Carol A. Sledge

Developing new processes for COTS-based systems

Although commercial off-the-shelf (COTS) products are becoming increasingly popular, little information is available on how they affect existing software development processes or what new processes are needed. At Carnegie Mellon Universitys Software Engineering Institute (SEI), we are developing a process framework for working with COTS-based systems.

Evolution of a software engineer in a SoS system engineering world

Many U.S. defense programs and commercial industry (hereafter referred to simply as ‘programs’) have difficulty in fielding and sustaining systems in a timely and cost-efficient manner. As software assumes an ever-increasing and important role in the engineering of systems, not only do these programs struggle to employ good software engineering practices, but the dialog between systems engineers and software engineers starts later in the life cycle than it should. Although these difficulties are faced by single, stand-alone systems, such systems are no longer the norm. System and software engineers are increasingly faced with the challenges of systems of systems (SoS)

Panel Session - Learning Modules for Security, Privacy and Information Assurance In Undergraduate Engineering Education

Computer trustworthiness continues to increase in importance as a pressing scientific, economic, and social problem. In todays environment, there is heightened awareness of the threat of well-funded professional cyber hackers and the potential for nation-state sponsored cyber warfare. An accelerating trend of the last decade has been the growing integration role of computing and communication in critical infrastructure systems that now have complex interdependencies rooted in information technologies. These overlapping and interacting trends force us to recognize that trustworthiness of our computer systems is not an IT issue any more; it has a direct and immediate impact on our critical infrastructure. Security is often a collective enterprise, with complicated interdependencies and composition issues among a variety of participants. This poses a challenge for traditional engineering education models and curricula. The panel will discuss experiences and strategies to establish curricular foundation elements providing CSET graduates with an understanding of the interaction between cyber security, critical infrastructure systems and public policy

The Added Dimension: Information Security in COTS-Based Software Systems

Issues related to information security and survivability usually are not considered in the requirements, design, acquisition, and maintenance stages of COTS-based soft-ware development. Security, if considered at all, is generally an afterthought, bolted on after the application has been developed and integrated, as opposed to an initial re-quirement of the proposed system or upgrade to the system.