2017 SEI Year in Review Resources
Rsources for further information on topics discussed in the 2017 SEI Year in Review
Software Engineering Institute
Thank you for reading the 2017 SEI Year in Review. The following resources provide more information about the topics addressed individual articles in the Year in Review. The Table of Contents presents the 2017 SEI Year in Review article title followed by the related resources. A list of links at the bottom of the page provide author information and brief summaries for each item.
Using Ground-Truth Data Sets as Engines of Innovation
- Why Does Software Cost So Much? Toward a Causal Model
- CERT Common Sense Guide to Mitigating Insider Threats
- Quantifying Uncertainty in Early Lifecycle Cost Estimation
- DoD Software Factbook
Ultra-Large-Scale Systems: More than a Decade of Influence
Bridging Science and Practice to Build Cybersecurity Knowledge and Skills
- Using Serious Games (Cyber Kinetic Effects Integration)
- Private Cyber Training Cloud (cyber workforce research and development platform)
- STEPfwd (cyber workforce research and development platform)
Making Biometric Data Extraction Mission Practical
Getting a Handle on Big Learning Platform Performance
Building Trust Between Humans and Autonomous Systems
SEI Research Combats Mounting Acquisition Costs
Reporting DoD Network Vulnerabilities: It Just Got Easier
Assuring Autonomous Systems that Operate in Mission Environments
Pushing R&D to the Front Lines
- Cyber Affordance Visualization in Augmented Reality
- Cyber Foraging for Improving Survivability of Mobile Systems
Enabling Elusive Systems: Adaptive Cyber Defense for Networks
Anytime, Anywhere Training for Cyber Operators
A Fighting Chance: Arming the Analyst in the Age of Big Data
- Events, Relationships, and Script Learning for Situational Awareness
- Prioritizing Alerts from Static Analysis with Classification Models
Automated Code Analysis and Transformation
- Design Pattern Recovery from Malware Binaries
- CERT BFF: From Start to PoC
- Automated Code Repair Based on Inferred Specifications
Building the Cyber Capacity of International Partners
- Resources for National CSIRTs
- SEI CERT Division and State Department Team Up on Sub-Saharan Cybersecurity Effort
Author(s): Robert W. Stoddard, Michael D. Konrad, William Nichols, David Danks (Carnegie Mellon University), Kuh Zhang (Carnegie Mellon University)
This presentation shares early research results that may confirm some well-known drivers of DoD software cost and debunk others.
Author(s): Matthew L. Collins, Michael C. Theis, Randall F. Trzeciak, Jeremy R. Strozer, Jason W. Clark, Daniel L. Costa, Tracy Cassidy, Michael J. Albrethsen, Andrew P. Moore
Presents recommendations for mitigating insider threat based on CERT's continued research and analysis of over 1,000 cases.
Author(s): Robert Ferguson, Dennis Goldenson, James McCurley, Robert W. Stoddard, David Zubrow, Debra Anderson
The method of quantifying uncertainty described in this report synthesizes scenario building, Bayesian Belief Network (BBN) modeling and Monte Carlo simulation into an estimation method that quantifies uncertainties, allows subjective inputs, visually depicts influential relationships among program change drivers and outputs, and assists with the explicit description and documentation underlying an estimate.
Author(s): Brad Clark, James McCurley, David Zubrow
This DoD Factbook is an initial analysis of software engineering data from the perspective of policy and management questions about software projects.
Author(s): Peter H. Feiler, Kevin Sullivan (University of Virginia), Kurt C. Wallnau, Richard P. Gabriel (Sun Microsystems), John B. Goodenough, Richard C. Linger (Oak Ridge National Laboratory), Thomas A. Longstaff, Rick Kazman, Mark H. Klein, Linda M. Northrop, Douglas Schmidt (Vanderbilt University)
Ultra-Large-Scale Systems: The Software Challenge of the Future is the product of a 12-month study of ultra-large-scale (ULS) systems software.
Author(s): Rotem D. Guttman
Leveraging: Cyber Kinetic Effects Integration (CKEI)
Author(s): Satya Venneti
This technical sheet details our project to extract heart rate from commodity video in real time.
Author(s): Satya Venneti, Oren Wright
Presentation on research to build an accurate, automatic micro-expression analysis prototype that outperforms humans in spotting and recognizing facial micro-expressions in near real time
Author(s): Scott McMillan
Poster on research to build a performance measurement workbench with tools to measure and report performance of large-scale ML platforms
Author(s): Jonathan Chu
Presentation on research to build algorithms that allow robots to explain their behaviors to users and adapt their behavior during execution to enable users to accurately predict what they will do next
Author(s): Sagar Chaki, Dionisio de Niz
This paper presents two challenge problems guiding research on developing a provably correct approach for runtime assurance of distributed real-time embedded systems.
Author(s): Allen D. Householder, Garret Wassermann, Art Manion, Christopher King
This guide provides an introduction to the key concepts, principles, and roles necessary to establish a successful Coordinated Vulnerability Disclosure process. It also provides insights into how CVD can go awry and how to respond when it does so.
Author(s): Edwin J. Morris
Poster for research into using machine learning to extract patterns from high volumes of textual data
Author(s): Brad Clark, Christopher Miller, James McCurley, David Zubrow, Rhonda Brown, Mike Zuccher (No Affiliation)
In this report, the Software Engineering Institute has analyzed data related to DoD software projects and translated it into information that is frequently sought-after across the DoD.
Author(s): Robert W. Stoddard, Michael D. Konrad
Poster on research to build an actionable, full causal model of software cost factors
Author(s): Josh Hammerstein, Jeff Mattson
Poster on research to integrate cyber effects into tactical decision-making for soldiers
Author(s): Samuel M. Weber
This poster displays three tools for static analysis.
Author(s): Will Dormann
This presentation describes the CERT Basic Fuzzing Framework (BFF) from start to PoC.
Author(s): William Klieber, William Snavely
In this paper, the authors describe automated repairs for three types of bugs: integer overflows, missing array bounds checks, and missing authorization checks.