Software Engineering Institute (SEI) Podcast Series

In 2013, the AADL Standards meeting was held at SEI headquarters in Pittsburgh, PA. The SEI Podcast Series team was there, and we interviewed several members of the AADL Standards Committee. This podcast is the second in a series based on those interviews. Listen on Apple Podcasts.

The SEI has seen increased interest and adoption of OSS products across the federal government, including the Department of Defense, the intelligence community, and the Department of Homeland Security. The catalyst for this increase has been innovators in government seeking creative solutions to rapidly field urgently needed technologies. While the rise of OSS adoption signals a new approach for government t acquirers, it is not without risks that, it is not without risks that must be acknowledged and addressed, particularly given current certification and accreditation (C&A) techniques. In this podcast, Kate Ambrose Sereno and Naomi Anderson discuss research aimed at developing adoptable, evidence-based, data-driven approaches to evaluating (open source) software. Listen on Apple Podcasts.

The process of designing and analyzing software architectures is complex. Architectural design is a minimally constrained search through a vast multi-dimensional space of possibilities. The end result is that architects are seldom confident that they have done the job optimally, or even satisfactorily. Over the past two decades, practitioners and researchers have used architectural patterns to expedite sound software design. Architectural patterns are prepackaged chunks of design that provide proven structural solutions for achieving particular software system quality attributes, such as scalability or modifiability. While use of patterns has simplified the architectural design process somewhat, key challenges remain. In this podcast, Rick Kazman discusses these challenges and a solution he has developed for achieving system security qualities through use of patterns. Listen on Apple Podcasts.

ES-C2M2 helps improve the operational resilience of the U.S. power grid.  Listen on Apple Podcasts.

In this episode, the fifth in a series by Suzanne Miller and Mary Ann Lapham exploring the application of Agile principles in the Department of Defense (DoD), the two researchers discuss the application of the fifth principle, Build projects around motivated individuals. Give them the environment and support they need, and trust them to get the job done. Listen on Apple Podcasts.

From the braking system in automobiles to the software that controls aircraft, safety-critical systems are ubiquitous. Showing that such systems meet their safety requirements has become a critical area of work for software and systems engineers. The SEI is addressing this issue with a significant research program into assurance cases. In this podcast, the first in a series on assurance cases and confidence, Charles Weinstock introduces the concept of assurance cases and discusses how they can be used to assure that complex software-based systems meet certain kinds of requirements such as safety, security, and reliability. Listen on Apple Podcasts.

An essential element of secure coding in the C programming language is a set of well-documented and enforceable coding rules. The rules specified in this Technical Specification apply to analyzers, including static analysis tools, and C language compiler vendors that wish to diagnose insecure code beyond the requirements of the language standard. All rules are meant to be enforceable by static analysis. The application of static analysis to security has been done in an ad hoc manner by different vendors, resulting in nonuniform coverage of significant security issues. This specification enumerates secure coding rules and requires analysis engines to diagnose violations of these rules as a matter of conformance to this specification. In this podcast, Robert Seacord, the leader of CERT's Secure Coding Initiative, discusses the 7-year journey resulting in the selection of 46 coding rules, derived from the CERT C Secure Coding Standard, for this new technical specification.   Listen on Apple Podcasts.

In 2013, the AADL Standards meeting was held at SEI headquarters in Pittsburgh, Pa. The SEI Podcast Series team was there, and we interviewed several members of the AADL Standards Committee. This podcast, with Peter Feiler and Etienne Borde of Télécom Paris Tech, is the first in a series based on these interviews. Listen on Apple Podcasts.

In this podcast, Tim Chick and Gene Miluk discuss methodology and outputs of the Checkpoint Diagnostic, a tool that provides organizations with actionable performance related information and analysis closely linked to business value. The Checkpoint Diagnostic utilizes process models, data mapping, and quantitative analytics to provide organizations with qualitative process baselines, quantitative performance baselines, benchmark performance comparison, and a prioritized listing of improvement opportunities. Listen on Apple Podcasts.

In this episode, Ian Gorton and John Klein discuss big data and the challenges it presents for software engineers. With help from fellow SEI researchers, the two have developed a lightweight risk reduction approach to help software engineers manage the challenges of big data. Called Lightweight Evaluation and Architecture Prototyping (for Big Data), the approach is based on principles drawn from proven architecture and technology analysis and evaluation techniques to help the Department of Defense (DoD) and other enterprises including avionics, communications, and healthcare develop and evolve systems to manage big data. Listen on Apple Podcasts.