The MITRE Institute Course, TCO104 Cloud Security Threats, Architectures, and Requirements

Winter 2016 Course Schedule

Course List: (Ctrl+click on any item in the list to view detailed information about that course. To return to the list; press Ctrl+Home.) TCO1040005: Cloud Security: Threats, Requirements, and Architectures TCO4660005: Data Analysis with Spark TCO4770002: Cloud Security Architectures, Operations, and Authorization TCO7120005: Big Data Architecture & Concepts TCS7020002: Introduction to Data Analytics THC4070003: U.S. Healthcare Reform: The Policy Context TOS4250005: Distributed Computing and File Systems TPL0250024: Introduction to SQL and Database Systems TPL0480021: Introduction to Android Development TPL1060014: Introduction to KML and Google Earth Technologies TPL1080014: Introduction to JavaScript TPL1110001: Web Design with HTML5 and CSS3 - Level 1 TPL4640018: KML: Geographic Visualization for the Web TPL4850005: Creating IPython Notebooks for Data Analysis TPL4870007: Rapid Introduction to R Programming TPL4880005: Parallel Relational Databases TPL4890006: NoSQL Databases TPL4900005: Real-time Query and Discovery TPL4910005: Distributed Stream Processing TPL4940001: Web Design with HTML5 and CSS3 - Level 2 TPL4950002: Introduction to Perl TPL7700002: Advanced R: Data, Figures, Documentation, and Packaging TSE1170005: Introduction to Systems Acquisitions and Source Selection for SEs TSE1170008: Introduction to Systems Acquisitions and Source Selection for SEs TSE1180005: Integrating Cybersecurity into Acquisitions TSE1220002: SSE Acquisition TSE5100022: Executable Mission Level Modeling and Analysis Using BPMN TSE5870005: Big Data Acquisition and Transformation with Pig TSE5890001: Integrated Design & Analysis for MBE

TSE5900001: Beyond the Model for MBE TSE5940002: SSE Architecture, Design, & Implementation TSE5950002: Verification & Validation and Operations & Maintenance TSE5960002: SSE Managing Systems Projects TSE5970002: SSE Project Planning/Project Assessment and Control TSE7160001: Applying MBE to Enterprise Architecture Frameworks TSV0640005: Hardware Hacking 1 TSV0650005: Introduction to Side-Channel Analysis TSV1000019: Introduction to Secure Coding TSV4360011: Secure Code Review TSV4420005: Embedded System Software Exploitation TSV4500002: Introduction to Fault-Injection Attacks TTA2340001: MATLAB for C/C++ Software Development TTA2350001: Introduction to Object-Oriented Programming in MATLAB TTA2360002: MATLAB for Biostatistics TTA5230015: IBM DOORS User and Implementation TAD4040003: Introduction to Biometrics (Beginner) TAD7000002: Introduction to Biometrics (Advanced) TCO4710005: Introduction to Application Migration to Cloud TPL4310061: XML Foundation TPL4920002: Python Packaging @ MITRE TSE5390016: Introduction to Organizational Change Management: A Systems Engineering Approach TSE5910003: Systems of Systems Engineering TSE5990002: Managing System Projects TSE6060002: Software and Systems Testing TST4210002: Introduction to Bayesian Statistics TST7100002: Bayesian Statistical Programming TSV4440005: Windows Enterprise Security TSV4520002: Host-Based Hunting Concepts, Analysis and Execution with QTip/QTip-N TSW0860008: Leading SAFe - The Scaled Agile Framework (TM) TSW0870002: SAFe Product Manager / Product Owner

Course Descriptions

TCO1040005: Cloud Security: Threats, Requirements, and Architectures

Course Description: This course introduces the security challenges unique to cloud-based deployment of information systems. The approach starts with a description of security threats to cloud computing. Cloud computing is subject to both unique threats and adaptations of existing threats. After examining threats, existing government security requirements are considered. Many of these requirements were developed prior to the use of cloud computing and must be interpreted for application to a cloud environment. Lastly, the course examines architectural approaches to satisfying security requirements. In addition to new ways to build information systems, cloud computing offers new security capabilities.

Course Objectives:

*Understand the security threats associated with cloud computing.

*Understand and apply existing government security requirements to cloud-based system deployment

*Understand the security implications of the NIST-defined cloud service models and cloud deployment models

*Understand cloud security best practices for security architectures that effectively address threats and satisfy the intent of government security requirements

Format: This one-day course introduces the security challenges unique to cloud-based deployment of information systems, beginning with a description of security threats to cloud computing.

Prerequisites: Cloud Architecture, Infrastructure, and Platforms

Target Audience: Systems engineers and systems security engineers building a cloud-based information system.

Length: 1 Day (7 Hours)

Schedule: 2016-03-11 to 2016-03-11

Application Deadline: 2016-02-26

Instructor(s): Faatz,Don B., Spina,Mari J

TCO4660005: Data Analysis with Spark

Course Description: This course is an introduction to the use of Apache Spark and its associated libraries for large-scale data processing. Spark employs an advanced DAG execution engine and in-memory computing to deliver performance which considerably exceeds that of Hadoop's legacy MapReduce engine. Spark libraries address stream processing, SQL querying, machine learning, and graph processing in Big Data environments. The course will introduce students to the core concepts behind Spark's performance improvements, and use of Spark's programming model/APIs. Hands-on exercises will familiarize students with using Spark to perform large-scale data analysis tasks.

Course Objectives:

*Become familiar with how Spark's execution engine and programming paradigm differs from legacy MapReduce

*Develop a working knowledge of the Spark modes of operation, interface, APIs, and libraries.

*Gain hands-on experience with applying Apache Spark to perform data analysis tasks

Format: The course will introduce students to the core concepts behind Spark's performance improvements, and use of Spark's programming model/APIs. Hands-on exercises will familiarize students with using Spark to perform large-scale data analysis tasks.

Prerequisites: Working knowledge of the Linux command line interface.

Working knowledge of the MapReduce programming paradigm.

Working knowledge of Java, Python, or Scala programming languages.

Target Audience: This course is appropriate for technical staff involved with architecting and deploying big data analysis solutions. It is a part of the Big Data for Analytics Learning Path.

Length: 1 Day (7 Hours)

Schedule: 2016-05-24 to 2016-05-24

Application Deadline: 2016-05-10

Instructor(s): Kraunelis,Joshua J.

TCO4770002: Cloud Security Architectures, Operations, and Authorization

Course Description: MITRE's federal government sponsors are moving towards adoption of cloud architectures to improve security, modernize their infrastructure, perform large scale analytics, and potentially lower costs. Security is a major concern, and this uncertainty can slow progress. This two day course will discuss the ways that security can be built into various cloud architectures, how to operate clouds securely with shared responsibility between the sponsor and the Cloud Service Provider, and how to achieve authorization for deployment. Specific case studies and exercises from actual MITRE cloud projects will be included.

This course is a sequel to the MITRE Institute course, TCO104 Cloud Security Threats, Architectures, and Requirements.

Course Objectives:

* Understanding of market and technology factors driving cloud adoption and affecting cloud security.

* Appreciation for cloud security challenges impacting cloud migration

* Working knowledge of secure cloud architectures

* Practical understanding of best practice cloud security operations

* Effective techniques for applying RMF/FedRAMP, and for obtaining Authorization.

* Discover the use of Big Data, Splunk, and AWS tools for securing the cloud

Format: This 2-day sequel to TCO104 Cloud Security: Threats, Requirements, and Architectures will discuss the ways that security can be built into various cloud architectures, how to operate clouds securely with shared responsibility between the sponsor and the Cloud Service Provider, and how to achieve authorization for deployment using case studies and exercises from actual MITRE cloud projects.

Prerequisites: TCO104 Cloud Security Threats, Architectures, and Requirements

Target Audience: Engineering and Management Staff working cloud migration projects.

Length: 2 Days (14 Hours)

Schedule: 2016-05-05 to 2016-05-06

Application Deadline: 2016-04-21

Instructor(s): Schroll,Addam L., Harley,Eric T, Bridge,Jamie

TCO7120005: Big Data Architecture & Concepts

Course Description: This course, in the Big Data Learning Path, is designed to help architects, developers, system engineers, and managers plan, design, build, and evolve "ecosystems" to support big data-based analysis.

Course Objectives:

The topics covered in this course are:

- candidate software and hardware architectures for big data

- the roles played by component information system

- "big concepts" (optimization, information models and interoperation, security, data consistency) and how to realize them in an architecture

- successfully integrating data & analytics

- other systems engineering issues and best practices.

Format: This course, in the Big Data Learning Path, is designed to help architects, developers, system engineers, and managers plan, design, build, and evolve "ecosystems" to support big data-based analysis.

Prerequisites: Read ahead material on Big Data will be made prior to class.

Target Audience: Designer/developer/architects who plan and lead development efforts.

Higher level managers who want to understand the architecture strategy.

Developers who need to understand the goals of the systems and architectures they help build.

Length: 1 Day (7 Hours)

Schedule: 2016-06-15 to 2016-06-15

Application Deadline: 2016-06-01

Instructor(s): Smith,Kenneth P., Glessner,Gary D.

TCS7020002: Introduction to Data Analytics

Course Description: This course provides an introduction to data analytics. Data analytics uses techniques from data mining, machine learning, text mining, and statistics along with domain expertise to help gain insights for better and faster decisions.

Upon completion of this course, attendees will have an understanding of the basic concepts of data analytics, its practice areas, and some of its more popular applications. Interspersed among the course lectures will be hands-on lab exercises to reinforce concepts (this is not a "tools" course) and allow participants get experience with potential application types.

Course Objectives:

After completing this course, participants will be able to:

- Explain data analytics process and challenges

- Define basic data analytic tasks including descriptive, predictive and prescriptive analytics

- Work with an algorithm for predictive modeling

- Use an open source analytics tool (WEKA) to perform simple data analytic tasks (e.g. classification)

Format: In this introduction to data analytics course, attendees will gain an understanding of the basic concepts of data analytics, its practice areas, and some of its more popular applications. This course will consist of lecture and lab.

Prerequisites: None

Target Audience: Domain Experts who want to get an overview of data analytics

FAA Analysts

Length: 1 Day (7 Hours)

Schedule: 2016-03-30 to 2016-03-30

Application Deadline: 2016-03-16

Instructor(s): Koehler,Matt, Koul,Neeraj

THC4070003: U.S. Healthcare Reform: The Policy Context

Course Description: This course will help staff obtain context for work related to U.S. Healthcare Policy and Reform.

Course Objectives:

* Identify ongoing issues driving U.S. Healthcare policy reform.

* Describe how the Affordable Care Act (ACA) is intended to address such issues, including cost, quality, and access.

* Describe how the federal government incentivizes changes through Healthcare policy and measures.

* Characterize the primary healthcare payers and how they drive policy: Medicare, Medicaid, CHIP and private payers, including a review of MACRA (Medicare Access and CHIP Reauthorization Act) payment reforms.

* Articulate how MITRE's work in health fits into the larger policy context.

Format: This 7-hour course will help staff obtain context for MITRE's work related to U.S. Healthcare Policy and Reform.

Prerequisites: View THC001 Healthcare Ecosystem

Target Audience: The course is designed for those already working in the Health Domain. Priority will be given to staff who are currently working on Health projects or staff who have been identified to be on the Health project pipeline list.

