Software Engineering Institute Carnegie Mellon

SEI Documents List

[2007] [2006] [2005] [2004] [2003] [2002] [2001] [2000] [1999] [1998] [1997] [1996] [1995] [1994] [1993] [1992] [1991] [1990] [1989] [1988] [1987] [1986] [PDF]

2007 Reports

Special Reports

CMU/SEI-2007-SR-014
A Survey of Systems Engineering Effectiveness -- Initial Results
Elm, J., Goldenson, D., El Emam, K., Donatelli, N., & Neisa, A.

This survey quantifies the relationship between the application of Systems Engineering (SE) best practices to projects and programs, and the performance of those projects and programs. The survey population consisted of projects and programs executed by defense contractors who are members of the Systems Engineering Division of the National Defense Industrial Association. The deployment of SE practices on a project or program was measured through the availability and characteristics of specific SE-related work products. Project Performance was measured through typically available project measures of cost performance, schedule performance, and scope performance. Additional project and program information such as project size, project domain, and other data was also collected to aid in characterizing the respondent's project. Analysis of the survey responses revealed moderately strong statistical relationships between Project Performance and several categorizations of specific of SE best practices. Notably stronger relationships are apparent by combining the effects of more than one the best practices categories. Of course, Systems Engineering Capability alone does not ensure outstanding Project Performance. The survey results show notable differences in the relationship between SE best practices and performance between more challenging as compared to less challenging projects. The statistical relationship between Project Performance and the combination of SE Capability and Project Challenge is quite strong for survey data of this type.

http://www.sei.cmu.edu/publications/documents/07.reports/07sr014.html

Technical Notes

CMU/SEI-2007-TN-003
Conditions for Achieving Network-Centric Operations in Systems of Systems
Fisher, D.; Meyers, B.; & Place, P.

The advantages of systems of systems--such as the ability to adapt to unanticipated and unforeseen situations, eliminate single points of failure, and remain continuously operational while being dynamically updated--guarantee their increasing importance to military and commercial environments. The advent of network-centric systems has served only to accelerate the already prevalent move toward systems of systems.

At the same time, network-centric systems and systems of systems are proving difficult to acquire, develop, test, and operate. Many of them are abandoned before they can be fielded, and fielded systems often fail to satisfy their objectives--demonstrating cost and schedule overruns in their development and sometimes catastrophic failures in operation.

The increasing disparity between the normative (but nonfactual) assumptions that underlie current practices and tools used in the acquisition, development, evolution, and operation of systems and the realities of actual systems of systems contributes to those problems. Effective practices and tools for the acquisition, development, and operation of systems of systems have not yet been developed. Suggesting a context in which those practices and tools can be developed, this technical note proposes necessary conditions--statements of what the desired future state should be--in six areas that influence the effectiveness of network-centric systems and systems of systems: (1) social and cultural environment, (2) legal and regulatory framework, (3) management practices, (4) governance procedures, (5) engineering practices, and (6) technology base.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn003.html

CMU/SEI-2007-TN-043
Dependability Modeling with the Architecture Analysis & Design Language (AADL)
Feiler, P. & Rugina, A.

The Society for Automotive Engineers (SAE) recently published an Error Model Annex document (SAE AS-5506/1) to complement the SAE Architecture Analysis & Design Language (AADL) standard document (SAE AS5506) with capabilities for dependability modeling. The purpose of this report is to (a) explain the capabilities of the Error Model Annex and (b) provide guidance on the use of the AADL and the error model in modeling dependability aspects of embedded system architectures. The focus of the guidance is the creation of error model libraries and the instantiation of these error models on AADL architecture models. In that context, the report discusses modeling of error propagation, error filtering and masking, the interactions between error models and systems with operational modes, and modeling of repair activities.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn043.html

CMU/SEI-2007-TN-008
Executive Overview of SEI MOSAIC: Managing for Success Using a Risk-Based Approach
Alberts, C.; Dorofee, A.; & Marino, L.

