<?xml version="1.0" encoding="utf-8"?>
<feed xml:lang="en-us" xmlns="http://www.w3.org/2005/Atom"><title>SEI Blog</title><link href="http://www.sei.cmu.edu/feeds/latest/atom/?utm_source=blog&amp;utm_medium=rss" rel="alternate"/><link href="http://www.sei.cmu.edu/feeds/latest/atom/?utm_source=blog&amp;utm_medium=rss" rel="self"/><id>http://www.sei.cmu.edu/feeds/latest/atom/?utm_source=blog&amp;utm_medium=rss</id><updated>2026-06-23T00:00:00-04:00</updated><subtitle>Updates on changes and additions to the SEI Blog.</subtitle><entry><title>Software-Defined Warfare: Crossing the Chasm in Two Software Areas</title><link href="https://www.sei.cmu.edu/blog/software-defined-warfare-crossing-the-chasm-in-two-software-areas/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-06-23T00:00:00-04:00</published><updated>2026-06-23T00:00:00-04:00</updated><author><name>Paul Nielsen</name></author><id>https://www.sei.cmu.edu/blog/software-defined-warfare-crossing-the-chasm-in-two-software-areas/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">Software-defined warfare is today’s reality for national security, shifting the emphasis in military operations from hardware to software.</summary></entry><entry><title>Implementing Zero Trust in Operational Technology: A Practical Case Study</title><link href="https://www.sei.cmu.edu/blog/implementing-zero-trust-in-operational-technology-a-practical-case-study/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-06-16T00:00:00-04:00</published><updated>2026-06-16T00:00:00-04:00</updated><author><name>Rhonda Brown</name></author><id>https://www.sei.cmu.edu/blog/implementing-zero-trust-in-operational-technology-a-practical-case-study/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">Zero trust frameworks tailored to the unique requirements of OT systems are just beginning to emerge. The SEI is pioneering research into the application of zero trust principles within weapon system environments with embedded OT.</summary><category term="Zero Trust"/></entry><entry><title>The SEI CERT Coding Standard for Fortran</title><link href="https://www.sei.cmu.edu/blog/the-sei-cert-coding-standard-for-fortran/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-06-09T00:00:00-04:00</published><updated>2026-06-09T00:00:00-04:00</updated><author><name>David Svoboda</name></author><id>https://www.sei.cmu.edu/blog/the-sei-cert-coding-standard-for-fortran/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post describes our work on the SEI CERT Fortran Coding Standard, which provides a core of well-documented and enforceable coding guidelines for Fortran.</summary></entry><entry><title>Managing the Complexities of AI Adoption</title><link href="https://www.sei.cmu.edu/blog/managing-the-complexities-of-ai-adoption/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-06-01T00:00:00-04:00</published><updated>2026-06-01T00:00:00-04:00</updated><author><name>Ipek Ozkaya, John Haller, Carol Smith</name></author><id>https://www.sei.cmu.edu/blog/managing-the-complexities-of-ai-adoption/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">SEI researchers, in partnership with Accenture, studied how organizations can mature AI practices to bring clarity, structure, and consistency to AI adoption. This post outlines our findings.</summary></entry><entry><title>Expecting the Unexpected: Monitoring for Drift in ML Systems</title><link href="https://www.sei.cmu.edu/blog/expecting-the-unexpected-monitoring-for-drift-in-ml-systems/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-05-27T00:00:00-04:00</published><updated>2026-05-27T00:00:00-04:00</updated><author><name>Grant Schumock, Matt Walsh</name></author><id>https://www.sei.cmu.edu/blog/expecting-the-unexpected-monitoring-for-drift-in-ml-systems/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">Measures need to detect and respond to drift in ML systems before real-world harms are enacted. This post describes what causes drift and how to detect it.</summary></entry><entry><title>Managing Architectural Risk During Agile Development</title><link href="https://www.sei.cmu.edu/blog/managing-architectural-risk-during-agile-development/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-05-22T00:00:00-04:00</published><updated>2026-05-22T00:00:00-04:00</updated><author><name>Manuel Rosso-Llopart</name></author><id>https://www.sei.cmu.edu/blog/managing-architectural-risk-during-agile-development/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">By weighing the tradeoffs between design pattern attributes and quality attributes, software developers can identify architectural risks early and assess the system impacts of design decisions.