The Software Assurance Framework (SAF) is a collection of cybersecurity practices that programs can apply across the acquisition lifecycle and supply chain. The SAF can be used to assess an acquisition program’s current cybersecurity practices and chart a course for improvement, ultimately reducing the cybersecurity risk of deployed, software-reliant systems. In this podcast, Dr. Carol Woody discusses the selection of metrics for measuring the software assurance of a product as it is developed and delivered to function in a specific system context.

Selecting Metrics for Software Assurance

The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.

Technology

Tech News

Podcasting

Gadgets

Software How-To

Science

With the increasing complexity of software systems, the use of third-party components has become a widespread practice. Cyber disruptions, such as SolarWinds and Log4j, demonstrate the harm that can occur when organizations fail to manage third-party components in their software systems. In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Woody, principal researcher, and Michael Bandor, a senior software engineer, discuss a Software Bill of Materials (SBOMs) framework to help promote the use of SBOMs and establish a more comprehensive set of practices and processes that organizations can leverage as they build their programs. They also offer guidance for government agencies who are interested in incorporating SBOMs into their work. 

Developing and Using a Software Bill of Materials Framework

 In this podcast from the Carnegie Mellon University Software Engineering Institute, Carol Ware, a senior cybersecurity engineer in the SEI’s CERT Division, discusses her career path, the value of mentorship, and the importance of diversity in cybersecurity.

The Importance of Diversity in Cybersecurity: Carol Ware

 In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Suzanne Miller, a principal researcher in the SEI’s Software Solutions Division, discusses her career path, the value of mentorship, and the importance of diversity in software engineering.

The Importance of Diversity in Software Engineering: Suzanne Miller

 Across the globe, women account for less than 30 percent of professionals in technical fields. That number drops to 22 percent in the field of Artificial Intelligence (AI). In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Violet Turri, a software developer in the SEI’s AI Division, discusses the evolution of her career in AI and the importance of diversity in the field. 

The Importance of Diversity in Artificial Intelligence: Violet Turri

 In this podcst from the Carnegie Mellon University Software Engineering Institute (SEI), Carol Ware, a senior cybersecurity engineer in the SEI's CERT Division, discusses her career path, the value of mentorship, and the importance of diversity in cybersecurity.

Selecting Metrics for Software Assurance

Download our free app to listen on your phone