Entries Tagged as 'Software Assurance '

Data Analytics for Open Source Software Assessment

Emerging Technologies , Open Source Software , Software Assurance , Software Quality No Comments »

By Kate Ambrose Sereno
Technical Analyst
SEI Emerging Technology Center

This post was co-authored by Naomi Anderson

Kate Ambrose-SerenoIn 2012, the White House released its federal digital strategy. What’s noteworthy about this release is that the executive office distributed the strategy using Bootstrap, an open source software (OSS) tool developed by Twitter and made freely available to the public via the code hosting site GitHub. This is not the only evidence that we have seen of increased government interest in OSS adoption. Indeed, the 2013 report The Future of Open Source Software revealed that 34 percent of its respondents were government entities using OSS products. The Carnegie Mellon University Software Engineering Institute (SEI) has seen increased interest and adoption of OSS products across the federal government, including the Department of Defense (DoD), the intelligence community (IC), and the Department of Homeland Security. The catalyst for this increase has been innovators in government seeking creative solutions to rapidly field urgently needed technologies. While the rise of OSS adoption signals a new approach for government acquirers, it is not without risks that that must be acknowledged and addressed, particularly given current certification and accreditation (C&A) techniques. This blog post will discuss research aimed at developing adoptable, evidence-based, data-driven approaches to evaluating (open source) software.

Read more...

A Strategic Approach to Software Assurance

Software Assurance No Comments »

By Mike McLendon,
Associate Director
Software Solutions Division

Mike McLendonSoftware is the principal, enabling means for delivering system and warfighter performance across a spectrum of Department of Defense (DoD) capabilities. These capabilities span the spectrum of mission-essential business systems to mission-critical command, control, communications, computers, intelligence, surveillance, and reconnaissance (C4ISR) systems to complex weapon systems. Many of these systems now operate interdependently in a complex net-centric and cyber environment. The pace of technological change continues to evolve along with the almost total system reliance on software. This blog posting examines the various challenges that the DoD faces in implementing software assurance and suggests strategies for an enterprise-wide approach.

Read more...

The Latest Research from the SEI

Agile , Cloud Computing , Secure Coding , Software Assurance , Team Software Process (TSP) No Comments »

By Douglas C. Schmidt
Principal Researcher

Douglas C. Schmidt As part of an ongoing effort to keep you informed about our latest work, I'd like to let you know about some recently published SEI technical reports and notes. These reports highlight the latest work of SEI technologists in information assurance and agile, the Team Software Process (TSP), CERT secure coding standards, resource allocation, fuzzing, cloud computing interoperability, and cloud computing at the tactical edge. This post includes a listing of each report, author(s), and links where the published reports can be accessed on the SEI website.

Read more...

The Growing Importance of Sustaining Software for the DoD

Software Assurance , Software Cost Estimates , Software Product Lines , Software Sustainment 11 Comments »

Part 1: Software Sustainment Trends and Challenges
By Douglas C. Schmidt,
Deputy Director, Research, and Chief Technology Officer

Department of Defense (DoD) programs have traditionally focused on the software acquisition phase (initial procurement, development, production, and deployment) and largely discounted the software sustainment phase (operations and support) until late in the lifecycle.  The costs of software sustainment are becoming too high to discount since they account for 60 to 90 percent of the total software lifecycle effort. Moreover, in an era where DoD new-start programs are being reduced in favor of prolonging legacy systems, significant software sustainment cost increases are themselves unsustainable. The growing expense and prolonging of legacy systems motivates the need for greater discipline and attention on defining and applying appropriate methods and technologies to improve sustainment capabilities and efficiencies.  This SEI blog posting—the first in a two part series—summarizes key software sustainment challenges faced by DoD; the subsequent post describes R&D activities conducted by the SEI to address some of these challenges.

Read more...