Software and Cyber Solutions Symposium 2019: Acquisition, Security, and the Supply Chain
This two-day event explored topics such as building a secure development pipeline, scaling Agile metrics, and understanding software architecture, quality, and security through code analysis.
Abstract
When building and acquiring software-reliant systems, the stakes are high and the risks can be daunting. Today’s systems are built with newly developed software, along with legacy, COTS, and open source applications, libraries, and data. Leveraging existing software components can help deliver capability at reduced cost, but what are the risks? How can you know what’s in the software that powers your mission-critical capabilities and how resilient it is to attacks?
The challenges multiply when you consider factors such as the increasing pace of acquisition and the use of multiple providers and teaming arrangements. This symposium included sessions that explored these topics. Besides expert speakers from the Software Engineering Institute, it included keynotes from the acquisition and development communities who provided senior-leader perspectives on these challenges, the status of the practice, and emerging needs.
Collection Contents
-
The Software Dilemma
February 25, 2019 • Presentation
By Cecilia Albert
This talk addresses the significance of software development processes and provide some ideas about how they can affect your acquisition strategy, request for proposal, and contract terms.
read -
From Correlation to Causation: Lessons for Security & Defense
February 25, 2019 • Presentation
By David Danks (Carnegie Mellon University)
In this talk, David Danks describes the state of the art in causal discovery and reasoning methods, many of which have been developed at Carnegie Mellon University.
read -
Mini-Tutorial: Emerging Technologies for Software-Reliant Systems
February 25, 2019 • Presentation
By Eileen Wrubel, Grace Lewis, Ipek Ozkaya, Sam Procter, Erin Harper
This talk presents several emerging technologies and their potential impact for software-reliant systems.
read