Professional Documents
Culture Documents
and Services
Guide to Products and Services
Acquisition 6
Architecture, Product Lines, and Predictable Assembly 10
Process Improvement and Performance Measurement 18
Security 25
Interoperability, Dependability, and Misson Success 31
Special Programs
Affiliate Program 37
SEI Credentials Program 37
SEI Membership Program 37
SEI Office in Europe 38
SEI Partner Network 38
Software and Systems Process
Improvement Network (SPIN) 38
Index 39
Abbreviations, Acronyms, and Initialisms and Index 44
www.sei.cmu.edu 1-888-201-4479
The Software Engineering Institute
The SEI’s core purpose is to help organizations such as yours improve their
software engineering capabilities and develop or acquire the right software,
defect free, within budget and on time, every time.
Since 1984, the Carnegie Mellon® Software The SEI works with defense
Engineering Institute (SEI) has served the and government organizations, industry,
nation as a federally funded research and and academia to continually improve our
development center. The SEI staff has software-intensive systems.
advanced software engineering principles To accomplish this, the SEI
and practices and has served as a national • performsresearch to explore
resource in software engineering, computer promising solutions to software
security, and process improvement. As part engineering problems
of Carnegie Mellon University, which is
• identifies
and codifies technological and
well known for its highly rated programs in
methodological solutions
computer science and engineering, the SEI
operates at the leading edge of technical • testsand refines the solutions through
innovation. pilot programs that help industry and
government solve their problems
Today, software continues to grow in impor- • widelydisseminates proven solutions
tance and significance in nearly all aspects through training, licensing, and
of our society, including defense systems, publication of best practices
transportation, finance, medicine, manufac-
turing, and entertainment. The SEI’s core purpose is to help
organizations such as yours to improve their
Software affects us all. More than ever, we software engineering capabilities and to
need software that is built with quality, is develop or acquire the right software, defect
developed on time and within budget, and is free, within budget and on time, every time.
usable, maintainable, and capable of evolv-
ing to meet evolving needs.
1-888-201-4479 www.sei.cmu.edu
Strategy
The SEI achieves its goals through technology innovation and transition.
The SEI creates usable technologies, applies them to real problems, and
amplifies their impact by accelerating broad adoption.
www.sei.cmu.edu 1-888-201-4479
Areas of Work
The SEI’s technical focus areas together with Architecture, Product Lines, Interoperability, Dependability,
its outreach activities are aimed at meeting and Predictable Assembly and Mission Success
the defined software engineering needs of Practices and techniques for Technology and practices to
the U.S. Department of Defense. Within predictably and efficiently achieve system-of-systems
designing, constructing, interoperability and to predict and
these areas of work, the SEI collaborates
and guiding the evolution of improve the performance and
with defense, government, industry, and aca-
software-intensive systems with dependability characteristics of
demic institutions to continuously improve
the qualities needed to meet embedded and large systems
software-intensive systems.
business and mission goals
1-888-201-4479 www.sei.cmu.edu
Put the SEI to Work for You
By working with the SEI, you benefit from more than two decades of government
investment and participation from your peers in advancing the practice of software
engineering.
Congress established the SEI because How the SEI Works with Government How the SEI Works with Industry
software is vital to the national interest. SEI staff members help the U.S. Department The SEI works with commercial organiza-
By working with the SEI, you benefit from of Defense (DoD) and other government tions that want to develop a strategic advan-
a government investment of more than agencies solve software engineering and tage by rapidly applying improved software
$800 million and more than two decades of acquisition problems. SEI direct support is engineering technology. The SEI also works
participation from your peers and competi- funded through task orders for government with organizations that want to combine
tors in advancing the practice of software work. Engagements with the SEI are of their expertise with the SEI’s expertise to
engineering. particular benefit to government program mature new technology for the benefit of the
managers, program executive officers, and entire software industry. The SEI also sup-
The SEI creates, tests, refines, and dissemi- senior acquisition executives, particularly ports a select group of SEI Partners—orga-
nates a broad range of technologies and those with long-range programs that will nizations and individuals that are trained and
management techniques. These techniques benefit from strategic improvements that the licensed by the SEI to deliver SEI products
enable organizations to improve the results SEI fosters. and services.
of software projects, the quality and behav-
ior of software systems, and the security and The SEI has a well-established process for For more information, write to the SEI at
survivability of networked systems. contracting with government agencies and industry-customers@sei.cmu.
will work with you to meet your needs. This
As an applied research and development process is described in more detail at
center, the SEI brings immediate benefits to www.sei.cmu.edu/collaborating
its research partners and long-term benefits /contracting.html.
to organizations that depend on software.
The tools and methods developed by the SEI For more information, write to the SEI at
and its research partners are applied daily in government-customers@sei.cmu.
organizations throughout the world.
www.sei.cmu.edu 1-888-201-4479
How to Use This Guide
This Guide to Products and Services is organized by the SEI areas of work. It is intended to help
you and your organization determine how to put the SEI’s resources to work for you.
Many SEI solutions to the problems The SEI sponsors or cosponsors many Participants are guided through a series of
associated with software-intensive systems technical conferences, workshops, and SEI courses that help them to develop exper-
are available as tools and methods to help user-group meetings throughout the year. tise in specific technical areas. Participants
developers and acquirers improve their receive SEI certifications or certificates after
practices. completing the courses.
PUBLICATIONS
www.sei.cmu.edu/publications
CUSTOMER ENGAGEMENTS RESEARCH
www.sei.cmu.edu/collaborating
www.sei.cmu.edu/services Addison-Wesley has published more than 30
books by SEI staff members and others in the
The SEI accepts a limited number of funded SEI Series in Software Engineering. SEI staff By investing in technology development
engagements to help organizations apply members have also written books published with the SEI, organizations contribute to and
best practices. by other publishing companies. In addition, rapidly adopt the results of research before
the SEI Web site provides free downloads of those results are widely available.
almost 1,000 SEI research reports.
EDUCATION & TRAINING
www.sei.cmu.edu/products/courses
1-888-201-4479 www.sei.cmu.edu
Acquisition
Acquiring systems that deliver mission capa- The SEI works directly with acquisition pro-
bilities on their promised date is a national grams to help them achieve their objectives.
imperative. However, acquisition programs Teams of SEI experts work in acquisition
frequently have difficulty meeting aggressive contexts in the Army, Navy, Air Force, and
cost, schedule, and technical objectives. intelligence agencies, as well as other DoD
and civil agencies, applying SEI products and
Acquisition program managers are chal- services.
lenged to grasp practical business concerns
and to understand topics as diverse as risk The SEI vision is to facilitate the rapid forma-
management, use of commercial off-the- tion of agile teams composed of acquirers,
shelf (COTS) components, use of processes developers, and operators using SEI tech-
and their application, program management, nologies to provide high-quality, cutting-edge
architecture, survivability, interoperability, capabilities.
source selection, and contract monitoring.
The SEI has spent more than two decades
developing solutions in these areas.
Unfortunately, mastery of this information
and know-how can be daunting for an acqui-
sition program manager.
www.sei.cmu.edu 1-888-201-4479
TOOLS & METHODS The initial framework grew out of a col-
laboration between General Motors and the
IT Strategic Planning
A well-founded information technology (IT)
Solutions to the problems associated with Software Engineering Institute. The CMMI- strategic plan communicates the mission,
software-intensive systems that help develop- ACQ constellation now reflects the results of vision, objectives, values, and critical success
ers and acquirers improve their practices extensive piloting with other government and factors for the organization’s enterprise archi-
commercial acquirers. tecture and future products and services.
Acquisition Strategy Development Tool The SEI helps organizations define and articu-
The SEI Acquisition Strategy Development CMMI for Acquisition and related materials are late an effective IT strategy from a systems
Tool (ASDT) can be used to profile a pro- available on the SEI Acquisition Web page at perspective. SEI experts also consider the
gram’s software-acquisition characteristics, www.sei.cmu.edu/acquisition. mechanisms for governance and focus on
identify key strategy drivers, identify specific aligning the IT strategy with organizational
strategic choices, and evaluate how those business objectives.
choices mitigate the program’s software CUSTOMER ENGAGEMENTS
risks. Program management offices can Funded engagements to help organizations Pre- and Post-Contract Award
use this Excel-based workbook to formulate meet their business and mission objectives Workshops
acquisition strategies for a new program or SEI staff members help a program’s person-
to evaluate the appropriateness of strategies
being executed. In addition, an accompanying Direct Support nel prepare for the request-for-proposal (RFP)
process, reviewing and discussing potential
technical report, Techniques for Developing pitfalls and problems. After contract award,
an Acquisition Strategy by Profiling Software
Acquisition Process Improvement
Whether you’re using Lean, Six Sigma, Theory the SEI can facilitate workshops between
Risks, provides ASDT users in-depth back- the government and the selected contractor
of Constraints, AFSO 21, CMMI, or other
ground information and instructions on how to team as they define program-specific pro-
process improvement methods, the SEI can
use the tool to achieve optimal results. cesses in areas that are key to the success of
help. The SEI works directly with acquisition
programs and organizations to help define a the program, such as engineering practices,
Capability Maturity Model Integration set of measurable improvement objectives, program management, communications, and
(CMMI) Acquisition Module analyze for improvement, and implement risk and issue management.
One way to improve acquisition practices is to changes and control mechanisms for long-
ensure that the acquisition processes needed term improvement. Assessments, Reviews, and
for a technically sound project are defined,
implemented, measured, and maintained.
Evaluations
Support for Software Acquisition and
The Capability Maturity Model Integration
® Systems Engineering Activities Independent Technical Assessments
The SEI works directly with program managers Independent technical assessments (ITAs)
(CMMI®) Acquisition Module is a condensed
and their staffs to help them achieve their uncover the root causes of problems affect-
form of the CMMI framework that defines
objectives. Teams of SEI technical experts ing software-intensive programs, and provide
effective and efficient acquisition practices,
work in acquisition environments in the Army, recommendations that maximize a program’s
directed both internally toward the acquisition
Navy, and Air Force, as well as with other DoD strengths and minimize and mitigate its
project and externally toward project monitor-
and civil agencies, applying SEI products and risks. ITAs are typically initiated by a system
ing and control of the selected contractors and
services as well as other industry best prac- program director, program executive officer,
suppliers. These practices provide a basis for
tices. The SEI supports a wide range of activi- or other acquisition official. ITA teams
acquisition process discipline while balancing
ties that include identifying and mitigating risk, comprise SEI staff members and visiting
the need for agility.
benchmarking and improving acquisition pro- scientists with a mix of expertise who
The CMMI Acquisition Module (CMMI-AM), cesses, implementing software and systems conduct a series of interviews with program
Version 1.1 and related materials are available engineering best practices, and more. stakeholders and deliver a briefing and
on the CMMI-AM Web page at recommendations.
www.sei.cmu.edu/programs Strategic Planning
/acquisition-support/cmmi-am.html. Software Risk Evaluations
Acquisition Strategy Planning A software risk evaluation provides program
CMMI for Acquisition (CMMI-ACQ) Workshop managers with a mechanism to anticipate and
For organizations that want to apply a com- Developing an acquisition strategy is a address program risks. This evaluation is used
prehensive suite of CMMI principles to their crucial component of acquisition planning. to identify and categorize specific program
acquisition activities, CMMI for Acquisition Acquisition-improvement experts from the risks emanating from products, processes,
(CMMI-ACQ) provides a set of widely SEI help workshop attendees gain a deeper management, resources, and constraints.
accepted acquisition practices within a proven understanding of a program’s software-acqui- The program’s staff members participate in
improvement structure. sition characteristics and the drivers that affect the identification, analysis, and mitigation of
that program’s strategic choices. In addition, risks that could affect their development effort.
participants learn how to use the Acquisition
Strategy Development Tool to either formulate
acquisition strategies for a new program or
evaluate the appropriateness of strategies that
a program is already executing.
1-888-201-4479 www.sei.cmu.edu
Acquisition, continued
www.sei.cmu.edu 1-888-201-4479
COTS Software Product Evaluation for
Practitioners
PUBLICATIONS
SEI reports are available for free download at
This two-day course covers fundamental defi-
www.sei.cmu.edu/publications.
nitions, an overview of some of the basic prin-
ciples of COTS product evaluation, a process
CMMI Acquisition Module (CMMI-AM),
framework for COTS software product evalua-
Version 1.1. 2005
tion, and some useful techniques. Instructors
describe experiences and practices based
Techniques for Developing an Acquisition
on real-world case studies for COTS product
Strategy by Profiling Software Risks. Mary
evaluation.
Catherine Ward, Joseph P. Elm, Susan
Kushner, 2006
Introduction to the CMMI Acquisition
Module Sustaining Software-Intensive Systems. Mary
This one-day course is designed for program Ann Lapham, Carol Woody (contributor), 2006
managers and their staff members. It
presents the important role that process QUASAR: A Method for the QUality
and process improvement play in the acqui- Assessment of Software-Intensive System
sition of software-intensive systems. This ARchitectures handbook. Donald Firesmith,
course features comprehensive discussion 2006
of the CMMI Acquisition Module, actionable
methods and tips for attendees, and ample
opportunity for questions.
