SEI Blog | Software Assurance

SEI Blog | Software Assurancehttp://sei.cmu.edu/feeds/tag/Updates on changes and additions to the SEI Blog for posts matching Software Assuranceen-usMon, 24 Mar 2025 00:00:00 -0400Enhancing Machine Learning Assurance with Portendhttps://www.sei.cmu.edu/blog/enhancing-machine-learning-assurance-with-portend/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post introduces Portend, a new open source toolset that simulates data drift in machine learning models and identifies the proper metrics to detect drift in production environments.Jeffrey Hansen, Sebastián Echeverría, Lena Pons, Gabriel Moreno, Grace Lewis, Lihan ZhanMon, 24 Mar 2025 00:00:00 -0400https://www.sei.cmu.edu/blog/enhancing-machine-learning-assurance-with-portend/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceMachine LearningChallenges to Assuring Large-Scale Systemshttps://www.sei.cmu.edu/blog/challenges-to-assuring-large-scale-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesNational defense efforts have shifted from defeating terrorism to accelerating innovation, with a priority of delivering capability at speed and at scale.Gabriel Moreno, Anton Hristozov, John Robert, Mark KleinMon, 14 Oct 2024 00:00:00 -0400https://www.sei.cmu.edu/blog/challenges-to-assuring-large-scale-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceTaking Up the Challenge of Open Source Software Security in the DoDhttps://www.sei.cmu.edu/blog/taking-up-the-challenge-of-open-source-software-security-in-the-dod/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post describes a workshop hosted by the SEI to start a conversation to elevate the trustworthiness of free and open source software, particularly in DoD settings.Scott HissamMon, 15 Aug 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/taking-up-the-challenge-of-open-source-software-security-in-the-dod/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceSupply ChainsSix Dimensions of Trust in Autonomous Systemshttps://www.sei.cmu.edu/blog/six-dimensions-of-trust-in-autonomous-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post chronicles the adoption and growth of autonomous systems and provides six considerations for establishing trust.Paul NielsenWed, 20 Apr 2022 00:00:00 -0400https://www.sei.cmu.edu/blog/six-dimensions-of-trust-in-autonomous-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesVulnerability AnalysisSoftware AssuranceVulnerability DiscoveryDevopsArtificial Intelligence EngineeringMachine LearningCybersecurityAutonomy and Counter-AutonomySoftware and Information AssuranceHuman-Machine InteractionsArtificial IntelligenceDigital EngineeringCyber-Physical SystemsSix Acquisition Pathways for Large-Scale, Complex Systemshttps://www.sei.cmu.edu/blog/six-acquisition-pathways-for-large-scale-complex-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesHow to map technical reference frameworks (TRFs) to the pathways that compose the DoD’s Adaptive Acquisition Framework (AAF)Douglas Schmidt, Nickolas GuertinMon, 07 Feb 2022 00:00:00 -0500https://www.sei.cmu.edu/blog/six-acquisition-pathways-for-large-scale-complex-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceSystem of SystemsOpen Systems ArchitecturesAchieving Modular Open System Architectures in DOD AcquisitionAcquisition TransformationToward Technical Reference Frameworks to Support Large-Scale Systems of Systemshttps://www.sei.cmu.edu/blog/toward-technical-reference-frameworks-to-support-large-scale-systems-of-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesStrategies for creating architectures for large-scale, complex, and interoperable systems of systems that are composed of functions covering a broad range of requirements.Nickolas Guertin, Douglas SchmidtMon, 20 Dec 2021 00:00:00 -0500https://www.sei.cmu.edu/blog/toward-technical-reference-frameworks-to-support-large-scale-systems-of-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceSystem of SystemsOpen Systems ArchitecturesAchieving Modular Open System Architectures in DOD AcquisitionAcquisition TransformationSafety Assurance Does Not Provide Software Assurancehttps://www.sei.cmu.edu/blog/safety-assurance-does-not-provide-software-assurance/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog on cybersecurity in cyber-physical systems (CPS), shows how safety evaluations fail to protect against cyber threats.Mark ShermanMon, 02 Aug 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/safety-assurance-does-not-provide-software-assurance/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceAnti-Tamper for Software Componentshttps://www.sei.cmu.edu/blog/anti-tamper-for-software-components/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis post explains how to identify software components within systems that are in danger of being exploited and that should be protected by anti-tamper practices.Scott HissamMon, 21 Jun 2021 00:00:00 -0400https://www.sei.cmu.edu/blog/anti-tamper-for-software-components/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceSystem ResilienceCyber Risk and Resilience ManagementSupply Chains7 Quick Steps to Using Containers Securelyhttps://www.sei.cmu.edu/blog/7-quick-steps-to-using-containers-securely/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThe use of containers in software development and deployment continues to trend upwards. There is good reason for this climb in usage as containers offer many benefits....Tom Scanlon, Richard LaughlinMon, 06 Apr 2020 00:00:00 -0400https://www.sei.cmu.edu/blog/7-quick-steps-to-using-containers-securely/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceData-Driven Management of Technical Debthttps://www.sei.cmu.edu/blog/data-driven-management-of-technical-debt/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn about the SEI's work on technical debt analysis techniques and practices to help software engineers manage its impact on projects in this SEI Blog post.Ipek Ozkaya, Robert NordMon, 16 Dec 2019 00:00:00 -0500https://www.sei.cmu.edu/blog/data-driven-management-of-technical-debt/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceSoftware SustainmentMachine LearningSoftware and Information AssuranceStatic Analysis Classification and PrioritizationArtificial IntelligenceSoftware