Length: 1 Day (7 Hrs)

Schedule: 2016-04-15 to 2016-04-15

Application Deadline: 2016-04-01

Instructor(s): Siegrist,David W., Espinosa,Juliette F

TOS4250005: Distributed Computing and File Systems

Course Description: This course provides software developers and data analysts with an in-depth and hands-on introduction to the Hadoop Distributed File System (HDFS), the de facto standard for data storage in the Hadoop ecosystem. The HDFS design and architecture will be contrasted with other open source distributed storage alternatives, such as GlusterFS and Ceph, and the role of storage placed in its proper context with other components of "big data" analytics systems. This course is a part of the Big Data for Analytics Learning Path.

Course Objectives:

*Students will come away with an understanding of the HDFS architecture, and be able to contrast its key features with those of other storage alternatives.

*Gain hands-on experience with the HDFS shell and other methods for interacting with data in distributed storage.

*Be exposed to backup and recovery issues, and other concerns with putting "big data" storage into production.

*Be able to competently discuss data storage options in a big data environment.

Format: This course provides software developers and data analysts with an in-depth and hands-on introduction to the Hadoop Distributed File System (HDFS), the de facto standard for data storage in the Hadoop ecosystem. The course consists of lecture and hands-on lab components.

Prerequisites: This course assumes some programming background and basic familiarity with the Linux command line. Students should be capable of modifying simple scripts in bash or Python, and of reading self-contained examples of Java code.

Target Audience: This course is open to all. It is a part of the Big Data for Analytics Learning Path.

Length: 1 Day (7 Hours)

Schedule: 2016-03-02 to 2016-03-02

Application Deadline: 2016-02-17

Instructor(s): Kinkel,William R., Swisher,Jascha D

TPL0250024: Introduction to SQL and Database Systems

Course Description: This course will introduce attendees to the concepts of database management system, the relational database model and to the Structured Query Language (SQL) programming. You will learn the essential skills of creating database objects such as tables and views; SQL fundamentals such as data types, operators and data manipulation (basic SELECT statement); built in functions (numeric, string and date); aggregate functions and grouping, table joins, correlated and uncorrelated nested queries, database security (grant and revoke user privileges) and inserting, deleting, merging and updating tables.

Course Objectives:

*Developing a good understanding of relational databases and the capabilities of relational data base systems

*Learning to write data definition language (DDL) statements to create database objects

*Learning to write data manipulation language (DML) statements to query and update database objects

*Learning to use ORACLE build-in functions with emphasis on aggregate functions and grouping

*Familiarizing and practicing with ORACLE data security and data sharing concepts and command

*Learning to write nested queries and manipulate set operations

*Briefly introducing the SQL Loader Utility

Format: This course will introduce attendees to the concepts of database management system, the relational database model and to the Structured Query Language (SQL) programming. This is a presentation, discussion, and hands-on lab course. More emphasis will be placed on lab work.

Prerequisites: None

Target Audience: The course is intended for individuals looking to gain an essential knowledge of relational database and SQL programming.

Length: 2 Days (14 Hours)

Schedule: 2016-03-17 to 2016-03-18

Application Deadline: 2016-03-03

Instructor(s): Obaidi,Ali A.

TPL0480021: Introduction to Android Development

Course Description: Have a great idea for the next Angry Birds or a way that a mobile app could help your sponsor, but don't know anything about Android development? Sign up for "Introduction to Android App Development" to get started on the path to Google Play Stardom! Participants will learn the basics of Android app development, and take part in numerous hands-on labs.

Course Objectives:

*Learn how to setup and use Android Studio, the Android development environment

*Master the basics of Android development

*Create apps through lab exercises

*Learn how to run and debug your app using Android Emulator (or your Android device)

*Discover great resources, both internal and external to MITRE to continue learning

Format: Participants will learn the basics of Android app development, and take part in numerous hands-on labs.

Prerequisites: Participants are required to have Java programming experience.

Target Audience: This course is open to all.

Length: 2 Days - 14 Hours

Schedule: 2016-05-18 to 2016-05-19

Application Deadline: 2016-05-04

Instructor(s): Buttner,Jonathan E

TPL1060014: Introduction to KML and Google Earth Technologies

Course Description: Today KML has emerged as a key standard for data exchange of geospatial data. Google Earth's huge success on the Internet as well as that on private sponsor networks is pushing the underlying KML standard into being the *HTML* for 3-D Geospatial data. KML is a critical piece enabling Sponsor organizations to quickly disseminate geospatial data that can be displayed without any special software or data conversions. Seeing Google Earth on a large map display on CNN is now a common every-day occurrence.

KML is an XML data format used to display information in a geographic context, which was originally developed for use with the Google Earth client viewer, but has evolved into a standard consumed by numerous other software applications. KML shares some of the same structural grammar as GML, but is light-weight in comparison. KML was accepted by the Open Geospatial Consortium (OGC) as an open standard for all geo-browsers in April 2008.

Data exchanged in KML format can be viewed in the free version of Google Earth client as well as other commercial and freely available software. The Google Earth client load maps on-demand and caches them in a web browser -like mechanism whereas, previously, many such geo-viewers required gigabytes of maps to be preloaded onto each user's desktop and updated regularly.

Google Earth does not end with only a desktop client application, but also is complemented with a Web browser plugin and JavaScript API, which will be discussed.

This seminar will first present the business case for KML, and then survey the suite of related technologies.

A short hands-on lab will help students view the course examples and get familiar with the Google Earth client.

In this course, you will learn the key aspects of the KML standard and Google Earth, and how these technologies can be used in real-world applications through demonstrations and examples.

Course Objectives:

* Examine KML as a platform-independent way of structuring portable geospatial data

* Provide real world examples of how to visualize 3D data using KML

* Discuss using Google Earth for web-based applications

* Discuss attribution and metadata for adding self-describing data to KML sources

* Demonstrate KML usage beyond just the Google Earth client

* Discuss some KML best practices

Format: Lecture, discussion, and demonstration seminar including one short hands-on lab

Prerequisites: None

Target Audience: Individuals who could benefit from understanding the functionality and capabilities of KML and Google Earth technologies.

Length: Half day (four hours)

Schedule: 2016-02-17 to 2016-02-17

Application Deadline: 2016-02-03

Instructor(s): Mathews,Jason Jason

TPL1080014: Introduction to JavaScript

Course Description: This course is an introduction to the JavaScript programming language for programmers who want to build rich Internet applications (RIAs) using the de facto standard scripting language for the web.

Created by Netscape in the mid-1990s, the overwhelming majority of modern websites use JavaScript and all modern web browsers include JavaScript interpreters, making JavaScript the most ubiquitous programming language in history. Although its name begins with "Java" and JavaScript code looks very similar to Java code, there are very significant differences between the two languages that can cause code that looks correct to someone familiar with Java to work very differently than expected.

In addition to covering the basics of the JavaScript language, this course highlights the language features that can lead to puzzling behavior and introduces students to the Document Object Model (DOM) that allows JavaScript to affect how a web page looks and how it behaves when a user interacts with it.

Course Objectives:

* Learn the syntax and semantics of the JavaScript programming language

* Understand the features that work counter-intuitively for someone familiar with other programming languages

* Understand the Document Object Model (DOM) that allows JavaScript code to affect how a web page looks and behaves

* Write JavaScript that adds, changes, and removes elements from a web page in response to a user's actions

* Write JavaScript that validates data entered by a user and disables or allows form submission based on the results

Format: Lecture/lab

Prerequisites: Students will be expected to understand HTML markup and have prior programming experience in any programming language. Students will get more out of this course if they also have prior experience trying to adapt JavaScript found on other web pages for us

Target Audience: Programmers who want to take advantage of the opportunity JavaScript gives them to build rich Internet applications that can run in virtually any web browser.

Length: Two days

Schedule: 2016-05-16 to 2016-05-17

Application Deadline: 2016-05-02

Instructor(s): Brando,Thom J.

TPL1110001: Web Design with HTML5 and CSS3 - Level 1

Course Description: In this course, students will use HTML5 to create and design web pages.

Course Objectives:

* Create and format a basic web page.

* Create headers and footers

* Enhance text and format lists

* Modify page background

* Apply background properties to images

* Create & format a table

* Modify a table structure

* Create image and email links.

Format: This one day course is targeted to students who want to learn web design for their personal use or for business purposes.

Prerequisites: Students should be familiar with Windows or Mac operating systems, word processing skills, and the internet.

Target Audience: This course is open to all.

Length: 1 Day (7 Hours)

Schedule: 2016-02-04 to 2016-02-04

Application Deadline: 2016-01-21

Instructor(s): New Horizons,MA

TPL4640018: KML: Geographic Visualization for the Web

Course Description: Today KML has emerged as a key standard for data exchange of geospatial data. Google Earth's huge success on the Internet as well as that on private sponsor networks is pushing the Keyhole Markup Language (better known as just KML) into being the "HTML" for 3-D Geospatial data. KML is a critical piece enabling Sponsor organizations to quickly disseminate geospatial data that can be displayed without any special software or data conversions. Seeing KML presentations on CNN showing current events via a Google Earth map display is a current occurrence.

KML is an XML data format used to display information in a geographic context, which was originally developed for use with Google Earth viewer, but has evolved into a standard consumed by numerous other software applications. KML shares some of the same structural grammar as GML, but is light- weight in comparison. KML was accepted by the Open Geospatial Consortium (OGC) as an open standard for all geo-browsers in April 2008.

KML simplifies the representation and presentation of Geospatial data with a set of geometry primitives (Point, Line, LinearRing, Polygon) along with 3-D models and overlay images from which to represent anything from census data on a map or 3-D architectural model of a bridge to real-time aircraft positions of a live-fly event. KML is also not confined to Earth with the introduction of a "sky" representation in Google Earth that can view stars, celestial bodies, or photos on Mars. Google Earth has introduced many innovative views using KML including a street view, ocean view, historical imagery, flight simulator, and pre-defined tours.

KML doesn't require the user to purchase expensive software and its web browser-like interface doesn't require many gigabytes of maps to be preloaded on a user's computer, but are loaded on-demand and cached. Previously, most geo-viewers required maps to be loaded onto each user's desktop and updated regularly.

The availability of Google Earth and similar viewers allows information designers to disseminate their information in KML format without much thought to how the consumer will view it. Many web-based mashups using an API like Google Maps or Open Layers can import KML and display over the web with just a few lines of JavaScript.

Advanced uses of KML can use regions with level of detail (LOD) extents and network loading to segment vast amounts of data and display only the data visible to the given view and projection. Millions of geographic entities can be made available to users from a single service yet have near instant response.

In this course, you will learn how to apply all the features of KML to real world problems and use tools to make it quick and easy. Collections of KML examples covering nearly every feature of the latest KML specification will be used in class exercises.

Course Objectives:

* Understand the concepts of KML

* Learn about real world examples of how to visualize 3D data using KML

* Gain hands-on use of KML generation and validation tools in labs

* Use KML to quickly represent and exchange geospatial data

* Demonstrate KML usage beyond just the Google Earth client

* Apply KML best practices

Format: Lecture and hands-on labs.

Prerequisites: XML Foundations (TPL431) assumed. Some XML Schema and programming knowledge desired.

Target Audience: Developers, System Engineers, and visualization designers interested in learning more about KML design and creation.

Length: 2 Days (14 Hours)

Schedule: 2016-02-18 to 2016-02-19

Application Deadline: 2016-02-04

Instructor(s): Mathews,Jason Jason

TPL4850005: Creating IPython Notebooks for Data Analysis

Course Description: IPython is fast becoming a standard way data analysis is done and shared. It a robust platform that can be ran by a single user or setup to run on a cluster of machines. This course is an introduction to the use of IPython Notebook for data analysis. IPython is an interactive shell for the Python programming language, and IPython is a web-based user interface to that interactive shell. It allows user to programmatically interact with data via Python and other languages to create shareable notebooks.