1-888-201-4479 www.sei.cmu.edu
Architecture, Product Lines, and Predictable Assembly
The SEI works in the areas of software Product Lines Predictable Assembly
architecture, software product lines, and Software-intensive systems are often Our confidence in software architectural
predictable assembly to effect widespread acquired, developed, tested, and maintained analysis can be only as high as our confidence
product line practice, architecture-centric as separate products, even if they have a that the developed software implements the
development and evolution, and predictable significant amount of common functionality architecture.
construction throughout the global software and code. Such an approach wastes technical
community. The SEI is also studying how resources, takes too long, and costs The SEI’s groundbreaking work in predictable
to build and maintain the ultra-large-scale more than necessary. A product line approach assembly combines the strengths of soft-
systems of the future. to software can dramatically reduce devel- ware architecture and product lines so that
opment cycles, improve return on software software implementations exhibit predictable
Architecture investments, improve software system quality, by construction, for whole classes of
Software architecture is the key for ensuring integration, and give an organization more op- systems. This work enables organizations to
that a system serves an organization’s busi- tions in the future. • definedesign and implementation
ness and mission goals. The SEI can help you standards that, when followed, result in
• solve specific architecture problems Making the move to product lines, however, predictable runtime quality
is a business and technical decision and • use
• createleading-edge architecture tech- automation to enforce these standards
requires considerable changes in the way
niques and methods organizations practice software engineering, • defineobjective and predictive quality
• improve your organization’s architecture technical management, and organizational standards and measures for software com-
capabilities management. ponents developed internally or provided by
third-party suppliers
The SEI’s architecture products and services The SEI’s software product line products and
serve as a starting point for establishing a services serve as a starting point for estab- Ultra-Large-Scale (ULS) Systems
working relationship to help you answer the lishing a working relationship to help you Many systems of the future will be ultra-
following questions: answer the following questions: large on one or many dimensions—number
• Doesyour architecture meet your long-term of lines of code; number of people employing
• What is a systematic way to transition to
system-evolution needs? the system; amount of data stored, accessed,
the use of software product lines?
manipulated, and refined; number of connec-
• Do you have architecture development and • Whatare your organization’s strengths tions and interdependencies among software
evolution strategies that will address long- and weaknesses with respect to software components; number of hardware elements
term uncertainty in your business climate, product line development? to which they interface. They will be ultra-
mission goals, and technology? • Which large-scale (ULS) systems.
products in your product line will
• Is
your system/software architecture tacti- achieve the highest production savings?
cally well positioned for the coming years? • What The characteristics of ULS systems, already
is your business case for product line
• Do you have an approach for improving development? evident in some of today’s largest systems,
architectural deficiencies? imply changes in the fundamental assump-
• How do you transition from a family of ex-
• Isthere a seamless connection between tions that underlie today’s software engineer-
isting systems to a software product line?
your system and software architecture ing approaches. The SEI led a team of experts
• Howcan you improve your ongoing soft-
approaches? in a study of ULS systems and continues to
ware product line effort? nurture a community interested in exploring
• Do you know how to measure and improve the associated challenges and promising
the architecture competence of your orga- research to address those challenges.
nization and its key individuals?
10 www.sei.cmu.edu 1-888-201-4479
TOOLS & METHODS Architecture Tradeoff Analysis Method
(ATAM) and the System ATAM
Views and Beyond Approach to
Architecture Documentation
Solutions to the problems associated with
The SEI Architecture Tradeoff Analysis Method® The SEI Views and Beyond approach to archi-
software-intensive systems that help develop-
(ATAM®) evaluation process is used for evalu- tecture documentation is based on the concept
ers and acquirers improve their practices
ating software architectures relative to quality of architectural views. This approach involves
attribute goals. The ATAM exposes architectural selecting a set of relevant views based on the
Architecture risks that potentially inhibit the achievement of architecture and its stakeholders, documenting
an organization’s business goals. The ATAM is those views, and then documenting information
Active Reviews for Intermediate so named because it not only reveals quality- that applies across views. The approach covers
Designs (ARID) attribute-specific risks but also provides insight practical information such as how to choose the
The SEI Active Reviews for Intermediate into how those quality goals interact with, or set of views to document, how to document a
Designs (ARID) method is a low-cost, high- tradeoff against, each other. A variant of the view, how to document the information beyond
benefit method for reviewing a preliminary ATAM, known as the System ATAM, is used to views, how to judiciously combine views in the
software design (such as for a component or evaluate system architectures. documentation to increase understanding and
subsystem) for suitability in its intended usage decrease the workload, and how to document
context and environment. The ARID method Attribute-Driven Design (ADD) Method architectural constructs using popular notations
relies on assembling the design’s stakehold- The SEI Attribute-Driven Design (ADD) method and languages, including the Unified Modeling
ers to articulate what the important usage is a systematic approach to designing a Language (UML).
scenarios are and then exercising the design software architecture. It is based on knowing
to make sure those scenarios are satisfied by both the functional and quality requirements Product Lines
the design. of systems and knowing the architectural
approaches that have proven to be successful in Framework for Software Product Line
Architecture-Based System Evolution other systems. Practice
SEI Architecture-Based System Evolution The SEI Framework for Software Product Line
methods are used to ensure that a system Cost Benefit Analysis Method (CBAM) PracticeSM Web-based reference model aids
continues to serve its business and mission The SEI Cost Benefit Analysis Method (CBAM) organizations in software product line endeav-
goals throughout its lifetime. These methods is an architecture-centric method for analyzing ors. It provides comprehensive information
are used for redesigning architectures to the cost benefit implications of architectural about essential activities and practices as
improve deficiencies relative to quality attri- decisions while managing uncertainty in future gleaned from studies of organizations that have
bute and business and mission goals and to business and mission goals. It provides a basis built product lines; from direct collaborations on
evaluate and design architecture evolution for informed decision making about architectural software product lines with customer organiza-
strategies. design and evolution. The CBAM builds on the tions; and from leading practitioners in software
ATAM, though an ATAM evaluation is not an product lines. There is also an Acquisition
Architecture Competence Assessment absolute prerequisite. Companion to this framework that was devel-
The SEI Architecture Competence oped to aid acquirers in the Department of
Assessment instrument is used to determine Mission Thread Workshop Defense. The framework is available at
an organization’s competence to perform The SEI Mission Thread Workshop is used to www.sei.cmu.edu/productlines
architecture-centric development and evolu- elicit quality attribute considerations associated /framework.html. The acquisition companion
tion. It determines whether an organization with the existing mission threads of a system is available at www.sei.cmu.edu
possesses the ability to grow, use, and sustain or system of systems (SoS). The resulting “aug- /productlines/companion.html.
the necessary skills and knowledge to effec- mented” mission threads can then be used by
tively use architecture-based development SoS and system architects during the develop- Software Product Line Acquisition:
practices. ment and evaluation of the SoS, system, and A Companion to a Framework for
software architectures. This workshop is based Software Product Line Practice
Architecture Expert (ArchE) on the SEI Quality Attribute Workshop (QAW). This Web-based reference model complements
The SEI Architecture Expert (ArchE) is a rule- the SEI Framework for Software Product Line
based architecture design assistant that has Quality Attribute Workshop (QAW) Practice by adding acquisition-specific informa-
knowledge of quality attribute models, how The SEI Quality Attribute Workshop (QAW) is tion. It is a description of the technical and man-
to analyze an architecture for its quality attri- used to elicit key quality attribute goals and agement areas in which an organization must
bute properties, and how to manage tradeoffs architecture-development plans. It can be con- be competent to successfully acquire and field
among the quality attributes. ArchE makes this ducted prior to the development of a software a product line of software or software-intensive
knowledge accessible to every software archi- architecture. systems. The acquisition companion is available at
tect to generate software architectures with www.sei.cmu.edu/productlines
predictable quality attribute properties. /companion.html. The framework is available
at www.sei.cmu.edu/productlines
/framework.html.
1-888-201-4479 www.sei.cmu.edu 11
Architecture, Product Lines, and Predictable Assembly, continued
Product Line Analysis Options Analysis for Reengineering Predictable Assembly Starter Kit
The SEI Product Line Analysis method is (OAR) The SEI Predictable Assembly Starter Kit is an
requirements engineering for a product line; The SEI Options Analysis for ReengineeringSM Eclipse-based interactive development environ-
it is the link between the recognition of a (OARSM) method is a systematic, architecture- ment that provides a user-friendly integration
business opportunity and the design of a centric approach for identifying and mining of CCL, Pin, and reasoning frameworks. In
product line architecture. It incorporates the reusable software components within large, addition, the starter kit defines plug-in interfaces
views of multiple product line stakeholders in complex software systems. OAR enables and conventions for the development and intro-
a requirements model that includes the func- users to screen candidate software compo- duction of new reasoning frameworks, code
tional features of products and the software nents; identify the best candidates for reuse; generators, simulators, documentation genera-
quality attributes (e.g., performance, modifiabil- analyze, isolate, and aggregate candidate com- tors, and other such tools. It provides users
ity) of both the product line and its products. ponents; and estimate the level of difficulty, with a functional prediction-enabled component
The requirements model created by Product cost, and effort required to mine and rehabili- technology (PECT). The starter kit can be used
Line Analysis identifies common requirements tate the software components selected. to learn about or teach predictable assembly, to
across the product line and their allowed explore the feasibility of predictable assembly
variants. It also serves as a fundamental com- Predictable Assembly in nontrivial application settings, or to serve as a
munications mechanism between developers model for building a custom PECT.
and other stakeholders of a product line. ComFoRT Model-Checking Reasoning
Framework
Product Line Technical Probe (PLTP) The SEI ComFoRT model-checking reasoning CUSTOMER ENGAGEMENTS
The SEI Product Line Technical ProbeSM framework can verify whether a system will Funded engagements to help
(PLTPSM) method is a comprehensive diag- satisfy key behavioral invariants expressed as organizations apply best practices
nostic method for examining an organization’s claims. If a claim is not preserved, ComFoRT
readiness to adopt or ability to succeed with displays the execution trace that violates the
a software product line approach. The PLTP claim. ComFoRT is based on Copper, a state- Architecture
uses a series of structured interviews of small of-the-art software model checker, and can be
peer groups within the organization followed applied to SEI Construction and Composition
by data analysis and results reporting. The data
Architecture Reconstructions
Language (CCL) specifications or suitably
SEI architecture experts use the ARMIN recon-
collection, analysis, and reporting are based on restricted C-language code.
struction tool and a defined architecture-recon-
the SEI Framework for Software Product Line
struction process to develop graphical illustra-
Practice. Lambda-star Performance Reasoning tions of architectural views from input source
Framework code.
Product Line Quick Look (PLQL) The SEI Performance Reasoning Framework
The SEI Product Line Quick Look (PLQL) (Lambda-star) can be used to predict the
method is used to gather initial information
Architectural Assistance and Coaching
timing behavior of assemblies in hard, firm, SEI architecture experts use the tools and
about an organization’s readiness to adopt or and soft real-time settings. Performance methods itemized above to provide technical
ability to succeed with a software product models draw on generalized rate monotonic assistance and coaching in software architec-
line approach. The PLQL provides a high-level scheduling theory and queuing theory and are ture requirements, design, documentation, evo-
framing of the organization and its product line constructed automatically from CCL specifica- lution, and cost/benefit analysis.
effort. The information gathered can then be tions. Timing predictions have validated statis-
used to plan more specific assistance from the tical confidence intervals.
SEI or other activities needed to progress in Software and System Architecture
product line adoption. The PLQL can also serve Evaluations
Pin Container Technology SEI teams conduct software and system archi-
as the onsite portion of the preliminary phase Pin is a simple but robust container technol-
of the SEI Product Line Technical Probe. tecture evaluations using the ATAM. The SEI
ogy designed for embedded and hard real-
team documents the results in a report provided
time applications. It supports a strict form of
Structured Intuitive Model for Product to the customer organization.
container-based component encapsulation,
Line Economics (SIMPLE) deployment, and composition. Pin supports
The SEI Structured Intuitive Model for Product a zero-coding, assembly-through-connection Product Lines
Line Economics (SIMPLE) method is an style of development and is implemented
easy-to-use aid for calculating the costs and Product Line Executive Session
using nonproprietary real-time operating-
benefits of various software product line alter- During the half-day Product Line Executive
system services specifically adapted to
natives. Different strategies and approaches Session, a product line expert from the SEI
support UML statechart semantics.
can be compared and the most advantageous provides an overview of software product lines
one chosen. to a designated group of managers from the
Construction and Composition organization. The SEI expert facilitates a dis-
Language (CCL) cussion about software product lines and the
The SEI Construction and Composition potential for the organization’s adoption of the
Language (CCL) is used to specify Pin compo- approach.
nents and assemblies. It supports the syntac-
tic and behavioral specification of components
in an executable subset of UML statecharts,
generates complete component and assembly
implementations, and provides tool developers
with C, Java, and XML access to annotated
abstract syntax trees.
12 www.sei.cmu.edu 1-888-201-4479
Customized Product Line Solution • Product Line Measurement Workshop: Predictable Assembly
The SEI collaborates with organizations to This three-day working session guides par-
develop a customized product line solution, ticipants in defining meaningful measures Quality by Construction Clinic
tailoring existing methods and approaches as aligned with their software product line goals This clinic is a focused, two-day interac-
necessary to fit specific product or organiza- and developing an action plan for obtaining tive workshop for gathering initial informa-
tional needs. these goals within the context of the pro- tion about an organization’s readiness to
cesses in their product line efforts. adopt methods and technology for predict-
Product Line Diagnosis Using the able assembly. The goal of the clinic is to
PLQL or the PLTP Tailored Technical Support on Product help organizations identify the strengths and
The SEI performs product line diagnostics Line Efforts weaknesses of their current methods and
using either the Product Line Quick Look The SEI provides tailored technical assistance technologies vis-à-vis predictable assembly
(PLQL), which is a one-day high-level exami- to support scoping and product line analysis, and to identify specific opportunities to pilot
nation, or the more extensive Product Line architecture definition, architecture evaluation, predictable assembly technology in a practical
Technical Probe (PLTP), which takes a week. mining assets, migration planning, component setting.