In today's business environment, multiple organizations routinely work collaboratively in pursuit of a single mission. These separate efforts result in process and programmatic complexity that is difficult to manage effectively. Mission success in these complex settings demands a collaborative management approach that effectively coordinates task execution and decision-making activities among all participating groups. Managing for mission success requires establishing and maintaining a reasonable degree of confidence that a mission's objectives will be successfully achieved. Confidence at the mission level requires establishing and maintaining a corresponding level of confidence in the people, processes, and technologies used to achieve a mission. The Software Engineering Institute (SEI) is currently developing the Mission-Oriented Success Analysis and Improvement Criteria (MOSAIC)--a suite of advanced, risk-based analysis methods for assessing complex, distributed programs, processes, and information-technology systems. With SEI MOSAIC methods, management can establish and maintain confidence in success throughout the life cycle and help provide assurance at the mission, system, and program levels. This technical note provides an executive overview of the concepts and foundations of SEI MOSAIC.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn008.html

CMU/SEI-2007-TN-010
Flow Latency Analysis with the Architecture Analysis and Design Language (AADL)
Feiler, P. & Hansson, J.

Control system components are sensitive to the end-to-end latency and age of signal data. They are also affected by variation (jitter) in latency and age values due to different runtime configurations (i.e., sampling or data-driven signal processing pipelines, dissimilar communication mechanisms, partitioned architectures, and globally synchronous versus asynchronous hardware). This technical note introduces an analysis framework designed to calculate the end-to-end latency and age of signal stream data as well as their jitter. The latency analysis framework and calculations are illustrated in the context of an example model that uses the flow specification notation of the Architecture Analysis & Design Language (AADL). The report describes how this latency analysis capability can be used to determine worst-case end-to-end latency on system models of different fidelity and how it accounts for partitioned architectures. It also summarizes the worst-case end-to-end flow latency analysis capability provided by the Open Source AADL Tool Environment (OSATE) flow latency analysis plug-in.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn010.html

CMU/SEI-2007-TN-020
Governing for Enterprise Security (GES) Implementation Guide
Westby, J. & Allen, J.

Governing for enterprise security means viewing adequate security as a non-negotiable requirement of being in business. If an organization’s management does not establish and reinforce the business need for effective enterprise security, the organization’s desired state of security will not be articulated, achieved, or sustained. To achieve a sustainable capability, organizations must make enterprise security the responsibility of leaders at a governance level, not of other organizational roles that lack the authority, accountability, and resources to act and enforce compliance.

This implementation guide builds upon prior publications by providing prescriptive guidance for creating and sustaining an enterprise security governance program. It is geared for senior leaders, including those who serve on boards of directors or the equivalent. Throughout the implementation guide, we describe the elements of an enterprise security program (ESP) and suggest how leaders can oversee, direct, and control it, and thereby exercise appropriate governance.

Elevating security to a governance-level concern fosters attentive, security-conscious leaders who are better positioned to protect an organization’s digital assets, operations, market position, and reputation. This document presents a roadmap and practical guidance that will help business leaders implement an effective security governance program.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn020.html

CMU/SEI-2007-TN-021
How To Compare the Security Quality Requirements Engineering (SQUARE) Method with Other Methods
Mead, N.

The Security Quality Requirements Engineering (SQUARE) method, developed at the Carnegie Mellon Software Engineering Institute, provides a systematic way to identify security requirements in a software development project. This report describes SQUARE and then describes other methods used for identifying security requirements, such as the Comprehensive, Lightweight Application Security Process, the Security Requirements Engineering Process, and Tropos, and compares them with SQUARE. The report concludes with some guidelines for selecting a method and a look at some related trends in requirements engineering.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn021.html

CMU/SEI-2007-TN-004, ADA462822
Interpreting Capability Maturity Model Integration (CMMI) for Business Development Organizations in the Government and Industrial Business Sectors
Beynon, D.

Just as use of a disciplined process has been shown to produce higher quality and more predictable software-intensive systems, use of a disciplined business development and marketing process can result in improved success for the business enterprise. Overall business performance and marketing of technology and software-intensive systems can be improved by applying the concepts defined in Capability Maturity Model Integration (CMMI) best practices.