ArchitectureTechnical DebtSoftware QualityAutomated Assurance of Security-Policy Enforcement In Critical Systemshttps://www.sei.cmu.edu/blog/automated-assurance-of-security-policy-enforcement-in-critical-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesAs U.S. Department of Defense (DoD) mission-critical and safety-critical systems become increasingly connected, exposure from security infractions is likewise increasing....Peter FeilerMon, 19 Feb 2018 00:00:00 -0500https://www.sei.cmu.edu/blog/automated-assurance-of-security-policy-enforcement-in-critical-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceSeven Principles for Software Assurancehttps://www.sei.cmu.edu/blog/seven-principles-for-software-assurance/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post presents seven principles for achieving software assurance: stakeholder involvement, risk management, continuous monitoring, and more.Nancy MeadMon, 24 Oct 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/seven-principles-for-software-assurance/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware and Information AssuranceSoftware AssuranceVerifying Distributed Adaptive Real-Time Systemshttps://www.sei.cmu.edu/blog/verifying-distributed-adaptive-real-time-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post explores high-assurance software in DART systems, and outlines the SEI's approach to meet safety requirements in dynamic environments.James Edmondson, Sagar ChakiMon, 10 Oct 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/verifying-distributed-adaptive-real-time-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceArtificial Intelligence EngineeringModel CheckingVerificationAutonomy and Counter-AutonomyReal-Time SchedulingArtificial IntelligenceCyber-Physical SystemsAddressing the Shortfall of Secure Software Developers through Community College Educationhttps://www.sei.cmu.edu/blog/addressing-the-shortfall-of-secure-software-developers-through-community-college-education/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog discusses a community college program created to address the industry's shortage of qualified professionals in secure software development.Nancy MeadMon, 15 Aug 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/addressing-the-shortfall-of-secure-software-developers-through-community-college-education/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceUsing Quality Metrics and Security Methods to Predict Software Assurancehttps://www.sei.cmu.edu/blog/using-quality-metrics-and-security-methods-to-predict-software-assurance/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesExplore the Software Assurance Framework and discover promising software assurance methods in this informative SEI Blog post.Dr. Carol Woody, Nancy MeadMon, 20 Jun 2016 00:00:00 -0400https://www.sei.cmu.edu/blog/using-quality-metrics-and-security-methods-to-predict-software-assurance/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesArtificial Intelligence EngineeringSoftware AssuranceArtificial IntelligenceDevelopment of a Master of Software Assurance Reference Curriculumhttps://www.sei.cmu.edu/blog/development-of-a-master-of-software-assurance-reference-curriculum/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesLearn about the development of a Master of Software Assurance Reference Curriculum that can be adopted or customized by universities worldwide in this SEI Blog.Nancy MeadMon, 21 Dec 2015 00:00:00 -0500https://www.sei.cmu.edu/blog/development-of-a-master-of-software-assurance-reference-curriculum/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceDesigning Security Into Software-Reliant Systemshttps://www.sei.cmu.edu/blog/designing-security-into-software-reliant-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis blog post highlights the SERA Framework, which was developed to help organizations reduce operational security risks by proactively designing security controls into software-reliant systems.Christopher AlbertsMon, 04 May 2015 00:00:00 -0400https://www.sei.cmu.edu/blog/designing-security-into-software-reliant-systems/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceHeartbleed and Goto Fail: Two Case Studies for Predicting Software Assurance Using Quality and Reliability Measureshttps://www.sei.cmu.edu/blog/heartbleed-and-goto-fail-two-case-studies-for-predicting-software-assurance-using-quality-and-reliability-measures/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesThis SEI Blog post explores the relationship between software quality, reliability, and security, and how addressing software defects can improve security.Dr. Carol Woody, Bill NicholsMon, 20 Apr 2015 00:00:00 -0400https://www.sei.cmu.edu/blog/heartbleed-and-goto-fail-two-case-studies-for-predicting-software-assurance-using-quality-and-reliability-measures/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesMeasurement and AnalysisSoftware AssuranceResilience, Metrics, Sustainment, and Software Assurance - The Latest Research from the SEIhttps://www.sei.cmu.edu/blog/resilience-metrics-sustainment-and-software-assurance-the-latest-research-from-the-sei/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDiscover the SEI's latest research on resilience, metrics, sustainment, and software assurance.Douglas SchmidtMon, 23 Feb 2015 00:00:00 -0500https://www.sei.cmu.edu/blog/resilience-metrics-sustainment-and-software-assurance-the-latest-research-from-the-sei/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceResilience Management Model (RMM)Software Assurance, Social Networking Tools, Insider Threat, and Risk Analysis--The Latest Research from the SEIhttps://www.sei.cmu.edu/blog/software-assurance-social-networking-tools-insider-threat-and-risk-analysis-the-latest-research-from-the-sei/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesDiscover the latest work of SEI technologists in software assurance, social networking tools, insider threat, and more in this SEI Blog post.Douglas SchmidtMon, 19 Jan 2015 00:00:00 -0500https://www.sei.cmu.edu/blog/software-assurance-social-networking-tools-insider-threat-and-risk-analysis-the-latest-research-from-the-sei/?utm_source=blog&utm_medium=rss&utm_campaign=my_site_updatesSoftware AssuranceInsider Threat