Course Objectives:

*Installation and configuration of IPython

*Overview of data analysis using IPython and other Python libraries

*How to use IPython notebook to perform data analysis and easily share the results with others

*Basic usage of standard data analysis libraries (Pandas, Numpy, SciPy)

*Using IPython to create shareable deliverables, including Reveal.js slides, pdf files and static webpage

Format: This course is an introduction to the use of IPython Notebook for data analysis. IPython is an interactive shell for the Python programming language, and IPython is a web-based user interface to that interactive shell. It allows user to programmatically interact with data via Python and other languages to create shareable notebooks. Presentation, discussion, combined with a hands-on lab component.

Prerequisites: Basic knowledge of Python and Data Analysis.

Target Audience: Technical staff that are interested in Data Analysis with Python. This course is the 4th is the FY16 Python series.

Length: 2 Days (14 Hours)

Schedule: 2016-02-29 to 2016-03-01

Application Deadline: 2016-02-15

Instructor(s): Brooks,Marc W.

TPL4870007: Rapid Introduction to R Programming

Course Description: This one-day hands-on course is intended for people with prior programming experience. The course will cover the basics of the R language with an emphasis on using it to support Data Analytics. Class will include examples related to mapping, classification, and cluster analysis.

The acceptance email will include details about pre-class assignments (approx. 1hr).

Course Objectives:

*Use R documentation to continuously learn and adapt to the dynamic R environment

*Identify R's importance, uses, strengths and weaknesses

*Describe functional programming

*Develop R scripts

*Use extensive R libraries

Format: This course intended for people with prior programming experience will cover the basics of the R language with an emphasis on using it to support Data Analytics. Students will be given detailed handouts and lab time for class interaction.

Prerequisites: Experience in at least one high level language.

Experience with Object Oriented Languages, such as C++, and an understanding of essential OO analysis & design concepts recommended.

The acceptance email will include details about pre-class assignments

Target Audience: Individuals with prior programming experience.

Length: 1 Day (7 Hours)

Schedule: 2016-01-29 to 2016-01-29

Application Deadline: 2016-01-15

Instructor(s): Wilson,George V.

TPL4880005: Parallel Relational Databases

Course Description: In this course you will learn how Big Data is stored in and retrieved from Parallel Relational (MPP) databases. These databases need to be scalable to accommodate ever growing volumes of data, and we will cover in depth how it is accomplished. We will discuss game-changing technological innovations that apply to Relational Databases. Discussion will include database architectures, recent innovations in hardware and software that allow relational databases to scale well into terabytes and even petabytes, and advanced analyticsincluding in-database analytics.

In the lab part of the class, students will do hands-on work utilizing an MPP database called Pivotal Greenplum.

Course Objectives:

*Describe game-changing technological innovations for Parallel Relational Databases

*Characterize common features of scalable relational databases

*Provide hands-on training to solidify the knowledge

Format: In this course, students will learn how Big Data is stored in and retrieved from Parallel Relational (MPP) databases. Class discussion will include database architectures, recent innovations in hardware and software that allow relational databases to scale well into terabytes and even petabytes, and advanced analytics including in-database analytics. In the lab part of the class, students will do hands-on work utilizing an MPP database called Pivotal Greenplum

Prerequisites: Introduction to Big Data course (TCO102)

Basic understanding of relational databases

Basic SQL skills

Target Audience: This course is appropriate for technical staff working with Relational Databases with a desire to learn how Relational Databases scale to accommodate Big Data. Knowledge of basic SQL commands is needed, as it will be required for the lab part. This course is a part of the Big Data for Analytics Learning Path.

Length: 1 Day (7 Hours)

Schedule: 2016-03-03 to 2016-03-03

Application Deadline: 2016-02-18

Instructor(s): Giardina,Clare L., Vayndiner,Irina A.

TPL4890006: NoSQL Databases

Course Description: NOSQL (usually Not-Only SQL) next generation databases are often characterized as being schema-free (non-relational), distributed with easy replication support, horizontally scalable, and support huge (big) amounts of data. This course will go over various NOSQL databases, such as MongoDB and Accumulo, and compare them to traditional SQL databases.

Course Objectives:

This course is a part of the Big Data for Analytics Learning Path.

Format: This course will go over various NOSQL databases, such as MongoDB and Accumulo, and compare them to traditional SQL databases. The course consists of both lecture and labs.

Prerequisites: #N/A

Target Audience: This course is open to all. It is a part of the Big Data for Analytics Learning Path.

Length: 2 Days (14 Hours)

Schedule: 2016-03-21 to 2016-03-22

Application Deadline: 2016-03-07

Instructor(s): Lazo,Marcia A., Colosimo,Marc E.

TPL4900005: Real-time Query and Discovery

Course Description: The number of tools and techniques available to do real-time query and discovery on big data is exploding rapidly, with many of the contributors to Hadoop providing new query capabilities. This course will provide an overview of real-time query and discovery tools available for analytic cloud computing and include hands-on labs to experiment with some of the tools.

Course Objectives:

*Clear understanding of the architectures needed for SQL-on-Hadoop querying

*Working knowledge of multiple ways to use SQL query in Hadoop and NoSQL

*Deep understanding of querying with HIVE

This course is a part of the Big Data for Analytics Learning Path.

Format: This course will provide an overview of real-time query and discovery tools available for analytic cloud computing and include hands-on labs to experiment with some of the tools.

Prerequisites: #N/A

Target Audience: This course is open to all. It is a part of the Big Data for Analytics Learning Path.

Length: 1 Day (7 Hours)

Schedule: 2016-05-04 to 2016-05-04

Application Deadline: 2016-04-20

Instructor(s): Giardina,Clare L.

TPL4910005: Distributed Stream Processing

Course Description: This course is an introduction to the use of distributed realtime computation systems for the reliable processing of continuous streams of data. These systems provide realtime processing capabilities that are analogous to Hadoop batch processing for more static datasets. Students will learn to apply open source technologies such as Apache Storm and Spark Streaming to consume streams of data and perform complex realtime processing and analysis of the data.

Course Objectives:

*Become familiar with use cases that lend themselves to stream processing

*Develop a working knowledge of stream processing tools and techniques

*Gain hands-on experience with applying Apache Storm to process streaming data

Format: In this course, students will learn to apply open source technologies such as Apache Storm and Spark Streaming to consume streams of data and perform complex realtime processing and analysis of the data.

Prerequisites: Working knowledge of the Linux command line interface.

Working knowledge of Java and Hadoop.

Target Audience: This course is appropriate for technical staff involved with architecting and deploying big data solutions which may benefit from realtime analysis. It is a part of the Big Data for Analytics Learning Path.

Length: 2 Days (14 Hours)

Schedule: 2016-05-25 to 2016-05-26

Application Deadline: 2016-05-11

Instructor(s): Koester,David P.

TPL4940001: Web Design with HTML5 and CSS3 - Level 2

Course Description: This course is designed for persons who understand the fundamentals of HTML and CSS and have used both technologies to create basic web pages. It is aimed at individuals interested in using these technologies to create advanced web pages and to test their validity.

Course Objectives:

* Create web page layouts.

* Apply advanced CSS selectors

* Test a website

* Create advanced navigation

* Incorporate metacontent and multimedia

* Create basic forms & add advanced form elements

Format: Students will learn to create advanced web pages and test their validity in this one day sequel to Web Design with HTML5 and CSS3 - Level 1 (TPL111).

Prerequisites: Students must complete MITRE Institute course Web Design with HTML5 and CSS3 - Level 1 (TPL111) or have an understanding of the fundamentals of HTML and CSS and have used both technologies to create basic web pages.

Target Audience: This course is open to all individuals who have met the prerequisites.

Length: 1 Day (7 Hours)

Schedule: 2016-02-05 to 2016-02-05

Application Deadline: 2016-01-22

Instructor(s): New Horizons,MA

TPL4950002: Introduction to Perl

Course Description: This course introduces students to the Perl programming language. Perl is a high- level, feature-rich, portable, and free programming language. It is available on many operating systems including Linux, UNIX, Mac OS, and Windows. Perl supports object-oriented, procedural, and functional programming. This course covers core Perl concepts such as scalar data; lists and arrays; subroutines; input and output; hashes; regular expressions; control structures; file tests; strings and sorting; and directory operations.

Course Objectives:

* Learn core Perl concepts and syntax

* Write Perl programs that demonstrate various Perl features

* Provide a strong foundation in Perl to allow independent study after the course

Format: This course introduces students to the Perl programming language. Perl is a high-level, feature- rich, portable, and free programming language. This is a presentation, discussion, and hands-on course. The laboratory effort is expected to provide abundant contact time.

Prerequisites: Familiarity with the UNIX and/or Linux operating systems.

Target Audience: This course is open to all.

Length: 2 Days - 14 Hours

Schedule: 2016-05-05 to 2016-05-06

Application Deadline: 2016-04-21

Instructor(s): Torres,Ed

TPL7700002: Advanced R: Data, Figures, Documentation, and Packaging

Course Description: In this course students will build upon their basic programming skills to use R more effectively in their work. Students will analyze data, document their work, and organize their code for easy future reuse using R, RMarkdown, and the R packaging framework. This course includes lecture and hands-on laboratory exercises.

Students will access, join, summarize, and visualize real data sets and practice solving common problems. Students will be exposed to powerful data manipulation and visualization packages as well as to internally developed packages and the server hosting them.

Course Objectives:

After completing this course, participants will be able to:

- Load data from CSV, SQL, and HDFS into R

- Work with data to perform a variety of common analysis tasks efficiently such as cleaning data, grouping data and applying summary operations over groups

- Produce thoughtful, polished, publication quality figures including statistical figures and scaled maps

- Integrate prose, code, figures, and tables with RMarkdown

- Convert collections of scripts and functions into R packages that can be easily shared with others

Format: In this course students will build upon their basic programming skills to use R more effectively in their work. Students will analyze data, document their work, and organize their code for easy future reuse using R, RMarkdown, and the R packaging framework. This course includes lecture and hands-on laboratory exercises.

Prerequisites: Participants should have completed Rapid Introduction to R Programming (TPL487) or equivalent knowledge/experience with R Programming such as https://www.coursera.org/course/rprog (Coursera 4 week R course)

Target Audience: This course is open to all.

Length: 2 Days (14 Hours)

Schedule: 2016-02-25 to 2016-02-26

Application Deadline: 2016-02-11

Instructor(s): Pollock,Matthew, Wenchel,Seth

TSE1170005: Introduction to Systems Acquisitions and Source Selection for SEs

Course Description: The purpose of this one and a half day course is to explore the government systems acquisition process and the source selection process. The course describes acquisition planning topics and the process behind the Government's selection of which contractor will perform Government requirements. The course will provide systems engineers with insight into their potential roles in supporting Government acquisitions. We will present lessons learned and best practices to provide a sound foundation for participating in Government acquisitions. SEs will be provided with the insight and tools to help improve acquisition outcomes in alignment with Corporate goals. Throughout the course, students will review a systems acquisition to understand specific systems engineering roles and opportunities.

Course Objectives:

*Describe the government systems acquisitions and contractor proposal evaluations

*Describe the major phases of the Defense Acquisition Management System

*Understand various aspects of acquisition planning

*Understand how to develop source selection criteria that will result in sound contract awards

*Understand the proposal evaluation and source selection process

Format: This one and a half day course will explore the government systems acquisition process and the source selection process. The course describes acquisition planning topics and the process behind the Government's selection of which contractor will perform Government requirements. The course will provide systems engineers with insight into their potential roles in supporting Government acquisitions.

