In late June 2013, a team of SEI researchers attended a four-day music festival at the invitation of Adam Miller, director of the Huntingdon County, Pennsylvania, Emergency Management Agency. The festival typically draws close to 100,000 concert goers to a rural farm in Pennsylvania that lacks significant infrastructure and is accessible only by a two-lane highway. Miller is charged with ensuring the public safety, so it seemed like a good match to partner with researchers from the SEI's Advance...
Aug 29, 2013•10 min
In recent years, rapid evolutions have occurred in technology and its application in most market sectors, leading to the introduction of many new systems, business processes, markets, and enterprise integration approaches. How do you manage the interactions of systems and processes that are continually evolving? Just as important, how can you tell if you are doing a good job of managing these changes, as well as monitoring your progress on an ongoing basis? And how do poor processes impact inter...
Aug 27, 2013•33 min
In this episode, the third in a series by Suzanne Miller and Mary Ann Lapham exploring the application of agile principles in the Department of Defense (DoD), the two researchers discuss the application of the third principle, "Deliver working software frequently, from a couple of weeks to a couple of months, with a preference to the shorter timescale." Listen on Apple Podcasts .
Aug 15, 2013•16 min
"Release early, release often" to significantly improve software performance, stability, and security using a DevOps approach. Listen on Apple Podcasts .
Jul 30, 2013•34 min
Modern mobile devices create new opportunities to interact with their surrounding environment, but their computational power and battery capacity is limited. Code offloading to external servers located in clouds or data centers can help overcome these limitations. However, in hostile environments it is not possible to guarantee reliable networks. Consequently, stable cloud access is not available. Cyber foraging is a technique for offloading resource-intensive tasks from mobile devices to resour...
Jul 25, 2013•21 min
The National Institute of Standards & Technology (NIST) reports that inadequate testing methods and tools annually cost the U.S. economy between $22.2 billion and $59.5 billion, with roughly half of these costs borne by software developers in the form of extra testing and half by software users in the form of failure avoidance and mitigation efforts. The same study notes that between 25 percent and 90 percent of software development budgets are often spent on testing. In this episode, SE...
Jul 11, 2013•17 min
In this episode, SEI researcher Bill Novak discusses joint programs and social dilemmas, which have become increasingly common in defense acquisition, and the ways in joint program outcomes can be affected by their underlying structure. Listen on Apple Podcasts .
Jun 27, 2013•13 min
In this episode, the second in a series by Suzanne Miller and Mary Ann Lapham exploring the application of agile principles in the Department of Defense (DoD), the two researchers discuss the application of the second principle, "Welcome changing requirements, even late in development. Agile processes harness change for the customer's competitive advantage." Listen on Apple Podcasts .
Jun 13, 2013•13 min
Four experience reports demonstrate how the CERT Resilience Management Model can be applied to manage complex and diverse operational risks. Related Courses Introduction to the CERT Resilience Management Model CERT Resilience Management Model (CERT-RMM) Users Group Workshop Series Listen on Apple Podcasts .
Jun 11, 2013•36 min
In this episode, Peter Feiler discusses his recent work to improve the quality of software-reliant systems through an approach known as the Reliability Validation and Improvement Framework. The purpose of the framework is to facilitate early defect discovery and incremental end-to-end validation. Listen on Apple Podcasts .
May 23, 2013•14 min
A common language is essential to develop a shared understanding to better analyze malicious code. Related Course Malware Analysis Apprenticeship Listen on Apple Podcasts .
May 09, 2013•21 min
In this podcast, Joe Elm discusses the results of a recent technical report, The Business Case for Systems Engineering, which establishes clear links between the application of systems engineering (SE) best practices to projects and programs and the performance of those projects and programs. The report clearly shows that projects that do more SE perform better in terms of meeting budgets, schedules, and technical requirements. The survey population consisted of projects and programs executed by...
May 09, 2013•25 min
In this episode, the first in a series by Suzanne Miller and Mary Ann Lapham exploring the application of agile principles in the Department of Defense (DoD), the two researchers discuss the application of the first principle, "Our highest priority is to satisfy the customer through early and continuous delivery of valuable software." Listen on Apple Podcasts .
Apr 18, 2013•19 min
Analysis work by the SEI on data collected from more than 100 independent technical assessments (ITAs) of software-reliant acquisition programs has produced insights into some of the most common ways that programs encounter difficulties. In this episode, Bill Novak and Andy Moore describe a recent technical report, The Evolution of a Science Project, which is based on these insights, and intends to mitigate the effects of both misaligned acquisition program organizational incentives, and adverse...
Apr 04, 2013•20 min
Ensuring the security of personal mobile devices that have access to enterprise networks requires action from employers and users. Listen on Apple Podcasts .
Mar 26, 2013•24 min
In this episode, Peter Feiler, primary author of the Architecture Analysis & Design Language (AADL) standard, discusses the latest changes to the standard, the second version of which was released in January 2009. First published in 2004 by SAE International, AADL is a modeling notation that employs both a textual and graphical representation to provide modeling concepts to describe the runtime architecture of application systems in terms of concurrent tasks, their interactions, and thei...
