December 2, 2015
Struggles in the Persistent Pursuit of Software Quality Processes
Software is a critical part of virtually all of today’s economic, social, and military systems, driving much of their complexity and emergent behavior. At the same time, most software is tightly integrated with hardware in systems that must operate in the physical world. The tight coupling of systems and software creates assurance challenges for engineering life-cycle activities, with the result that software-reliant systems often lack resiliency. Software vulnerabilities, malicious code, and software that does not function as promised pose significant risks to our national security and national interests. Data will be presented that addresses current gaps and struggles of building-in software assurance in complex large-scale systems that are composed of many components of differing origins and pedigree, and discusses some current initiatives that target solutions to these assurance issues. Some of these initiatives are new process improvement models that are being used to improve software quality.
The challenges of assuring that large-scale software-reliant systems will operate only as intended and no more or less are formidable. Challenges include the globalization of the industrial base; the cost-consciousness and competitiveness of suppliers; concerns about the insertion of malicious functionality in software and programmable hardware; and heightened awareness of adversaries targeting organizations’ supply chains. Although most programs recognize the need to implement software and hardware assurance throughout the life cycle of their systems, they struggle to establish enterprise solutions to evaluate and assure the integrity and trustworthiness of their systems, components, and services, and to effectively conduct remediation actions where necessary. An argument is made that process improvement and associated models provide part of the answer.
DR. KENNETH E. NIDIFFER, PMP
Director of Strategic Plans for Government Programs
Software Engineering Institute, Carnegie Mellon
Dr. Nidiffer has over fifty-three years of experience in the marketing, research, development, support, maintenance, and acquisition of software-intensive systems. His 24-year career in the U.S. Air Force (where he retired as a full colonel) is marked by several firsts in the area of software implementations, such as, first space-based compiler, first command-hardware in the loop simulation, a series of development/process standards, etc. From 1983-1986 he helped establish several noteworthy contributions, such as, the Software Productivity Consortium; the Software Project Management Program at the Defense Systems Management College; the George Mason Software Engineering Program and the Software Engineering Institute. At the Software Productivity Consortium he launched the Consortium’s business initiative in software process improvement, which became one of the largest programs in the world.
In 1991, Dr. Nidiffer left the Consortium to serve one of its founding members, Northrop Grumman, as Director of Systems Design and Development, Data Systems Division, and then as Director of Technical Operations, External Data Systems division, where he directed over 500 engineers and support personnel in the successful development of a variety of C4I, MIS/logistics, and high-speed computing applications.
In 1995, he joined Fidelity Investments Systems Company as Senior Vice President of Quality and Systems Assurance to lead a team of 165 professionals in implementing Total Quality Management, best-in-class software engineering processes, and the largest financial services test environment. He rejoined the Consortium in 1997 as Vice President for Business Development growing the membership from 50 to 100 members. In 2007 he joined the Software Engineering Institute to focus on promoting key software engineering technologies that support government programs. He has been an authorized/certified CMM/CMMI Lead Appraiser and Instructor.
Dr. Nidiffer has been widely published in the systems and software engineering community. He received his B.S. degree in Chemical Engineering in 1962 from Purdue University, Indiana, a M.S. degree in Astronautical Engineering in 1969 from the Air Force Institute of Technology, Ohio, a MBA degree from Auburn University, Alabama in 1975 and his D.Sc. degree from George Washington University, Washington D.C. in 1988. He is a member of the Program Management Institute (PMI); the International Council on Systems Engineering (INCOSE – Corporate Advisory Board (alternate)); Senior Member of the Institute of Electrical and Electronics Engineers (IEEE) and member of the IEEE Educational Activities Board (EAB) and a Member of the IEEE Curriculum Development Committee (CDC); Senior member of the American Institute of Aeronautics and Astronautics (AIAA); member of the National Defense Industrial Association (NDIA Systems Engineering Steering Committee); member of the NDIA/OSD (DDR&E) Industrial Software Experts Committee and the Air Force Association. He is a certified logistician; a Professor Emeritus of the Defense Systems Management College; industry advisor on George Mason University Computer Science University Board; a Project Management Professional; member of the Board of Governors for the National Military Family Association; and an adjunct engineering professor in graduate engineering at George Mason University for over 25 years.