Prerequisites: None, but a familiarity with acquisitions would be helpful.

Target Audience: This course is open to all.

Length: 1.5 Days (10.5 Hours)

Schedule: 2016-06-23 to 2016-06-24

Application Deadline: 2016-06-09

Instructor(s): CAMS Staff

TSE1170008: Introduction to Systems Acquisitions and Source Selection for SEs

Course Objectives:

*Describe the government systems acquisitions and contractor proposal evaluations

*Describe the major phases of the Defense Acquisition Management System

*Understand various aspects of acquisition planning

*Understand how to develop source selection criteria that will result in sound contract awards

*Understand the proposal evaluation and source selection process

Format: Instruction is a mixture of presentation, discussion, exercises, case studies and practical suggestions.

Prerequisites: None, but a familiarity with acquisitions would be helpful.

Target Audience: This course is open to all individuals and is the sixth course in the Systems Engineering Learning Path.

Length: 1.5 Days (10.5 Hours)

Schedule: 2016-04-27 to 2016-04-28

Application Deadline: 2016-04-13

Instructor(s): O'Neal,James T, Long,Jim

TSE1180005: Integrating Cybersecurity into Acquisitions

Course Description: The purpose of this course is to 1) familiarize staff (acquisition, cybersecurity and engineering personnel) with the Government's recent cybersecurity paradigm shift and recent direction for integrating cybersecurity into the acquisition lifecycle; 2) provide insight into the Government's recent policies and specific government efforts, e.g. DoD and GSA's report on "Improving Cybersecurity and Resilience through Acquisition" 23 Jan 2014, that influence cybersecurity paradigm shift in acquisitions; 3) build a foundation for creating cybersecurity requirements and source selection evaluation criteria for the acquisition contract; and 4) present and discuss cybersecurity lessons learned and best practices.

Course Objectives:

*Understand the Government's recent approach, e.g. policies and efforts to integrate cybersecurity into acquisitions

*Comprehend the key cybersecurity concepts for integrating cybersecurity and the importance of its inclusion in the acquisition lifecycle

*statements, consequence analysis, risk prioritization

*Learn and practice developing cybersecurity source selection evaluation criteria and requirements that result in sound contract awards and sustained contract performance

*Become familiar with lessons learned and best practices to further enhance cybersecurity integration into acquisitions

Format: Instruction is a mixture of presentation, discussion, exercises, case studies and practical suggestions.

Prerequisites: None, but a familiarity with acquisitions would be helpful.

Target Audience: This course is open to all individuals and is the seventh course in the Systems Engineering Learning Path.

Length: 3.5 Hours

Schedule: 2016-04-28 to 2016-04-28

Application Deadline: 2016-04-14

Instructor(s): Odeh,Alexander A

TSE1220002: SSE Acquisition

Course Description: The purpose of this course is to familiarize staff with the Government's recent direction for integrating security into the acquisition lifecycle, build a foundation for creating security requirements and source selection evaluation criteria, and present and discuss lessons learned and best practices.

Course Objectives:

After attending this course, participants will be able to:

- Acquire an appreciation of the scope of and outcomes of systems engineering agreement, organizational project-enabling, and technical management processes.

- Understand the need for addressing security during the acquisition process

- Recognize the role and types of SSE contributions relative to the - Understand implications of current DoD issuances and regulatory changes that relate to SSE in the acquisition and engineering of new defense systems

Format: This half-day course will familiarize staff with the Government's recent direction for integrating security into the acquisition lifecycle, build a foundation for creating security requirements and source selection evaluation criteria, and present and discuss lessons learned and best practices.

Prerequisites: Participants should have completed the Introduction to Systems Acquisitions and Source Selection for SEs (TSE117) or the SEworks2 Acquisitions courses - Planning and Managing System Acquisitions(TSE602) & Acquisition & Source Selection for SEs (TSE605) -

Target Audience: This course is open to all.

Length: 3.5 hours

Schedule: 2016-06-24 to 2016-06-24

Application Deadline: 2016-06-10

Instructor(s): Wydler,Ginny

TSE5100022: Executable Mission Level Modeling and Analysis Using BPMN

Course Description: Complex system design must constantly manage changes to requirements in terms of changing mission threads, fast technology evolution and integration with newly identified systems. This requires the use of dynamic models replacing static artifacts, simulation to make architecture evolution decisions and agility in acquisition program management. This course provides a modeling framework for capturing mission- and operator-focused operational and system architecture artifacts to enable the evolution of simulate-able and integrate-able architecture components developed simultaneously by various team members. It bridges the existing Modeling & Simulation gap between Operational Analysts and Enterprise Architects. This framework enables qualitative and quantitative mission analysis using a single graphical executable model. Performance of a set of operational threads can be evaluated against alternative IT architecture solutions.

Students will engage with the Business-to-Business (B2B) modeling standard Business Process Modeling Notation (BPMN). BPMN is a business intuitive graphical language, executable like any programming language. Hence, BPMN enables quantitative analysis of complex operational concepts and architecture performances. Students will learn different types of modeling paradigms: data-flow, control-flow, transaction-flow, and message-flow. They will also learn to model time, resource, workload, and MOEs/MOPs needed for modeling missions.

The course will use iGrafx Process 2015 for Six Sigma, which has a similar look-and-feel to common Windows desktop products like PowerPoint and Visio. Students will be provided with their own copy of the tool to learn-on-the-go, and try-out BPMN/iGrafx during lectures and laboratory exercises. Students will be encouraged to build models on their own using the knowledge from their own subject matter. Students will also have access to several mission thread models and analysis products that were previously developed for MITRE sponsors over the last few years.This is a presentation, discussion, and hands-on M&S course. The laboratory effort is expected to provide abundant contact time.

Course Objectives:

*Learn modeling of workflow, time, resources, workload, and MOEs/MOPs at the mission level

*Begin BPMN modeling, simulation, and analysis

*Understand and differentiate data-flow, control-flow, message-flow and transaction-flow modeling paradigms

*How to link operational and systems architectures for analyzing operational effectiveness and operational efficiency for alternative implementation

*Design complex operational and systems architecture using hierarchy, swim lanes, and time phases

*Analyze operational effectiveness under stochastic workload and queuing behaviors

*Identify mission performance bottlenecks

Format: This course provides a modeling framework for capturing mission- and operator-focused operational and system architecture artifacts to enable the evolution of simulate-able and integrate- able architecture components developed simultaneously by various team members. This is a presentation, discussion, and hands-on course where the laboratory effort is expected to provide abundant contact time.

Prerequisites: Familiarity with operational and architecture practices.

Target Audience: Enterprise Architects and Operational Analysts.

Length: 2 Days - 14 Hours

Schedule: 2016-03-02 to 2016-03-03

Application Deadline: 2016-02-17

Instructor(s): Ludwig,Jackson M., Jain,Prem P.

TSE5870005: Big Data Acquisition and Transformation with Pig

Course Description: This course is a continuation in the 'Big Data for Analytics' learning path and the completion of previous courses or similar knowledge is required. This course will build upon knowledge gained thus far and provide additional tools and techniques for big data analysis on the Hadoop processing framework. This course will focus on ingesting data into the Hadoop framework and analyzing the data with Pig, a high-level scripting language for data analysis.

Students will learn the basics of the Pig programming language as well as familiarization with common, open-source libraries that can be leveraged for complex analysis. The course includes lectures, discussions and labs to reinforce concepts.

Course Objectives:

* Introduce tools and techniques for ingesting data into the big data analytics environment

* Introduce the Pig programming language for big data analysis and transformation

* Provide hands on training and real problem solving to solidify knowledge

Format: In this course, students will learn the basics of the Pig programming language as well as familiarization with common, open-source libraries that can be leveraged for complex analysis. The course includes lectures, discussions and labs to reinforce concepts.

Prerequisites: Completion of the previous courses in the 'Big Data for Analytics' learning path or equivalent knowledge.

Target Audience: This course is appropriate for technical staff involved in software development with a desire to learn tools and techniques for big data analysis. It is a part of the Big Data for Analytics Learning Path.

Length: 2 Days (14 Hours)

Schedule: 2016-05-02 to 2016-05-03

Application Deadline: 2016-04-18

Instructor(s): Gold,Jeff

TSE5890001: Integrated Design & Analysis for MBE

Course Description: This course has two main topics: An introduction to Business Process Modeling and Notation (BPMN) with Decision Model and Notation (DMN) and, second, translating problems into model form for abstraction and analysis. It includes lecture and hands-on laboratory exercises to introduce key tools, notation, and methods. Students identify factors that influence models and use them to gain insights; In addition, students evaluate parametric models with mathematics tools and convert them into computational SysML Parametric Model diagrams and explore how mathematics serves as the foundation for system modeling. Finally, students use parametric models for alternative analysis and quantitative, objective decision making.

Course Objectives:

After completing TSE589, participants will be able to:

- Apply BPMN and DMN to solve real problems in MBE

- Describe mathematical foundations of model-driven systems design

- Evaluate models for continuous validation and verification (V&V)

- Transform systems into mathematical models

- Understand capabilities and methods of design space exploration and alternative analysis

Format: This course is an introduction to Business Process Modeling and Notation (BPMN) with Decision Model and Notation (DMN). It will also cover translating problems into model form for abstraction and analysis. The course includes lecture and hands-on laboratory exercises to introduce key tools, notation, and methods.

Prerequisites: None

Target Audience: Systems and software engineers

Length: 3 Days (21 Hours)

Schedule: 2016-02-22 to 2016-02-24

Application Deadline: 2016-02-08

Instructor(s): Orr,Sara P., Stone,Alan E., Jain,Prem P., Popov,Mihail K.

TSE5900001: Beyond the Model for MBE

Course Description: This course introduces System of Systems (SoS) design. It includes lecture and hands-on laboratory exercises for use case analysis, requirement capture and linkage, and metrics and visualizations in Model Based Engineering. Students are introduced to another UML/SysML tool (MagicDraw) and perform techniques to translate models from one tool to another. Students will explore and compare Metamodels across several common commercial tools, and use these models to develop translations when necessary. Students translate the models developed in prior MBE Learning Path courses in Rhapsody into both SysML and UPDM (Unified Profile for DoDAF/MODAF) methodology. Students develop and analyze use cases as a way to explore requirements, create an integrated requirements framework, and analyze requirements using Rational® DOORS® and Rhapsody®. In addition, students define and navigate links between requirements and the architecture/design model, derive system model metrics, apply and convey them. Finally, students augment UML/SysML views with specialized visualizations for better understanding of the system.

Course Objectives:

After completing this course, participants will be able to:

- Develop sound, traceable, and verifiable requirements

- Apply concepts of MBE to System of Systems design

- Build architectures in the SysML and UPDM methodologies using MagicDraw

- Explain the role metamodels play in both the use of a particular tool and in the model translation process between tools.

- Evaluate metrics for program life cycle success such as cost, schedule, and performance

Format: This course introduces System of Systems (SoS) design. It includes lecture and hands-on laboratory exercises for use case analysis, requirement capture and linkage, and metrics and visualizations in Model Based Engineering.

Prerequisites: Students should have taken TSE588 - Advanced Modeling Techniques for MBE, or have equivalent experience.

Target Audience: Systems and software engineers

Length: 3 Days (21 Hours)

Schedule: 2016-04-04 to 2016-04-06

Application Deadline: 2016-03-21

Instructor(s): Wheeler,Tom M., Fetech,Bill J., Bienvenu,Michael P.