This interpretation of CMMI best practices is for business development activities applicable to contractors doing business within the government (Department of Defense) and industrial business sectors. Using CMMI for business development and product development in the same organization addresses process improvement from a larger business perspective, creating the potential for increased efficiency, improved quality, and better customer satisfaction, and improving the organization's ability to achieve a profitable market share. Many organizations have achieved proven benefits from CMMI-based process improvement programs. This success can be extended beyond product and service engineering to business development organizations by interpreting CMMI best practices for the business development and marketing environments.

This technical note uses the continuous representation of a CMMI model and provides interpretation of CMMI process areas in each of the model's four categories: Project Management, Support, Process Management, and Engineering. Because many best practices for business development activities are not included in CMMI models, four new process areas were added to cover these activities.

This technical note provides an initial construct for business development. Further discussions within the business development and CMMI communities can result in improved refinements.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn004.html

CMU/SEI-2007-TN-009
Introduction to the Architecture of the CMMI Framework
CMMI Architecture Team

This document is an introduction to the CMMI (Capability Maturity Model Integration) Framework architecture, which guides how CMMI products are developed and integrated. The architecture describes the structure, terminology, and required content of every CMMI model.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn009.html

CMU/SEI-2007-TN-047
Modeling of System Families
Feiler, P.

Over their lifetime, systems exist in many forms, such as instances of a system deployed in different contexts or a system evolving over time. Variability may also occur in terms of functionality reflected in the domain architecture, nonfunctional properties (such as performance, reliability, and safety-criticality) that are realized in the runtime architecture, interfaces to the deployment environment with which the system interfaces, and mapping to computing platforms.

The Society of Automotive Engineers (SAE) Architecture Analysis & Design Language (AADL) is an industry-standard, architecture-modeling notation specifically designed to support a component-based approach to modeling embedded systems. This technical note discusses how AADL can be used to model system families and configurations of system and component variants. It shows that AADL supports system families by providing component types that are used to specify component interfaces and multiple implementations for each component type. This report also shows that AADL uses properties to represent multiple dimensions of system variability ranging from variation through conditional compilation to variation through different sets of calibration parameters.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn047.html

CMU/SEI-2007-TN-025
Process Improvement Should Link to Security: SEPG 2007 Security Track Recap
Woody, C.

Security is a very visible issue these days for software. New software products are continuously reported to be vulnerable to attack and compromise; organizations must support an expensive unending update-and-upgrade cycle. Process improvement has been proposed as a mechanism for addressing security challenges, but the Capability Maturity Model Integration (CMMI) approach does not specifically address security, so the linkages for the Software Engineering Process Group (SEPG) community are unclear. The security track at the SEPG 2007 conference was developed to provide a forum for identifying the appropriate ties between process improvement and security. This document summarizes the content shared at the conference and identifies several subsequent steps underway toward strengthening those ties.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn025.html

CMU/SEI-2007-TN-027
Ranged Integers for the C Programming Language
Gennari, J., Hedrick, S., Long, F. Pincar, J. & Seacord, R.

This report describes an extension to the C programming language to introduce the notion of ranged integers, that is, integer types with a defined range of values. A variable of a ranged integer type will always have a value within the defined range as a result of initialization or assignment. Use of ranged integers would help prevent integer overflow errors and thus would result in more reliable and secure C programs. The syntax and semantics of ranged integers are presented, and some examples are given to illustrate their use.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn027.html

CMU/SEI-2007-TN-006, ADA465950
+SAFE, V1.2: A Safety Extension to CMMI-DEV, V1.2
Defence Materiel Organisation, Australian Department of Defence

+SAFE is an extension to CMMI for Development (CMMI-DEV) that covers safety management and safety engineering. +SAFE supplements CMMI-DEV with two additional process areas that provide a basis for appraising or improving an organization's processes for providing safety-critical products. Developing such products requires specialized processes, skills, and experience. +SAFE is designed to identify safety strengths and weaknesses and to address identified weaknesses early in the acquisition process.

