http://cmsauth.sei.cmu.edu/Library - Reports & PapersTue, 24 Nov 2009 00:37:33 +0000CommonSpot Content ServerSoftware Engineering Institutenews@sei columns written by the SEI's Watts Humphrey between June 1998 and August 2008http://www.sei.cmu.edu/library/abstracts/reports/09sr024.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr024.cfmMon, 23 Nov 2009 18:55:42 +0000This technical note explores the lack of agreement among SCAMPI Lead Appraisers about what “artifact quality” means in the SCAMPI process context.http://www.sei.cmu.edu/library/abstracts/reports/09tn021.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn021.cfmTue, 17 Nov 2009 12:47:00 +0000This technical note explores the lack of agreement among SCAMPI Lead Appraisers about what “process quality” means in the SCAMPI process context.http://www.sei.cmu.edu/library/abstracts/reports/09tn022.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn022.cfmTue, 17 Nov 2009 12:47:00 +0000The data model for a given system can be seen as an architectural view; for example, a view of a database structure that shows data entities and their relationships. Among other practical purposes, the data model would serve as the blueprint for the physical database, help implementation of the data access layer of the system, and have a strong impact on performance and modifiability.http://www.sei.cmu.edu/library/abstracts/reports/09tn024.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn024.cfmThu, 29 Oct 2009 12:09:00 +0000Since the early 1990s, widespread use of the Personal Software Process (PSP) and Team Software Process (TSP) has resulted in a substantial body of literature about these methodologies and the experiences of organizations that have used them. This special report provides a bibliography of books, articles, and other literature concerning the PSP and TSP methodologies.http://www.sei.cmu.edu/library/abstracts/reports/09sr025.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr025.cfmMon, 26 Oct 2009 14:28:56 +0000This report explores how the assurance case promises a technology answer for the challenge that manufacturers and federal regulators face in gaining confidence about the performance of software-dominated medical devices.http://www.sei.cmu.edu/library/abstracts/reports/09tn018.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn018.cfmSun, 25 Oct 2009 20:58:00 +0000Why do some programs fail? What are the factors that lead to program success? Two organizations, the Systems and Software Consortium, Inc. (SSCI) and the Software Engineering Institute (SEI), recently examined the reasons, and concluded that while many are technical reasons, the greatest influence is people and the things they do individually and in teams that lead to program success or failure. http://www.sei.cmu.edu/library/abstracts/reports/09sr023.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr023.cfmFri, 16 Oct 2009 18:15:10 +0000The Personal Software Process (PSP) body of knowledge (BOK) contained in this report provides guidance to software professionals who are interested in using proven-effective, disciplined methods to improve their personal software development process.http://www.sei.cmu.edu/library/abstracts/reports/09sr018.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr018.cfmMon, 24 Aug 2009 13:20:00 +0000This guidebook is designed to explain the steps for becoming an SEI-Certified Team Software Process (TSP) Coach or SEI-Certified TSP Mentor Coach, with emphasis on guiding individuals through the mentoring process. This guidebook defines the structure and format of the mentor and provisional coach relationship, and explains the process steps and evaluation criteria for becoming an SEI-Certified TSP Coach or Mentor Coach.http://www.sei.cmu.edu/library/abstracts/reports/09sr009.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr009.cfmFri, 21 Aug 2009 16:44:19 +0000This technical note provides guidance on how to contractually incorporate architecture evaluations in an acquisition. A sample Software Architecture Evaluation Plan is provided that can be easily customized by a DoD program office for use in its own RFP and contracts. http://www.sei.cmu.edu/library/abstracts/reports/09tn004.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn004.cfmWed, 01 Jul 2009 16:09:00 +0000Tactics are fundamental elements of software architecture that an architect employs to meet a system's quality requirements. This report describes an updated set of tactics that enable the architect to build availability into a system. http://www.sei.cmu.edu/library/abstracts/reports/09tr006.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tr006.cfmWed, 05 Aug 2009 16:09:00 +0000Software product lines can improve an organization’s position in an existing market and its ability to react to new and changing markets. This technical note describes a technique, based on well-known procedures for defining and evaluating a business strategy, for formulating the production strategy of a production system. http://www.sei.cmu.edu/library/abstracts/reports/09tn025.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn025.cfmSat, 01 Aug 2009 21:54:00 +0000This report describes work being done toward enhancing the Security Quality Requirements Engineering (SQUARE) method to address privacy requirements. The report examines privacy definitions, privacy regulations, and risk assessment techniques for privacy.http://www.sei.cmu.edu/library/abstracts/reports/09sr017.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr017.cfmThu, 30 Jul 2009 12:31:13 +0000This paper presents the as-if infinitely ranged (AIR) integer model, which provides a largely automates the elimination of integer overflow and integer truncation in C and C++ programming code. http://www.sei.cmu.edu/library/abstracts/reports/09tn023.