</summary></entry><entry><title>The ELM Library: An LLM Evaluation Toolset</title><link href="https://www.sei.cmu.edu/blog/the-elm-library-an-llm-evaluation-toolset/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-05-06T00:00:00-04:00</published><updated>2026-05-06T00:00:00-04:00</updated><author><name>Violet Turri, Natalie Schieber, Charles Loughin, Tyler Brooks</name></author><id>https://www.sei.cmu.edu/blog/the-elm-library-an-llm-evaluation-toolset/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">To help teams meet the need for rigorous evaluation methods, researchers in SEI’s AI Division developed a library built on best practices for LLM evaluation and benchmarking.</summary></entry><entry><title>Data Poisoning in AI Models: The Case for Chain of Custody Controls</title><link href="https://www.sei.cmu.edu/blog/data-poisoning-in-ai-models-the-case-for-chain-of-custody-controls/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-04-27T00:00:00-04:00</published><updated>2026-04-27T00:00:00-04:00</updated><author><name>Renae Metcalf, Matt Churilla</name></author><id>https://www.sei.cmu.edu/blog/data-poisoning-in-ai-models-the-case-for-chain-of-custody-controls/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post explores data poisoning, which occurs when training data is modified to influence the performance of a model, and proposes cryptographic chain of custody as a mitigation.</summary><category term="Machine Learning"/><category term="AISIRT"/></entry><entry><title>Using Data and Data Analytics to Improve Cyber Resilience</title><link href="https://www.sei.cmu.edu/blog/using-data-and-data-analytics-to-improve-cyber-resilience/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-04-20T00:00:00-04:00</published><updated>2026-04-20T00:00:00-04:00</updated><author><name>Patsy Bulisco</name></author><id>https://www.sei.cmu.edu/blog/using-data-and-data-analytics-to-improve-cyber-resilience/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">Our post highlights the use of data analytics as a force multiplier for cyber resilience as well as best practices to help organizations gain situational awareness on their current security posture.</summary></entry><entry><title>From Reality to Virtual Reality: The Impact of 3DGS on Training, Education, and Beyond</title><link href="https://www.sei.cmu.edu/blog/from-reality-to-virtual-reality-the-impact-of-3dgs-on-training-education-and-beyond/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-03-25T00:00:00-04:00</published><updated>2026-03-25T00:00:00-04:00</updated><author><name>Roxxanne White, Matt Walsh, Dominic Ross, Richard Laughlin</name></author><id>https://www.sei.cmu.edu/blog/from-reality-to-virtual-reality-the-impact-of-3dgs-on-training-education-and-beyond/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This blog post describes cutting-edge method for creating digital models of the physical world called 3D Gaussian Splatting.</summary></entry><entry><title>Assessing the Feasibility and Advisability of a Civilian Cybersecurity Reserve</title><link href="https://www.sei.cmu.edu/blog/assessing-the-feasibility-and-advisability-of-a-civilian-cybersecurity-reserve/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-03-10T00:00:00-04:00</published><updated>2026-03-10T00:00:00-04:00</updated><author><name>Marie Baker</name></author><id>https://www.sei.cmu.edu/blog/assessing-the-feasibility-and-advisability-of-a-civilian-cybersecurity-reserve/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post highlights recent work by SEI researchers on behalf of the Department of War to assess the feasibility and advisability of a civilian cybersecurity reserve.</summary></entry><entry><title>The Five Pillars of Software Assurance in System Acquisition</title><link href="https://www.sei.cmu.edu/blog/the-five-pillars-of-software-assurance-in-system-acquisition/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-03-04T00:00:00-05:00</published><updated>2026-03-04T00:00:00-05:00</updated><author><name>Dr. Carol Woody, Christopher Alberts, Michael Bandor, Timothy A. Chick</name></author><id>https://www.sei.cmu.edu/blog/the-five-pillars-of-software-assurance-in-system-acquisition/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post presents five foundational capabilities to support the acquisition of a system with effective software assurance.</summary></entry><entry><title>An Approach to Accelerate Verification and Software Standards Testing with LLMs</title><link href="https://www.sei.cmu.edu/blog/an-approach-to-accelerate-verification-and-software-standards-testing-with-llms/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-02-09T00:00:00-05:00</published><updated>2026-02-09T00:00:00-05:00</updated><author><name>Ryan Karl, Yash Hindka, Shen Zhang, John Robert</name></author><id>https://www.sei.cmu.edu/blog/an-approach-to-accelerate-verification-and-software-standards-testing-with-llms/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post highlights the work of SEI researchers who sought to prove that LLMs can be used in unclassified environments to rapidly develop tools that could then be used to accelerate software analysis in classified environments.