TSE5940002: SSE Architecture, Design, & Implementation

Course Description: Developing a security architecture is a core Systems Security Engineering (SSE) role. The two-day course - part of the SSE Learning Path - describes how security architecture relates to SSE, why it is needed, what factors influence security architecture, suggestions for how to approach developing a security architecture, and advice for assessing existing security architectures. Students will be introduced to popular frameworks used to capture architecture views. A number of example views from successful sponsor engagements will be presented.

Course Objectives:

Participants attending this course will:

- Become familiar with the role of security architecture in the SSE process

- Develop a basic understanding of approaches to develop and assess security architectures

- Gain an awareness of available frameworks for capturing a security architecture

- Discuss lessons learned from real-world security architecture efforts

Format: The two-day course is part of the SSE Learning Path. It will describe how security architecture relates to SSE, why it is needed, what factors influence security architecture, suggestions for how to approach developing a security architecture, and advice for assessing existing security architectures. The course consists of presentation and discussion along with some class exercises relevant to MITRE work programs.

Prerequisites: Participants should have attended the SSE Concepts & Overview course (TSE231) or have equivalent experience/knowledge.

Target Audience: This course is open to all.

Length: 2 Days (14 hours)

Schedule: 2016-03-07 to 2016-03-08

Application Deadline: 2016-02-22

Instructor(s): McKenney,Brian W., Lanz,Dan

TSE5950002: Verification & Validation and Operations & Maintenance

Course Description: This course is uniquely designed as a part of the Systems Security Engineering (SSE) Learning Path for Federal agency cybersecurity professionals. It consists of two parts:

* Part 1: Verification & Validation (V&V)

* Part 2: Operations & Maintenance (O&M)

Course Objectives:

Upon completion of this course, students will be equipped with a foundational understanding of how to stand up a proper V&V practice and a robust O&M practice in a system development lifecycle.

- The use of verification process to provide objective evidence that a system or system element meets the specified requirements and characteristics.

- The use of validation process to provide objective evidence that a system has achieved its intended use in the specified operating environment.

- Understand the relationship between change control and risk management in O&M.

- Understand the role of incident management process in O&M.

- Understand the role of contingency planning and COOP in O&M.

Format: This uniquely designed course is a part of the Systems Security Engineering (SSE) Learning Path for Federal agency cybersecurity professionals. This two-day course is delivered via lectures and classroom exercises. In addition, there will be a series of take-home reading assignments where the student will be quizzed during the class.

Prerequisites: Participants should have attended the SSE Overview course (TSE231) or have some experience in a system development process in order to actively participate in class discussions and exercises.

Target Audience: This course is open to all and Federal employees involved in a system development project/ program.

Length: 2 Days (14 hrs)

Schedule: 2016-04-25 to 2016-04-26

Application Deadline: 2016-04-11

Instructor(s): Ouyang,Alfred H.

TSE5960002: SSE Managing Systems Projects

Course Description: This 1.5 day course provides an overview of the project management processes required to manage a system engineering project. The course reviews the entire project cycle showing how the SE processes interface with the PM processes. Students learn how to manage technical projects within the systems engineering process and learn the essentials of Project Management. By the end of this course, students should be able to define the actions to be taken to initiate a project in support of their government sponsor or MITRE project, evaluate technical plans prepared by others, assist their sponsors or MITRE colleagues in project execution, and monitor, track and report the status on a technical project.

Course Objectives:

After attending this course, participants will be able to:

- Define techniques for ensuring synergistic management of a systems engineering project

- Define the roles and responsibilities for managing a systems engineering project

- Define the actions to be taken in support of a customer

Format: This 1.5 day course provides an overview of the project management processes required to manage a system engineering project. The course reviews the entire project cycle showing how the SE processes interface with the PM processes. The course consist of presentation and discussion along with some class exercises relevant to MITRE work programs.

Prerequisites: Participants should have attended the SSE Concepts & Overview course (TSE231) and the SSE Requirement course (TSE593). Each student must have an excellent understanding of systems engineering. It is helpful if the student has some systems acquisition ba

Target Audience: This course is open to all.

Length: 1.5 Days (10.5 hours)

Schedule: 2016-05-23 to 2016-05-24

Application Deadline: 2016-05-09

Instructor(s): Outside Instructor

TSE5970002: SSE Project Planning/Project Assessment and Control

Course Description: This half-day course will describe the SSE role during project planning, assessment and control. System security considerations during these processes will be explored. Topics for discussion include identifying project security objection & constraints, planning for project security resources, and adequacy of the protections and protection services of the project's supporting infrastructure.

Course Objectives:

Coming Soon

Format: This half-day course will describe the SSE role during project planning, assessment and control. System security considerations during these processes will be explored. This course consist of lecture and discussion.

Prerequisites: Participants should have attended 1) SSE Concepts & Overview course (TSE231) and 2) Managing Systems Engineering Projects course (TSE596) or the SEworks2 course Managing Systems Project (TSE601), or have equivalent knowledge/experience.

Target Audience: This course is open to all.

Length: 3.5 hours

Schedule: 2016-05-24 to 2016-05-24

Application Deadline: 2016-05-10

Instructor(s): Holtzman,Danny C.

TSE7160001: Applying MBE to Enterprise Architecture Frameworks

Course Description: In this course students explore real-world case studies that demonstrate the cost as well as the advantages provided by MBE. Through these case studies, students analyze and discuss enterprise architecture (e.g., reference models, governance and organization constructs), cost analysis, executable government architecture, model artifacts, and techniques for communicating MBE. Students identify MBE processes that can be applied to sponsor programs. Students identify role(s) that MBE can play at various points in the life-cycle of a program, how to set-up a work environment that allows a team to develop a model, and how to collaborate with the stake holders and facilitate communication in decision-making.

Course Objectives:

After completing this course, participants will be able to:

- Identify opportunities for MBE in MITRE sponsor programs

- Develop architecture models that can support cost analysis

- Construct executable reference architectures that communicate via a pub - sub technique

- Create an integration lab centered around an executable reference architecture

Format: In this course students will explore real-world case studies that demonstrate the cost as well as the advantages provided by MBE. Through these case studies, students analyze and discuss enterprise architecture (e.g., reference models, governance and organization constructs), cost analysis, executable government architecture, model artifacts, and techniques for communicating MBE.

Prerequisites: None

Target Audience: Systems and software engineers

Length: 3 Days (21 Hours)

Schedule: 2016-05-09 to 2016-05-11

Application Deadline: 2016-04-25

Instructor(s): Wheeler,Tom M., Farinacci,Martha L., DeLuca,Joseph A, Kamenetsky,Janna, Ghosh,Such

TSV0640005: Hardware Hacking 1

Course Description: This is a foundational course that will prepare the student to be successful in subsequent classes in the Break Track of the Embedded Systems Security Learning Path (ESSLP) that introduce more advanced topics. This introductory course is intended to present core concepts and techniques to analyze and characterize the behavior of embedded systems and platforms. Concepts will be introduced and discussed within the context of an adversary intent on altering or subverting the behavior of such systems. The course does not expect students to have any prior embedded systems experience. At the conclusion of this course the student will be familiar with:

Embedded system basics

Basic soldering techniques

Board analysis methodology

Identification of peripherals, data buses, diagnostic ports and tap points

Device instrumentation

Bus monitoring and decoding

Development access via JTAG

Course Objectives:

*Define what an embedded system is and explain the basic architecture of an embedded system.

*Analyze a printed circuit board (PCB) and identify major components, peripherals, buses, diagnostic ports and tap points.

*List the types of test equipment and tools used by hardware hackers and explain how they are used.

*Explain basic soldering technique as well as specific PCB rework techniques used by hardware hackers.

*Instrument a printed circuit board (PCB) in order to monitor buses, decode data and access diagnostic functionality.

Format: This is a foundational course that will prepare the student to be successful in subsequent classes in the Break Track of the Embedded Systems Security Learning Path (ESSLP) that introduce more advanced topics.

Prerequisites: The student is not required to have any prior embedded system experience. However there are some key concepts that the student be familiar with:

Programming - In lieu of previous programming experience the student can review the following Code Academy

Target Audience: This course is open to staff applying to the Embedded Systems Security Learning Path.

Length: 2 Days (14 Hours)

Schedule: 2016-02-02 to 2016-02-03

Application Deadline: 2016-01-19

Instructor(s): Korban,Chris A, Heinemann,Bob

TSV0650005: Introduction to Side-Channel Analysis

Course Description: During the last 15 years, it has been widely demonstrated that electronic devices leak information about their internal state as they perform computations, presenting a major security threat to embedded systems. This information leakage can be observed through so-called "side- channels" such as system timing, power consumption, electromagnetic radiation, and many others. The development of side-channel attacks that exploit this information leakage to compromise otherwise secure algorithms continues to be an active field of research. Are your systems vulnerable to such an attack? During the course students will complete hands-on exercises to gain a better understanding of how side-channel attacks work, the difficulty of conducting various attacks, and the effectiveness of various countermeasures. Students will have an opportunity to collect their own side-channel data on a real embedded target and modify the code running on the target.

Course Objectives:

*Upon successful completion of this course the student will be able to:

*Explain the threat of side-channel attacks and their impact on overall system security

*Demonstrate how basic side-channel attacks work

*List the types of countermeasures and their tradeoffs in defending against these attacks

*Discuss advanced side-channel attacks and how the side-channel threat is evolving

*Weigh the impact of security architectures on end device security requirements

Format: This course is an introduction to the threat of side-channel attacks, how they work in theory and practice, and how to defend against them.

Prerequisites: * In lieu of previous experience the student can review the following http://c.learncodethehardway.org/book/ (C concepts for the class).

* In lieu of previous experience the student can review the following http://learnpythonthehardway.org/book/

Target Audience: This course is open to staff applying to the Embedded System Security (Attack Track) Learning Path.

Length: 2 Days (14 Hours)

Schedule: 2016-03-31 to 2016-04-01

Application Deadline: 2016-03-17

Instructor(s): Woodbury,Adam D., Chapman,Joe, Walters,Dan T.

TSV1000019: Introduction to Secure Coding

Course Description: The purpose of this course is to provide developers with focused training related to secure coding. The hope is that each developer will leave the course with a better understanding of how they can improve, from a security perspective, the code that they write. This course provides a look at some of the most prevalent security related coding mistakes made here at MITRE. Each type of issue is explained in depth including how a malicious user may attack the code, and strategies for avoiding the issues are then reviewed. Knowledge of at least one programming language is required, although the specific programming language is not important as the concepts that will be discussed are language independent. The course will cover many of the weaknesses within the context of a web application, but most of the concepts will apply to all application development.

Course Objectives:

* Reinforce the importance of secure coding

* Identify the most common code level weaknesses within MITRE

* Provide an overview of each weakness type including examples within code (weaknesses include cross-site scripting, SQL injection and bypassing authorization checks)

* Demonstrate how malicious users will exploit these weaknesses

* Discuss techniques to avoid each weakness

* Provide an overview of internal and external resources available to developers

Format: This one-day course is setup as an exploration through a hypothetical web application where a malicious user attempts to take advantage of certain flaws within the code. Throughout the course, we will be identifying the flaws, discussing them, understanding the specific attacks, and finally discussing how to improve the code to prevent the attack.

Prerequisites: Participants must have working knowledge and experience writing code and developing applications. A specific programming language is not required as the concepts that will be discussed are language independent.

Target Audience: This course is open to individuals that develop code and wish to increase their understanding of secure coding. Staff attending this course may be asked to participate in hands on course work and activities.

Length: 1 Day, 7 hours

Schedule: 2016-03-28 to 2016-03-28

Application Deadline: 2016-03-14

Instructor(s): Buttner,Drew, Shields,Larry F.

TSV4360011: Secure Code Review

Course Description: This course is designed to help developers bring a secure coding mindset into typical project peer reviews. The course briefly talks about the development lifecycle and the importance of peer reviews in delivering a quality product. How to perform this review is discussed and how to keep secure coding a priority during the review is stressed. A variety of hands-on exercises will address common coding mistakes, what to focus on during a review, and how to manage limited time.

Throughout the course, the class will break out into pairs and perform example peer reviews on sample code. Perl will be used for the hands-on exercises; however every attempt will be made to generalize the code such that anyone with an understanding of a coding language will be comfortable.

Course Objectives:

* Describe how peer reviews fit into the software development process

* Start a peer review and gain the necessary background about the code

* Identifty techniques for making sense of a large amount of code

* Review common secure coding mistakes

* Create report findings that go back to the developer

Format: Lecture plus team exercises

Prerequisites: TSV100 Introduction to Secure Coding or equivalent experience/knowledge

Target Audience: Developers

Length: One day (7 hours)

Schedule: 2016-04-11 to 2016-04-11

Application Deadline: 2016-03-28

Instructor(s): Buttner,Drew, Shields,Larry F.

TSV4420005: Embedded System Software Exploitation

Course Description: Just like x86, ARM and MIPS architectures are also vulnerable to software errors. This class will cover the techniques attackers use to exploit software errors on the ARM platform primarily, since it is one of the more complex platforms used in embedded devices. Techniques used on ARM platforms can be easily adapted to the other platforms. This will be a lab driven course that will illustrate various types of vulnerability on the ARM & MIPS platform. Topics and labs will include tools used for ARM & MIPS assembly/disassembly, how shell code is formatted, return oriented programming attacks, attacks similar to x86 platform and other topics.

Course Objectives:

*Identify software weaknesses in ARM, MIPS and other embedded architectures

*Evaluate assembly code for exploits

*Analyze and contrast exploitation techniques on ARM, MIPS and x86 architectures

*Apply exploitation techniques unique to ARM and embedded systems

*Apply defenses to remediate ARM exploits

Format: This class will cover the techniques attackers use to exploit software errors on the ARM platform primarily, since it is one of the more complex platforms used in embedded devices. Techniques used on ARM platforms can be easily adapted to the other platforms.

Prerequisites: It is recommended that students be familiar with the following concepts before taking this course:

* Assembly and Instruction set for either x86 or ARM (Check out the Introduction to ARM course).

* The C language

* Life of Binaries, specifically ELF

Target Audience: This course is open to staff applying to the Embedded System Security Learning Path.

Length: 2 Days (14 Hours)

Schedule: 2016-03-14 to 2016-03-15

Application Deadline: 2016-02-29

Instructor(s): Lozano,Ivan

TSV4500002: Introduction to Fault-Injection Attacks

Course Description: Fault injection is a powerful hardware technique that can be used to circumvent security and extract cryptographic keys.Different fault injection techniques, such as power, clock, and electromagnetic (EM) pulses, will be discussed and/or demonstrated as will the different types of effects these faults can produce (fault models). There will be a large hands-on component to this class where the students will simulate the effects of fault injection on an embedded hardware platform running example security code. Most of the attack techniques described in class will performed. Additionally, the students will implement their own countermeasures to protect the algorithms they had previously attacked.

Course Objectives:

*Understand the various techniques to inject faults into embedded hardware and fault models. This understanding will be reinforced by hands-on laboratories that expose students to the various effects that faults can cause.

*Learn of the various classes of cryptographic attacks that are achievable via faults. Additionally, they will have thorough knowledge of example attacks against AES and RSA.

*Learn various ways to protect hardware from malicious faults.

Format: This course will demonstrate these attack techniques as well as show possible countermeasures to thwart them.

Prerequisites: Participant's should have some basic knowledge of cryptography and experience with C programming preferably for embedded systems, and additionally, familiarity with power/EM side channel recordings is recommended. In lieu of previous experience the studen

Target Audience: This course is open to staff applying to the Embedded Systems Security Learning Path.

Length: 1 Day (7 Hours)

Schedule: 2016-04-29 to 2016-04-29

Application Deadline: 2016-04-15

Instructor(s): Hamalainen,Jeff

TTA2340001: MATLAB for C/C++ Software Development

Course Description: MATLAB can help to accelerate development in other languages such as C/C++. Developers can visualize, verify, and rapidly prototype functionality from Visual Studio and Eclipse by connecting directly to the MATLAB environment. In addition, MATLAB can integrate existing C code and libraries to perform simulations and prototypes that leverages existing code investments. This ensures to maximize reuse and minimize risks as designs transition from concept to production.

Course Objectives:

* Test and verify C/C++ code by using MATLAB as a testing framework

* Seamlessly connect the MATLAB environment with Visual Studio and Eclipse

* Integrate existing C code directly into MATLAB for simulation, testing, and prototyping

* Generate C from MATLAB that leverages existing C code bases

Format: This MATLAB Lunchtime Series consist of lecture with demos to help accelerate development in other languages such as C/C++. Developers can visualize, verify, and rapidly prototype functionality from Visual Studio and Eclipse by connecting directly to the MATLAB environment.

Prerequisites: #N/A

Target Audience: This course is open to all.

Length: 2 Hours

Schedule: 2016-02-04 to 2016-02-04

Application Deadline: 2016-01-28

Instructor(s): Instructor from Mathworks

TTA2350001: Introduction to Object-Oriented Programming in MATLAB

Course Description: MATLAB is a fully object-oriented programming language and object-oriented constructs enables easier development and maintenance of large applications and data structures. Using engineering examples, this session will demonstrate how to define classes and work with objects, highlighting the benefits of this programming approach over traditional procedural techniques. Features covered include class definitions, properties, property attributes, methods, method attributes, and inheritance. No knowledge of object-oriented programming is required.

Course Objectives:

Format: Using engineering examples, this MATLAB session will demonstrate how to define classes and work with objects, highlighting the benefits of this programming approach over traditional procedural techniques.

Prerequisites: None

Target Audience: This course is open to all.

Length: 2 Hours

Schedule: 2016-02-23 to 2016-02-23

Application Deadline: 2016-02-16

Instructor(s): Instructor from Mathworks

TTA2360002: MATLAB for Biostatistics

Course Description: We will present and demo the latest version of MATLAB for data analysis and biostatistics. This session would be appropriate for both those currently familiar with and/or using MATLAB, as well as those new to the tool looking for an overview.

Course Objectives:

* Broad overview of MATLAB and how you can use in your daily work

* Summary of capabilities for biostatistics related workflows motivated with use cases

* Also summarizing a range or HPC (high performance computing) and interoperability capabilities

Format: This MATLAB session will present and demo the latest version of MATLAB for data analysis and biostatistics. This session would be appropriate for both those currently familiar with and/or using MATLAB, as well as those new to the tool looking for an overview.

Prerequisites: #N/A

Target Audience: This course is open to all.

Length: 2 Hours

Schedule: 2016-03-15 to 2016-03-15

Application Deadline: 2016-03-08

Instructor(s): Instructor from Mathworks

TTA5230015: IBM DOORS User and Implementation

Course Description: The first day of this course introduces you to the basic concepts of using Rational DOORS. The second day focuses on modifying the schema, importing/exporting data, and performing impact/traceability analysis.

The students will leave the course with a DOORS schema that may support 80-90% of their sponsor's requirements management needs.

Course Objectives:

* Understand DOORS user interface

* Navigate and use the schema

* Create and edit requirements

* Create reports and other outputs

* Use existing views and filters

* Understand how to and modify the schema to meet the needs of your sponsor

* Import MS Word and MS Excel documents into DOORS

* Create/modify views

* Use existing attributes and create additional attributes and filters

* Understand how to use DOORS to share information with 3rd parties (whether they use DOORS or not)

* Perform impact and traceability analysis

Format: This 2-day course will introduce students to the basic concepts of using Rational DOORS. It will also focus on modifying the schema, importing/exporting data, and performing impact/traceability analysis.

Prerequisites: Knowledge of your sponsor's requirements process and document hierarchy

Basic data modeling concepts

Target Audience: Systems engineers and requirements managers

Length: 2 days, 14 hours

Schedule: 2016-04-07 to 2016-04-08

Application Deadline: 2016-03-24

Instructor(s): Fetech,Bill J.

TAD4040003: Introduction to Biometrics (Beginner)

Course Description: Automatically determining the identity of a person is a very critical need in an interconnected global society. Biometric systems use automated methods to recognize an individual based on measureable biological and behavioral characteristics to serve that purpose.

This beginner course will introduce biometrics concept, terminology, technology and statistics behind testing, evaluation and analysis. The lecture also will offer an opportunity for students to see and use biometrics sensors to experience enrollment. The students will be able to develop a general understanding in biometrics to be able to support biometrics tasks at a high level. This course is a precursor to the advanced biometrics course.

Topics covered will include:

-Overview of biometric systems and their operation -Performance testing of biometric systems -Functionality of major biometric modalities: *Fingerprint matching *Face recognition *Iris identification *Other modalities -NIST Technology Test Summaries-MITRE Resources

Course Objectives:

*Describe biometrics and biometric systems *Identify the characteristics of major biometric modalities *Discuss the process of biometric matching *List the components of biometric systems *Establish performance metrics for biometric system testing and evaluation

Format: Lecture

Prerequisites: Math, or any engineering disciplines

Target Audience: Engineers who want to become more familiar with the biometrics concept

Length: 1 Day (7 Hours)

Schedule: 2016-04-13 to 2016-04-13

Application Deadline: 2016-03-30

Instructor(s): Browning,Keith

TAD7000002: Introduction to Biometrics (Advanced)

This advanced course is a follow-on course of the beginner biometrics course. It will be a mixture of lecture and hands-on programming exercise. The students will gain a deeper understanding of what is involved in the implementation, testing and evaluation of biometrics algorithms, analysis to be able to make technically-solid recommendations to sponsors on the matters of performance enhancement, and acquisition of biometrics systems.

The following topics will be covered:

- Biometric Testing:

*Test dataset development

*Image processing

* Pattern recognition

* Biometric templates

* Matching algorithms

- Biometric Evaluation:

* Ground truth mapping

* Statistical analysis: False Accept Rate (FAR), False Reject Rate (FRR), Receiving Operating Characteristic (ROC) and Detection Error Tradeoff (DET)

* Multi-model fusion.

Course Objectives:

*Practice biometric algorithm testing and evaluation

*Create biometrics performance requirements based upon sponsor requirements

*Describe how to set up a biometric test environment

*Discuss how image processing and pattern recognition are used in biometrics

*Explain how biometric matching occurs and how to interpret the results

Format: Lecture and Lab

Prerequisites: Statistics, Computer Science (Java, C++, OpenCV)

Target Audience: Engineers who want to become biometrics engineers

Length: 1 Day (7 Hours)

Schedule: 2016-04-14 to 2016-04-14

Application Deadline: 2016-03-31

Instructor(s): Ford,Andrew R

TCO4710005: Introduction to Application Migration to Cloud

Course Description: This course is an introduction to the assessment of application readiness for migrating to a cloud ecosystem, and the execution of the migration lifecycle. The course focuses on mission and business critical current systems, and presents approaches to migrating from current operating infrastructures to cloud ecosystems.

Students will be introduced to cloud migration frameworks, including tools and techniques, for assessing applications and migrating them to the cloud. They will learn to plan the transition from the current IT environment to a chosen cloud ecosystem, including evaluating cloud options, analyzing alternative approaches, establishing migration strategies, developing application architectures, and applying migration best practices. The cloud migration frameworks can be applied to software development and migration projects, ranging from small systems to enterprise-wide systems.

Course Objectives:

*Understand sponsor motivations and concerns regarding migration to the cloud

*Learn how to conduct application assessments using MITRE's Cloud Decision Framework and tools, to enable decision-making and strategic planning

*Learn how to apply the migration strategy to select the appropriate cloud models, determine whether to migrate some or all of the app components, and choose the applicable migration approach

*Understand the technical challenges that may have to be resolved as part of the migration effort

*Understand the best practices for re-architecting apps for the cloud, including reference architectures, design patterns and tools

Format: Lecture

Prerequisites: None

Target Audience: Individuals involved in sponsor cloud migrations

Length: 1 Day (7 Hours)

Schedule: 2016-02-09 to 2016-02-09

Application Deadline: 2016-01-26

Instructor(s): Small,Howard A., Warren,Katy

TPL4310061: XML Foundation

Course Description: Today's Web provides people with unprecedented access to online information and services. However, the format-oriented, handcrafted HTML encoding in which most Web information is delivered makes it understandable only "by eyes" and difficult for agents and other automated processes to use. Search engines and "shopping bots" cannot perform well if the information they gather is not semantically encoded. Clever programmers have worked around some of the inherent limitations of HTML by using proprietary tags or software that "scrapes" Web pages to extract content. However, such approaches do not scale. Proprietary tags require browser plug-ins while scraping approaches require ad hoc scripts. Both approaches balkanize the Web and make it inaccessible to agents.

Today's Web is using the Extensible Markup Language (XML) to encode information and services with meaningful structure and semantics that computers can readily understand. XML has emerged as the standard for self-describing data exchange in Internet applications. The power of XML lies in its extensibility and ubiquity. Anyone can invent new tags for particular subject areas and define what they mean in Document Type Definitions (DTDs) or XML Schemas. Content-oriented tagging enables a computer to understand the meaning of data, (e.g., whether a number represents a price, a date, or a quantity). This significantly increases the functionality of web applications because they can do much more than simply display the data. For example, items in an XML-encoded catalog can be sorted by price, availability, or size, using a client-side applet.

XML enables computer-interpretable documents for describing products, airline schedules, stock reports, and bank statements, and corresponding forms for placing orders, booking reservations, and making transactions. The purpose of this course is to provide the foundation of XML, especially in the areas of XML standard syntax, namespaces and DTDs as well as introducing XML Schemas. This information will provide the foundation for the advanced XML courses. This course also includes an introduction to XML Schemas technology. XML Schemas bring to XML the rich data descriptions that are common to other business systems but were missing from XML. Now, developers of XML e-commerce systems can use XML Schema's ability to define XML applications that are far more sophisticated in how they describe, create, manage and validate the information that fuels B2B e-commerce.

Course Objectives:

*Learning the inherent deficiencies of inextricably mixing content with presentation

*Understanding the role that XML is playing on the web

*Learning the foundation XML technologies: XML syntax, namespaces, and XML Schemas

*Obtaining hands-on experience with XML

*Gaining a working knowledge of data modeling XML documents using XML Schemas

Format: Instructor-led seminar with detailed handouts and time for extensive class interaction.

Prerequisites: A basic knowledge of HTML is helpful.

Target Audience: This course is intended for individuals especially teleworkers & site staff.

Length: 3 Days (21 Hours)

Schedule: 2016-03-29 to 2016-03-31

Application Deadline: 2016-03-15

Instructor(s): Costello,Roger L.

TPL4920002: Python Packaging @ MITRE

Course Description: Bundling your latest Python project into an easy to install package is a critical component of software reuse and sharing. Packaging is an often overlooked and underappreciated process of the Python software development lifecycle and developers sometime shy away for fear of the elusive "setup.py" file.

This course will cover a majority of the common aspects of Python packaging -- how to create individual packages, how to upload your packages to a Python index server, and how to package larger, more complex packages for offline installation on Sponsor systems or other systems with limited or no network connectivity. Upon course completion, students will have a greater depth of understanding of the Python packaging process and will be better oriented for tackling specialized tasks, such as building C/C++ extensions, if their project requires such aspects of packaging.

Course Objectives:

* Describe the differences between pypi.python.org and pypi.mitre.org

* Leverage the MITRE infrastructure for Python packaging

* Upload project documentation as HTML pages

* Create simple and more complex Python packages

* Bundle your projects for offline installation

* Interact with the MITRE Technology Transfer Office for licensing and/or submitting your projects to public Open Source repositories

Format: Lecture/Lab

Prerequisites: TPL432 Introduction to Python

Target Audience: Seasoned Python Developers

Length: 2 Days (14 Hours)

Schedule: 2016-04-12 to 2016-04-13

Application Deadline: 2016-03-29

Instructor(s): Founds,Drew

TSE5390016: Introduction to Organizational Change Management: A Systems Engineering Approach

Course Description: Using a systems engineering context, participants are familiarized with a basic foundation in the principles and practices that guide effective organization change efforts.

1. INTRODUCTION

Includes an overview of system engineering models and organizational change concepts, including:

- Systems Engineering approach to organizational change

- Understanding why many IT change initiatives fail

- Current research on organizational change and the role of people in change

- Resistance to change - causes and effects

- Understanding the role of an organization's culture during change

2. TRANSFORMATION PLANNING AND ORGANIZATIONAL CHANGE

Participants learn how to apply a systems engineering change model to identify the key transformational components needed to affect change within an organization.

3. PERFORMING ORGANIZATIONAL ASSESSMENTS

Using a real-life scenario, participants will perform an organizational assessment to identify the critical change issues that surface during a sponsor's project.

4. ORGANIZATIONAL CHANGE LESSON LEARNED

Participants learn present organizational change techniques that have proved effective in minimizing operational disruptions often triggered by organizational and technological changes.

Course Objectives:

*Participants are familiarized with the relationship between system engineering models and lifecycles and organizational change system models/processes in complex adaptive systems

*Participants learn organizational change techniques that have proved effective in minimizing operational disruptions often triggered by organizational and technological changes

*Participants learn about the behavioral complexities of organizational transformation

Format: This will be a presentation and discussion class with exercises.

Prerequisites: None

Target Audience: This course is intended for the technical staff.

Length: 1 Day (7 Hours)

Schedule: 2016-04-21 to 2016-04-21

Application Deadline: 2016-04-04

Instructor(s): Petrun,Craig J., Argust,Derek M.

TSE5910003: Systems of Systems Engineering

Course Description: Today's environments are dominated by complex Systems of Systems (SoS), created by the networking of many systems to create larger emergent capabilities. As a result, systems engineers now often have the difficult responsibility to develop and manage systems within the overriding context of a SoS.

The development environment for a SoS is typically characterized by its own unique challenges, such as a decades-long life cycle and ongoing re-architecting throughout that lifecycle. System success under these conditions requires developing an adaptable design in a dynamic process to manage complexity, while supporting shifting operational priorities over significant time spans and avoiding the lurking potential of chaotic conditions.

To meet these challenges, this course presents detailed, useful techniques to work effectively within the context of SoS and to manage the engineering activities associated with them. The course builds on the most recent SoS research and experience from INCOSE, NDIA, SERC, and several EU projects.

Course Objectives:

*Define a SoS and SoS engineering

*Compare challenges of development, integration, and operation & maintenance in a traditional systems versus a complex, adaptable SoS

*Describe a framework for SoS engineering

*Evaluate contributions to the field of complex SoS engineering from recent research projects

*Develop a new paradigm for engineering complex systems of systems

Format: Lecture, Discussion, and Interactive Exercises

Prerequisites: Completion of the TSE598: Systems Engineering Overview course or equivalent experience, including knowledge of the Systems Engineering lifecycle and familiarity with the role(s) of a Systems Engineer.

Target Audience: This course is open to all individuals and is the ninth course in the Systems Engineering Learning Path.

Length: 2 Days (14 Hours)

Schedule: 2016-06-06 to 2016-06-07

Application Deadline: 2016-05-23

Instructor(s): Honour,Eric

TSE5990002: Managing System Projects

Course Description: This two-day course provides an overview of the project management processes required to manage a system engineering project. The course reviews the entire project cycle showing how the SE processes interface with the PM processes. Students learn how to manage technical projects concurrently with the systems engineering process and learn the essentials of Project Management. By the end of this course, students should be able to define the actions to be taken to initiate a project in support of their government sponsor or MITRE project, evaluate technical plans prepared by others, assist their sponsors or MITRE colleagues in project execution, and monitor, track and report the status on a technical project.

Course Objectives:

*Define techniques for ensuring synergistic management of a systems engineering project

*Define the roles and responsibilities for managing a systems engineering project

*Define the actions to be taken in support of a customer

Format: Lecture, Discussion and Exercises

Prerequisites: TSE598 SE Overview, or equivalent knowledge.

Target Audience: This course is open to all individuals and is the fifth course in the Systems Engineering Learning Path.

Length: 2 Days (14 Hours)

Schedule: 2016-03-29 to 2016-03-30

Application Deadline: 2016-03-15

Instructor(s): Mosteller,Ken

TSE6060002: Software and Systems Testing

Course Description: This course is an introduction to the application of systems engineering principles to testing, with a focus on software and systems testing. It provides an overview of testing and its role throughout the system engineering life cycle from capability gap identification to operational release and sustainment. Topics include test requirements development, test planning, test tools, test conduct, and data collection, reduction, analysis, and reporting. The course is designed to provide students with an understanding of the role of testing in project management as well as practical advice and guidance through the inclusion of examples, class exercises, and interaction with students.

Course Objectives:

*Describe the role and importance of testing in the overall system development lifecycle

*Understand testing methodologies and practices to ensure that a system functions and performs as intended

*Better understand how to manage testing, to plan and design tests, to develop test cases, to execute tests, to collect and analyze test data, and to summarize test results to developers and managers

*Understand how system testing principles apply to software development, to include agile testing

Format: Instruction is a mixture of presentation and exercises with opportunities for participant questions and discussion.

Prerequisites: None

Target Audience: This course is open to all individuals and is the eighth course in the Systems Engineering Learning Path. An information technology or system engineering background is helpful, but not required. Participants will benefit most if they are actively involved or have experience in testing, test management, program management, or software development.

Length: 1 Day (7 Hours)

Schedule: 2016-05-17 to 2016-05-17

Application Deadline: 2016-05-03

Instructor(s): Clasen,Bob J., Williams,Esther H

TST4210002: Introduction to Bayesian Statistics

Course Description: Bayesian statistical methods have received a lot of attention over the past several years. Nate Silver brought so-called Bayesians out of the shadows in 2008 when he successfully predicted the outcomes for 49 of 50 US senate races. While foundational theory has been established over several decades, computing advances have opened up Bayesian statistical methods to rich real- world problems.

This course will introduce Bayesian methods and the statistical properties of beliefs. It will compare/contrast classical (i.e. frequentist) methods to their Bayesian equivalents. This dual perspective will help students relate their previous training and education to the ideas and examples in this course. While theory will be a critical component, the course is accessible to students from all backgrounds that include at least one semester of calculus (derivatives and integrals).

Course material will be broken into two areas: theory and examples. We will review underlying theory in sufficient detail to cover examples. Selected examples will demonstrate scenarios where a Bayesian approach offers practical advantages over frequentists methods. We will also explore Bayesian methods that have no frequentist counterpart. The goal of this course is to get students comfortable enough with Bayesian methods to continue studying the topic at their own pace and/or to repurpose the example code for their MITRE project work. Students who complete this course will also be prepared for the more detailed follow-up course, Bayesian Statistical Programming.

Topics covered will include:

- Overview of the power of the Bayesian approach over traditional f frequentist method

- Review of probability axioms, conditional probabilities, and independence

- Methods to estimate probabilities of rare events

- Selecting the appropriate prior probabilities and the role of conjugacy in modeling

- Working with expected values and leveraging the `kernel trick

- One-parameter models (e.g. binomial, Poisson, other exponential family models)

Course Objectives:

*Explain the difference between Bayesian and frequentist perspectives

*Demonstrate an awareness and build intuition about Bayesian methods

*Apply Bayesian inference methods and their outputs

*Select basic programming examples for self-study or repurposing for project work

Format: Instructor presentation and labs.

Prerequisites: A course in single variable calculus that includes derivatives and integrals. Students with some exposure to basic probability and statistics will get the most out of the course, but those are not

Approved for Public Release; Distribution Unlimited. Case Number 16-0134 ©2016 The MITRE Corporation. ALL RIGHTS RESERVED Winter 2016 Course Schedule assumed or necessary. A course in single variable calculus that includes derivatives and integrals. Students with some exposure to basic probability and statistics will get the most out of the course, but those are not assumed or necessary. R programming experience will be helpful but is not required.

Target Audience: This course is open to all.

Length: 1 Day (7 Hours)

Schedule: 2016-03-24 to 2016-03-24

Application Deadline: 2016-03-10

Instructor(s): Welch,Nathan G

TST7100002: Bayesian Statistical Programming

Course Description: This course will introduce essential algorithms that support Bayesian statistical inference. We will then use these foundational tools to explore models that would be both theoretically and computationally intractable otherwise. While it would be interesting to consider these tools in isolation, this course will focus on techniques that are useful to common challenges.

After taking this course, students should have a basic understanding of the approach and intuition of foundational algorithms underpinning complex Bayesian statistical inference. They will also learn how to adapt and execute course example code for their own (closely related) sponsor work. This course aims to focus on application and examples, but theory necessary to supporting the algorithms and models will also be an important component.

Bayesian Statistical Programming builds on the ideas and principles covered in the Introduction Bayesian Statistics class. Students without a strong statistics and probability background can benefit from this course, but those students are encouraged to start with the introductory class.

Topics covered will include:

- Monte Carlo approximation (posterior inference, sampling, prediction)

- Gibbs Sampling)

- Metropolis-Hastings algorithm)

- The normal model)

- Bayesian estimation for a regression model)

Course Objectives:

*Explain the difference between Bayesian and frequentist perspectives

*Apply Bayesian inference methods and their outputs

*Apply MCMC simulation to estimate probabilities

*Evaluate relevant mathematics and programming methods necessary to perform new studies.

*Explain recent developments in Bayesian statistics

*Identify resources that are available for further study

Format: Instructor presentation and labs.

Prerequisites: Students with exposure to basic statistics and calculus will get the most from this course. R programming experience would be helpful but is not required. Familiarity with basic programming control structures (e.g. loops, if-then statements, etc.) will be sufficient.

TST421 - Introduction to Bayesian Statistics

(suggested) TPL487: Rapid Introduction to R Programming

(suggested) Coursera R Programming: www.coursera.org/course/rprog

Target Audience: This course is open to all.

Length: 1 Day (7 Hours)

Schedule: 2016-03-25 to 2016-03-25

Application Deadline: 2016-03-11

Instructor(s): Welch,Nathan G

TSV4440005: Windows Enterprise Security

Course Description: This course is a hands-on introduction to Windows security fundamentals that are critical to cyber security. Curriculum will cover a variety of topics including basic host security and permissions, to registry editing, using policy editor, and how to improve security beyond common government and DoD baselines. This course will be designed to fill in knowledge gaps for attendees. Attendees with all levels of technical backgrounds will benefit from this class.

Critical components include audit configuration, data encryption, automating security settings in an enterprise environment, and managing permissions. Both Workstation and Server specific configurations and tools will be covered.

The class will incorporate hands-on exercises and labs. Students will gain an understanding of host based security configuration concepts. These concepts will be demonstrated by student labs based on common misconfigurations that students must address by applying concepts learned throughout the class. The class will culminate when students are asked to secure a system that has been loaded from a default install.

It is expected that attendees will have knowledge in one or more topics covered in the class. This class is meant to fill in gaps and allow students to build on their previous knowledge to become more technically skilled cyber security professionals. Solid foundational knowledge, gained in this class, will allow students to easily understand more advanced topics. The technical confidence students will gain in this class will allow them to quickly tackle technical hurdles in their day-to-day work. This course will provide a broad technical background, enabling students to overcome adversity to solve critical cyber security problems.

Course Objectives:

* Review auditing options available to a Windows host

* Review methods of remotely extracting information from a Windows host

* Learn fundamentals of scripting to remotely apply security configurations across multiple hosts

* Learn how to implement privilege separation for users, files, and folders

* Understand security implications of default Windows configurations and security baselines

* Understand why some STIG settings are disabled in certain enclaves

* Understand the "why" behind some of the security configuration settings

* All attendees will apply all knowledge through lab exercises during the course

Format: Lab.

Prerequisites: Minimal networking, system administration, and/or cyber security knowledge

Target Audience: Junior tech staff

Senior tech staff that have found themselves working in a lab

Engineers changing disciplines to cyber security

Engineers in other fields supporting cyber work

Length: 2 Days (14 Hours)

Schedule: 2016-03-10 to 2016-03-11

Application Deadline: 2016-02-25

Instructor(s): Clark,Akiva A.

TSV4520002: Host-Based Hunting Concepts, Analysis and Execution with QTip/QTip-N

Course Description: In this course students will develop a conceptual understanding of and an operational capability to perform host-based hunting (HBH) currently used by various DoD services. After completing this course, students will be able to assist sponsors with cyber hunting, incident response, and defensive cyber operations (DCO) from a variety of perspectives, whether high-level planning or in-the-weeds hands-on operations.

In this course students use QTip/QTIP-N, a tool used by the US Army and US Navy. QTip is a remote host scanning and analysis tool for enterprise Windows environments that proactively detects systems that are compromised. For example, using QTIP, field operators can quickly scan a range of host machines for indicators of exploitation and named threat presence; this includes any malicious files or programs, as well as check for other specific vulnerabilities or risk factors such as out of date or prohibited software, cross domain violations, and signs of persistence by unauthorized users. QTIP also allows for follow-up data collection of event logs on surrounding systems to determine whether an adversary was able to move laterally through the environment.

This course includes lecture and hands-on laboratory exercises.

Course Objectives:

After completing this course, participants will be able to:

- Describe methodologies and analytics used in host-based hunting (HBH)

- Install, operate and maintain QTip/QTip-N scanning software

- Analyze results from QTip/QTip-N (or similar tools, such as Blue Scope)

- Detect compromises based on host indicators such as new or modified files, memory signatures, certain event logs, registry entries

- Perform field development capabilities for custom indicators and agents to add new data collection capabilities or analytical functions

- Plan and architect methods of data collection in non-standard environments

- Demonstrate how to support sponsors engaged in active incident response or hunting operations

Format: This two day course will help students develop a conceptual understanding of and an operational capability to perform host-based hunting (HBH) currently used by various DoD services. The course includes lecture and hands-on laboratory exercises using QTip/QTIP-N, a tool used by the US Army and US Navy. QTip is a remote host scanning and analysis tool for enterprise Windows environments that proactively detects systems that are compromised.

Prerequisites: MS Windows host and enterprise familiarity, such as how Windows hosts communicate, authenticate, interact with Domain controllers

Defensive Cyber Operations/Computer Network Defense familiarity

Scripting - background in any scripting language (such as Python, VB, Perl, Ruby, batch scripting)

Familiarity with the MS Windows command line environment

Target Audience: Engineers supporting DoD or Federal sponsors in the Cyber Defense area

Length: 2 Days (14 Hours)

Schedule: 2016-02-09 to 2016-02-10

Application Deadline: 2016-01-26

Instructor(s): Clark,Akiva A.

TSW0860008: Leading SAFe - The Scaled Agile Framework (TM)

Course Description: Leading the Lean|Agile Enterprise with the Scaled Agile Framework (TM)In this two-day certification course, you will gain the knowledge necessary to lead an enterprise agile transformation by leveraging the Scaled Agile Framework, and its underlying principles of lean thinking, and product development flow. You will leave with an understanding of how the principles and practices of the framework support Lean Thinking, Agile Development, SAFe ScrumXP, Agile Release Trains, Agile Portfolio Management, Agile Architecture, and Scaling Leadership. At the end of the class, the student will have with them the information necessary to take the examination for the Scaled Agilest Certification through the Scaled Agile Academy. A class fee of $100 is required for this class to cover use of copyrighted material and administration of the certification exam. Payment of the class fee is coordinated by the class instructors, and is required before the first day of class.

Course Objectives:

*Apply lean, agile and product development flow principles to improve productivity, employee engagement, time to market, and quality

*Apply the Scaled Agile Framework based on lecture, real-world examples, and insights

*Understand the skills necessary for an enterprise transformation based on the information and examples presented, and additional recommended readings and resources

*Gain the insights into the leadership skill most effective in unlocking the intrinsic motivation of software development knowledge workers, and begin applying them in your context

Format: Interactive Lecture / Group Exercises

Prerequisites: Familiarity with Scrum Methodology is preferred

Target Audience: Executives, managers, system engineers, and Agile change agents responsible for leading a Lean|Agile change initiative in the larger software enterprise.

Length: 2 Days (14 Hours)

Schedule: 2016-05-03 to 2016-05-04

Application Deadline: 2016-04-18

Instructor(s): Johnstone,Charles T, Burnard,Becky E, Connors,Carol

TSW0870002: SAFe Product Manager / Product Owner

Course Description: Scaled Agile Framework (TM) Product Manager / Product Owner Certification Class

This two-day certification course is a deep dive into the roles of the product manager and product owner, beginning with the principles of SAFe (TM), Lean thinking tools, Agile development practices at scale, and an overview of the Scaled Agile Framework®. Teams will learn the Product Manager and Product Owner roles in the enterprise, how to manage the enterprise backlog, delivering features, agile requirements, the events within SAFe, and finally, stakeholder management. At the end of this workshop, attendees will have the tools and knowledge they need to write Epics, Features, and User Stories within the Scaled Agile Framework, and have a solid foundation on how to manage programs in the Lean-Agile Enterprise. Target audience includes executives, product managers, product owners, and coaches/consultants. At the end of the class, the student will have with them the information necessary to take the examination for the SAFe PM/PO Certification through the Scaled Agile Academy. A class fee of $100 is required for this class to cover use of copyrighted material and administration of the certification exam. Payment of the class fee is coordinated by the class instructors, and is required before the first day of class.

Course Objectives:

*Product Manager and Product Owner roles in the enterprise

*Enterprise Backlog Management

*Delivering Features in the Enterprise

*Agile Software Requirements

*SAFe events and process

*Stakeholder Management

Format: Interactive Lecture / Group Exercises

Prerequisites: Familiarity with Scrum Methodology is preferred

Target Audience: Executives, product managers, product owners, consultants, lean-agile leaders, Agile change agents.

Length: 2 Days (14 Hours)

Schedule: 2016-02-29 to 2016-03-01

Application Deadline: 2016-02-15

Instructor(s): Johnstone,Charles T, Burnard,Becky E, Connors,Carol