+SAFE was designed to reduce the dependence of CMMI appraisers on safety domain expertise. This extension was developed for standalone use. It is not intended to be embedded in a CMMI model document, nor does it rely on any specific safety standards. However, there are intentional overlaps with CMMI model content and some safety standards.

Since +SAFE is an extension of CMMI, it adopts the same assumptions, model structure, conventions, and terminology as CMMI and is affected by the general process-area and capability-level interactions inherent in CMMI. This technical report describes the +SAFE extension and how to use it to appraise an organization's capability in developing, sustaining, maintaining, and managing safety-critical products.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn006.html

CMU/SEI-2007-TN-016
T-Check for Technologies for Interoperability: Open Grid Services Architecture (OGSA)--Part 1
Simanta, S., Lewis, G., & Wrage, L.

Many current technology approaches exist for building systems that have interoperability requirements. This report investigates Open Grid Services Architecture (OGSA), one of the many technologies for accomplishing interoperability, using the T-Check technique. A T-Check is a simple and cost-efficient way to understand what a technology can and cannot do in a specific context. This report describes a T-Check exploration of the feasibility of using OGSA in the context of data management, finding that OGSA (a) provides data storage and retrieval where the specific implementation of the data store implementation is transparent and (b) allows addition or removal of data stores at runtime without affecting system operation. This report is part one of a two-part investigation; part two will look at OGSA in the context of load distribution.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn016.html

CMU/SEI-2007-TN-001
Using ArchE in the Classroom: One Experience
McGregor, J., Bachmann, F., Bass, L., Bianco, P., & Klein, M.

The Architecture Expert (ArchE) tool serves as a software architecture design assistant. It embodies knowledge of quality attributes and the relation between the achievement of quality attribute requirements and architecture design. This technical note describes the use of a pre-alpha release of ArchE in a graduate-level software architecture class at Clemson University. ArchE was used to assist the students in the architecting process. The tool was then evaluated by the students and instructor. The instructor felt that ArchE met his objectives as a pedagogical tool. The students, although critical of the pre-alpha status of ArchE, were enthusiastic about the benefits of having the step-by-step guide to the architect's designing process as provided by ArchE.

http://www.sei.cmu.edu/publications/documents/07.reports/07tn001.html

Technical Reports

CMU/SEI-2007-TR-013, ADA456872
Case Study: Accelerating Process Improvement by Integrating the TSP and CMMI
Wall, D.; McHale, J.; & Pomeroy-Huff, M.

This report describes how two U.S. Naval Air Systems Command (NAVAIR) organizations integrated the use of the Software Engineering Institute's (SEI) Team Software ProcessSM methodology and the Capability Maturity Modeling® framework to progress from Maturity Level 1 to Maturity Level 4 in 30 months. This is less than half of the average time it has taken other organizations to accomplish the same maturity level progression. This case study describes the process improvement efforts of both NAVAIR groups and how they integrated the two SEI technologies to accelerate process improvement within their organizations. Finally, the report presents the key factors that allowed NAVAIR to achieve these rapid results.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr013.html

CMU/SEI-2007-TR-001
Certified Binaries for Software Components
Chaki, S. Ivers, J. Lee, P., Wallnau, K., & Zeilberger, N.

Proof-carrying code (PCC) and certifying model checking (CMC) are two established paradigms for obtaining objective confidence in the runtime behavior of a program. PCC enables the certification of low-level binary code against relatively simple (e.g., memory-safety) policies. In contrast, CMC provides a way to certify a richer class of temporal logic policies, but is typically restricted to high-level (e.g., source) code. In this report, an approach is presented to certify binary code against expressive policies, and thereby achieve the benefits of both PCC and CMC. This approach generates certified binaries from software specifications in an automated manner. The specification language uses a subset of UML statecharts to specify component behavior and is compiled to the Pin component technology. The overall approach thus demonstrates that formal certification technology is compatible with, and can indeed exploit, model-driven approaches to software development. Moreover, this approach allows the developer to trust the code that is produced without having to trust the tools that produced it. In this report details of this approach are presented and experimental results on a collection of benchmarks are described.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr001.html

CMU/SEI-2007-TR-017
CMMI® for Acquisition, Version 1.2
CMMI Product Team

CMMI for Acquisition (CMMI-ACQ) is a model that provides guidance to acquisition organizations for initiating and managing the acquisition of products and services. The model focuses on acquirer processes and integrates bodies of knowledge that are essential for successful acquisitions. CMMI-ACQ provides an opportunity for acquisition organizations

http://www.sei.cmu.edu/publications/documents/07.reports/07tr017.html

CMU/SEI-2007-TR-011
COTS and Reusable Software Management Planning: A Template for Life-
Anderson, W., Morris, E., Smith, D., & Ward, M.

