- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- Cyber Workforce Development
- Cyber-Physical Systems
- Cybersecurity Engineering
- DevSecOps
- Edge Computing
- Enterprise Risk and Resilience Management
- Insider Threat
- Model-Based Systems Engineering
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Software Engineering Research and Development
- Technical Debt
Software Cost Estimation Explained
Anandi Hira explains software cost estimation, presents estimation tools, and examines inherent biases that exist in software cost estimation models.
• By Anandi Hira
Redemption: A Prototype for Automated Repair of Static Analysis Alerts
This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.
• By David Svoboda
In Cybersecurity Engineering
The Threat of Deprecated BGP Attributes
This post examines how a small issue with Border Gateway Protocol routing, a deprecated path attribute, can cause a major interruption to Internet traffic.
• By Leigh B. Metcalf, Timur D. Snoke
In CERT/CC Vulnerabilities
Versioning with Git Tags and Conventional Commits
This blog post explores extending the conventional commit paradigm to enable automatic semantic versioning with git tags to streamline the development and deployment of software.
• By Alex Vesey
In Cybersecurity Engineering
Measurement Challenges in Software Assurance and Supply Chain Risk Management
This SEI Blog post examines the current state of measurement in software assurance and supply chain management, with a particular focus on open source software, and highlights promising measurement approaches.
• By Nancy R. Mead, Carol Woody, Scott Hissam
In Secure Development
Cost-Effective AI Infrastructure: 5 Lessons Learned
This post details challenges and state of the art of cost-effective AI infrastructure and five lessons learned for standing up an LLM.
• By William Nichols, Bryan Brown
In Artificial Intelligence Engineering
Polar: Improving DevSecOps Observability
This post introduces Polar, a DevSecOps framework developed as a solution to the limitations of traditional batch data processing.
• By Morgan Farrah, Vaughn Coates, Patrick Earl
In DevSecOps
What Recent Vulnerabilities Mean to Rust
In recent weeks several vulnerabilities have rocked the Rust community causing many to question its safety. This post examines two such vulnerabilities.
• By David Svoboda
In Secure Development
The Great Fuzzy Hashing Debate
This post details a debate among two researchers over whether there is utility in applying fuzzy hashes to instruction bytes.
• By Edward J. Schwartz
In Reverse Engineering for Malware Analysis
Comparing the Performance of Hashing Techniques for Similar Function Detection
This blog post explores the challenges of code comparison and presents a solution to the problem.
• By Edward J. Schwartz
In Reverse Engineering for Malware Analysis
Explore Topics
- Agile
- Artificial Intelligence Engineering
- CERT/CC Vulnerabilities
- Cloud Computing
- Cyber Workforce Development
- Cyber-Physical Systems
- Cybersecurity Engineering
- DevSecOps
- Edge Computing
- Enterprise Risk and Resilience Management
- Insider Threat
- Model-Based Systems Engineering
- Quantum Computing
- Reverse Engineering for Malware Analysis
- Secure Development
- Situational Awareness
- Software Architecture
- Software Engineering Research and Development
- Technical Debt
Get updates on our latest work.
Sign up to have the latest post sent to your inbox weekly.
Subscribe Get our RSS feedGet updates on our latest work.
Each week, our researchers write about the latest in software engineering, cybersecurity and artificial intelligence. Sign up to get the latest post sent to your inbox the day it's published.
Subscribe Get our RSS feed