Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Daniel Plakosh
October 2015 - Poster Increase Adoption of Secure Coding Standards Poster (SEI 2015 Research Review)

Authors: Daniel Plakosh

Recent work to promote adoption of secure coding standards includes a web application to improve analyst productivity and 25 new rules for C++

October 2015 - Presentation Increase Adoption of Secure Coding Standards

Authors: Daniel Plakosh

Recent work to promote adoption of secure coding standards includes a web application to improve analyst productivity and 25 new rules for C++

June 2014 - Technical Note Improving the Automated Detection and Analysis of Secure Coding Violations

Topics: Secure Coding

This technical note describes the accuracy analysis of the Source Code Analysis Laboratory (SCALe) tools and the characteristics of flagged coding violations.

October 2012 - Technical Report Resource Allocation in Dynamic Environments

Topics: Ultra-Large-Scale Systems

When warfighting missions are conducted in a dynamic environment, the allocation of resources needed for mission operation can change from moment to moment. This report addresses two challenges of resource allocation in dynamic environments: overstatement of resource needs and unpredictable network availability.

May 2011 - Presentation Experimentation in the Use of Service Orientation in Resource-Constrained Environments

This presentation from SATURN 2011 discusses work done in off-the-shelf SOA technologies in military environments.

December 2010 - Technical Report Adaptive Flow Control for Enabling Quality of Service in Tactical Ad Hoc Wireless Networks

Topics: Software Architecture

The network infrastructure for users such as emergency responders or warfighters is wireless, ad hoc, mobile, and lacking in sufficient bandwidth. This report documents the results from 18 experiments to investigate Adaptive Quality of Service, an approach to enable applications to fulfill their missions despite tactical network infrastructure limitations.

May 2010 - White Paper Edge Enabled Systems

Topics: Ultra-Large-Scale Systems

This paper describes the characteristics of edge systems and the edge organizations in which these systems operate, and make initial recommendations about how such systems and organizations can be created to serve the needs of users at the edge.

December 2008 - Technical Report Results of SEI Independent Research and Development Projects (FY 2008)

This report describes the independent research and development (IRAD) projects that were conducted during fiscal year 2008 (October 2007 through September 2008).

January 2008 - White Paper Vulnerability Detection in ActiveX Controls through Automated Fuzz Testing

Topics: Vulnerability Analysis

In this 2008 paper, the authors explore results of a test of a large number of Active X controls, which provides insight into the current state of ActiveX security.

January 2008 - Technical Report Using the Vickrey-Clarke-Groves Auction Mechanism for Enhanced Bandwidth Allocation in Tactical Data Networks

Topics: Ultra-Large-Scale Systems

This report describes an investigation of the potential for using computational mechanisms to improve the quality of a combat group's common operating picture, in a setting where network bandwidth is scarce.

April 2005 - Technical Note Pin Component Technology (V1.0) and Its C Interface

This 2005 report describes the main concepts of Pin and documents the C-language interface to Pin V1.0.

April 2005 - Technical Note Robustness Testing of Software-Intensive Systems: Explanation and Guide

Topics: Acquisition Support

This 2005 technical note provides guidance and procedures for performing robustness testing as part of DoD or federal acquisition programs that have a software component.

April 2004 - Technical Report Systems of Systems Interoperability

Topics: System of Systems

This technical report documents the findings of an internal research and development effort on system of systems interoperability (SOSI).

January 2004 - Presentation SOSI: System of Systems Interoperability

Topics: Acquisition Support

This presentation on System of Systems Interoperability (SOSI) was delivered by Linda Levine, B. Craig Meyers, Edwin J. Morris, Patrick R. Place, and Daniel Plakosh of the Software Engineering Institute (SEI) in January 2004.

September 2003 - Technical Report Predictable Assembly of Substation Automation Systems: An Experiment Report, Second Edition

This 2003 report describes the results of an exploratory PECT prototype for substation automation, an application area in the domain of power generation, transmission, and management.

September 2003 - Technical Report SEI Independent Research and Development Projects (FY 2003)

This report describes the IR&D projects that were conducted during fiscal year 2003 (October 2002 through September 2003).

June 2003 - Technical Note Proceedings of the System of Systems Interoperability Workshop (February 2003)

Topics: System of Systems

This report documents the model of interoperability presented and the findings from the System of Systems Interoperability Workshop, held in February 2003.

February 2003 - Book Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices

Topics: Software Architecture, System of Systems, Secure Coding

This book shows how to implement a successful modernization strategy that incrementally encompass changes in software technologies, engineering processes, and business practices.

November 2001 - Technical Report Perspectives on Open Source Software

Topics: System of Systems

This 2001 report summarizes the results of a study of the benefits of pitfalls of using open source software.

October 2001 - Technical Report An Enterprise Information System Data Architecture Guide

This report describes a sample data architecture in terms of a collection of generic architectural patterns that define and constrain how data is managed in a system that uses the J2EE platform and the OAGIS.

August 2001 - Technical Report Maintaining Transactional Context: A Model Problem

This 2001 report outlines a model problem constructed to verify the feasibility of building a mechanism to modernize a legacy system.

July 2001 - Technical Note Incremental Modernization for Legacy Systems

This 2001 report shows an objective technique for developing an incremental code-migration strategy for large legacy Common Business-Oriented Language (COBOL) systems.

July 2001 - Technical Report Legacy System Modernization Strategies

Topics: System of Systems

This 2001 report discusses alternative development approaches for incrementally modernizing legacy systems.

June 2001 - Technical Note Real-Time Systems Engineering: Lessons Learned from Independent Technical Assessments

Topics: Performance and Dependability

This 2001 paper contains observations, recurring themes, trends, and lessons learned about systems development as derived from real-time/mission-critical programs that have been reviewed over the last three years.

December 1999 - Technical Report Builder's Guide for WaterBeans Components

This paper describes WaterBeans, a proof-of-feasibility system for building software applications through a process of assembling prefabricated software components.

April 1999 - Technical Note COTS in the Real World: A Case Study in Risk Discovery and Repair

Topics: System of Systems

This report describes the investigations that were performed to determine how well selected commercial components met the mission needs of a DoD project.

March 1999 - Technical Note Into the Black Box: A Case Study in Obtaining Visibility into Commercial Software

Topics: System of Systems

This 1999 report describes what we did to gain insight into Netscape's Communicator databases, the internal formats of the databases, and the password and encryption schemes used in the key3.db database.

September 1998 - White Paper DoD Security Needs and COTS-Based Systems

Topics: System of Systems

This monograph offers a "heads-up" to decision makers who are building information systems that have security constraints, who feel the market imperatives, and who want to make opportunistic use of what the market has to offer.

April 1998 - Special Report Assessment of CORBA and POSIX Designs for FAA En Route Resectorization

Topics: Performance and Dependability

This report addresses the use of different technologies and an architectural tradeoff approach on a typical En Route system problem.

January 1998 - Technical Report A Study in the Use of CORBA in Real-Time Settings: Model Problems for the Manufacturing Domain

Topics: Performance and Dependability

In this report, we describe the application of an off-the-shelf ORB to two real-time model problems.