The acquisition community needs guidance in long-term management planning for selecting, approving, and upgrading software products, especially commercial off-the-shelf (COTS) and other reusable software products. As the mixture of these components in systems increases, the demand for a planned way to manage them continues to grow.

The COTS and Reusable Software Management Plan (CRSMP) can facilitate acquisition programs' management of COTS and other reusable software products.

The CRSMP provides a strategy outline for managing data about component licensing, tracking release schedules, monitoring software interdependencies, choosing specific features and extensions and documenting those choices, and evaluating and mitigating risks associated with deploying COTS and other reusable software components in a system. The CRSMP presented in this report can serve as a guide for how to manage multiple COTS and other reusable software components in complex systems.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr011.html

CMU/SEI-2007-TR-014
Developing AADL Models for Control Systems: A Practitioner's Guide
Hudak, J. & Feiler, P.

This document is a guide to help practitioners using the Architecture Analysis and Design Language (AADL), an international industry standard for the model-based engineering of real-time and embedded systems. The primary goal of this document is to describe an approach for and the mechanics of constructing an architectural model that can be analyzed based on the AADL. The first section of this document presents an overview of AADL concepts and many of the keywords of the language. The second part of the document illustrates a model-building approach using the AADL. It takes the perspective of an engineer who is developing a model for the first time using the AADL. This guide leads the reader through complete AADL model development based on automotive embedded control systems (cruise control, traction control, etc.) by describing the use and syntax of the AADL and interleaving modeling abstraction tradeoffs to achieve models that are abstract but precise. Models are constructed with different analysis perspectives in mind to illustrate the semantics as well as the richness of the AADL.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr014.html

CMU/SEI-2007-TR-015
Evaluating a Service-Oriented Architecture
Bianco, P., Kotermanski, R., & Merson, P.

The emergence of service-oriented architecture (SOA) as an approach for integrating applications that expose services presents many new challenges to organizations resulting in significant risks to their business. Particularly important among those risks are failures to effectively address quality attribute requirements such as performance, availability, security, and modifiability. Because the risk and impact of SOA is distributed and pervasive across applications, it is critical to perform an architecture evaluation early in the software life cycle. This report contains technical information about SOA design considerations and tradeoffs that can help the architecture evaluator to identify and mitigate risks in a timely and effective manner. The report provides an overview of SOA, outlines key architecture approaches and their effect on quality attributes, establishes an organized collection of design-related questions that an architecture evaluator may use to analyze the ability of the architecture to meet quality requirements, and provides a brief sample evaluation.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr015.html

CMU/SEI-2007-TR-008
Incident Management Capability Metrics Version 0.1
Dorofee, A.; Killcrece, G.; Ruefle, R.; & Zajicek, M.

Successful management of incidents that threaten an organization's computer security is a complex endeavor. Frequently an organization's primary focus on the response aspects of security incidents results in its failure to manage incidents beyond simply reacting to threatening events.

The metrics presented in this document are intended to provide a baseline or benchmark of incident management practices. The incident management functions-provided in a series of questions and indicators-define the actual benchmark. The questions explore different aspects of incident management activities for protecting, defending, and sustaining an organization's computing environment in addition to conducting appropriate response actions. This benchmark can be used by an organization to assess how its current incident management capability is defined, managed, measured, and improved. This will help assure the system owners, data owners, and operators that their incident management services are being delivered with a high standard of quality and success, and within acceptable levels of risk

http://www.sei.cmu.edu/publications/documents/07.reports/07tr008.html

CMU/SEI-2007-TR-009
Introducing the CERT Resiliency Engineering Framework: Improving the Security and Sustainability Processes
Caralli, R.; Stevens, J.; Wallen, C.; White, D.; Wilson, W.; & Young, L.

