused on strategic business development and project management. Masciantonio has more than 20 years of industrial experience and has worked for Carnegie Mellon Research Institute, Comrise Technology, and Mellon Bank. Masciantonio received a bachelor's degree in public relations/mass communications from Pennsylvania State University; a master's degree in management of information systems from Carnegie Mellon University (CMU), and a master's degree in public management from CMU.

Find

Find an SEI Partner

Search the SEI Partner Directory and find a partner to fit your service needs, language, or region.

Connect

Become an SEI Partner

Join SEI-trained organizations on the leading edge of software engineering processes and technologies. Learn more about working as a Partner.

Explore

SEI Partner Guide

Consider the benefits of being an SEI Partner and how you can carry out your work as a Partner.

*program is subject to change

Help us improve

Visitor feedback helps us continually improve our site.

Please tell us what you
think with this short
(< 5 minute) survey.