Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
SEI Podcast Series
January 26, 2017

Three Roles and Three Failure Patterns of Software Architects

 Jeffrey Smith (Microsoft)

John Klein

"Different system lifecycle phases require different skills from a software architect. Rare is the architect who can seamlessly transition through all three phases, and software architects, developers, and program managers must be aware of these limitations moving forward."

"Different system lifecycle phases require different skills from a software architect. Rare is the architect who can seamlessly transition through all three phases, and software architects, developers, and program managers must be aware of these limitations moving forward."

Categories: Software Architecture

January 12, 2017

Security Modeling Tools

 Jeffrey Smith (Microsoft)

Julien Delange

"We started to develop these tools a year ago to see how you can present your vulnerabilities; how you can see how a fault propagates within the architecture."

"We started to develop these tools a year ago to see how you can present your vulnerabilities; how you can see how a fault propagates within the architecture."

Categories: Software Architecture

December 19, 2016

Best Practices for Preventing and Responding to Distributed Denial of Service (DDoS) Attacks

 Jeffrey Smith (Microsoft)

Rachel Kartch

"Something that people will ask me is, How can I keep somebody from attacking me? The answer is, go off the internet. If you want to prevent somebody from trying to attack you, unplug your website and go home, and do not ever check your email, and do not worry about it...I will not say this is a solved problem, but the good news is that there are a lot of tools available so that people can protect themselves at least from being completely overwhelmed or protect themselves from being completely out of business.  "

"Something that people will ask me is, How can I keep somebody from attacking me? The answer is, go off the internet. If you want to prevent somebody from trying to attack you, unplug your website and go home, and do not ever check your email, and do not worry about it...I will not say this is a solved problem, but the good news is that there are a lot of tools available so that people can protect themselves at least from being completely overwhelmed or protect themselves from being completely out of business.  "
December 08, 2016

Cyber Security Engineering for Software and Systems Assurance

 Jeffrey Smith (Microsoft)

Nancy R. Mead

 Jeffrey Smith (Microsoft)

Carol Woody, PhD

"We have made risk management the driving focus. In essence that is because nobody goes out and just buys security for the sake of security. There has got to be a reason that they need that type of control or structure around the data and what happens with their technology."

"We have made risk management the driving focus. In essence that is because nobody goes out and just buys security for the sake of security. There has got to be a reason that they need that type of control or structure around the data and what happens with their technology."
November 30, 2016

Moving Target Defense

 Jeffrey Smith (Microsoft)

Andrew O. Mellinger

"Imagine a brick wall, a strong door, a gate or something like that. All those defenses, what they evoke is this kind of big monolithic, static set of walls, OK? Within enterprise networks, what we find is that that gives a lot of opportunity to our attackers to understand what we do."

"Imagine a brick wall, a strong door, a gate or something like that. All those defenses, what they evoke is this kind of big monolithic, static set of walls, OK? Within enterprise networks, what we find is that that gives a lot of opportunity to our attackers to understand what we do."