sei.cmu

Advancing Software for National Security

Since our foundation in 1984, we have helped the Department of War (DoW), government agencies, and private industry meet mission goals and gain strategic advantage by innovating and advancing the ...
sei.cmu

Weaknesses and Vulnerabilities in Modern AI: Integrity, Confidentiality, and Governance

Scherlis, B., 2024: Weaknesses and Vulnerabilities in Modern AI: Integrity, Confidentiality, and Governance. Carnegie Mellon University, Software Engineering ...
sei.cmu

Four Types of Shift Left Testing

Firesmith, D., 2015: Four Types of Shift Left Testing. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed April 16, 2026, https ...
sei.cmu

Application of Large Language Models (LLMs) in Software Engineering: Overblown Hype or ...

Ozkaya, I., Carleton, A., Robert, J., and Schmidt, D., 2023: Application of Large Language Models (LLMs) in Software Engineering: Overblown Hype or Disruptive Change ...
Software Engineering Institute

SEI CERT Division Leadership Lends Emerging Technology Insights to Cyber-Risk Oversight ...

Gregory Touhill, CERT Division Director, and Matthew Butkovic, technical director of cyber risk and resilience, co-authored tools for corporate boards dealing with quantum computing, AI, and other ...
sei.cmu

Six Best Practices for Securing a Robust Domain Name System (DNS) Infrastructure

Langston, M., 2017: Six Best Practices for Securing a Robust Domain Name System (DNS) Infrastructure. Carnegie Mellon University, Software Engineering Institute's ...
sei.cmu

Tactics and Patterns for Software Robustness

Kazman, R., 2022: Tactics and Patterns for Software Robustness. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed April 16, 2026 ...
sei.cmu

The 13 Key Elements of an Insider Threat Program

Costa, D., and Trzeciak, R., 2023: The 13 Key Elements of an Insider Threat Program. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

The DevSecOps Capability Maturity Model

Chick, T., Frye, B., and Reffett, A., 2025: The DevSecOps Capability Maturity Model. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 ...

Complete the form below to register and download a free online copy of SEI CERT C Coding Standard: Rules for Developing Safe, Reliable, and Secure Systems (2016 Edition). Writing secure C code helps ...
sei.cmu

Software Architecture

The software architecture of a system represents the design decisions related to overall system structure and behavior. Architecture helps stakeholders understand and analyze how the system will ...
sei.cmu

Security Vulnerabilities

Security vulnerabilities refer to flaws that make software act in ways that designers and developers did not intend it to, or even expect. Research in vulnerability analysis aims to improve ways of ...