2017 SEI Year in Review Resources
Resources for further information on topics discussed in the 2017 SEI Year in Review
Publisher:
Software Engineering Institute
Abstract
Thank you for reading the 2017 SEI Year in Review. The following resources provide more information about the topics addressed in individual articles in the Year in Review. The Table of Contents presents the 2017 SEI Year in Review article title followed by the related resources. A list of links at the bottom of the page provide author information and brief summaries for each item.
Using Ground-Truth Data Sets as Engines of Innovation
- Why Does Software Cost So Much? Toward a Causal Model
- CERT Common Sense Guide to Mitigating Insider Threats
- Quantifying Uncertainty in Early Lifecycle Cost Estimation
- DoD Software Factbook
Ultra-Large-Scale Systems: More than a Decade of Influence
Bridging Science and Practice to Build Cybersecurity Knowledge and Skills
- Using Serious Games (Cyber Kinetic Effects Integration)
- Private Cyber Training Cloud (cyber workforce research and development platform)
- STEPfwd (cyber workforce research and development platform)
Making Biometric Data Extraction Mission Practical
Getting a Handle on Big Learning Platform Performance
Building Trust Between Humans and Autonomous Systems
SEI Research Combats Mounting Acquisition Costs
Reporting DoD Network Vulnerabilities: It Just Got Easier
Assuring Autonomous Systems that Operate in Mission Environments
Pushing R&D to the Front Lines
- Cyber Affordance Visualization in Augmented Reality
- Cyber Foraging for Improving Survivability of Mobile Systems
- KD-Cloudlet
Enabling Elusive Systems: Adaptive Cyber Defense for Networks
Anytime, Anywhere Training for Cyber Operators
A Fighting Chance: Arming the Analyst in the Age of Big Data
- Events, Relationships, and Script Learning for Situational Awareness
- Prioritizing Alerts from Static Analysis with Classification Models
Automated Code Analysis and Transformation
- Design Pattern Recovery from Malware Binaries
- CERT BFF: From Start to PoC
- Automated Code Repair Based on Inferred Specifications
Building the Cyber Capacity of International Partners
- Resources for National CSIRTs
- SEI CERT Division and State Department Team Up on Sub-Saharan Cybersecurity Effort
Collection Contents
-
Why Does Software Cost So Much? Toward a Causal Model (March 2017)
March 23, 2017 • Presentation
By Robert W. Stoddard, Michael D. Konrad, William Nichols, David Danks (Carnegie Mellon University), Kuh Zhang (Carnegie Mellon University)
This presentation shares early research results that may confirm some well-known drivers of DoD software cost and debunk others.
read -
Common Sense Guide to Mitigating Insider Threats, Fifth Edition
December 21, 2016 • Technical Report
By Matthew L. Collins, Michael C. Theis, Randall F. Trzeciak, Jeremy R. Strozer, Jason W. Clark, Daniel L. Costa, Tracy Cassidy, Michael J. Albrethsen, Andrew P. Moore
Presents recommendations for mitigating insider threat based on CERT's continued research and analysis of over 1,000 cases.
read -
Quantifying Uncertainty in Early Lifecycle Cost Estimation (QUELCE)
December 1, 2011 • Technical Report
By Robert Ferguson, Dennis Goldenson, James McCurley, Robert W. Stoddard, David Zubrow, Debra Anderson
The method of quantifying uncertainty described in this report synthesizes scenario building, Bayesian Belief Network (BBN) modeling and Monte Carlo simulation into an estimation method that quantifies uncertainties, allows subjective inputs, visually depicts influential relationships among program change drivers and outputs, and assists with the explicit description and documentation underlying an estimate.
read -
DoD Software Factbook
December 31, 2015 • White Paper
By Brad Clark, James McCurley, David Zubrow
This DoD Factbook is an initial analysis of software engineering data from the perspective of policy and management questions about software projects.