Mar 21, 2013•14 min
In 2012, representatives from the government approached the SEI Innovation Center about conducting research to assess the state of the practice of cyber intelligence. The overall intent is to expose industry to the best practices in capabilities and methodologies developed by the government, and for the government to learn from the process efficiencies and tools used in industry. In areas where both the government and industry are experiencing challenges, the SEI can leverage its expertise to de...
Mar 07, 2013•17 min
371 cases of insider attacks lead to 4 new and 15 updated best practices for mitigating insider threat. Related Course Insider Threat Workshop Listen on Apple Podcasts .
Feb 28, 2013•35 min
In this podcast, Michael Bandor discusses technology readiness assessments, which the Department of Defense defines as a formal, systematic, metrics-based process and accompanying report that assess the maturity of critical hardware and software technologies to be used in systems. In a discussion with fellow researcher Suzanne Miller, Bandor discusses the latest developments with TRAs and his experiences. Listen on Apple Podcasts .
Feb 21, 2013•16 min
Organizations that use the cloud want the ability to easily move workloads and data from one cloud provider to another or between private and public clouds. A common tactic for enabling interoperability is the use of open standards, and many cloud standardization projects are developing standards for the cloud. In this podcast, Grace Lewis discusses her latest research exploring the role of standards in cloud-computing interoperability, which covers cloud-computing basics, standard-related effor...
Feb 07, 2013•8 min
Governments and markets are calling for the integration of plans for and responses to disruptive events. Related Courses Introduction to the CERT Resilience Management Model CERT Resilience Management Model (CERT-RMM) Users Group Workshop Series Listen on Apple Podcasts .
Jan 31, 2013•27 min
In this episode, Julien Delange and Peter Feiler discuss the latest developments with the Architecture Analysis and Design Language (AADL) standard. First published in 2004 by SAE International, AADL is a modeling notation that employs both a textual and graphical representation. AADL provides modeling concepts to describe the runtime architecture of application systems in terms of concurrent tasks, their interactions, and their mapping onto an execution platform. Development organizations use A...
Jan 17, 2013•15 min
In today's fast-paced, global economy, industry and government customers demand innovation coupled with the ability to adapt products and systems to rapidly changing needs. At the same time, the time frame for developing software continues to shorten. As a result, agile software development processes like Scrum and Extreme Programming, with their emphasis on releasing new software capabilities rapidly, are increasing in popularity beyond small teams and individual projects. In this episode, Tim ...
Jan 03, 2013•18 min
Whether soldiers are on the battlefield or providing humanitarian relief effort, they need to capture and process a wide range of text, image, and map-based information. To support soldiers in this effort, the Department of Defense is beginning to equip soldiers with smartphones to allow them to manage that vast array and amount of information they encounter while in the field. Whether the information gets correctly conveyed up the chain of command depends, in part, on the soldier's ability to c...
Dec 20, 2012•17 min
Today's high-risk, global, fast, and very public business environment demands a more integrated approach to not be surprised by disruptive events. Related Courses Introduction to the CERT Resilience Management Model CERT Resilience Management Model (CERT-RMM) Users Group Workshop Series Listen on Apple Podcasts .
Dec 19, 2012•24 min
A common misconception is that developers using a service-oriented architecture can achieve system qualities such as interoperability and modifiability by simply integrating a set of vendor products that provide an infrastructure. Developers often believe they may then use this infrastructure to expose a set of reusable services to build systems. In reality, developers need to make many architectural decisions. In this episode, Grace Lewis discusses general guidelines for architecting service-or...
Dec 06, 2012•9 min
In this podcast, Bill discusses the development of the long-term, technical strategic plan of the SEI to advance the practice of software engineering for the Department of Defense (DoD) through research and technology transition involving the DoD, federal agencies, industry, and academia. Listen on Apple Podcasts .
Nov 15, 2012•21 min
By law, major defense acquisition programs are now required to prepare cost estimates earlier in the acquisition lifecycle, including pre-Milestone A, well before concrete technical information is available on the program being developed. Estimates are therefore often based on a desired capability-or even on an abstract concept-rather than a concrete technical solution plan to achieve the desired capability. Hence the role and modeling of assumptions becomes more challenging. In today's podcast ...
Nov 01, 2012•10 min
A network profile can help identify unintended points of entry, misconfigurations, and other weaknesses that may be visible to attackers. Listen on Apple Podcasts .
Oct 23, 2012•29 min
The SEI recently worked with Bursatec to create a reliable and fast new trading system for Groupo Bolsa Mexicana de Valores, the Mexican Stock Exchange. This project combined elements of the SEI's Architecture Centric Engineering (ACE) method, which requires effective use of software architecture to guide system development, with its Team Software Process (TSP), which is a team-centric approach to developing software that enables organizations to better plan and measure their work. In this episo...
Oct 18, 2012•28 min