</summary></entry><entry><title>From Concept to Practice: How SSVC Has Evolved to Make Adoption Possible</title><link href="https://www.sei.cmu.edu/blog/from-concept-to-practice-how-ssvc-has-evolved-to-make-adoption-possible/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-01-28T00:00:00-05:00</published><updated>2026-01-28T00:00:00-05:00</updated><author><name>Renae Metcalf, Allen Householder, Vijay Sarvepalli</name></author><id>https://www.sei.cmu.edu/blog/from-concept-to-practice-how-ssvc-has-evolved-to-make-adoption-possible/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post traces the milestones of the Stakeholder Specific Vulnerability Categorization and invites the community to participate, contribute, and benefit from the continued maturation of SSVC.</summary></entry><entry><title>An Open Source Tool to Unravel UEFI and its Vulnerabilities</title><link href="https://www.sei.cmu.edu/blog/an-open-source-tool-to-unravel-uefi-and-its-vulnerabilities/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-01-22T00:00:00-05:00</published><updated>2026-01-22T00:00:00-05:00</updated><author><name>Vijay Sarvepalli, Renae Metcalf, Cory Cohen</name></author><id>https://www.sei.cmu.edu/blog/an-open-source-tool-to-unravel-uefi-and-its-vulnerabilities/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post introduces CERT UEFI Parser, a new, open source tool that uses program analysis to reveal the architecture of UEFI software, and explore this veiled source of vulnerabilities.</summary></entry><entry><title>Upskilling the Federal Cybersecurity Workforce</title><link href="https://www.sei.cmu.edu/blog/upskilling-the-federal-cybersecurity-workforce/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-01-20T00:00:00-05:00</published><updated>2026-01-20T00:00:00-05:00</updated><author><name>Christopher Herr</name></author><id>https://www.sei.cmu.edu/blog/upskilling-the-federal-cybersecurity-workforce/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post details how the SEI Cyber Mission Readiness Team, in partnership with CISA, developed a series of Skilling Continuation Labs to provide unique, hands-on, immersive training to upskill the federal cybersecurity workforce.</summary></entry><entry><title>The Top 10 Blog Posts of 2025</title><link href="https://www.sei.cmu.edu/blog/the-top-10-blog-posts-of-2025/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2026-01-12T00:00:00-05:00</published><updated>2026-01-12T00:00:00-05:00</updated><author><name>Thomas Longstaff</name></author><id>https://www.sei.cmu.edu/blog/the-top-10-blog-posts-of-2025/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">Every January on the SEI Blog, we present the 10 most-visited posts from the previous year.</summary></entry><entry><title>Analyzing Partially Encrypted Network Flows with Mid-Encryption</title><link href="https://www.sei.cmu.edu/blog/analyzing-partially-encrypted-network-flows-with-mid-encryption/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2025-12-15T00:00:00-05:00</published><updated>2025-12-15T00:00:00-05:00</updated><author><name>Steven Ibarra, Mark Thomas</name></author><id>https://www.sei.cmu.edu/blog/analyzing-partially-encrypted-network-flows-with-mid-encryption/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">Encrypted traffic has come to dominate network flows, which makes it difficult for traditional flow monitoring tools to maintain visibility. In this blog post we take a closer look at a new feature added to CERT’s Yet Another Flowmeter tool (YAF) to capture the attributes of encryption when it occurs after the start of the session. We call this mid-encryption.</summary></entry><entry><title>Tailoring 9 Zero Trust and Security Principles to Weapon Systems</title><link href="https://www.sei.cmu.edu/blog/tailoring-9-zero-trust-and-security-principles-to-weapon-systems/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2025-12-09T00:00:00-05:00</published><updated>2025-12-09T00:00:00-05:00</updated><author><name>Christopher Alberts, Timothy Morrow, Rhonda Brown, Charles Wallen</name></author><id>https://www.sei.cmu.edu/blog/tailoring-9-zero-trust-and-security-principles-to-weapon-systems/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">Our latest post outlines how 9 zero trust and security principles might apply to weapon systems.</summary></entry><entry><title>AI-Powered Memory Safety with the Pointer Ownership Model</title><link href="https://www.sei.cmu.edu/blog/ai-powered-memory-safety-with-the-pointer-ownership-model/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates" rel="alternate"/><published>2025-12-03T00:00:00-05:00</published><updated>2025-12-03T00:00:00-05:00</updated><author><name>David Svoboda, Lori Flynn</name></author><id>https://www.sei.cmu.edu/blog/ai-powered-memory-safety-with-the-pointer-ownership-model/?utm_source=blog&amp;utm_medium=rss&amp;utm_campaign=my_site_updates</id><summary type="html">This post highlights work to automate C Code Security with AI-Powered memory safety.</summary></entry></feed>