The SEI team documents the results of development, and testing.
the diagnostics in a report provided to the • Product Line Analysis and Scoping Predictable Assembly Starter
customer organization. Workshop: During this one-week working Engagements
session, SEI experts guide an organization The SEI provides tailored technical assis-
Product Line Adoption/Action through a product line analysis that results in tance to organizations interested in adopting
Planning Workshop a preliminary set of product line artifacts that the methods and technology for predictable
The Product Line Adoption/Action Planning include a use case model, a feature model, assembly. Examples of the kinds of assistance
Workshop is a natural follow-up to the an object model, a domain- and organization- offered include
Product Line Technical Probe (PLTP). The PLTP specific dictionary, and a preliminary scoping • upgrading legacy systems to enable predict-
produces a portrayal of the state of an orga- document. able assembly: The SEI can help organiza-
nization’s product line practices. The planning tions evolve existing software systems and
• Product Line Architecture Support: SEI
workshop helps translate that portrayal into product lines to support the predictable
product line experts help an organization to
a plan of action. The workshop is a tailored, runtime behavior of new (and possibly third-
define a product line architecture with appro-
facilitated work session in which an SEI team party) system configurations.
priate variation mechanisms as well as to
works with a customer team, typically over
document and evaluate the architecture. • defining standards for trust and certifica-
two days, to produce a product line adoption
plan or an action plan. • Product Line Variability Management tion of third-party software: The SEI can
Workshop: During this two- to three-day help organizations understand the value of
session, SEI product line experts guide an achieving a specified level of confidence in
Tailored Management Assistance on
organization in understanding the goal of third-party software behavior and introduce
Product Line Efforts standards and technologies to achieve that
variability in a product line approach and
The SEI provides tailored management level of confidence.
help the organization determine appropriate
assistance to support developing a product
variation points, variation mechanisms, and • introducing software model checking to
line adoption plan, business case, operating
variability-management strategies and tool obtain up-to-provable trust in software: The
concept, acquisition strategy, training plans,
support. SEI can help organizations introduce model
and appropriate data collection, metrics, and
tracking mechanisms. The following services • Product Line Production Planning Workshop: checking technology to analyze, validate, and
are among those offered: During this two-day session, SEI product line potentially certify the correctness of execut-
experts guide an organization through the able design specifications and source code.
• Product Line Concept of Operations
initial development of a product-production • introducing state-of-the-art performance
Workshop: During this two-day working
strategy and provide tools and directions for analysis for a spectrum of real-time per-
session, SEI product line experts work with
applying that strategy to the creation of a formance requirements: The SEI can help
product line managers to develop a product
production method and a production plan. organizations introduce performance analysis
line concept of operations (CONOPS).
• Configuration Management Practice techniques to make systems predictable for
• Product Line Business Case Workshop:
Workshop: During this two-day session, SEI a range of soft to hard real-time performance
During this two-day working session, SEI requirements.
product line experts lead a product line orga-
product line experts use the Structured
nization through the initial steps in develop- • developing analysis models and construc-
Intuitive Model for Product Line Economics
ing or refining its configuration management tion rules to guarantee predictable runtime
(SIMPLE) to help product line managers
practices for its software product line effort. quality: The SEI can help organizations intro-
develop a product line business case.
duce comprehensive solutions for specific
• Product Line Acquisition Support: SEI
runtime quality attributes for high-criticality
experts work with an acquisition organization systems. These solutions range from predic-
to develop requests for proposals; an acqui- tive models to coding rules and their enforce-
sition strategy; statements of work; and ment mechanisms.
contractor planning, tracking, and monitoring
that are specific to a product line effort.
1-888-201-4479 www.sei.cmu.edu 13
Architecture, Product Lines, and Predictable Assembly, continued
14 www.sei.cmu.edu 1-888-201-4479
PUBLICATIONS Product Lines Performance Property Theories for Predictable
Assembly from Certifiable Components. Scott
Books are available from Addison-Wesley Hissam, Mark Klein, John Lehoczky, Paulo
(www.awprofessional.com/seiseries) and Books
Merson, Gabriel Moreno, and Kurt Wallnau,
book retailers. SEI reports are available for free Software Product Lines: Practices and
2004
download at www.sei.cmu.edu/publications. Patterns. Paul Clements and Linda Northrop,
Addison-Wesley, 2001
Overview of ComFoRT: A Model Checking
Architecture Reports
Reasoning Framework. James Ivers and Nata-
sha Sharygina, 2004
Books Product Line Acquisition in a DoD
Software Architecture in Practice, Second Organization: Guidance for Decision Makers. Certified Binaries for Software Components.
Edition. Len Bass, Paul Clements, and Rick John Bergey and Sholom Cohen, 2006 Sagar Chaki, James Ivers, Peter Lee, Kurt
Kazman, Addison-Wesley, 2003 Wallnau, and Noam Zeilberger, 2007
The Structured Intuitive Model for Product
Documenting Software Architectures: Views Line Economics (SIMPLE). Paul C. Clements,
and Beyond. Paul Clements, Felix Bachmann, John D. McGregor, and Sholom G. Cohen, Ultra-Large-Scale Systems
Len Bass, David Garlan, James Ivers, Reed 2004
Little, Robert Nord, and Judith Stafford, Books
Addison-Wesley, 2002 Software Product Line Adoption Roadmap.
Ultra-Large-Scale Systems: The Software
Linda M. Northrop, 2004
Challenge of the Future. Linda Northrop, Peter
Evaluating Software Architectures: Methods Feiler, Richard P. Gabriel, John Goodenough,
and Case Studies. Paul Clements, Rick Product Line Analysis for Practitioners. Gary
Chastek and Patrick Donohoe, 2003 Rick Linger, Tom Longstaff, Rick Kazman, Mark
Kazman, and Mark Klein, Addison-Wesley, Klein, Douglas Schmidt, Kevin Sullivan, and
2001 Kurt Wallnau, Software Engineering Institute,
Software Process Improvement and Product
Line Practice: CMMI and the Framework for 2006
Reports Software Product Line Practice. Lawrence G.
Using the SEI Architecture Tradeoff Analysis Jones and Albert L. Soule, 2001
Method to Evaluate WIN-T: A Case Study. Paul
Clements, John Bergey, and Dave Mason,
CREDENTIALS
Testing a Software Product Line. John D. SEI certificates and certifications awarded
2005 McGregor, 2001 on the completion of qualification criteria
established by the SEI
Attribute-Driven Design (ADD), Version 2.0. A Case Study in Successful Product Line
Rob Wojcik, Felix Bachmann, Len Bass, Paul Development. Lisa Brownsword and Paul
Clements, Paulo Merson, Robert Nord, and Bill Clements, 1996 Software Architecture Certificates
Wood, 2006
Preparing for Automated Derivation of Software Architecture Professional
System Architecture Evaluation Using the Products in a Software Product Line. John D. A software professional earns the SEI
ATAM. Mike Gagliardi and Bill Wood, 2007 McGregor, 2005 Software Architecture Professional Certificate
by completing the courses Software
Quality-Attribute-Based Economic Valuation Guidelines for Developing a Product Line Architecture: Principles and Practices,
of Architectural Patterns. Ipek Ozkaya, Rick Production Plan. Gary Chastek and John D. Documenting Software Architectures,
Kazman, and Mark Klein, 2007 McGregor, 2002 Software Architecture Design and Analysis,
and Software Product Lines. This four-course
Evaluating and Improving Architecture sequence provides both the needed breadth
Competence. Len Bass, Paul Clements, Rick Predictable Assembly and depth in software architecture concepts
Kazman, and Mark Klein, 2007 and practices. Beginning with an introduction
Books to software architecture fundamentals, partici-
Progress Toward an Organic Software Building Systems from Commercial pants gain experience in effective architecture
Architecture Capability in the U.S. Army. Components. Kurt Wallnau, Scott Hissam, and documentation, design, and analysis tech-
Stephen Blanchette Jr. and John Bergey, 2007 Robert Seacord, Addison-Wesley, 2001 niques and then learn how these techniques
can be used when adopting a product line
Making Architecture Design Decisions: An Reports approach to software.
Economic Approach. Rick Kazman, Jai Asundi, Packaging Predictable Assembly with
and Mark Klein, 2002 Prediction-Enabled Component Technology. Architecture Tradeoff Analysis Method
Scott Hissam, Gabriel Moreno, Judith Stafford,
ATAM: Method for Architecture Evaluation. (ATAM) Evaluator
and Kurt Wallnau, 2001
Rick Kazman, Mark Klein, and Paul Clements, A software professional earns the SEI ATAM
2000 Evaluator Certificate by completing the
Predictable Assembly of Substation Automa-
courses Software Architecture: Principles and
tion Systems: An Experiment Report. Scott
Practices and ATAM Evaluator Training. This
Hissam, John Hudak, James Ivers, Mark
two-course sequence prepares a qualified
Klein, Magnus Larsson, Gabriel Moreno, Linda
software professional to perform SEI-autho-
Northrop, Daniel Plakosh, Judith Stafford, Kurt
rized ATAM architecture evaluations.
Wallnau, and William Wood, 2002
1-888-201-4479 www.sei.cmu.edu 15
Architecture, Product Lines, and Predictable Assembly, continued
16 www.sei.cmu.edu 1-888-201-4479
Predictable Assembly Ultra-Large-Scale Systems
Developing or Validating Automated ULS System Research Areas
Methods for Predicting Software The SEI seeks partners to explore some of
Quality the promising research areas and topics
Although the SEI develops novel theories for related to ULS systems. The SEI is especially
software quality, its preferred approach is interested in continuing its work in computa-
to adapt (that is, restrict) existing theories to tional mechanism design, which uses game
new settings and, in this way, leverage domain theory and economic models; in understand-
knowledge to achieve greater automation. ing the role of architecture in ULS systems;
The SEI is interested in collaboration on com- and in exploring effective human involvement
bining runtime verification (including binary in ULS systems.
sandboxing) with static program analysis
and verification (including certifying model ULS Systems Research Roadmap
checking) to obtain certifiable trust that The SEI seeks partners in completing a
software components satisfy safety, security, roadmap that details the published ULS
and resource-consumption policies. system research agenda.
Developing PECTs
A prediction-enabled component technology
(PECT) is a software manufacturing infrastruc-
ture for enforcing quality standards that lead to
predictable software systems. The SEI is inter-
ested in developing and documenting practi-
cal techniques for incrementally building and
deploying PECTs.
Developing High-Integrity
Trust Mechanisms for Software
Components
How can software components be specified,
packaged, and distributed in a way that yields
an objective basis for trust? The SEI is investi-
gating technologies such as certifying model
checking and practical variations of proof-
carrying code and seeks research collabora-
tions to develop and demonstrate these and
related technologies.
1-888-201-4479 www.sei.cmu.edu 17
Process Improvement and Performance Measurement
Enabling organizations to guide the development and acquisition of products and services through
quantitatively managed processes that are repeatable, predictable, and continuously improving in
terms of cost, schedule, process performance, and product and service quality
www.sei.cmu.edu/programs/sepm
Capability Maturity Model Integration effective framework to support work groups or measurement enables organizations to char-
(CMMI) teams, motivating improved performance, and acterize their current state, how well projects
When organizations want to improve the determining critical emerging competencies are performing, and the impact their improve-
way they do business, they often focus on needed to accomplish future business plans. ment efforts produce. Most software mea-
securing the best people, methods, and surement programs fail within the first two
tools. Processes are the means for coor- Team Software Process (TSP) and years of operation, usually from organizational
dinating those resources. Improving an Personal Software Process (PSP) shortcomings: poor planning, lack of manage-
organization’s processes provides an effec- Improving organizational performance ment buy-in, and excessive data collection.
tive way to lower costs, improve quality, and requires a bottom-up as well as a top-down Measurement and analysis techniques help
deliver products and services predictably on focus. The SEI Team Software ProcessSM organizations identify problems, track their
budget and on time. Developed by a team (TSPSM) methodology is transforming cost, efforts to improve software processes, lower
with members from industry, government, schedule, and performance quality for builders costs, reduce defects, maintain schedule, and
and the SEI, the Capability Maturity Model® of software and systems. Organizations meet gather return-on-investment information.
Integration (CMMI®) approach comprises their critical business needs by delivering
best practices that organizations can use essentially defect-free software on time and International Process Research
to improve their processes. CMMI for with substantial increases in productivity. The Consortium (IPRC)
Development (CMMI-DEV) is for organiza- TSP also serves as a powerful accelerator for The International Process Research
tions that develop products or services. the CMMI approach. Through the application Consortium (IPRC) is a forum for members of
CMMI for Acquisition (CMMI-ACQ) is for of TSP, organizations have advanced their the software and systems process community
organizations that acquire products and ser- maturity in much less time than reported aver- to jointly explore tomorrow’s challenges and
vices. CMMI-DEV integrates disciplines such ages. The TSP couples with the SEI Personal leverage their knowledge and resources to
as software and systems engineering and Software ProcessSM (PSPSM) methodology to develop solutions more quickly and effec-
can dovetail with the use of other process provide a strategy and operational proce- tively. IPRC members come from around the
improvement methods, such as the SEI Team dures for using disciplined software process world to meet with experts from a variety
Software Process (TSP) methodology, the methods at team and individual levels. The of influencing disciplines. They explore the
People CMM, ISO 9000, agile methods, and PSP brings substantive changes to the perfor- process implications of emerging technologi-
Six Sigma. CMMI-ACQ integrates acquisition mance of individual engineers. Their defect- cal, societal, environmental, political, eco-
best practices from industry and government injection rates, for example, decline signifi- nomic, and business trends. The IPRC’s three
acquisition standards and experience. cantly as they progress through the process strategic goals provide long-term guidance
levels. PSP-trained engineers plan their work for the consortium’s activities: (1) to provide
People CMM based on personal data, measure their work, research leadership in response to emerging
Today’s organizations must develop and man- and use their results to continually improve. trends, (2) to generate real-world impact, and
age their human capital in an environment of (3) to have international relevance. Currently,
rapid change and increased competition. The Software Engineering Measurement IPRC members are developing cost-effective
People Capability Maturity Model (People and Analysis methods for achieving process improvement
CMM) enables organizations to develop and The SEI’s work in measurement and analysis in small settings, where organizations often
manage their workforces in a structured way provides organizations with qualitative and lack resources and expertise. On the horizon
with clearly defined work commitments and quantitative tools and techniques to measure is the development of guidance for navigating
performance objectives. Organizations expe- and analyze the results they are achieving at the multiple-standards environment, where
rience a smoother transition to CMMI when the project, process, program, and enterprise organizations must simultaneously conform to
they also use the People CMM because they levels. Used in conjunction with other SEI multiple improvement standards and regula-
focus on improving the capability and com- technologies, in particular CMMI and TSP, and tions, such as ISO, Six Sigma, CMMI, and
petencies of the organization, developing an measurement best practices, performance Sarbanes-Oxley.
