Public Group
active 1 day, 6 hours ago
Enable Department of Defense (DoD), civilian government, and industry organizations to acquire, develop, operate, and sustain software systems that are innovative, affordable, enduring, trustworthy and employ Software Engineering (SE) as solutions to unravel real-world problems. Software Intensive Systems Engineering (SE) includes the entire field of software and systems engineering and related technologies; specifically as related to information, documentation, databases, model and architecture repositories, analysis, training, testing, data synthesis, hardware, software, standards, economic consideration of selection of techniques and processes, and interoperability in support of the acquisition and RDT&E communities
Group Admins
-
Design and Development Process for Assured Software - Volume 1
Volume 5 Issue 2
Welcome to this special Software Assurance (SwA) edition of the Journal of Cyber Security & Information Systems, published by the Cyber Security & Information Systems Information Analysis Center (CSIAC).Posted: 07/13/2017 18:46:56Journal -
The video will be available soon. Embedded devices are increasingly connected to network resources for additional functionality with the ultimate goal of greater mission capability. Recently, security of connected devices is being scrutinized with highly publicized vulnerabilities of various consumer devices. While several domains are starting to publish new guidelines for cybersecurity there is not… -
This webinar covers the realities of the Enterprise Mission Assurance Support Service (eMASS): what works well, what does not work, and how to best make it work for you. The webinar discusses how to categorize your system, select applicable controls, and leverage eMASS to assist in this process. Two specific topics that are covered are how inheritance works in eMASS (and does not work) and the tricky business of uploading STIGs/CKLs (and the painful lessons associated with doing it the wrong way). For those attending who don't have eMASS access but will have systems being added to eMASS in the future, we discuss how to best prepare your system for import into eMASS. There are some tricks to the trade that will make life easier for everyone on the project! -
CSIAC Webinars - Democratize Anomaly Detection Technologies: Challenges, Advances, and Opportunities
This webinar highlights recent success in demonstrating substantial improvements in the accuracy under control-flow and data-oriented attacks in Linux, including malicious code reuse, security bypass, and service abuse. The webinar also describes exciting future research directions on hardware-assisted fast tracing, anomaly-detection as a service, supporting domain experts for inter-disciplinary anomaly discovery, and standardizing evaluation. -
NIST-approved cryptographic standards were designed to perform well on general-purpose computers. In recent years, there has been increased deployment of small computing devices that have limited resources with which to implement cryptography. When current NIST-approved algorithms can be engineered to fit into the limited resources of constrained environments, their performance may not be acceptable. For…
-
The Cyber Proving Ground (CPG) is a collaborative effort between 24th Air Force, 25th Air Force, and the Air Force Life Cycle Management Center. It enables and supports high performance teams assembled from the breadth of the Air Force cyber community of interest and external partners to rapidly assess the applicability of emerging concepts and…
-
Modern weapons systems have depended on microelectronics since the inception of integrated circuits over fifty years ago. Today, most electronics contain programmable components of ever increasing complexity. At the same time, the Department of Defense (DoD) has become a far less influential buyer in a vast, globalized supplier base.3 Consequently, assuring that defense electronics are…
-
Cyber Science & Technology at the Army Research Laboratory (ARL)
Volume 5 Issue 1
U.S. Army Research Laboratory has established a Collaborative Research Alliance, or CRA, which will include an alliance of ARL, U.S. Army Communications-Electronics Research, Development and Engineering Center, academia and industry researchers to explore the basic foundations of cyber science issues in the context of Army networks. ARL cyber research efforts will increasingly focus on developing the models, methods, and understanding to overcome existing barriers to the realization of effective cyber fires and maneuvers in a tactical environment.Posted: 01/26/2017 22:38:32Journal -
What is the difference between a Virus, a Worm, and a Trojan? Don't know? Find out in this short video. -
Incorporating security into the design of components used in the Internet of Things (IoT) is essential for securing the cyber-physical infrastructure upon which society depends. This webinar presents the challenges involved in securing IoT components and provides possible solutions by drawing inspiration from the past. -
The 60-page document, NIST Interagency Report (NISTIR) 8151: Dramatically Reducing Software Vulnerabilities, is a collection of the newest strategies gathered from across industry and other sources for reducing bugs in software. While the report is officially a response to a request for methods from the White House’s Office of Science and Technology Policy, NIST computer…
-
Modeling and Simulation Special Edition: Wargaming
Volume 4 Issue 3
Welcome to this special modeling and simulation (M&S) edition of the Journal of Cyber Security & Information Systems, published by the Cyber Security & Information Systems Information Analysis Center (CSIAC). This edition focuses on wargaming, a key cylinder of the Department of Defense’s (DoD’s) innovative engine.Posted: 11/30/2016 22:46:47Journal -
https://www.docker.com/what-docker Docker containers wrap a piece of software in a complete filesystem that contains everything needed to run: code, runtime, system tools, system libraries – anything that can be installed on a server. This guarantees that the software will always run the same, regardless of its environment. Docker containers are based on open standards, enabling…
-
Effective Integration of Cybersecurity into the DoD Acquisition Lifecycle encompasses several different processes: DoDI 5000.02 - Operation of the Defense Acquisition System DoDI 8510.01 - Risk Management Framework (RMF) for DoD Information Technology (IT) Cybersecurity Test and Evaluation Program Protection System Security Engineering (SSE) Understanding what these processes are and how they interact will lead…
-
Information Analysis Centers Technical Area Tasks (IAC MAC). Program Background and IAC MAC Overview by Mr. Thomas Gillespie
-
If a human being uses the Turing test to fool other human beings that they are dealing with a computer, we could say that this was an example of an artificial computer. If there is a Turing test of computer code that fools human beings that they are dealing with a human being all we…
-
Before computers were available individuals worked with paper and pencils to perform analysis on large amounts of information. Individuals are still using paper and pencil to perform analysis on large amounts of information even though they have computers. About the only differences in performing analysis on large amounts of information after computers is that individuals…
-
In the late 1980's Oops meant you made a mistake. The idea of using a OOP language was that if individuals followed the features of the language you would have organized and consolidated code that would make the code more easy to understand and flexible for changes. Instead of code that is understandable and flexible…
-
FBCB2 (Blue Force Tracking ) is probably the most successful software systems that was ever developed by a DoD agency yet the DoD has totally ignored the reason for the success of FBCB2. FBCB2 was developed using the tcl/tk interpreter language and not a compiler language program. This provided greater flexibility and ease in creating…
-
A major Army intelligence system has a problem since the system is too complex for the operators that need to work on the system. There is a continuous problem whenever they have to train new operators. The problem is that the User Interface is still based upon the features and ideas of the 1980's. The…
- Load More
