All technology acquired by an organization requires the support of (or integration with) components, tools, and services delivered by a diverse set of supply chains. However, the practices critical to addressing supply chain risks are typically scattered across many parts of the acquiring organization, and they are performed in isolated stovepipes. This situation causes inconsistencies, gaps, and slow response to crises. The Acquisition Securi...

As a software engineering community, we have started to hear new sentences, words that help us meet the challenges of determining the shelf life of software engineering technologies and practices. Examples include the following: Sentences DevOps is dead. Long live NoOps. Terms/Phrases SecOps, NoCode, SRE, GitOps, and recently Platform Engineering. We often confuse these terms when trying to define certain software engineering job types. In res...

Complex, cyber-physical DoD systems, such as aircraft, depend on correct timing to properly and reliably execute crucial sensing, computing, and actuation functions. In this webcast, SEI staff members Bjorn Andersson, PhD, Dionisio de Niz, PhD, and William Vance of the U.S. Army Combat Capabilities Development Command Aviation & Missile Center will discuss using real-time software on multicore processors. Specifically, they will review the...

The status quo for how we acquire cyber-physical weapon systems (CPS) needs to be changed. It is almost certain (for any acquisition of a CPS) that there will be cost overruns, schedule delays, and/or the loss of promised warfighter capability. Improved product development technologies could be applied, but they have not been adopted widely. We will discuss the status quo, alternative approaches, and how to motivate the community of CPS acquir...

Zero Trust Architecture adoption is a challenge for many organizations. It isn't a specific technology to adopt; instead, it’s a security initiative that an enterprise must understand, interpret, and implement. Enterprise security initiatives are never simple, and their goal to improve the enterprise’s cybersecurity posture requires the alignment of multiple stakeholders, systems, acquisitions, and exponentially changing technology...

In its 2021 report, the National Security Commission on AI (NSCAI) wrote, "The impact of artificial intelligence (AI) on the world will extend far beyond narrow national security applications." How do we move beyond those narrow AI applications to gain strategic advantage? Join Dr. Matt Gaston, Director of the SEI AI Division, Dr. Steve Chien, NSCAI Commissioner and Technical Group Supervisor of the Artificial Intelligence Group and Senior Res...

Self-driving cars are being tested in our cities, bespoke movie and product recommendations populate our apps, and we can count on our phones to route us around highway traffic... Why, then, do most AI deployments fail? What is needed to create, deploy, and maintain AI systems we can trust to meet our mission needs, particularly for defense and national security? The SEI recently launched an AI Division to ensure that our researchers are worki...

The software development lifecycle has changed a lot and continues to evolve. Almost every company now is a software company. Meeting business needs and adapting to the speed of the market for new features requires an agility mindset and continuous-delivery techniques throughout application-development lifecycles. You have software development and deployment questions, such as: Where do I start? How do I establish good continuous integration/d...

IEEE 2675 standard specifies technical principles and practices to build, package, and deploy systems and applications in a reliable and secure way. The standard focuses on establishing effective compliance and IT controls. It presents principles of DevOps including mission first, customer focus, shift-left, continuous everything, and systems thinking. It also describes how stakeholders, including developers and operations staff, can collabora...

According to recent estimates, around 85% of AI projects fail to move from conceptualization to implementation. Why are these failures happening, and how can we prevent them? AI engineering is an emergent discipline focused on developing tools, systems, and processes to enable the application of artificial intelligence in real-world contexts. The SEI is leading the national initiative to create an AI engineering discipline to operationalize hu...