sei.cmu

Transfer of Personal Information Between Countries

Carnegie Mellon University - Software Engineering Institute (“SEI”) is a global institution with operations, campuses, partnerships, and instructional sites in multiple countries. These include the ...
sei.cmu

AI-Powered Memory Safety with the Pointer Ownership Model

Svoboda, D., and Flynn, L., 2025: AI-Powered Memory Safety with the Pointer Ownership Model. Carnegie Mellon University, Software Engineering Institute's Insights ...
sei.cmu

SEI Study on Defense Department DevSecOps Finds Excellence and Opportunities

May 12, 2025—DevSecOps practices foster collaboration among software development, security, and operations teams to build, test, and release software quickly and reliably. A high-stakes, high-security ...
sei.cmu

Introducing MLTE: A Systems Approach to Machine Learning Test and Evaluation

Derr, A., Echeverría, S., Maffey, K., and Lewis, G., 2025: Introducing MLTE: A Systems Approach to Machine Learning Test and Evaluation. Carnegie Mellon University ...
sei.cmu

Using LLMs to Adjudicate Static-Analysis Alerts

Software analysts use static analysis as a standard method to evaluate the source code for potential vulnerabilities, but the volume of findings is often too large to review in their entirety, causing ...
sei.cmu

Security Engineering Framework (SEF): Managing Security and Resilience Risks Across the Systems Lifecycle

Software is a growing component of modern business- and mission-critical systems. As a result, software assurance is becoming increasingly important to organizations across all sectors. A key aspect ...
sei.cmu

Introduction to MLOps: Bridging Machine Learning and Operations

DeCapria, D., 2024: Introduction to MLOps: Bridging Machine Learning and Operations. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

An Introduction to Model-Based Systems Engineering (MBSE)

Shevchenko, N., 2024: An Introduction to Model-Based Systems Engineering (MBSE). Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Generative AI and Software Engineering Education

Ozkaya, I., and Schmidt, D., 2024: Generative AI and Software Engineering Education. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Lessons Learned in Coordinated Disclosure for Artificial Intelligence and Machine Learning Systems

In this paper, SEI researchers incorporate several lessons learned from the coordination of artificial intelligence (AI) and machine learning (ML) vulnerabilities at the SEI’s CERT Coordination Center ...
sei.cmu

Application Programming Interface (API) Vulnerabilities and Risks

This report describes 11 common vulnerabilities and 3 risks related to application programming interfaces, providing suggestions about how to fix or reduce their impact. Application programming ...
sei.cmu

Applying Large Language Models to DoD Software Acquisition: An Initial Experiment

Schmidt, D., and Robert, J., 2024: Applying Large Language Models to DoD Software Acquisition: An Initial Experiment. Carnegie Mellon University, Software Engineering ...