Advances in the Acquisition of Secure Systems Based on Open Architectures
The role of software acquisition ecosystems in the development and evolution of secure open architecture systems has received insufficient consideration….
CSIAC collects and publishes articles related to our technical focus areas on the web to share with the DoD community.
Development and Transition of the SEI Software Assurance Curriculum
In this article, we discuss the development and transition of the Software Engineering Institute’s (SEI’s) Software Assurance Curriculum. The Master…
Defense Technical Information Center’s (DTIC’s) Hidden Gems
The Defense Technical Information Center (DTIC) provides a host of products and services to the DoD and to users in…
Is Our Software REALLY Secure?
The answer to the question is NO – as noted in the DoD Director, Operational Test and Evaluation FY 2016…
Hacker 101 & Secure Coding: A Grassroots Movement towards Software Assurance
The frequency and complexity of attacks upon the software assets of the United States Military is increasing at a rate…
Software Assurance in The Agile Software Development Lifecycle
Over the last 30 years, the DoD has struggled to adapt to the ever-changing world of software development. Of these…
Keys to Successful DoD Software Project Execution
Software is inherent in today’s complex systems and is often the primary cost, schedule, and technical performance driver in Department…
Automation and Ongoing Authorization Transition/Implementation
The use of manual methods to monitor system controls has essentially become impractical due to the growing number of applicable…
Risk Analysis with Execution-Based Model Generation
Analyzing risk is critical throughout the software acquisition lifecycle. System risk is assessed by conducting a penetration test, where ethical…
Information Security Continuous Monitoring (ISCM)
The ability for commanders to know and understand an organizational attack surface, its vulnerabilities, and associated risks is a fundamental…
Security of Cyber-Physical Systems
Cyber Physical Systems (CPSs) are electronic control systems that control physical machines such as motors and valves in an industrial…
Synergistic Architecture for Human-Machine Intrusion Detection
Abstract Modern day detection of cyber threats is a highly manual process where teams of human analysts flag suspicious events…