How to Address the Problem of Poorly-Defined Requirements in Software System Design
Автор: Software Engineering Institute | Carnegie Mellon University
Загружено: 2025-11-12
Просмотров: 505
Silent Sentinel on GitHub https://github.com/cmu-sei/silentsent...
This webcast offers a solution to the problem of poorly defined requirements in system design that can lead to software flaws, cost and time overruns, and stakeholder dissatisfaction. We will tell you how to use a structured process called the ATAM (architectural tradeoffs analysis method) to develop a system design by eliciting requirements, scenarios, and priorities from stakeholders. Then, we will explain how to measure compliance with those requirements during testing using DevSecOps principles and tools, such as the SEI’s Silent Sentinel.
What Will Attendees Learn?
• What software quality attributes are and why they are important
• How to prioritize competing requirements
• How to ensure architectural requirements are satisfied during development in a DevSecOps toolchain
Speakers: Dr. Lori Flynn and Lyndsi Hughes
@TheSEICMU
Resources:
• “Silent Sentinel Tool Automates Software Risk Analysis”, Feb. 10, 2025. https://www.sei.cmu.edu/news/silent-s...
• “Do You Know What Your Software Is Actually Doing?” fact sheet https://www.sei.cmu.edu/library/do-yo...
• L. Hughes, M. Sherman. “Dynamic Analysis of an Executable’s System Impact”, InfoSec World 2025 https://www.infosecworldusa.com/isw25...
• J. Sible. “Do You Really Know What Your Application is Doing?” ISC2 Security Congress 2025
• ATAM Collection https://www.sei.cmu.edu/library/archi...
• Continuous Deployment of Capability https://www.sei.cmu.edu/continuous-de...
• SEI’s LASAA (LLMs for automation of static analysis adjudication): an early paper https://scholarspace.manoa.hawaii.edu...
• Automated program repair (APR) tools provide automated patch suggestions for source code, binary, and/or bytecode.
o Automated program repair, what is it good for? not absolutely nothing!
https://arxiv.org/abs/2412.01072
o SEI’s Redemption APR tool project page and recent technical report
https://www.sei.cmu.edu/library/autom...
o Vulnerability repair via concolic execution and code mutations
https://yannicnoller.github.io/assets...
#softwarequality #devsecops
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