As security issues dominate news headlines and affect our daily lives, organizations need to improve their ability to protect and sustain their business-critical assets-people, information, technology, and facilities-using human and financial resources efficiently and effectively. Traditional activities such as security and business continuity must not only be effective at achieving these goals but also must offer the organization increased capabilities for managing and controlling operational resiliency. Unfortunately, organizations often manage these activities in a reactive posture fraught with stove-piped organizational structures and poorly defined and measured goals. The result: potentially less-than- adequate operational resiliency to support business objectives. But organizations can vastly improve operational resiliency by viewing it as an engineering-based process that can be defined, managed, measured, and improved. This view ensures collaboration between security and business continuity activities toward common goals and considers the role of supporting activities such as governance, asset and risk management, and financial control. This report introduces the CERT Resiliency Engineering Framework as a foundational model that describes the essential processes for managing operational resiliency, provides a structure from which an organization can begin process improvement of its security and business continuity efforts, and catalyzes the formation of a community from which further definition of this emerging discipline can evolve.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr009.html

CMU/SEI-2007-TR-012
Introducing OCTAVE Allegro: Improving the Information Security Risk Assessment Process
Caralli, R.; Stevens, J.; Young, L.; & Wilson, W.

This technical report introduces the next generation of the Operationally Critical Threat, Asset, and Vulnerability Evaluation (OCTAVE) methodology, OCTAVE Allegro. OCTAVE Allegro is a methodology to streamline and optimize the process of assessing information security risks so that an organization can obtain sufficient results with a small investment in time, people, and other limited resources. It leads the organization to consider people, technology, and facilities in the context of their relationship to information and the business processes and services they support. This report highlights the design considerations and requirements for OCTAVE Allegro based on field experience with existing OCTAVE methods and provides guidance, worksheets, and examples that an organization can use to begin performing OCTAVE Allegro-based risk assessments.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr012.html

CMU/SEI-2007-TR-002
Modifiability Tactics
Bachmann, F., Bass, L., & Nord, R.

An architectural tactic is a design decision that affects how well a software architecture addresses a particular quality attribute. This report describes how tactics are based on the parameters of quality attribute models. Tactics provide an architectural means of adjusting those parameters, which, in turn, can improve the quality-attribute-specific behavior of the resulting system.

This report justifies the tactics for modifiability, using established concepts of coupling, cohesion, and cost motivations as the means of identifying parameters of interest. Various tactics are then described based on their ability to control these parameters. The report also describes a standard set of architectural patterns and their variants in terms of the use of these tactics.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr002.html

CMU/SEI-2007-TR-005
A Practical Example of Applying Attribute-Driven Design (ADD), Version 2.0
Wood, W.

This report describes an example application of the Attribute-Driven Design (ADD) method developed by the Carnegie Mellon Software Engineering Institute. The ADD method is an approach to defining a software architecture in which the design process is based on the quality attribute requirements the software must fulfill. ADD follows a recursive process that decomposes a system or system element by applying architectural tactics and patterns that satisfy its driving quality attribute requirements.

The example in this report shows a practical application of the ADD method to a client-server system. In particular, this example focuses on selecting patterns to satisfy typical availability requirements for fault tolerance. The design concerns and patterns presented in this report-as well as the models used to determine whether the architecture satisfies the architectural drivers-can be applied in general to include fault tolerance in a system. Most of the reasoning used throughout the design process is pragmatic and models how an experienced architect works.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr005.html

CMU/SEI-2007-TR-010
Progress Toward an Organic Software Architecture Capability in the U.S. Army
Blanchette, S. & Bergey, J.