18 www.sei.cmu.edu 1-888-201-4479
TOOLS & METHODS Standard CMMI Appraisal Method for Software Engineering Information
Repository (SEIR)
Solutions to the problems associated with Process Improvement (SCAMPI) The Software Engineering Information
software-intensive systems that help develop-
SCAMPI Class A Method Repository (SEIR), available at
ers and acquirers improve their practices
The Standard CMMI Appraisal Method for seir.sei.cmu.edu/seir, is a free, community-
Process Improvement (SCAMPISM) Class A based Web site that provides a forum
CMMI method is the CMMI appraisal method that for its 38,000 members to access materials
provides the most reliable and repeatable on product development and acquisition
rating results of the three SCAMPI methods. methods and technologies and to exchange
CMMI Models information concerning development and
CMMI models comprise best practices that SCAMPI Class A is the only class of SCAMPI
method that can produce ratings against the acquisition improvement activities. Registered
organizations can use to improve their pro- members exchange questions and tips and
cesses. CMMI for Development (CMMI-DEV) goals of a CMMI model.
contribute experiences and examples to help
integrates disciplines such as software and each other with their implementation efforts.
systems engineering and can dovetail with the SCAMPI Class B and C Methods
use of other improvement methods such as SCAMPI Class B and C appraisal methods are
CMMI appraisal methods that provide informa- Measurement and Analysis
the SEI’s Team Software Process (TSP) meth-
odology, the People CMM, ISO 9000, agile tion about the strengths and weaknesses of Infrastructure Diagnostic (MAID)
an organization. These methods require fewer The SEI Measurement and Analysis
practices, and Six Sigma techniques. CMMI
resources, smaller teams, and less evidence Infrastructure Diagnostic (MAID) tool can be
for Acquisition (CMMI-ACQ), which is sched-
than the SCAMPI Class A appraisal method. used by organizations to help improve the
uled to be published in November 2007, inte-
The Class B and C methods can help an organi- quality of the data generated by their measure-
grates acquisition best practices from industry
zation analyze its processes and plan a process ment and analysis activities and increase its
and government acquisition standards and
improvement approach. They do not produce a value to the organization. Based on the CMMI
experience. CMMI models can also enable
rating against the goals of a CMMI model. Measurement and Analysis process area, ISO
organizations to achieve benchmark ratings
15939, and Six Sigma methodologies, MAID
that can be used to compare one organiza-
characterizes the performance of a measure-
tion’s process capability with the capabilities People CMM ment system and identifies opportunities to
of its competitors.
People CMM improve measurement processes, data quality,
The People Capability Maturity Model (People and stakeholder satisfaction.
CMMI Modules
CMMI modules build on relevant best prac- CMM) is a collection of best practices that
tices extracted from CMMI and define effec- enables organizations to address success- CMMI Process Performance
tive and efficient practices for an area of fully their critical people issues. Based on the Improvement Using Six Sigma DMAIC
interest in a specific environment. The CMMI best current practices in fields such as human This method uses various statistical methods
Acquisition Module contains effective and resources, knowledge management, and and tools from the Six Sigma improvement
efficient acquisition practices specifically organizational development, the People CMM method called Define-Measure-Analyze-
designed for government acquisition projects. comprises the practices that organizations can Improve-Control (DMAIC) to enable dramatic
Unlike CMMI models, CMMI modules do not use to improve their processes for managing performance results. Basic DMAIC tools provide
contain information to help guide implementa- and developing their workforces. a proven, measurement-oriented approach that
tion of the best practices nor can they be used integrates well with other improvement para-
to achieve benchmark ratings. Software Engineering Measurement digms, including CMMI and TSP. This method
may be adopted during initial process improve-
and Analysis ment planning or dynamically during product
development when process issues arise.
Goal-Question-Indicator-Measure
(GQIM) Method
The SEI Goal-Question-Indicator-Measure
(GQIM) method helps organizations define
measures and indicators that are aligned with
the organization’s business processes and
support the measurement requirements of
the CMMI Measurement and Analysis process
area. GQIM also helps organizations produce
action plans for implementing the measure-
ment and analysis activities that will produce
the measures they need. The GQIM method
is used to determine success, progress, and
analysis indicators that show traceability from
an organization’s high-level business goals
down to the precise data collected, ensuring
relevance and traceability from goals to the
data collected.
1-888-201-4479 www.sei.cmu.edu 19
Process Improvement and Performance Measurement, continued
20 www.sei.cmu.edu 1-888-201-4479
Intermediate Concepts of CMMI Intermediate Concepts of the People Introduction to Personal Process
This five-day course introduces candidate CMM This two-day course prepares students to
SCAMPI Lead Appraisers, B and C Team This five-day course introduces individuals participate on TSP teams. The course covers
Leaders, and CMMI instructors, software (such as candidate SCAMPI with People CMM the key concepts and principles of the PSP at
and systems engineers, engineering process Lead Appraisers, candidate People CMM a high level so that students understand the
group members, and others to advanced Instructors, managers, human capital/resource terminology and the philosophy behind the
CMMI concepts, including how CMMI model individuals, and engineering process group method. Students are guided through a series
components interrelate. members) to advanced People CMM concepts, of lectures and exercises that teach the PSP
including the relationships among People CMM and prepare them to plan and track their work
CMMI Instructor Training model components. This course is useful for as part of a TSP project team.
This three-day course introduces those inter- anyone who needs an in-depth understanding
ested in becoming authorized Introduction to of the People CMM. PSP for Engineers I: Planning and PSP
CMMI course instructors to the details of the for Engineers II: Quality
CMMI models and the teaching strategies People CMMI Instructor Training This two-week course, composed of the
used by CMMI instructors. This three-day course introduces those inter- courses PSP for Engineers I: Planning and PSP
ested in becoming authorized Introduction to for Engineers II: Quality, teaches software engi-
SCAMPI Lead Appraiser Training the People CMM course instructors to details neers the principles, concepts, and benefits of
This five-day course provides training in the of the People CMM model and the teaching the PSP, a process-based approach for devel-
SCAMPI methods to those interested in strategies used by People CMM instructors. oping software. Students who complete the
becoming an authorized and certified SCAMPI course will be able to apply the PSP methods
Lead AppraiserSM for CMMI. The SCAMPI SCAMPI with People CMM Lead to their own personal work processes and par-
methods are diagnostic tools that support, Appraiser Training ticipate on a TSP team. Students learn how to
enable, and encourage an organization’s This five-day course introduces SCAMPI, a measure and analyze their personal software
commitment to process and performance diagnostic tool that supports, enables, and processes, use process data to improve
improvement. encourages an organization’s commitment to their personal performances, and apply PSP
process improvement, to those interested in methods to other structured tasks.
SCAMPI B and C Team Leader Training becoming authorized SCAMPI A with People
This four-day course provides training in the CMM Lead Appraisers. PSP Instructor Training
SCAMPI Class B and C methods to those Upon completing this five-day course, students
interested in becoming authorized SCAMPI B Team Software Process will be authorized to use the PSP course
and C Team Leaders. SCAMPI B and C are the suite to teach the courses PSP for Engineers,
CMMI appraisal methods that provide infor- Leading a Development Team Introduction to Personal Process, Managing
mation about an organization but use fewer This three-day course provides the knowledge TSP Teams, and TSP Executive Strategy
resources, smaller teams, and less evidence and skills required for successful leadership Seminar to others in their organizations. The
than the SCAMPI Class A method. in the Team Software Process: forming and PSP Instructor Training course focuses on how
maintaining a TSP team; establishing and main- to teach the PSP and put it into practice and
Understanding CMMI High Maturity taining process discipline and high standards; introduces the concepts of the Team Software
Practices managing schedule and quality; and engaging Process. Specific course objectives include
This three-and-a-half-day course provides management. When leaders apply what they understanding how to teach the PSP effectively
specific information about CMMI levels 4 and learn, their project teams see significant, mea- to others, how to grade student assignments
5—the highest levels of maturity and capability surable improvements in productivity and in and analyze resulting data, and the role of a
in CMMI. The course covers the characteristics cost and schedule predictability. Basic manage- change agent in introducing the PSP into an
of high maturity and capability and provides ment training is a prerequisite. organization.
details of the concepts and practices at levels
4 and 5. Examples are provided of how sta- TSP Executive Strategy Seminar Software Engineering Measurement
tistical methods and tools can be applied to This two-day introductory course for software and Analysis
assist in the proper implementation of level 4 executives and middle managers covers the
and 5 practices. key concepts and principles of the TSP and PSP Analyzing Project Management
from a management perspective. The purpose Indicators
People CMM of the course is to provide the foundation that This three-day course teaches project
managers need to begin to introduce and apply managers how to use measures and derived
Introduction to the People CMM the TSP in their organizations. indicators as the foundation for making
This three-day course introduces participants informed decisions. Participants learn to
to the fundamental concepts of the People TSP Launch Coach Training use indicators to plan, manage, and control
CMM, Version 2.0, a collection of best prac- This five-day course prepares students to software projects. After completing this course,
tices for attracting, motivating, and retaining a launch and coach effective TSP teams. The participants will understand how the Project
talented technical staff. course covers the key concepts and principles Planning, Project Monitoring and Control, and
of the TSP from an operational and procedural Measurement and Analysis process areas of
perspective. Students are guided through a the CMMI models work together and how
series of lectures and exercises that prepare these techniques establish a foundation for
them to facilitate the use of the TSP on actual implementing related higher maturity process
software teams. areas.
1-888-201-4479 www.sei.cmu.edu 21
Process Improvement and Performance Measurement, continued
22 www.sei.cmu.edu 1-888-201-4479
PUBLICATIONS Measuring the Software Process: Statistical
Process Control for Software Process
SEI-Certified Implementing Goal
Driven Measurement Instructor
Books are available from Addison-Wesley Improvement. William Florac and Anita An Instructor of the Implementing Goal-Driven
(www.awprofessional.com/seiseries) and Carleton, Addison-Wesley, 1999 Measurement (IGDM) course introduces
book retailers. SEI reports are available for free
standard practices and methods to increase
download at www.sei.cmu.edu/publications. CMMI and Six Sigma. Lynn Penn, Jeannine efficiency in ways that directly support an
Siviy, and Robert Stoddard, Addison-Wesley, organization’s business goals. Instructors lead
Books 2007 course participants in learning to identify and
Winning With Software: An Executive Strategy. define indicators and measures in the areas of
Watts Humphrey, Addison-Wesley, 2002 Reports product development, process improvement,
Performance Results of CMMI-Based Process and project management.
CMMI: Guidelines for Process Integration and Improvement. Diane L. Gibson, Dennis R.
Product Improvement, Second Edition. Goldenson, and Keith Kost, 2006 SEI-Certified TSP Coach
Mary Beth Chrissis, Mike Konrad, and Sandy
A TSP coach is an individual who possesses
Shrum, Addison-Wesley, 2006 Understanding and Leveraging a Supplier’s the knowledge, software skills, and team
CMMI Efforts: A Guidebook for Acquirers. facilitation abilities to lead software-based
CMMI Survival Guide: Just Enough Process CMMI Guidebook for Acquirers Team, 2007 product development teams. Leadership of
Improvement. Suzanne Garcia and Richard
a development team requires dedication,
Turner, Addison-Wesley, 2006 Adapting CMMI for Acquisition Organizations:
commitment, and energy to continually keep
A Preliminary Report. Kathryn M. Dodson,
CMMI SCAMPI Distilled: Appraisals for Process the team motivated, management informed,
Dr. Hubert F. Hofmann, Gowri S. Ramani, and
Improvement. Dennis Ahern, Jim Armstrong, and tasking on track. TSP coaches work with
Deborah K. Yedlin, 2006
Aaron Clouse, Jack Ferguson, Will Hayes, and team leaders to monitor a team’s progress
Kenneth Nidiffer, Addison-Wesley, 2005 using effective communication techniques.
A Process Research Framework. Eileen
The SEI-Certified TSP Coach designation
Forrester (editor), 2007
CMMI for Outsourcing. Hubert F. Hofmann, requires that candidates complete a series
Deborah K. Yedlin, John W. Mishler, and Susan of qualification steps and meet ongoing
professional development requirements to
Kushner, Addison-Wesley, 2007
CREDENTIALS maintain their certifications.
The People Capability Maturity Model: SEI certifications and certificates awarded
Guidelines for Improving the Workforce. Bill on the completion of qualification criteria
Curtis, William Hefley, and Sally Miller, Addison- established by the SEI Certificates
Wesley, 2002
SEI Certificate in CMMI
Certifications Using CMMI, organizations can improve
CMMI Assessments: Motivating Positive
their ability to develop, maintain, and acquire
Change. Marilyn Bush and Donna Dunaway, SEI-Certified SCAMPI High Maturity
quality products and services. The SEI
Addison-Wesley, 2005 Lead Appraiser Certificate in CMMI program guides change
This certification program enables SCAMPI
CMMI Distilled: A Practical Introduction to agents and managers through the funda-
Lead Appraisers to upgrade their authoriza-
Integrated Process Improvement, Second mental concepts of CMMI, the relationships
tions specifically for conducting appraisals for
Edition. Dennis Ahern, Aaron Clouse, and among CMMI model components, and the
organizations seeking to achieve CMMI levels
Richard Turner, Addison-Wesley, 2004 development of an effective process improve-
4 or 5. An SEI-Certified SCAMPI High Maturity
ment program that incorporates CMMI. Also
Lead Appraiser is responsible for applying
A Discipline for Software Engineering: covered are the IDEALSM model, a high-level
SCAMPI to determine if an organization has
The Complete PSP Book. Watts Humphrey, description of the phases of process improve-
demonstrated the capability to quantitatively
Addison-Wesley, 1995 ment. Those who complete this certificate
manage its projects to produce high-quality,
program will need only two additional courses
predictable results at CMMI levels 4 and 5.