read -
Ultra-Large-Scale Systems: The Software Challenge of the Future
June 1, 2006 • Book
By Peter H. Feiler, Kevin Sullivan (University of Virginia), Kurt C. Wallnau, Richard P. Gabriel (Sun Microsystems), John B. Goodenough, Richard C. Linger (Oak Ridge National Laboratory), Thomas A. Longstaff, Rick Kazman, Mark H. Klein, Linda M. Northrop, Douglas Schmidt (Vanderbilt University)
Ultra-Large-Scale Systems: The Software Challenge of the Future is the product of a 12-month study of ultra-large-scale (ULS) systems software.
read -
Using Serious Games
October 18, 2016 • Poster
By Rotem D. Guttman
Leveraging: Cyber Kinetic Effects Integration (CKEI)
read -
Real-Time Extraction of Heart Rate from Video
July 27, 2017 • Brochure
By Satya Venneti
This technical sheet details our project to extract heart rate from commodity video in real time.
read -
Micro-Expressions: More than Meets the Eye
October 30, 2017 • Presentation
By Satya Venneti, Oren Wright
Presentation on research to build an accurate, automatic micro-expression analysis prototype that outperforms humans in spotting and recognizing facial micro-expressions in near real time
read -
Measuring Performance of Big Learning Workloads
October 30, 2017 • Poster
By Scott McMillan
Poster on research to build a performance measurement workbench with tools to measure and report performance of large-scale ML platforms
read -
Why did the robot do that?
October 18, 2016 • Poster
By Stephanie Rosenthal
Why did the robot do that?
read -
What will the Robot do Next?
October 30, 2017 • Presentation
By Jonathan Chu
Presentation on research to build algorithms that allow robots to explain their behaviors to users and adapt their behavior during execution to enable users to accurately predict what they will do next
read -
Certifiable Runtime Assurance of Distributed Real-Time Systems
January 13, 2017 • Conference Paper
By Sagar Chaki, Dionisio de Niz
This paper presents two challenge problems guiding research on developing a provably correct approach for runtime assurance of distributed real-time embedded systems.
read -
The CERT Guide to Coordinated Vulnerability Disclosure
August 15, 2017 • Special Report
By Allen D. Householder, Garret Wassermann, Art Manion, Christopher King
This guide provides an introduction to the key concepts, principles, and roles necessary to establish a successful Coordinated Vulnerability Disclosure process. It also provides insights into how CVD can go awry and how to respond when it does so.
read -
Events, Relationships, and Script Learning for Situational Awareness
October 30, 2017 • Poster
By Edwin J. Morris
Poster for research into using machine learning to extract patterns from high volumes of textual data
read -
Department of Defense Software Factbook
July 11, 2017 • Technical Report
By Brad Clark, Christopher Miller, James McCurley, David Zubrow, Rhonda Brown, Mike Zuccher (No Affiliation)
In this report, the Software Engineering Institute has analyzed data related to DoD software projects and translated it into information that is frequently sought-after across the DoD.
read -
Why Does Software Cost So Much? Towards a Causal Model
October 30, 2017 • Poster
By Robert W. Stoddard, Michael D. Konrad
Poster on research to build an actionable, full causal model of software cost factors
read -
Cyber Affordance Visualization in Augmented Reality
October 30, 2017 • Poster
By Josh Hammerstein, Jeff Mattson
Poster on research to integrate cyber effects into tactical decision-making for soldiers
read -
Design Pattern Recovery from Malware Binaries Poster (SEI 2015 Research Review)
October 23, 2015 • Poster
By Samuel M. Weber
This poster displays three tools for static analysis.
read -
CERT BFF: From Start to PoC
June 9, 2016 • Presentation
By Will Dormann
This presentation describes the CERT Basic Fuzzing Framework (BFF) from start to PoC.
read -
Automated Code Repair Based on Inferred Specifications
November 3, 2016 • Conference Paper
By William Klieber, William Snavely
In this paper, the authors describe automated repairs for three types of bugs: integer overflows, missing array bounds checks, and missing authorization checks.
read