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn023.cfmFri, 17 Jul 2009 18:35:02 +0000Many organizations require quality improvement initiatives to be based on quantified business cases. This leads some organizations to start measurement programs to collect data about current performance—a lengthy and expensive process that requires a strong commitment from management. This report describes a collaboration between the Software Engineering Institute and Ericsson Research and Development, The Netherlands, to build a business case using high maturity measurement approaches that require limited measurement effort.http://www.sei.cmu.edu/library/abstracts/reports/09tn017.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn017.cfmWed, 15 Jul 2009 21:28:00 +0000This is the second edition of the People Capability Maturity Model, Version 2.0. It is also available as a book in the SEI Series from Addison-Wesley.http://www.sei.cmu.edu/library/abstracts/reports/09tr003.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tr003.cfmSun, 12 Jul 2009 21:28:06 +0000Organizations can make the available SOA governance frameworks more effective in their organizations using the scenario-based tailoring technique introduced in this technical note.http://www.sei.cmu.edu/library/abstracts/reports/09tn009.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn009.cfmMon, 01 Jun 2009 14:47:00 +0000This special report is a compilation of request-for-proposal language samples used in Department of Defense software acquisition. The report also reviews federal acquisition guidelines.http://www.sei.cmu.edu/library/abstracts/reports/09sr008.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr008.cfmMon, 01 Jun 2009 14:47:00 +0000This concise report summarizes the findings of a study conducted for the Army to find and describe software measurement practices that are being used successfully. The study looked at practices in a group of Army programs. http://www.sei.cmu.edu/library/abstracts/reports/09tn008.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tn008.cfmMon, 01 Jun 2009 14:47:22 +0000This report details the results of a study of 12 U.S. Army programs that used the ATAM or QAW as part of the Army Strategic Software Improvement Program (ASSIP) effort.http://www.sei.cmu.edu/library/abstracts/reports/09sr007.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr007.cfmWed, 01 Apr 2009 13:02:00 +0000This report is a synthesis of the presentations and discussions that took place during the 2009 U.S. Army Software Product Line Workshop.http://www.sei.cmu.edu/library/abstracts/reports/09tr012.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tr012.cfmWed, 01 Apr 2009 13:02:00 +0000This technical report features a systemic approach for managing risk that takes into account the complex nature of distributed environments. By starting at the top, examining program objectives and then identifying factors that determine whether or not those objectives will be achieved, managers can get a holistic view of their program's risk.http://www.sei.cmu.edu/library/abstracts/reports/09tr007.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tr007.cfmWed, 01 Apr 2009 13:02:00 +0000This report provides guidance for those who want to make the business case for building software assurance into software products during each software development life-cycle activity.http://www.sei.cmu.edu/library/abstracts/reports/09sr001.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr001.cfmWed, 01 Apr 2009 13:02:00 +0000Mexico seeks to be a more competitive player in the IT market. How can it get there -- and how quickly? The Software Engineering Institute's Team Software Process (TSP) could provide the answer. This paper looks at a pilot program sponsored by the Mexican Ministry of Economy that introduces TSP to Mexican IT professionals and develops instructional approaches and resources in collaboration with Tec de Monterrey.http://www.sei.cmu.edu/library/abstracts/reports/09tr011.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tr011.cfmSun, 01 Mar 2009 14:02:00 +0000A preliminary, high-level comparison of the CMMI Development constellation and the ISO 9001:2000 family of process improvement standards.http://www.sei.cmu.edu/library/abstracts/reports/09sr005.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09sr005.cfmSun, 01 Mar 2009 14:02:00 +0000The workshop summarized in this report confirms that various architectural genres enjoy more commonalities than differences. Nevertheless, each one has its own important knowledge base, and openness among the various architectural tasks within an organization is growing in importance.http://www.sei.cmu.edu/library/abstracts/reports/09tr008.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tr008.cfmSun, 01 Mar 2009 14:02:00 +0000This report describes a set of secure design patterns, which are descriptions or templates describing a general solution to a software security problem that can be applied in many different situations. The secure design patterns detailed in this report are meant to eliminate the accidental insertion of vulnerabilities into code or to mitigate the consequences of vulnerabilities. http://www.sei.cmu.edu/library/abstracts/reports/09tr010.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tr010.cfmSun, 01 Mar 2009 14:02:00 +0000A model of best practices to improve the processes of service providers.http://www.sei.cmu.edu/library/abstracts/reports/09tr001.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/09tr001.cfmFri, 01 Feb 2008 16:15:00 +0000This report provides an overview of the Lambda-* performance reasoning frameworks, their current capabilities, and ongoing research. Lambda-* is a suite of performance reasoning frameworks for predicting the average and worst-case latency of tasks in real-time systems.http://www.sei.cmu.edu/library/abstracts/reports/08tr020.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/08tr020.cfmSun, 01 Feb 2009 16:14:00 +0000This report contains results from a survey of high maturity organizations conducted by the Software Engineering Institute (SEI) in 2008. The questions center on the use of process performance modeling in those organizations and the value added by that use. http://www.sei.cmu.edu/library/abstracts/reports/08tr024.cfmhttp://www.sei.cmu.edu/library/abstracts/reports/08tr024.cfmSun, 01 Feb 2009 16:10:00 +0000