TSP: Leading a Development Team. to earn an SEI Certificate in Personal Software
Watts Humphrey, Addison-Wesley, 2005 Process for CMMI.
SEI-Certified PSP Developer
PSP: A Self-Improvement Process for Software A PSP Developer is an individual who pos-
SEI Certificate in Personal Software
Engineers. Watts Humphrey, Addison-Wesley, sesses the knowledge and skills required
Process for CMMI
2005 to competently deliver quality software on
A high-performance software organization
predictable schedules. Candidates should
requires high-performance teams, staffed
Introduction to the Team Software Process. be able to measure and track size, time, and
with high-performance software engineers.
Watts Humphrey, Addison-Wesley, 2000 defect data; estimate and plan their work;
The PSP can enable engineers and their
and manage the quality of the products they
organizations to improve their performance.
Introduction to the Personal Software Process. produce using PSP methodologies. To earn
While CMMI provides a powerful improve-
Watts Humphrey, Addison-Wesley, 1997 this certificate, the SEI requires candidates to
ment framework that helps organizations
pass an examination based on the PSP Body
Coaching a Development Team. Watts of Knowledge. Candidates who pass the exam
Humphrey, Addison-Wesley, 2006 become SEI-Certified PSP Developers and
are required to meet ongoing professional-
development requirements to maintain their
certifications.
1-888-201-4479 www.sei.cmu.edu 23
Process Improvement and Performance Measurement, continued
understand what they need to do to improve Integrated Use of TSP and CMMI cessively builds upon early “wins.” To accel-
their processes, it does not specify how they The SEI has been working with organizations erate the introduction of best practices into
should do it. This certificate program helps that have adopted TSP and CMMI to gain their small settings, the SEI International Process
engineers learn how to implement CMMI input on mapping TSP and CMMI and identify- Research Consortium (IPRC) has launched the
using the PSP. ing how these two approaches complement Improving Processes in Small Settings (IPSS)
each other. The SEI is looking for organiza- project to develop guidance to help organiza-
SEI Certificate in Software Engineering tions interested in discovering the benefits of tions achieve the benefits of process improve-
Process Management using both TSP and CMMI and reporting their ment while working with tight resource and
This certificate program provides managers results. cost limitations.
with an overview of process improvement.
The courses in the program explore manage- TSP-Secure Process Improvement in Multi-Model
ment, metrics, and PSP and TSP approaches The SEI is interested in collaborating with Environments
to process improvement. Designed for partners on the development of TSP-Secure, Many organizations today use numerous
managers who need a variety of approaches the Team Software Process for Secure process standards and improvement method-
for managing and improving the software engi- Software Development, which augments the ologies, such as CMMI, ISO, Six Sigma, and
neering process, this certificate program helps TSP with security practices throughout the others. The SEI IPRC is seeking to initiate a
managers develop the knowledge and skills software development life cycle. The research collaborative research effort to identify new,
they need to establish a solid foundation in objectives of TSP-Secure are to reduce or elim- effective methods to balance and integrate
process and performance improvement. inate software vulnerabilities that result from multiple models and to help organizations
software design and implementation defects overcome challenges in multi-model environ-
SEI Certificate in Software Process and to provide the capability to predict the ments, such as resolving conflicts among
Improvement Implementation likelihood of latent vulnerabilities in delivered work groups dedicated to different improve-
This certificate program for those leading software. ment programs; ensuring sustainability and
change efforts within their organizations institutionalization of multiple improvement
covers several different methods for imple- Integrated Use of Six Sigma and efforts; and maintaining multiple systems of
menting change, including IDEAL, metrics, CMMI audits, assessments, and benchmarks.
TSP, and PSP. This program provides change The SEI works with organizations that have
agents, such as members and leaders of adopted CMMI and Six Sigma to identify effec- State-of-the-Practice Studies
software engineering process groups, with the tive ways to integrate these two approaches. State-of-the-practice studies are conducted to
information they need to implement quality ini- show how the community is performing its
tiatives such as CMMI in their organizations. Mapping Other Standards with CMMI work and to allow the SEI to identify changes
CMMI, IEEE, and ISO standards share a and trends that may arise in response to the
common purpose related to quality and introduction and adoption of SEI technolo-
RESEARCH process management. The SEI and IEEE are gies. The SEI publishes the results of these
Engagements in technology looking for partners to identify ways in which studies to allow organizations to compare their
development with the SEI CMMI, ISO, and other standards complement improvement efforts with those of others in
one another. the community.
Studies of CMMI’s Effect on
Performance Translating CMMI Into Other
The SEI works with CMMI user organizations Languages
to collect information about how using CMMI The SEI is working with organizations to trans-
has affected them. The SEI advises these late the CMMI Product Suite into Japanese,
organizations on how to best collect meaning- traditional Chinese, simplified Chinese, and
ful performance data, which is then analyzed German.
to determine how to best implement CMMI
best practices. Improving Processes in Small Settings
Small businesses, organizational units, and
CMMI Beyond Version 1.2 project teams pose unique challenges for
The National Defense Industrial Association process improvement. Such environments
(NDIA), the industry sponsor of CMMI with have their advantages, such as swift com-
technical support from the SEI, is soliciting munication through close social networks, a
and collecting input from experienced CMMI short chain of command, and staff flexibility.
users and practitioners around the world about But small settings have inherent problems of
the direction for CMMI future development. limited resources, prohibitive appraisal and
This effort is designed to gather input on ways vendor costs, and a lack of specialized exper-
to simplify CMMI models and on alternative, tise. Yet, early research shows that process
straightforward appraisal techniques, while improvement is not only possible in small
preserving the integrity of the CMMI Product settings but that simple process changes can
Suite. provide significant improvement if they are
started correctly and if the organization suc-
24 www.sei.cmu.edu 1-888-201-4479
Security
In a world in which the threat of cyber Survivable Systems Engineering Survivable Enterprise Management
attacks is contained but not eliminated and The SEI creates technologies for develop- Practices, Computer Security Incident
in which threats from unknown sources are ing and analyzing networked systems with Response Team (CSIRT) Development,
and Training
dynamic and constantly changing, the SEI respect to security and survivability. Because
defective software cannot be secure, the SEI The SEI works to enhance the transition
identifies, develops, matures, and broadly
also conducts research and development on of information-assurance knowledge to
transitions new technologies, system
computational approaches to next-generation the Internet community and to increase
development practices, and system manage-
software and security engineering, aimed at the number of qualified practitioners. In
ment practices that enhance computer and
reducing errors and vulnerabilities in systems. partnership with government and industry,
network security.
members of the staff build knowledge in
depth for defense in depth through a virtual
CERT Coordination Center (CERT/CC) Network Situational Awareness
lab training environment with certification
Founded in 1988, the CERT® Coordination The SEI supports computer security incident
for technical staff and teams. To increase
Center (CERT/CC) is the nation’s first and response teams (CSIRTs), watch-and-warning
the number of system and network adminis-
best-known computer security incident centers, and analysis groups in measuring
trators educated in the field of information
response team. Staff members provide normal and anomalous activity occurring on
assurance, staff members are developing an
technical advice and coordinate responses large networks. It also helps them assess
academic curriculum for community colleges
to major Internet security events, identify threats based on information shared by
and minority-serving institutions. Members
trends, work with others to identify security collaborators or gleaned from open or intel-
of the technical staff also work with global
solutions, advance the state of the art in ma- ligence sources. This support is achieved
enterprises, government agencies, nations,
licious code analysis, coordinate remediation through research, engineering, and relation-
and regions to create and sustain the capa-
of vulnerabilities in software products, and ship building efforts to improve the sensor
bility to manage computer security incidents
disseminate information to the Internet com- technology that provides necessary data; to
in order to improve international coordina-
munity. In 2003, the CERT/CC began a joint facilitate the sharing of data across relevant
tion and response to Internet attacks. The
effort with the U.S. Department of Homeland domains; and to derive novel approaches that
SEI is also codifying principles and practices
Security to create US-CERT, a coordination synthesize this data into actionable insight
for corporate security governance.
point in the United States for preventing, for network operators based on a rigorously
protecting against, and responding to cyber empirical foundation.
attacks across the Internet.
1-888-201-4479 www.sei.cmu.edu 25
Security, continued
26 www.sei.cmu.edu 1-888-201-4479
Virtual Network Audit CERT Resiliency Engineering Creating a Computer Security Incident
The CERT Virtual Network Audit (VNA) is a Framework (CERT REF) Assessment Response Team
scenario-based testbed for training person- The CERT Resiliency Engineering Framework This one-day course is designed for managers
nel to perform information-assurance audits. (CERT REF) Assessment evaluates an orga- and project leaders who have been tasked
VNA simulates a functioning network offering nization’s capability for managing operational with implementing a CSIRT. This course
internal services and an external Internet resiliency activities (security, business con- provides a high-level overview of the key
(Web, email) presence, and it includes a real- tinuity, and IT operations). The assessment issues and decisions that must be addressed
istic scenario describing the purpose, location, results are useful for planning and prioritizing in establishing a CSIRT. As part of the course,
and topology of the network and profiles of resiliency improvement activities, optimiz- attendees develop an action plan that can be
administrative personnel. The network and ing investments in resiliency activities, and used as a starting point in planning and imple-
scenario contain a number of vulnerabilities validating organizational competencies. The menting their CSIRTs.
or failures. Auditors must discover weak- assessment is conducted in three segments,
nesses and risks and develop a plan to bring during which a team of experts from CERT Fundamentals of Incident Handling
the network into compliance with commonly (a) help the organization set and prioritize its This five-day course is for CSIRT technical
accepted best practices. VNA can be custom- objectives for operational resiliency compe- personnel with little or no incident-handling
ized in a number of ways and can be tailored tencies, (b) evaluate the organization’s current experience. It provides a basic introduction to
to specific scenarios. resiliency processes against the objectives in the main incident-handling tasks and critical-
the context of the framework, and (c) help the thinking skills that will help incident handlers
Virtual Training Environment (VTE) organization develop and prioritize improve- perform their jobs. This course is recom-
The CERT Virtual Training Environment (VTE) ment strategies based on the results of the mended for those new to incident handling.
(www.vte.cert.org) is a Web-based knowl- evaluation.
edge library of best practices in information Information Security for Network
assurance and computer forensics. VTE uses Managers
a rich media interface that includes nearly EDUCATION & TRAINING This two-day course is designed to give infor-
500 hours of recorded video of instructor-led Available from the SEI and licensed SEI mation technology (IT) and network managers
training, captured demonstrations, and hands- Partners, based on matured, validated, and the practical knowledge required to ensure
on training labs on topics such as network- documented solutions to pervasive problems the security of their information assets. The
access controls, intrusion detection, building course begins by addressing the concepts
a forensic toolkit, and more. VTE is targeted of information security, survivability, and risk
at system administrators and first respond- Advanced Incident Handling for
management, including the layered approach
ers to computer security incidents. Basic VTE Technical Staff
to survivability and the elements of risk
content is available to the public. CERT also This five-day course, designed for CSIRT
analysis and assessment. The course also
offers distance learning courses through VTE. technical personnel with several months
focuses on the IT manager’s role in increas-
Organizations interested in these services can of incident-handling experience, addresses
ing an organization’s security, from policy
contact vte-support@cert.org to learn more. commonly used and emerging attacks that
definition to business continuity and disaster-
are targeted against a variety of operating
recovery planning.
systems and architectures.
Establishing and Improving
Information Security Management Information Security for Technical Staff
Advanced Information Security for
Programs and Practices This five-day course is designed to provide
CERT helps organizations improve their Technical Staff
participants with practical techniques for pro-
information security programs through the This five-day course is designed to increase
tecting the security of an organization’s infor-
development and assessment of strategic the depth of knowledge and skills of technical
mation assets and resources. Security issues,
plans, program structure, measurements and staff charged with administering and securing
technologies, and recommended practices are
metrics, risk and security management prac- information systems and networks. Developed
addressed at increasing layers of complexity,
tices, and standards adoption. around a scenario in which a production
beginning with concepts and proceeding to
network has failed an information-security
technical implementations.
audit, students implement numerous techni-
Evaluations, Assessments, and
cal security solutions to bring the network into
Reviews compliance. Managing Computer Security Incident
CERT develops, conducts, and transitions Response Teams
information security assessment and evalu- This three-day course provides current and
Computer Forensics for Technical Staff
ation methods and techniques that provide future managers of CSIRTs with a pragmatic
This three-day course comprises three com-
organizations with practical guidance for iden- view of the issues they will face in operating
ponents: lecture, student labs, and team sce-
tifying, mitigating, and managing risks to their an effective incident response team.
narios. It is designed for technical staff who
organizations and networked systems.
administer and secure information systems
and networks. This course provides partici- OCTAVE Training Workshop
Evaluating Environments for pants with a fundamental understanding of This three-day workshop is designed to
Infrastructure Protection Preparedness the computer forensics process and develops help individuals and analysis teams lead and
The SEI conducts reviews of developing and first responders’ basic forensic practices. perform information security risk evaluations
operational information infrastructures, includ- such as the OCTAVE and OCTAVE Allegro
ing critical information infrastructures, to methods.
identify significant threats and vulnerabilities
and ensure resiliency of operations under
stress, attack, and contingency scenarios.