The goal of the United States Army Strategic Software Improvement Program is to dramatically improve the acquisition of software-intensive systems. One of the initiatives undertaken by the program is to begin building a level of technical expertise in modern software architecture practices within the Army acquisition community. This report describes the Software Architecture Initiative of the Army Strategic Software Improvement Program. Results to date are encouraging and serve as a guide for other acquisition organizations seeking to strengthen their technical competencies.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr010.html

CMU/SEI-2007-TR-003
Quality-Attribute-Based Economic Valuation of Architectural Patterns
Ozkaya, I.; Kazman, R.; Klein, M.

Quality attribute requirements are a driving force for software and system architecture design. Architectural patterns can be used to achieve quality attribute requirements. Consequently architectural patterns generate value based on the present and future utility of the quality attributes they achieve. This report makes the case that architectural patterns carry economic value in part in the form of real options, providing software architects the right, but not the obligation, to take subsequent design actions. The report shows, via a simple example, how an analysis of the options embodied within architectural patterns allows an architect or manager to make reasoned choices about the future value of design decisions, considering this value along multiple quality attribute dimensions.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr003.html

CMU/SEI-2007-TR-006
Results of SEI Independent Research and Development Projects
Alberts, C.; Anderson, B.; Bass, L.; Bass, M.; Boxer, P.; Brownsword, L.; Chaki, S.; Feiler, P.; Fisher, D.; Forrester, E.; Garcia, S.; Greenhouse, A.; Hansson, J.; Herbsleb, J.; Ivers, J.; Lee, P.; Linger, R.; Longstaff, T.; Manadhata, P.; Meyers, B.; Walton, G.; Wing, J.; & Zeilberger, N.Phillips, D.; Sledge, C.; Smith II, J.; Wallnau, K.; Walton, G.; Wing, J.; & Zeilberger, N.

Each year, the Software Engineering Institute (SEI) undertakes several independent research and development (IRAD) projects. These projects serve to (1) support feasibility studies investigating whether further work by the SEI would be of potential benefit and (2) support further exploratory work to determine whether there is sufficient value in eventually funding the feasibility study work as an SEI initiative. Projects are chosen based on their potential to mature and/or transition software engineering practices, develop information that will help in deciding whether further work is worth funding, and set new directions for SEI work. This report describes the IRAD projects that were conducted during fiscal year 2006 (October 2005 through September 2006).

http://www.sei.cmu.edu/publications/documents/07.reports/07tr006.html

CMU/SEI-2007-TR-019
SCAMPI Lead Appraiser Body of Knowledge (SLA BOK)
Masters, M., Behrens, S., Mogilensky, J., & Ryan, C.

The Standard CMMI Appraisal Method for Process Improvement (SCAMPI) is designed to provide benchmark quality ratings relative to Capability Maturity Model Integration (CMMI) models. The role of the SCAMPI Lead Appraiser, who conducts the SCAMPI process, has developed into a distinct profession that encompasses a wide and deep array of competencies. The SCAMPI Lead Appraiser Body of Knowledge (SLA BOK) provides a multi-dimensional view of the competencies and associated skills that are needed to be a successful SCAMPI Lead Appraiser. The SLA BOK is a driver for the SEI Appraisal Program's approach to ensure quality of SCAMPI appraisals. It establishes a comprehensive basis for curriculum, training, certification, observation, and quality assurance programs.

http://www.sei.cmu.edu/publications/documents/07.reports/07tr019.html

CMU/SEI-2007-TR-004
Understanding and Leveraging a Supplier's CMMI Efforts: A Guidebook for Acquirers
CMMI Guidebook for Acquirers Team

This guidebook is designed to help acquisition organizations benefit from their suppliers' use of CMMI for Development, which is a collection of best practices that addresses product development and maintenance activities throughout the product lifecycle. This guidebook also helps acquisition organizations avoid problems that can result from unrealistic expectations.

High capability and maturity level ratings alone do not guarantee program success. This guidebook helps clarify what those ratings can and cannot do for a development program. It describes how acquirers can

http://www.sei.cmu.edu/publications/documents/07.reports/07tr004.html

[2007] [2006] [2005] [2004] [2003] [2002] [2001] [2000] [1999] [1998] [1997] [1996] [1995] [1994] [1993] [1992] [1991] [1990] [1989] [1988] [1987] [1986] [PDF]