Report on Annual Regional Information Assurance Symposia

The Networked Systems Survivability Program at the Carnegie Mellon Software Engineering Institute (SEI) seeks to transition information assurance and information security courseware to institutions of higher education within the United States, with a particular focus on minority-serving institutions. Rather than build an infrastructure to accomplish this, the SEI utilizes partnerships, through Regional Collaborative Clusters, that leverage the strengths of the SEI and the strengths of the partner educational institutions. The SEI builds upon the partner's existing trusted relationships and infrastructure, creating an environment that sustains the incorporation of new and evolving materials, and is more cost-effective for all parties. The annual Regional Information Assurance Symposia are a key transition component of the Regional Collaborative Clusters

Reports from the Field on System of Systems Interoperability Challenges and Promising Approaches

This report identifies challenges and some successful approaches to achieving interoperability in systems of systems. Although systems of systems and their interoperability challenges are not limited to the U.S. Department of Defense (DoD), this report is based on the challenges and successes reported in interviews with various DoD personnel, with assurances of anonymity for those interviewed. Reported challenges and problems far exceeded the number of successes. Reported successes with interoperability typically involved: (1) key individuals who had the knowledge, experience, and determination to ensure systems successfully interoperate in particular environments of use in the field; (2) systems incrementally developed and evolved, with continual integration incorporating tests for interoperability issues as they are discovered; or (3) systems of systems of smaller scope, constructed and fielded outside of the usual DoD acquisition program model

Army ASSIP System-of-Systems Test Metrics Task

The Army Strategic Software Improvement Program goal is to dramatically improve the acquisition of software-intensive systems by focusing on acquisition programs, people, and production/sustainment and by institutionalizing continuous improvement. This special report contains a briefing (slides and accompanying notes) on the results of one subtask of this effort conducted during FY06. The subtask called for three actions: 1) explore the (then) current processes and test results/metrics used to address system-of-systems integration and testing, 2) develop findings and recommendations for improvement based on this initial exploration, and 3) recommend future work to further improve the Army's system-of-systems integration and test practices. The Army is in the lead in addressing the many challenges associated with system-of-system s integration and testing, paving the way for the rest of the U.S Department of Defense (DoD). As a result, the information contained in this report is useful to other organizations facing similar challenges

Building Information Assurance Educational Capacity: Pilot Efforts to Date

This report describes efforts by the Software Engineering Institute (SEI) to increase the capacity of institutions of higher education to offer information assurance (IA) and information security (IS) courses, to expand existing IA and IS offerings, and to include IA and IS topics and perspectives, as appropriate, in other courses. To accomplish these goals, the SEI transitions courseware, materials, and a survivability and information assurance curriculum to various departments at institutions of higher education, participates in NSF-funded faculty capacity-building programs, creates partnerships with key regional educational institutions, and offers IA symposia, among other efforts. While the SEI works with all institutions of higher education, there is a particular focus on minority-serving institutions. Rather than build a new infrastructure to accomplish this, the SEI utilizes partnerships that leverage the strengths of the SEI and the strengths of the partner educational institutions and builds upon existing trusted relationships and infrastructure, and sustains the incorporation of new and evolving materials. Leveraging other complementary programs, events, and organizations broadens the offering and makes it more cost effective to all parties concerned

Schedule Considerations for Interoperable Acquisition

The role of schedule is fundamental to the acquisition of a particular system. This topic is of even more importance to acquisition in a system-of-systems environment. This report examines the issue of schedule considerations for interoperable acquisition. First, a Gedanken red team project is used to explore concerns about schedule in interoperable acquisition. Then, those concerns are examined in light of current requirements regarding schedule. From that examination, several research questions are proposed

An Activity Framework for COTS-Based Systems

As the use of commercial technology and products in systems becomes increasingly popular, particularly for government organizations, program managers need a new understanding of the dynamic principles of system creation. However, there is little information on how the use of commercial off-the-shelf (COTS) products affects existing system development practices or what new processes are needed for the successful use of COTS products. As part of the COTS-Based Systems Initiative at Carnegie Mellon University's Software Engineering Institute (SEI), we are studying this diversity in the software development process. As part of that work, we have started to articulate some of the activities and practices that are necessary for the effective development and lifetime support of COTS-based systems. This document provides an introduction to those activities and practices

Using EVMS with COTS-Based Systems

With the increased use of commercial off-the-shelf (COTS) software products, managers of software development projects must plan and track performance of projects that have new challenges and risks. A system developer may be required to integrate multiple COTS products with newly developed custom components and legacy system components. How are these new activities and tasks planned and monitored? Can traditional management methods be used? Earned Value is a project management tool used extensively to plan and monitor performance against the plan. This paper's focus is on the use of Earned Value in the context of a COTS-Based System (CBS). It's written for an audience already familiar with Earned Value Project Management; only the basic definitions are discussed here with the associated terminology. A bibliography is included, offering good sources for obtaining more in-depth information on Earned Value history and methodology

Results of SEI Independent Research and Development Projects FY 2006

Each year, the Software Engineering Institute (SEI) undertakes several independent research and development (IRAD) projects. These projects serve to (1) support feasibility studies investigating whether further work by the SEI would be of potential benefit and (2) support further exploratory work to determine whether there is sufficient value in eventually funding the feasibility study work as an SEI initiative. Projects are chosen based on their potential to mature and/or transition software engineering practices, develop information that will help in deciding whether further work is worth funding, and set new directions for SEI work. This report describes the IRAD projects that were conducted during fiscal year 2006 (October 2005 through September 2006)