Carnegie Mellon University

History of Innovation

Established by the Department of Defense (DoD) in 1984, the Software Engineering Institute (SEI) began operation in early 1985. Since then, the SEI has shown that it both anticipates and responds to DoD challenges efficiently, effectively, and thoroughly through excellence in research, development, and deployment (RD&D) and technology transition practices.

Going forward, when the DoD seeks answers to incorporate quantum computing, greater automation, more and better approaches for cybersecurity, and to address a host of other over-the-horizon needs, the SEI will be there, too, continuing to ensure that software is a strategic advantage for the DoD.

The stories below offer snapshots of the culture of innovation at the SEI as our researchers and engineers have worked to advance software for national security.

You can also read these stories in the 2025 book History of Innovation at the SEI.

2024

AI for Autonomy Lab

In 2024, the SEI announced the formally established AI for Autonomy Lab to enable expert researchers to study and demonstrate how AI and ML technologies can be used responsibly in autonomous systems.

Read More

2023

Artificial Intelligence Security Incident Response Team (AISIRT)

2022

DevSecOps Platform-Independent Model

The SEI created this first-of-its-kind model to help organizations in highly regulated environments implement DevSecOps securely using a model-based systems engineering approach.

Read More

2021

SCAIFE: Secure Code Analysis for Continuous Integration

2020

Crucible and GHOSTS: Enabling Realistic Cyber Simulations

The SEI released Crucible and GHOSTS, tools that help cyber simulation developers create simulated virtual environments and non-player characters (NPCs).

Read More

2019

Foundry: A Training Asset Management Portal

2018

Defining the Practice of Managing Technical Debt: From Research to Community

For a decade, the SEI has been at the forefront of shaping a definition of technical debt, forming and executing a research agenda applicable to government and industry, and cultivating a community of practice.

Read More

2017

Helping Analysts Automate Reverse Engineering

2017

Automating the Repair of Software Flaws

In 2017, CERT researchers developed tools to automatically detect and repair two common software-coding errors: integer overflows that lead to buffer overflow and reads of stale and potentially sensitive memory.

Read More

2016

Contributing to Developing and Implementing the DoD Vulnerability Discovery Program

2015

Enhancing Computing Power at the Edge

KD-Cloudlet, a tool for implementing tactical cloudlets, springs from years of research on cloud computing at the tactical edge. The SEI makes this tool freely available as part of its transition mission.

Read More

2015

Creating a New Language to Verify Complex Systems

2015

Integrating Early to Prevent Costly Problems

This research developed the SAE Architecture Analysis and Design Language standard in 2004, which was chosen for an aerospace initiative in 2008 and used to detect potential integration issues in the Joint Multi-Role helicopter program in 2015.

Read More

2014

Taming Uncertainty in Software Cost Estimation

2014

Enabling a Stronger Cyber Workforce

For more than 15 years, the SEI has been investing in developing platforms and courseware for DoD and government cyber warrior readiness.

Read More

2014

Attacking Software Vulnerabilities

2014

Building Capability to Defend Against Malware

To analyze malware, the SEI's CERT researchers have developed a suite of tools based on a framework called Pharos, which is built on top of Lawrence Livermore National Laboratory's ROSE compiler infrastructure.

Read More

2011

Assessing Cyber Risk Readiness

2009

Certifying the Software Architect Role

In 2009, the U.S. Army mandated that all PEOs appoint a chief software architect who had earned the Software Architecture Professional Certificate from the SEI (or equivalent).

Read More

2009

Augmenting T&E with Assurance

2009

Codifying Resilience Practice

After the 9/11 terror attacks, organizations sought greater operational resilience through security and business continuity. The SEI developed the CERT Resilience Management Model to improve operational resilience.

Read More

2007

Strengthening Network Traffic Analysis

2004

Leading the Growth of an Architectural Modeling Standard

From its focus on research in architectural modeling and analysis for safety- and mission-critical systems, the SEI became the technical lead for the SAE Architecture Analysis and Design Language standard.

Read More

2003

Defining Non-Functional System Qualities

2003

Standardizing More Secure Software

Since forming its Secure Coding Initiative in 2003, the SEI's CERT Division has analyzed and cataloged thousands of software vulnerabilities and discovered that many share the same coding errors.

Read More

2002

Tailoring Risk Management Practice

2001

Setting a Foundation for Software Architecture

The SEI's Simplex Architecture supports overall safety when a system is composed of components that vary in reliability and safety.

Read More

2001

Changing Software Contractor Selection Criteria

2000

Bringing Science to Insider Threat Mitigation

For nearly two decades, the SEI's CERT Division has focused on gathering and analyzing data about actual malicious insider acts and potential threats to U.S. critical infrastructures.

Read More

2000

Enabling Large-Scale Network Flow Analysis

1994

Evaluating System Architecture

To address the need to predict problems before a system has been built, the SEI pioneered the use of scenario-based methods to evaluate software architectures for modifiability and other qualities.

Read More

1993

Meeting Real-Time Scheduling Needs

1991

Transforming Software Quality Assessment

The SEI's publication of the Software Capability Maturity Model in 1991 provided an objective standard for software development and changed the view in government and industry about software quality.

Read More

1990

Establishing a Basis for Software Reuse

1989

Building the Master of Software Engineering Curriculum

During the early years of curriculum development in software engineering, the SEI held a workshop for leading software engineering educators to design a recommended curriculum for a software engineering degree.

Read More

1988

Pointing the Way Toward a Software Architecture Discipline

1988

Fostering Growth in Professional Cyber Incident Management

The Morris Worm disrupted the nascent Internet in 1988. In its aftermath, DARPA requested that the SEI create a computer emergency response team, and the CERT Coordination Center (CERT/CC) was born.

Read More