January 9, 2012—The SEI Director’s Office recently completed an annual process to select exploratory research projects. The SEI research program strives to keep the SEI at the leading edge of software engineering and technology by establishing and funding new technical initiatives. The nature of research work is determined internally by the SEI and conforms to broad constraints imposed by the Department of Defense (DoD). Additionally, all proposals must address Heilmeier's Catechism, a set of questions credited to George Heilmeier that any research project or product development effort should address. The following are this year’s exploratory research projects.
A Decision-Making Framework for Software Maintenance and Evolution seeks to provide software engineering project managers (PMs) an empirical basis for making software refactoring and/or modularization decisions for sustainment planning. The goal of this work is to provide DoD PMs a tool for deciding which parts of code are in direst need of improvement, and for quantifying the benefit (future cost savings) of an investment in refactoring and/or remodularization.
Enabling and Measuring Early Detection of Insider Threats will demonstrate and measure detection of known insider threats prior to attack. The goal of this work is to develop a data-driven methodology to determine detectable event patterns that indicate a potential insider threat, thereby helping the DoD prevent future high-impact data loss. The project will conduct feasibility studies using CERT’s Insider Threat Database.
Semantic Comparison of Malware Functions aims to derive precise, timely, and actionable intelligence to understand and respond to intrusions. This project will develop tools that reduce manual malware analysis required, increase visibility into intruder behavior in DoD settings, identify more effective defense against future intrusions, and lead to cost-effective intrusion identification and response.
Aligning Acquisition Strategies with Business and Mission Goals will investigate ways to prevent failures in DoD programs by explicitly harmonizing architecturally-significant business and mission goals, software quality properties, software architecture, and acquisition strategy elements. The goal of the work is to provide DoD programs with a systematic way to ensure that requirements are defined and feasible, and that proposed design can meet requirements within cost, schedule, and other system constraints.
Architecture-Focused Testing seeks to reduce development cost by making tests more efficient. This work will develop a methodology of composable testability profiles that associate fault models with architecture constructs. It will then apply that methodology to actual customer systems to demonstrate the value of increased testing efficiency. The researchers expect that earlier detection of architecture-induced faults results in measurably fewer failing tests and more effective use of finite testing resources. They also hope that improved test effectiveness and efficiency will produce faster system delivery at lower cost.
Architecture Decision Making for Rapid Lifecycle Development in an Agile Context aims to reduce cycle time for complex system development through agile decision making. This work will identify critical attributes from agile concepts that reduce life-cycle time and are impacted by architectural decisions. The goal of this work is to provide a sound empirical basis for decision making to reduce life-cycle time measured by reduced rework related to integration and team structure.
Modeling Uncertainties for Pre-Milestone A Cost Estimates will create a method for modeling program uncertainties leading to credible and accurate pre-Milestone A cost estimates. SEI researchers will synthesize Bayesian Belief Network (BBN) modeling and Monte Carlo simulation into a method that models uncertainties among program change drivers, allows subjective inputs, visually depicts influential relationships and outputs to aid team-based model development, and assists with the explicit description and documentation underlying an estimate. The goal is to produce a DoD domain-specific method for improving expert judgment regarding uncertainty in program change drivers, their relationships, and impacts on cost drivers.
Real-Time Scheduling on Heterogeneous Multicores will research ways to prevent proliferation of and counter weapons of mass destruction (WMD) through monitoring and tracking lethal agents and materials. WMD production facilities underground cannot be monitored by large, high-altitude unmanned aerial vehicles (UAV). This monitoring requires a UAV that has a small form-factor (that enables underground flight), long mission times (that allow the vehicle to exhaustively survey an entire underground complex), and autonomous operation. A UAV for such a mission must be equipped with a computer platform that has a small form-factor, low power consumption, and high processing capacity. A suitable next-generation computer platform meets most of these requirements, but uses too much processing power. SEI researchers will work on extending bin-packing from identical multiprocessors to next-generation computer platforms with capability-accelerating function units. Their goal is to enable more efficient monitoring of WMD using small form-factor UAV.
Semantic Analysis for Malware Code Deobfuscation seeks to provide malware analysts with the tools that they need to defeat malware code obfuscation techniques. Obfuscated code prevents analysts from developing timely, actionable insights by increasing code complexity and reducing the effectiveness of existing tools. SEI researchers will use semantic code analysis to rewrite the program as a deobfuscated executable, providing a new capability while leveraging existing tools. The goal is to help malware analysts derive required insights to respond more quickly to intrusions and protect DoD systems.
For more about research at the SEI, see http://www.sei.cmu.edu/research/.
For more information
Please tell us what you
think with this short
(< 5 minute) survey.