Software Engineering Institute (SEI) Podcast Series

Artificially intelligent (AI) systems hold great promise to empower us with knowledge and enhance human effectiveness. As a senior research scientist in human-machine interaction at the Software Engineering Institute's Emerging Technology Center, Carol Smith works to further understand how humans and machines can better collaborate to solve important problems and also understand our responsibilities and how that work continues once AI systems are operational. In this podcast, Smith discusses a framework that builds upon the importance of diverse teams and ethical standards to ensure that AI systems are trustworthy and able to effectively augment warfighters.

Those who work in computing today bring a wide array of backgrounds and experiences to the profession. In this podcast learn how Madison Quinn Oliver, who wanted to work at Carnegie Mellon University since childhood, relied on a strong work ethic and lifelong pursuit of education to become an associate vulnerability engineer on the Vulnerability Coordination Team within the SEI’s CERT Division. This is the second installment in our My Story in Computing podcast series.

In this podcast, Allen Householder and David Warren discuss the CERT Guide to Coordinated Vulnerability Disclosure, which is intended for use by security researchers, software vendors, and other stakeholders in navigating the complexities of informing others about security vulnerabilities.

Dr. April Galyardt, a machine learning research scientist at the SEI, discusses her career journey, challenges, and lessons learned along the way. This episode is the latest installment in our series highlighting the work of women in software and cybersecurity.

Computers and information technology are getting more and more integrated into our daily lives, so they need to be easy to use. But recent, historically large data breaches have demonstrated the need to make systems more secure and to protect information about individuals. How will the security−privacy−usability triangle successfully accommodate the challenges that the future will bring? In this podcast, Dr. Lorrie Faith Cranor, director of CyLab, sits down with Bobbie Stempfley, director of the SEI’s CERT Division, to talk about the future of cyber in security and privacy.

For more than 30 years, the cybersecurity community has worked to increase the effectiveness of our cybersecurity and resilience efforts. Today we face an explosion of devices, the pervasiveness of software, the threat of adversarial capability, and the dependence of national capabilities on the cyber domain. These challenges demand that we think about how to achieve the future we need. In this podcast, the first in a series exploring The Future of Cyber, Bobbie Stempfley, director of the CERT Division of the SEI, and Dr. Michael McQuade, vice-president for research at Carnegie Mellon University, explore past and present technologies that have helped to secure our digital infrastructure and how past advancements will help us secure future architectures.

In this podcast, Jeff Gennari and Cory Cohen discuss updates to the Pharos Binary Analysis Framework in GitHub, including a new plug-in to import OOAnalyzer analysis into the NSA's recently released Ghidra software reverse engineering tool suite.

Dr. Carol Woody discusses the career path that led to her current role as technical manager for the Cybersecurity Engineering (CSE) team in the SEI’s CERT Division.

Successful management of incidents that threaten an organization's computer security is a complex endeavor. Frequently an organization's primary focus is on the response aspects of security incidents, which results in its failure to manage incidents beyond simply reacting to threatening events. In this SEI Podcast, Robin Ruefle and Mark Zajicek discuss recent work that provides a baseline or benchmark of incident management practices for an organization and detail how important it is to focus on preparation for incident management along with coordination and communication of analysis and response activities.

April Galyardt, Angela Horneman, and Jonathan Spring discuss seven key questions that managers and decision makers should ask about machine learning to effectively solve cybersecurity problems.

In this SEI Podcast, Kristi Roth, a summer 2019 intern in the Software Solutions Division at the Software Engineering Institute, discusses the path that led from a childhood spent calculating math problems in her head to a high school Introduction to Programming class to Penn State University where she is a senior computer science major.

Solving the technical aspects isn’t enough to build reliable, enduring, resilient software and systems. Human decision making, behavioral factors, and cultural factors influence software engineering, acquisition, and cybersecurity. In this podcast roundtable, Andrew Mellinger, Suzanne Miller, and Hasan Yasar discuss the human factors that impact software engineering, from communication tools they use to the environment that they work in.

In this SEI Podcast, Anita Carleton discusses the career path that led to her current role as acting director of the SEI’s Software Solutions Division and the challenges and mentors (Watts Humphrey) that she encountered along the way.

In this podcast, the authors discuss a 2019 paper that outlines challenges with the Common Vulnerability Scoring System (CVSS) and proposes changes to improve it.

Today's major defense systems rely heavily on software-enabled capabilities. However, many defense programs acquiring new systems first determine the physical items to develop, assuming the contractors for those items will provide all needed software for the capability. But software by its nature spans physical items: it provides the inter-system communication that has a direct influence on most capabilities, and thus must be architected intelligently, especially when pieces are built by different contractors. As Dr. Sarah Sheard discusses in this SEI Podcast, if this architecture step is not done properly, a software-reliant project can be set up to fail from the first architectural decision.

The Software Assurance Framework (SAF) is a collection of cybersecurity practices that programs can apply across the acquisition lifecycle and supply chain. The SAF can be used to assess an acquisition program’s current cybersecurity practices and chart a course for improvement, ultimately reducing the cybersecurity risk of deployed, software-reliant systems. In this podcast, Dr. Carol Woody discusses the selection of metrics for measuring the software assurance of a product as it is developed and delivered to function in a specific system context.

In 2017 and 2018, the world witnessed a record number of climate and weather-related disasters. Government agencies are increasingly interested in the use of artificial intelligence (AI) to help first responders in locating survivors, identifying structures in satellite imagery, and removing debris after a disaster. Ritwik Gupta, a machine learning research scientist in the SEI’s Emerging Technology Center, discusses the use of AI in humanitarian assistance and disaster response (HADR) efforts.

Classifying errors in a component-based system is challenging. Components, and the systems that rely on them, can fail in myriad, unpredictable ways. It is nonetheless a challenge that should be addressed because component-based, software-driven systems are increasingly used for safety-critical applications. In this podcast, SEI researchers Peter Feiler and Sam Procter present the Architecture Analysis and Design Language (AADL) EMV2 Error Library, which is an established taxonomy that draws on a broad range of previous work in classifying system errors.

As a principle researcher at the SEI, Suzanne Miller works to help the Department of Defense develop and field software to the warfighter. In this SEI Podcast, the latest highlighting the work of women in software and cybersecurity, Miller discusses the career path that led to her current position and the challenges and mentors that she encountered along the way. 

In this SEI Podcast, Dr. Giulia Fanti, an assistant professor of Electrical and Computer Engineering at Carnegie Mellon University, discusses her latest research including privacy problems in the cryptocurrency and blockchain space and generative adversarial networks.