1-888-201-4479 www.sei.cmu.edu 27
Security, continued
CERT Resiliency Engineering Executive problems of computer owners, service provid- Managing Information Security Risks: The
Workshop ers, networking communities, and companies, OCTAVE Approach. Christopher Alberts and
This half-day workshop introduces partici- the conference is held in different parts of the Audrey Dorofee, Addison-Wesley, 2002
pants to the CERT Resiliency Engineering world each year. Presentations include the
Framework (REF), including key underlying latest information about incident response and The CERT Guide to System and Network
concepts, and guides participants in develop- prevention, vulnerability analysis, and related Security Practices. Julia Allen, Addison-
ing a high-level strategy for using the frame- aspects of computer security. Wesley, 2001
work to improve their organizations. Through
lectures, class exercises, and discussions, the Collaboration Meeting for CSIRTs with Reports
workshop covers current trends in security National Responsibility Comparing Insider IT Sabotage and Espionage:
and business continuity, the concept of opera- The CERT Coordination Center hosts an A Model-Based Analysis. Stephen R. Band,
tional resilience, key process improvement annual meeting of CSIRTs with national Dawn M. Cappelli, Lynn F. Fischer, Andrew P.
principles, and the REF. responsibility. This meeting fosters collabora- Moore, Eric D. Shaw, Randall F. Trzeciak, 2006
tion on joint projects and examines the chal-
Foundation for Resiliency lenges and projects unique to national CSIRTs. Introducing OCTAVE Allegro: Improving
This two-day course provides current and the Information Security Risk Assessment
future operational risk managers with founda- Process. Richard A. Caralli, James. F. Stevens,
International Workshop on
tional skills and knowledge of how security, Lisa R. Young, William R. Wilson, 2007
Requirements for High-Assurance
business continuity, and IT operations con- Systems (RHAS) Introducing the CERT Resiliency Engineering
tribute to operational resiliency. It frames the Held in conjunction with the IEEE International Framework: Improving the Security and
management of security and business conti- Requirements Engineering Conference, this Sustainability Processes. Richard A. Caralli,
nuity in the context of the business objectives workshop brings together researchers and James. F. Stevens, Charles M. Wallen, David
and organizational mission. practitioners from the fields of secure comput- W. White, William R. Wilson, Lisa R. Young,
ing and software requirements to exchange 2007
Survivability and Information ideas and experiences.
Assurance (SIA) Curriculum Botnets as a Vehicle for Online Crime. Nicholas
Today’s organizations rely on networked Software Engineering for High- Ianelli, Ross Kinder, Christian Roylo, 2005
systems powered by fast-changing technology. Assurance Systems (SEHAS)
This reliance makes them more vulnerable The Impact of Function Extraction Technology
Workshop
to attacks and forces system administrators on Next-Generation Software Engineering.
Held in conjunction with the International
to seek new approaches to computer and Alan R. Hevner, Richard C. Linger, Rosann W.
Conference on Software Engineering (ICSE),
network security. To help them, CERT has Collins, Mark G. Pleszkoch, Stacy J. Prowell,
this workshop provides a forum for research-
developed a downloadable, three-part, 46- Gwendolyn H. Walton, July 2005
ers and practitioners to exchange ideas and
module curriculum with companion labs in
experiences relevant to the development of
survivability and information assurance (SIA). Security Quality Requirements Engineering
high-assurance software systems.
The curriculum offers a problem-solving meth- (SQUARE) Methodology. Nancy R. Mead, Eric
odology built on key SIA principles that are D. Hough, Theodore R. Stehney II, 2005
System-Dynamics Modeling for
independent of specific technologies. It is
available free of charge to the general public Information Security Workshop Trustworthy Refinement Through Intrusion-
and registered instructors. Qualifying regis- The objectives of this workshop are to develop Aware Design. Robert J. Ellison, Andrew P.
tered instructors have access to the curricu- a preliminary system-dynamics model of Moore, 2003
lum’s companion instructor materials as well important aspects of the information security
as the student materials. problem from both insider and outsider per- Tracking and Tracing Cyber-Attacks: Technical
spectives using a group modeling approach; Challenges and Global Policy Issues. Howard F.
to identify additional data on these aspects Lipson, 2002
CONFERENCES that are unknown or unavailable, but are
needed for future progress on this problem; Handbook for Computer Security Incident
Events sponsored or cosponsored by the SEI and to investigate possible collaborations for Response Teams (CSIRTs). Moira J.
longer term work to propose to prospective West-Brown, Don Stikvoort, Klaus-Peter
FloCon Analysis Workshop sponsors. Kossakowski, Georgia Killcrece, Robin Ruefle,
The Flocon® Analysis Workshop is an open Mark Zajicek, 2003
conference that provides a forum for research-
ers, operational analysts, network operators, PUBLICATIONS Incident Management Capability Metrics.
and vendors interested in security-relevant Books are available from Addison-Wesley
Audrey Dorofee, Georgia Killcrece, Robin
traffic analysis of flow data. Attendees submit (www.awprofessional.com/seiseries) and
Ruefle, Mark Zajicek, 2007
papers on topics related to the development book retailers. SEI reports are available for free
or provisioning of such infrastructures or the State of the Practice of Computer Security
download at www.sei.cmu.edu/publications.
analysis of their corresponding data sets. Incident Response Teams (CSIRTs). Georgia
Killcrece, Klaus-Peter Kossakowski, Robin
Books Ruefle, Mark Zajicek, 2003
Forum of Incident Response and Secure Coding in C and C++. Robert Seacord,
Security Teams (FIRST) Conference Addison-Wesley, 2005 Detecting Scans at the ISP Level.
This conference focuses on the field of Carrie Gates, Josh McNutt, Joseph B. Kadane,
computer security incident handling and Internet Denial of Service: Attack and Defense Marc Kellner, 2006
response. In recognition of the global spread Mechanisms. Sven Dietrich with J. Mirkovic,
of computer networks and the common D. Dittrich, and P. Reiher, Prentice Hall, 2004
28 www.sei.cmu.edu 1-888-201-4479
CREDENTIALS RESEARCH Flow-Service-Quality (FSQ)
Engineering
SEI certificates and certifications awarded Engagements in technology development
Flow-service-quality (FSQ) engineering
on the completion of qualification criteria with the SEI
provides foundations for mastering complex-
established by the SEI
ity and addressing survivability in analysis and
Computational Security Attributes development of large-scale, network-centric
Certifications (CSA) systems. The FSQ project is defining rigorous
Security analysis of software today is a engineering methods for complex network
CERT-Certified Computer Security labor-intensive process requiring substantial systems characterized by shifting boundaries
Incident Handler Certification expertise that often results in subjective, one- and users, uncertain COTS software function
Organizations need individuals who can time evaluations of limited use in ongoing and quality, extensive asynchronous opera-
lead computer security incident response system operation. The Computational Security tions, unpredictable failures and compromises,
teams (CSIRTs). In response to this demand, Attributes (CSA) project has developed theo- and lack of visibility and control.
CERT has introduced a program designed to retical foundations and automatable engineer-
train and certify computer security incident ing methods for fast and precise computation Function Extraction (FX)
handlers. This program is designed for working of security properties, such as authentication, In today’s state of practice, programmers
incident handlers, CSIRT managers, system authorization, and non-repudiation, during lack practical means to determine the full
and network administrators with incident- system development and operation. The functional behavior of software in all circum-
handling experience, incident handling project defines security properties in terms stances of use. This longstanding gap in engi-
trainers, and those who have some techni- of required functional behavior that can be neering capabilities lies at the heart of many
cal training and intend to enter the incident- computed with function extraction technology. problems in software security and quality.
handling field. CERT STAR*Lab is developing function extrac-
Corporate Governance: Governing for tion (FX) theory and engineering automation to
Certificates Enterprise Security compute the behavior of software with math-
The SEI defines governing for enterprise ematical precision to the maximum extent
SEI Certificate in Information Security security as “directing and controlling an orga- possible. A first FX system is under devel-
This certificate program is designed to provide nization to establish and sustain a culture of opment to compute behavior for programs
participants with practical techniques for pro- security in the organization’s conduct (beliefs, written in or compiled into Intel assembly
tecting the security of an organization’s infor- behaviors, capabilities, and actions).” This work language. FX technology is a new approach to
mation assets and resources and increasing builds on and expands commonly described human understanding of software, as well as
the depth of knowledge and skills of technical forms of governance, including corporate gov- to malware detection and analysis, software
staff charged with administering and securing ernance, enterprise governance, and informa- development and testing, correctness veri-
information systems and networks. Security tion technology governance. The SEI helps fication, and component composition at the
issues, technologies, and recommended prac- senior executives and managers expand their system level.
tices are addressed at increasing layers of governance perspectives to include security,
complexity, beginning with concepts and pro- incorporating enterprisewide security thinking Insider Threat Studies
ceeding to technical implementations. into their and their organizations’ day-to-day The SEI has been conducting insider threat
governance actions. The SEI is building col- research for several years based on analysis
SEI Certificate in Incident Response laboration relationships with organizations of law-enforcement cases and supplemental
Process working in the governance domain (such as interviews for each case with the investiga-
This certificate program is for CSIRT techni- the Institute of Internal Auditors) and seeks tor, prosecutor, victim organization, and/or the
cal personnel. The first course in the certifi- partners who are addressing enterprise insider. Future analysis will focus on malicious
cate provides a basic introduction to the main security as part of their corporate governance insider activity that was addressed internally
incident-handling tasks and critical-thinking strategy. by the victim organization without the involve-
skills that will help incident handlers perform ment of law enforcement. The SEI is inter-
their jobs. The second course addresses Malicious Code Analysis Tools and ested in working with organizations willing to
commonly used and emerging attacks that Techniques share data and experiences on insider threat
are targeted against a variety of operating As a thought leader in the field of Internet activity and to collaborate in the collection and
systems and architectures. Ultimately, this security, the CERT/CC not only provides dissemination of guidance.
certificate is designed to provide insight into technical information to system and network
the type and nature of work incident handlers administrators and technology professionals to International Watch and Warning
may perform. It will provide an overview of help them better defend their networks, it also Network
the incident-handling arena, including CSIRT develops tools and methods to better identify, The CERT Coordination Center is collaborat-
services, intruder threats, the nature of analyze, catalog, and manage vulnerability ing with Asia-Pacific Economic Cooperation
incident-response activities, and the steps information and malicious code. It transitions (APEC), the Organization of American States
incident handlers can take in response to these tools and methods to the DoD, intel- (OAS), and many individual countries to build
system compromises at the privileged level. ligence community, law enforcement, reverse a worldwide network of CSIRTs with national
engineers, CSIRTs with national responsibil- responsibility to share information about inci-
ity, and software vendors to help improve the dents, vulnerabilities, malicious code, and
effectiveness of response teams and to help threats.
vendors mitigate vulnerabilities in the software
they produce.
1-888-201-4479 www.sei.cmu.edu 29
Security, continued
Levels of Anonymity and Traceability Resiliency Engineering Framework Future activity will include the development
(LEVANT) Resiliency engineering is an emerging area of of models, reports, training, and tools to raise
The CERT research team is conducting applied research focused on helping organi- awareness of the risk to an organization’s
research to improve the current technical capa- zations integrate, improve, and mature their critical assets and to assist the community
bility to track and trace sophisticated Internet- security, business continuity, and IT operations in understanding the factors influencing an
based attacks through the CERT Levels of activities. The CERT Resiliency Engineering insider’s decision to act, indicators and pre-
Anonymity and Traceability (LEVANT) project. Framework (REF) is the cornerstone artifact cursors of impending malicious actions, and
of this research. REF codifies an integrated countermeasures for mitigation, with the goal
Network Situational Awareness approach to protecting and sustaining critical of improving the survivability and resiliency of
CERT is looking for partners to pilot tools and business operations combined with a process the enterprise. The SEI is interested in working
techniques to understand large-scale network improvement approach to maturing enterprise with organizations in the following areas:
activity. The goal is to identify malicious competency in resiliency engineering. developing and applying insider threat risk
activity that is too subtle to detect with tradi- diagnostics, piloting innovative threat preven-
tional intrusion-detection methods. The framework provides guidelines for tion and mitigation training materials, sharing
managing security and business continuity data and experiences on threat activities, and
across the enterprise, in concert with and collaborating in the collection and dissemina-
Security Quality Requirements
in support of an organization’s mission and tion of guidance.
Engineering (SQUARE) strategy. Elevating these activities to an enter-
The SQUARE project team is installing
prise level and focusing on process enables
SQUARE at an industry location and is working
organizations to integrate, manage, bench-
on further development of the SQUARE proto-
mark, measure, and improve them over time.
type tool. In addition, the team has developed
SQUARE educational and training materials The first complete outline of the framework
and is conducting a more detailed study of was published in 2007 at www.cert.org
the technical aspects of SQUARE. The team /archive/pdf/07tr009.pdf, and REF-based
is also performing industry case studies to assessments and training are now available.
determine whether SQUARE-Lite, a stream- Research continues to expand the framework
lined version of SQUARE that can be used and to develop a suite of tools, techniques,
to supplement an existing requirements training, and methods to support organizations
engineering process, is feasible. in using the framework. Collaborating
organizations are sought to participate
The SEI is seeking organizations in govern-
in the research and assist in developing
ment, academia, and industry to participate in
the REF product suite. Please see
pilots and reviews of SQUARE practices and
www.cert.org/resiliency_engineering
processes.
for more information about CERT REF.
