Tuesday, October 15, 2024
HomeSoftware EngineeringThe Newest Work from the SEI

The Newest Work from the SEI


As a part of an ongoing effort to maintain you knowledgeable about our newest work, this weblog put up summarizes some current publications from the SEI within the areas of provide chain danger administration, technical debt, massive language fashions, quantum computing, acquisition, and trustworthiness in AI techniques. These publications spotlight the most recent work of SEI technologists in these areas. This put up features a itemizing of every publication, writer(s), and hyperlinks the place they are often accessed on the SEI web site.

The Measurement Challenges in Software program Assurance and Provide Chain Danger Administration
by Nancy R. Mead, Carol Woody, and Scott Hissam

On this paper, the authors focus on the metrics wanted to foretell cybersecurity in open supply software program and the way requirements are wanted to make it simpler to use these metrics within the provide chain. The authors present examples of probably helpful metrics and underscore the necessity for information assortment and evaluation to validate the metrics. They assert that defining metrics, gathering and analyzing information as an example their utility, and utilizing customary strategies requires unbiased collaborative work to attain the specified outcomes.
Learn the white paper.

Report back to the Congressional Protection Committees on Nationwide Protection Authorization Act (NDAA) for Fiscal Yr 2022 Part 835 Impartial Research on Technical Debt in Software program-Intensive Programs
by Ipek Ozkaya, Forrest Shull, Julie B. Cohen, and Brigid O’Hearn

A staff from SEI carried out an unbiased examine to fulfill the necessities of the Fiscal Yr 2022 Nationwide Protection Authorization Act (NDAA) Part 835, Impartial Research on Technical Debt in Software program-Intensive Programs.

This report describes the conduct of the examine, summarizes the technical developments noticed, and presents the ensuing suggestions. The examine methodology features a literature assessment, a assessment of SEI experiences developed for program stakeholders, deep dives on program information from SEI engagements with Division of Protection (DoD) packages, and interviews carried out utilizing the ten examine parts laid out in Part 835(b).

The examine concludes that packages are conscious of the significance of managing technical debt. Moreover, quite a lot of DoD packages have established practices to actively handle technical debt. Throughout this examine, the DoD printed a number of steerage paperwork that start to incorporate technical debt and technical debt administration as an important observe for profitable software program growth. Research suggestions embody that the DoD should proceed to replace coverage/steerage and empower packages to include technical debt practices as a part of their software program growth actions whereas enabling analysis in improved device help and information assortment.
View the report.

Assessing Alternatives for LLMs in Software program Engineering and Acquisition
By Stephany Bellomo, Shen Zhang, James Ivers, Julie B. Cohen, and Ipek Ozkaya

On this white paper, the authors look at how choice makers, corresponding to technical leads and program managers, can assess the health of huge language fashions (LLMs) to deal with software program engineering and acquisition wants. They introduce exemplar situations in software program engineering and software program acquisition, and so they establish frequent archetypes. The authors additionally describe frequent issues involving using LLMs and enumerate techniques for mitigating these issues. Utilizing these frequent issues and techniques, the authors reveal how choice makers can assess the health of LLMs for their very own use circumstances by means of two examples.
Learn the white paper.

The Cybersecurity of Quantum Computing: 6 Areas of Analysis
By Tom Scanlon

Analysis and growth of quantum computer systems continues to develop at a speedy tempo. The U.S. authorities alone spent greater than $800 million on quantum info science analysis in 2022. Thomas Scanlon, who leads the information science group within the SEI CERT Division, was lately invited to be a participant within the Workshop on Cybersecurity of Quantum Computing, co-sponsored by the Nationwide Science Basis (NSF) and the White Home Workplace of Science and Know-how Coverage, to look at the rising area of cybersecurity for quantum computing. On this SEI podcast, Scanlon discusses how one can create the self-discipline of cyber safety of quantum computing and descriptions six areas of future analysis in quantum cybersecurity.
Take heed to the SEI podcast.

Learn Tom Scanlon’s weblog put up, which supplies a technical deep dive into this work.

Connecting Stakeholders for DoD Software program Programs
By Hasan Yasar

The Deputy Secretary of Protection authorised and signed the Division of Protection (DoD) Software program Modernization Technique on February 1, 2022. This act initiated a transformative journey for the division to ship strong software program capabilities on the tempo of evolving calls for. Although system complexity and stakeholder decentralization typically problem our potential to securely ship capabilities on time and on price range, fostering collaboration and facilitating open discussions about these challenges, strategizing, and devising actionable plans will probably be essential to overcoming them. This webcast highlights how the December 2023 DoD Weapon Programs Software program Summit options in addressing these challenges and offering us a possibility to collectively devise efficient options.

Attendees

  • acquire an understanding for software program modernization technique
  • uncover difficult areas for DoD weapon techniques
  • observe and be taught enablers for fixing system complexity
  • align your system’s goals along with your software program engineering practices
  • acquire insights from key talks and periods

View the webcast.

Measuring the Trustworthiness of AI Programs
By Katherine-Marie Robinson, Carol J. Smith, and Alexandrea Steiner

The power of synthetic intelligence (AI) to associate with the software program engineer, physician, or warfighter is dependent upon whether or not these finish customers belief the AI system to associate successfully with them and ship the result promised. To construct applicable ranges of belief, expectations have to be managed for what AI can realistically ship. On this podcast from the SEI’s AI Division, Carol Smith, a senior analysis scientist specializing in human-machine interplay, joins design researchers Katie Robinson and Alex Steiner, to debate how one can measure the trustworthiness of an AI system in addition to questions that a corporation ought to ask earlier than figuring out if it needs to make use of a brand new AI know-how.
Take heed to the podcast.

Learn the associated SEI weblog put up, Contextualizing Finish-Consumer Wants: The way to Measure the Trustworthiness of an AI System, by Carrie Gardner, Katherine-Marie Robinson, Carol J. Smith, and Alexandrea Steiner.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments