Software Engineering Institute

SEI Releases AI Engineering Practices to Accelerate Mission-Capable AI

The twelve foundational practices for decision makers describe the groundwork for turning AI capability into mission value.
Software Engineering Institute

SEI CERT Division Leadership Lends Emerging Technology Insights to Cyber-Risk Oversight Handbook

Gregory Touhill, CERT Division Director, and Matthew Butkovic, technical director of cyber risk and resilience, co-authored tools for corporate boards dealing with quantum computing, AI, and other ...
sei.cmu

Generative AI and Software Engineering Education

Ozkaya, I., and Schmidt, D., 2024: Generative AI and Software Engineering Education. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Software Isolation: Why It Matters to Software Evolution and Why Everybody Puts It Off

Benitez, M., 2023: Software Isolation: Why It Matters to Software Evolution and Why Everybody Puts It Off. Carnegie Mellon University, Software Engineering Institute ...
sei.cmu

SEI Launches Leadership in AI for Cybersecurity Application Workshop

This newsletter compiles the latest SEI releases and news about the new CERT Leadership in AI for Cybersecurity Application Workshop; insights on leadership, legacy, and mentors from SEI director and ...
sei.cmu

Advancing Software for National Security

Since our foundation in 1984, we have helped the Department of War (DoW), government agencies, and private industry meet mission goals and gain strategic advantage by innovating and advancing the ...
sei.cmu

Architecture Tradeoff Analysis Method Collection

The Architecture Tradeoff Analysis Method (ATAM) is a method for evaluating software architectures relative to quality attribute goals. ATAM evaluations expose architectural risks that potentially ...
sei.cmu

An Introduction to Model-Based Systems Engineering (MBSE)

Shevchenko, N., 2020: An Introduction to Model-Based Systems Engineering (MBSE). Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Insider Threat Test Dataset

The CERT Division, in partnership with ExactData, LLC, and under sponsorship from DARPA I2O, generated a collection of synthetic insider threat test datasets. These datasets provide both synthetic ...
sei.cmu

Prioritizing Vulnerability Response: A Stakeholder-Specific Vulnerability Categorization

This paper presents a testable Stakeholder-Specific Vulnerability Categorization (SSVC) that takes the form of decision trees and that avoids some problems with the Common Vulnerability Scoring System ...
sei.cmu

Rust Vulnerability Analysis and Maturity Challenges

Wassermann, G., and Svoboda, D., 2023: Rust Vulnerability Analysis and Maturity Challenges. Carnegie Mellon University, Software Engineering Institute's Insights ...
sei.cmu

Prioritizing Vulnerability Response: A Stakeholder-Specific Vulnerability Categorization (Version 2.0)

This paper presents version 2.0 of a testable Stakeholder-Specific Vulnerability Categorization (SSVC) that takes the form of decision trees and that avoids some problems with the Common Vulnerability ...