30 www.sei.cmu.edu 1-888-201-4479
Interoperability, Dependability, and Mission Success
1-888-201-4479 www.sei.cmu.edu 31
Interoperability, Dependability, and Mission Success, continued
32 www.sei.cmu.edu 1-888-201-4479
Mission Success SOA Governance For predicting and validating non-functional
SOA governance provides a set of policies, properties using MBE, the SEI supports
Mission Diagnostic rules, and enforcement mechanisms for • evaluating fault-tolerance of architectures
The SEI Mission Diagnostic provides a time- developing, using, and evolving SOA assets (e.g., determining reliability and availability,
efficient means of determining a mission’s and for analysis of their business value. In analyzing impact of fault propagation, and
potential for success based on an evaluation this workshop, the SEI team facilitates a identifying root causes of faults)
of current conditions. First, a set of key indi- session to help the customer organization
develop a set of appropriate SOA governance • adopting analytical resource models to
cators is evaluated to estimate a mission’s
policies, procedures, and practices. The SOA validate performance behavior (e.g., latency,
current potential for success relative to a
Governance workshop is a natural comple- schedulability, timeliness), power consump-
predefined benchmark of success. Decision-
ment to the session on SOA Strategy. tion, and network bandwidth usage
makers can then determine if the current
potential for success is acceptable or if actions • deploying security models (e.g., Bell-
are required to improve the situation. The T-Check Technology Investigations LaPadula, multi-level security [MLS]) and
Mission Diagnostic can be conducted at stra- An SEI T-CheckSM investigation provides a security architectures (e.g., multiple indepen-
tegic points throughout a mission’s life cycle sanity check on the claims made about a tech- dent levels of security [MILS]) to ensure that
and can be applied to programs, operational nology. A T-Check examination is ruthlessly access to resources is not compromised
processes, and technologies. More informa- efficient and provides insight into technolo- • conducting differential architecture analysis
tion on the Mission Diagnostic and mission gies without requiring a large investment. to discover defects and guide localized archi-
success is available from the SEI Web site at T-Check investigations are especially useful, tectural change
www.sei.cmu.edu/msce. for example, to check the claims made about
• validating data quality requirements such as
technologies for an SOA environment, where
many of the technologies and standards are temporal correctness, accuracy/precision,
Mission Assurance Analysis Protocol
still maturing. and confidence
(MAAP)
The SEI Mission Assurance Analysis Protocol
(MAAP) is a comprehensive analysis protocol Performance and Dependability EPIC Implementation
After delivering a two-day tutorial in the
that is used to examine in-depth the factors
EPIC methodology, the SEI helps organiza-
affecting a mission’s potential for success Analysis-Based Assurance tions incorporate EPIC principles into current
and create strategies to ensure that mission The application of assurance cases as a
COTS-based systems processes. The SEI also
priorities are successfully achieved. Upon means of demonstrating critical dependability
provides coaching in the successful execution
completion, an operational model, customized attributes is an emerging practice. Assurance
of the COTS-based systems process using
analysis artifacts, a measure of the mission’s cases are reviewable artifacts showing why
EPIC.
potential for success, and strategies for increased confidence in the safety, security,
improvement are produced. MAAP can be or reliability of a system is justified. They typi-
used to assess programs and operational pro- cally integrate test-based results with various
COTS Software Product Evaluation
cesses at strategic points in the mission life The SEI helps organizations apply its evalua-
analyses performed during the development
cycle. More information on MAAP and mission tion process to the selection of one or more
of a system.
success is available from the SEI Web site at COTS products for a specific system.
www.sei.cmu.edu/msce/index.html. The SEI helps organizations develop assur-
ance cases, assurance case management CURE Transition
plans, and relevant assurance case patterns. The SEI provides training and coaching to help
CUSTOMER ENGAGEMENTS The SEI institutes an assurance case approach organizations master the CURE method and
become self-sufficient in its delivery.
Funded engagements to help organizations that is integrated across the system develop-
meet their business and mission objectives ment and operation life cycle. The end result
is an efficient assurance approach leading to Mission Success
increased confidence in a system’s safety,
Interoperability security, and dependability properties. Mission-Success Assessments
The SEI helps organizations apply the SEI’s
Basics of SOA Model-Based Engineering and System mission-success assessment methods. This
In this half-day working session, SEI experts Architecture Analysis includes applying Mission Diagnostic and
walk participants through the elements of SOA The SEI uses model-based engineering to MAAP as well as developing and applying
and reveal some common misconceptions provide technical assistance and guidance to methods that are tailored for a customer.
about it. customers to support the analysis, evaluation,
and validation of architecture designs, including
SOA Strategy
• evaluating system architecture candidates,
Any successful SOA strategy has to be aligned
validating system quality attributes, and iden-
with business goals, such as reduced time-
tifying architectural inadequacies early in the
to-market for applications, integration with
design phase
business partners, or improved customer
service. Each goal drives a different set of SOA • facilitating system integration and validat-
strategies. This workshop explores the linking ing the composition and the assumptions of
of business goals with SOA strategies and underlying subsystems
identifies potential pilot projects. As a result of • conducting impact and tradeoff analysis
this workshop, an organization develops a plan using architecture models to determine per-
for identifying its SOA priorities and imple- formance and reliability effects given archi-
menting a set of concrete tasks. tectural changes
1-888-201-4479 www.sei.cmu.edu 33
Interoperability, Dependability, and Mission Success, continued
34 www.sei.cmu.edu 1-888-201-4479
PUBLICATIONS The Architecture Analysis and Design
Language (AADL): An Introduction. Peter H.
System-of-Systems Practices from an
Acquisition Perspective
Books are available from Addison-Wesley Feiler, David P. Guch, and John J. Hudak, 2006 The SEI is looking for collaborating organiza-
(www.awprofessional.com/seiseries) and
tions to pilot new approaches for acquiring
book retailers. SEI reports are available for free Modeling and Validating Security and
Confidentiality in System Architectures. Jörgen highly complex systems of systems. The suc-
download at www.sei.cmu.edu/publications.
Hansson and Aaron Greenhouse, 2007 cessful acquisition of systems of systems that
will be interoperable requires (1) the appli-
Books Flow Latency Analysis with the Architecture cation of practices that proactively address
Managing Software Acquisition: Open
Analysis and Design Language (AADL). Peter legal issues, policies, procedures, and culture
Systems and COTS Products. B. Craig Meyers
Feiler and Jörgen Hansson, 2007 governing or influencing acquisition; (2) shared
and Patricia Oberndorf, Addison-Wesley, 2001
knowledge about schedule, cost, risk, and
Dependability Cases. Charles B. Weinstock, performance; and (3) use of effective tools
Modernizing Legacy Systems: Software
John B. Goodenough, and John J. Hudak,
Technologies, Engineering Processes, and and models for specification, reasoning, and
2004
Business Practices. Robert Seacord, Daniel execution of relevant acquisition practices. The
Plakosh, and Grace Lewis, Addison-Wesley, SEI is interested in partnering with organiza-
Arguing Security—Creating Security
2003 tions that are embarking on an interoperable
Assurance Cases. John Goodenough, Howard
Lipson, and Charles Weinstock, 2006 acquisition or that have successfully com-
CMMI Survival Guide: Just Enough Process
pleted one to help refine our ideas and test
Improvement. Suzanne Garcia and Richard
Mission Diagnostic Protocol, Version 1.0. concepts and potential products.
Turner, Addison-Wesley, 2007
Christopher Alberts, Audrey Dorofee, and Lisa
Marino, 2007
MBE Essentials: An Introduction to the SAE System-of-Systems Practices from an
Architecture Analysis and Design Language Mission Assurance Analysis Protocol (MAAP), Engineering Perspective
(AADL). David Gluch and Peter Feiler, Addison- Version 1.0. Christopher Alberts, Audrey The SEI is looking for collaborating organiza-
Wesley, 2008 Dorofee, and Lisa Marino, 2008 tions to explore practices that lead to suc-
cessful construction and execution of systems
Reports Lessons Learned in Applying the Mission of systems. The successful development of
SMART: The Service-Oriented Migration and Diagnostic. Christopher Alberts, Audrey complex systems of systems requires a new
Reuse Technique. Grace Lewis, Ed Morris, Dorofee, and Lisa Marino, 2008 set of concepts, a revised set of life-cycle
Liam O’Brien, Dennis Smith, and Lutz Wrage. activities, attention to the role of emergence,
2005 Common Elements of Risk. Christopher
Alberts, 2006 and the application of a different set of tech-
A Process for Context-Based Technology nologies and techniques. The SEI is seeking
Evaluation. Grace A. Lewis and Lutz Wrage. Executive Overview of SEI MOSAIC: partners who are developing or applying new
2005 Managing for Success Using a Risk-Based strategies embodied in practices for system-
Approach. Christopher Alberts, Audrey of-systems engineering.
Model Problems for Technologies in Dorofee, and Lisa Marino, 2007
Interoperability: Web Services. Grace A. Lewis Cost Drivers and Risks of
and Lutz Wrage, 2006
Interoperability
Workshop on Model-Driven Architecture and
RESEARCH The SEI seeks partners to develop and use
Program Generation. Grace A. Lewis, B. Craig Engagements in technology development methods for modeling, tracking, and measur-
Meyers, and Kurt Wallnau, 2006 with the SEI ing the costs and risks associated with the
acquisition and development of interoperable
System-of-Systems Governance: New Patterns
of Thought. Ed Morris, Pat Place, and Dennis
Interoperability systems of systems. The SEI is investigating
how interoperability risks vary in successful
Smith, 2006 and unsuccessful systems-of-systems efforts
System-of-Systems Practices from an
Organizational Perspective and correlating those patterns of risk to perfor-
Topics in Interoperability: Structural
Programmatics in Systems of Systems. James Organizational involvement in complex mance measures such as cost and schedule.
D. Smith II, 2006 systems of systems requires more emphasis
on effective collaboration across organizations SOA Research Agenda
System-of-Systems Navigator, Version 2. and response to dynamic customer demands. The SEI seeks collaborators to (1) evolve a
Suzanne Garcia, Ed Morris, Lisa Brownsword, The SEI is developing a set of principles, long-term research agenda for SOA that was
Phillip Boxer, Pat Kirwan, and Dennis Smith, initially developed in 2007; (2) participate with
practices, and tools that enable organizations
2007 an international community of interest that is
to adapt to this increasingly complex world.
Examples of tools we are exploring include carrying out parts of the research agenda; and
Interoperable Acquisition for Systems of
Systems: The Challenges. James D. Smith II (3) carry out parts of the research agenda and
• scenario-based interoperability analysis
and D. Mike Phillips, 2006 disseminate the results through the interna-
• alignment analyses tional community of interest.
Risk Management Considerations for • supply and demand context modeling
Interoperable Acquisition. B. Craig Meyers,
2006
We are looking for partners in the develop-
An Emergent Perspective on Interoperation in ment of those and other tools and practices.
Systems of Systems. David A. Fisher, 2006 The SEI is also interested in case studies and
lessons learned from organizations that have
Conditions for Achieving Network-Centric successfully implemented system-of-systems
Operations in Systems of Systems. David A.
practices.
Fisher, B. Craig Meyers, and Pat Place, 2007
1-888-201-4479 www.sei.cmu.edu 35
Interoperability, Dependability, and Mission Success, continued
36 www.sei.cmu.edu 1-888-201-4479
Special Programs
Through the Affiliate Program, sponsoring The SEI Credentials Program helps organiza- SEI Membership is a business and knowledge
organizations contribute their best technical tions put in place the best practices for design- network that connects the SEI with members of
people to the SEI’s ongoing effort to define ing high-quality software and protecting net- government, industry, and academia throughout
superior software engineering practices. worked systems. SEI Credentials offers certifi- the globe who stand at the forefront of software
Affiliates lend their technical knowledge and cate and certification programs that guide par- and systems engineering. SEI Members include
experience to SEI teams investigating specific ticipants through a series of courses chosen to CEOs, directors, and managers from Fortune
technology domains. help them develop expertise in specific areas 500 companies and prominent government
of work, including computer security incident organizations, as well as front-line software
Affiliates’ sponsoring organizations represent handling, software engineering process man- engineers, programmers, testers and devel-
industry, government, and academia. As team agement, and software architecture design. opers from startup organizations. The SEI is
members on SEI projects, affiliates collaborate the only one of the 37 U.S. federally funded
with SEI staff to identify, develop, and demon- The SEI has an unsurpassed reputation as a research and development centers (FFRDCs)
strate improved practices. leader in advancing the practice of software that offers membership to the public.
engineering. By enrolling in one of our certifi-
Participation in the Affiliate Program is cation or certificate programs, participants SEI Membership is designed for software engi-
intended to immerse affiliates in the inquiry neering professionals who are interested in
• receive official recognition of their skills
and exploration of new tools and methods priority access to SEI technologies and events
and expertise
that promise increased productivity, predict- that support the transition of software engi-
able schedules, fewer defects, and decreased • learn how to lead and participate in efforts to neering standards and best practices. Benefits
costs. Affiliates can influence the SEI research improve processes at their organizations include an annual member assembly and
agenda by identifying real-world problems and • network with others facing similar challenges luncheon, as well as other networking opportu-
providing the SEI with opportunities to pilot nities year-round. Members receive discounts
• learn from experienced instructors with
new tools and methods that can benefit on the annual SEPG Conference, several other
years of experience
the affiliates’ organizations for many years SEI-sponsored conferences and events, SEI
to come. merchandise, and one SEI public course per
SEI Certificates year. Members also have their own personalized
See www.sei.cmu.edu/collaborating www.sei.cmu.edu/credentials
profile posted at the SEI Member Center Web
/affiliates or call 412-268-3980 for more infor- site, where they can find the latest SEI news
mation about the Affiliate Program, benefits to Certificates are awarded upon completion of
and network with other members through the
the sponsoring organization and the affiliate, a series of continuing education courses and
directory. Members also stay current with The
and current affiliate opportunities. serve to recognize successful completion of
Bulletin, a weekly e-mail newsletter, and The
an educational process.
Monitor, a monthly, members-only publication
for and about SEI members.
