Over the past year the Software Engineering Institute (SEI), in coordination with the Assistant Secretary of Defense for Research and Engineering for Acquisition, Technology, and Logistics (ASD(R&E) AT&L), together with CSIAC produced five software best/recommended practices:
Agile at Scale. Agile practices have been used for well over a decade and have enjoyed much success and broad adoption in the commercial sector. But business and mission goals are larger than a single development team, and applying agile at scale is challenging along several dimensions. These recommended practices, orchestrated together, will help enable agility at scale.
Managing Operational Resilience. Organizations have invested a tremendous amount of resources in cybersecurity, yet cyber attackers continue to penetrate systems. An organization should pursue a strategic approach that balances actions that protect assets with actions that sustain services and operations. Managing operational resilience includes all the practices of planning, integrating, executing, and governing these activities.
Managing Intellectual Property in the Acquisition of Software-Intensive Systems. Department of Defense regulations now require that programs develop an intellectual property (IP) strategy as part of the acquisition strategy. These recommended practices focus on managing IP for acquisitions, with emphasis on noncommercial software. They include planning and consideration of data rights and licenses throughout the life cycle of the acquisition.
Monitoring Software Intensive System Acquisition. Effective program management requires maintaining an accurate understanding of a program’s status, quickly identifying issues that threaten program objectives, and dealing with them efficiently. These recommended practices implement an approach called the “program dashboard” that helps the program manager and contractor come to a mutual understanding of a program’s progress and the significance of deviations from expectations.
Safety-Critical (SC) Systems. For safety-critical systems, failure may cause serious injury to people, damage to equipment, or environmental harm. As the needs for real-time and fail-safe performance become more stringent, it becomes harder to develop and evolve such systems. These recommended practices help an organization successfully develop and sustain safety-critical systems.
The CSIAC Journal is pleased to present these Best Practices over the next several issues, beginning with Agile at Scale and Managing Operational Resilience in this issue.
Copyright 2014 Carnegie Mellon University This material is based upon work funded and supported by the Department of Defense under Contract No. FA8721-05-C-0003 with Carnegie Mellon University for the operation of the Software Engineering Institute, a federally funded research and development center. Any opinions, findings and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the United States Department of Defense. References herein to any specific commercial product, process, or service by trade name, trade mark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation, or favoring by Carnegie Mellon University or its Software Engineering Institute. NO WARRANTY. THIS CARNEGIE MELLON UNIVERSITY AND SOFTWARE ENGINEERING INSTITUTE MATERIAL IS FURNISHED ON AN “AS-IS” BASIS. CARNEGIE MELLON UNIVERSITY MAKES NO WARRANTIES OF ANY KIND, EITHER EXPRESSED OR IMPLIED, AS TO ANY MATTER INCLUDING, BUT NOT LIMITED TO, WARRANTY OF FITNESS FOR PURPOSE OR MERCHANTABILITY, EXCLUSIVITY, OR RESULTS OBTAINED FROM USE OF THE MATERIAL. CARNEGIE MELLON UNIVERSITY DOES NOT MAKE ANY WARRANTY OF ANY KIND WITH RESPECT TO FREEDOM FROM PATENT, TRADEMARK, OR COPYRIGHT INFRINGEMENT. This material has been approved for public release and unlimited distribution except as restricted below*. Internal use:* Permission to reproduce this material and to prepare derivative works from this material for internal use is granted, provided the copyright and “No Warranty” statements are included with all reproductions and derivative works. External use:* This material may be reproduced in its entirety, without modification, and freely distributed in written or electronic form without requesting formal permission. Permission is required for any other external and/or commercial use. Requests for permission should be directed to the Software Engineering Institute at firstname.lastname@example.org. * These restrictions do not apply to U.S. government entities. Architecture Tradeoff Analysis Method® and ATAM® are registered in the U.S. Patent and Trademark Office by Carnegie Mellon University. DM-0001619