SEI Certifications
www.sei.cmu.edu/certification Varying levels of membership include:
1-888-201-4479 www.sei.cmu.edu 37
Special Programs, continued
38 www.sei.cmu.edu 1-888-201-4479
Index
SEPG Latin America Conference...................22 Analysis-Based Assurance.............................33 Product Line Adoption/Action Planning
Workshop...................................................... 13
SEPG North America Conference..................22 Architectural Assistance and Coaching.......... 12
Product Line Diagnosis Using the PLQL
Software Architecture Technology User Architecture Reconstructions........................ 12 or the PLTP.................................................... 13
Network (SATURN) Workshop....................... 14
Assistance Applying Goal-Driven Product Line Executive Session.................... 12
Software Architecture Workshop for Measurement, Six Sigma, and Other
Educators....................................................... 14 Measurement and Analysis Techniques.........20 Quality Assessments of System Architectures
and their Requirements (QUASAR).................8
Software Engineering for High-Assurance Basics of SOA................................................33
Systems (SEHAS) Workshop.........................28 Quality by Construction Clinic........................ 13
CERT Resiliency Engineering Framework
Software Product Line Conference (SPLC).... 14 (CERT REF) Assessment...............................27 Request for Proposal (RFP) Preparation and
Reviews...........................................................8
System-Dynamics Modeling for Information Clustered-Computing Analysis Platform
Security Workshop........................................28 (C-CAP)..........................................................26 SOA Governance...........................................33
CERT-Certified Computer Security Incident Establishing and Improving Information Sustainment-Readiness Review......................8
Handler Certification......................................29 Security Management Programs
and Practices.................................................27 System and Software Requirements
PLTP Leader................................................... 16 Architecture Reviews.......................................8
Establishing an Incident Response
Product Line Technical Probe (PLTP) Team Capability.......................................................26 T-Check Technology Investigations.................33
Member......................................................... 16
Evaluating Environments for Infrastructure Tailored Management Assistance on
SEI-Certified Implementing Goal-Driven Protection Preparedness...............................27 Product Line Efforts....................................... 13
Measurement Instructor................................23
Evaluating or Benchmarking Incident Tailored Technical Support on Product Line
SEI-Certified PSP Developer..........................23 Management Capabilities..............................26 Efforts............................................................ 13
SEI-Certified SCAMPI High Maturity Lead Evaluations, Assessments, and Reviews......27 Testing-Approach Evaluation............................8
Appraiser.......................................................23
Getting Started with CMMI-Based Virtual Network Audit.....................................27
SEI-Certified ITSP Coach...............................23 Improvement.................................................20
Virtual Training Environment (VTE).................27
Getting Started with People CMM-Based
Improvement.................................................20
1-888-201-4479 www.sei.cmu.edu 39
Index, continued
Conditions for Achieving Network-Centric Modeling and Validating Security and Sustaining Software-Intensive Systems9
Operations in Systems of Systems...............35 Confidentiality in System Architectures.........35
System-of-Systems Governance:
Dependability Cases......................................35 Model Problems for Technologies in New Patterns of Thought...............................35
Interoperability: Web Services.......................35
Detecting Scans at the ISP Level..................28 System-of-Systems Navigator, Version 2.......35
Modernizing Legacy Systems: Software
Documenting Software Architectures: Technologies, Engineering Processes, and System Architecture Evaluation
Views and Beyond......................................... 15 Business Practices........................................35 Using the ATAM............................................. 15
40 www.sei.cmu.edu 1-888-201-4479
Techniques for Developing an Acquisition
Strategy by Profiling Software Risks...............9
Research Process Improvement in Multi-Model
Environments................................................24
Testing a Software Product Line.................... 15 Advanced Processor Performance.................36 Production Planning and Product
Derivation...................................................... 16
The Architecture Analysis and Design Architecture-Based System Evolution............ 16
Language (AADL): An Introduction................35 Product Line Adoption Strategies.................. 16
Architecture Competence.............................. 16
The CERT Guide to System and Network Product Line Economic Models..................... 16
Security Practices..........................................28 Assurance Cases for Systems of Systems....36
Product Line Variability Mechanisms and
The Impact of Function Extraction CMMI Beyond Version 1.2.............................24 Automated Support for Variability.................. 16
Technology on Next-Generation Software
Computational Security Attributes (CSA).......29 Quality Attribute Models................................ 16
Engineering....................................................28
Connection of Architecture-Centric Methods Resiliency Engineering Framework................30
The People Capability Maturity Model:
with Other Software Technologies and
Guidelines for Improving the Workforce........23
Paradigms...................................................... 16 Security Quality Requirements Engineering
The Structured Intuitive Model for Product (SQUARE)......................................................30
Connection of Software Product Lines
Line Economics (SIMPLE)............................. 15
with Other Software Technologies and SOA Research Agenda...................................35
Topics in Interoperability: Structural Paradigms...................................................... 16
Programmatics in Systems of Systems.........35 STAR*Lab: Security Technology Automation
Corporate Governance: Governing for and Research.................................................30
Tracking and Tracing Cyber-Attacks: Enterprise Security........................................29
Technical Challenges and Global Policy State-of-the-Practice Studies.........................24
Cost Drivers and Risks of Interoperability.....35
Issues............................................................28 Studies of CMMI’s Effect on Performance....24
Data Management for Distributed
Trustworthy Refinement Through System-of-Systems Practices from an
Systems.........................................................36
Intrusion-Aware Design.................................28 Acquisition Perspective.................................35
Developing High-Integrity Trust
TSP: Leading a Development Team...............23 System-of-Systems Practices from an
Mechanisms for Software Components........ 17
Ultra-Large-Scale Systems: The Software Engineering Perspective................................35
Developing or Validating Automated
Challenge of the Future................................. 15 System-of-Systems Practices from an
Methods for Predicting Software Quality...... 17
Understanding and Leveraging a Organizational Perspective............................35
Developing PECTs......................................... 17
Supplier’s CMMI Efforts: A Guidebook for Threat Analysis and Modeling........................30
Acquirers.......................................................23 Developing Proofs of Feasibility of
Predictable Assembly.................................... 17 Translating CMMI Into Other Languages.......24
Using the SEI Architecture Tradeoff
Analysis Method to Evaluate WIN-T: Experiments with ArchE................................ 16 TSP-Secure....................................................24
A Case Study................................................. 15
Fault Containment.........................................36 ULS System Research Areas......................... 17
Winning With Software: An Executive
Strategy.........................................................23 Flow-Service-Quality (FSQ) Engineering........29 ULS Systems Research Roadmap................. 17
Network-Centric Operations..........................36
Predictive Modeling.......................................36
1-888-201-4479 www.sei.cmu.edu 41
Index, continued
CERT Knowledgebase...................................26 Product Line Technical Probe CMMI Version 1.2 Upgrade Training...............20
(PLTP)............................................................ 12
CMMI for Acquisition (CMMI-ACQ).................7 Computer Forensics for Technical Staff.........27
Quality Attribute Workshop (QAW)................ 11
CMMI Models............................................... 19 Continuous Risk Management........................8
SCAMPI Class A Method.............................. 19
CMMI Modules............................................. 19 COTS-Based Systems for Program
SCAMPI Class B and C Methods.................. 19 Managers...................................................8, 34
CMMI Process and Product Development
Using Six Sigma DMADV..............................20 Security Quality Requirements Engineering COTS Software Product Evaluation for
(SQUARE)......................................................26 Practitioners.....................................................9
CMMI Process Performance Improvement
Using Six Sigma DMAIC................................ 19 Service Migration and Reuse Technique COTS Software Product Evolution for
(SMART)........................................................32 Practitioners...................................................34
ComFoRT Model Checking Reasoning
Framework..................................................... 12 Software Engineering Information Creating a Computer Security Incident
Repository (SEIR).......................................... 19 Response Team.............................................27
Construction and Composition Language
(CCL).............................................................. 12 Software Product Line Acquisition: A Defining Software Processes........................22
Companion to a Framework for Software
Cost Benefit Analysis Method (CBAM)......... 11 Product Line Practice..................................... 11 Designing Products and Processes
Using Six Sigma.............................................22
COTS Product Evaluation Method.................32 Structured Intuitive Model for Product Line
Economics (SIMPLE)..................................... 12 Developing Software Product Lines.............. 14
COTS Usage Risk Evaluation (CURE)............32
Survivable Systems Analysis (SSA)...............26 Documenting Software Architectures........... 14
e-RA...............................................................26
System-of-Systems (SoS) Navigator EPIC Tutorial...................................................34
Evolutionary Process for Integrating Product Suite.................................................32
COTS-Based Systems (EPIC).........................32 Foundation for Resiliency..............................28
System Architecture Modeling and
Framework for Software Product Line Analysis.........................................................32 Fundamentals of Incident Handling...............27
Practice.......................................................... 11
Team Software Process (TSP).......................20 Implementing Goal-Driven Measurement.....22
Goal-Question-Indicator-Measure (GQIM)
Method.......................................................... 19 Vendor Risk Assessment and Threat Implementing Goal-Driven Measurement
Evaluation (V-RATE).......................................26 Instructor Training..........................................22
Lambda-star Performance Reasoning
Framework..................................................... 12 Views and Beyond Approach to Architecture Improving Process Performance
Documentation.............................................. 11 Using Six Sigma.............................................22
Measurement and Analysis Infrastructure
Diagnostic (MAID)......................................... 19 Information Security for Network
Managers.......................................................27
Mission Assurance Analysis Protocol
(MAAP)..........................................................33 Information Security for Technical Staff.........27
42 www.sei.cmu.edu 1-888-201-4479
Intermediate Concepts of CMMI...................21
Introduction to SMART..................................34
Introduction to SOA.......................................34
1-888-201-4479 www.sei.cmu.edu 43
Abbreviations, Acronyms, and Initialisms
AADL Architecture Analysis & Design IGDM Implementing Goal-Driven SEHAS Software Engineering for High-
Language Measurement Assurance Systems
ADD Attribute-Driven Design IMCE Incident Management Capability SEI Software Engineering Institute
Evaluation
APEC Asia-Pacific Economic Cooperation SEIR Software Engineering Information
IPRC International Process Research Repository
ArchE Architecture Expert
Consortium
SEPG-AU SEPG Australia
ARID Active Reviews for Intermediate
IPSS Improving Processes in Small
Designs SEPG-LA SEPG Latin America
Settings
ASDT Acquisition Strategy Development SIA Survivability and Information
IT information technology
Tool Assurance
ITA independent technical assessment
ATAM Architecture Tradeoff Analysis SiLK System for Internet-Level
Method LEVANT Levels of Anonymity and Knowledge
Traceability
C-CAP Clustered-Computing Analysis SIMPLE Structured Intuitive Model for
Platform MAAP Mission Assurance Analysis Product Line Economics
Protocol
CBAM Cost Benefit Analysis Method SMART Service-Oriented Migration and
MAID Measurement and Analysis Reuse Technique
CCL Construction and Composition
Infrastructure Diagnostic
Language SOA service-oriented architecture
MBE model-based engineering
CERT/CC CERT Coordination Center SoS system of systems
MOSAIC Mission-Oriented Success
CMM Capability Maturity Model SPIN Software Process Improvement
Analysis and Improvement Criteria
Network
CMMI Capability Maturity Model
NDIA National Defense Industrial
Integration SPLC Software Product Lines
Association
Conference
CMMI-ACQ CMMI for Acquisition
NetSA Network Situational Awareness
STAR*Lab Security Technology Automation
CMMI-AM CMMI Acquisition Module
OAR Options Analysis for and Research
CMMI-DEV CMMI for Development Reengineering
SQUARE Security Quality Requirements
CONOPS concept of operations OAS Organization of American States Engineering
COTS commercial off-the-shelf OCTAVE Operationally Critical Threat, Asset, SSA Survivable Systems Analysis
and Vulnerability Evaluation
CSA Computational Security Attributes TSP Team Software Process
OSATE Open Source AADL Tool
CSIRT Computer Security Incident UML unified modeling language
Environment
Response Team
ULS ultra-large scale
PBC Performance Benchmarking
CURE COTS Usage Risk Evaluation
Consortium VNA Virtual Network Audit
CVE common vulnerabilities and
PECT prediction-enabled component V-RATE Vendor Risk Assessment and
exposures
technology Threat Evaluation
DMADV define-measure-analyze-design-
PIER Process in Execution Review VTE Virtual Training Environment
verify
PLQL Product Line Quick Look
DMAIC define-measure-analyze-improve-
control PLTP Product Line Technical Probe
DoD Department of Defense PSP Personal Software Process
EPIC Evolutionary Process for QUASAR Quality Assessments of Systems
Integrating COTS-Based Systems Architecture Requirements
FIRST Forum of Incident Response and QAW Quality Attribute Workshop
Security Teams
REF Resiliency Engineering Framework
FSQ flow-service-quality
RFP request for proposal
FX function extraction
RHAS Requirements for High-Assurance
GQIM Goal-Question Indicator Metric Systems
ICCBSS International Conference on COTS- SAE Society for Automotive Engineers
Based Software Systems
SATURN Software Architecture Technology
IEEE Institute of Electrical and Users Network
Electronics Engineers
SCAMPI Standard CMMI Assessment
Method for Process Improvement
44 www.sei.cmu.edu 1-888-201-4479
The Software Engineering Institute (SEI) is a federally Copyrights
Carnegie Mellon University SEI-authored documents are
SM
MM Integration; COTS Usage Risk Evaluation; CURE; EPIC;
C
Evolutionary Process for Integrating COTS-Based Systems;
FloCon; Framework for Software Product Line Practice; IDEAL;
Interim Profile; OAR; Operationally Critical Threat, Asset, and
Vulnerability Evaluation; Options Analysis for Reengineering;
Personal Software Process; PLTP; Product Line Technical Probe;
PSP; SCAMPI; SCAMPI Lead Appraiser; SEPG; Team Software
Process; and TSP are service marks of Carnegie Mellon
University.
3393 07 9 30