Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
Leading and advancing software and cybersecurity to solve the nation's toughest problems

Research and Publications

  • Cyber Mutual Assistance Workshop Report The Army Cyber Institute hosted a Cyber Mutual Assistance Workshop to identify challenges in defining cyber requirements for Regional Mutual Assistance Groups. Special Report - 02/13/2018
  • SEI Product Line Bibliography This bibliography lists SEI and non-SEI resources that have informed the SEI Product Lines efforts. Examples cover diverse domains and show the kind of improvements you can achieve using a product line approach. White Paper - 02/13/2018
  • Cyber Hygiene: A Baseline Set of Practices The CERT Division's Cybersecurity Hygiene is a set of 11 practice areas for managing the most common and pervasive cybersecurity risks faced by organizations. Presentation - 11/15/2017
  • Why does Software Cost so Much? Towards a Causal Model Presentation on research to build an actionable, full causal model of software cost factors that is immediately useful to DoD programs and contract negotiators Presentation - 10/30/2017


Learn More About the SEI:


  • CERT Division's Summer Fowler: Equifax data breach — here's what we can learn from it
    Media Coverage - 09/13/2017


  • Agile and DevOps: Your Questions. Our Answers.
    Join us for this lively discussion in which we will answer attendee questions on all things Agile and DevOps.
    Webinar - 03/02/2018

  • Software and Cyber Solutions Symposium 2018: Agile and DevOps
    This one-day symposium will explore the challenges and realities in acquiring/developing software solutions that meet requirements, are delivered on time and within budget, and are dependable, supportable, and resilient to cyber attack.
    Conferences - 03/27/2018

  • SATURN 2018
    The SATURN Conference brings together an international audience of practicing software architects, industry thought leaders, developers, technical managers, and researchers to share ideas, insights, and experience about effective architecture-centric practices for developing and maintaining software-intensive systems.
    Conferences - 05/07/2018




Establishing Trust in the Wireless Emergency Alerts Service

How Risk Management Fits into Agile & DevOps in Government

In this podcast, Eileen Wrubel, technical lead for the SEI’s Agile-in-Government program leads a roundtable discussion into how Agile, DevOps, and the Risk Management Framework can work together. Podcast - 02/01/2018
Establishing Trust in the Wireless Emergency Alerts Service

5 Best Practices for Preventing and Responding to Insider Threat

Randy Trzeciak, technical manager of the CERT National Insider Threat Center, discusses five best practices for preventing and responding to insider threat. Podcast - 12/28/2017
Establishing Trust in the Wireless Emergency Alerts Service

Pharos Binary Static Analysis: An Update

Jeff Gennari discusses updates to the Pharos framework, which automates reverse engineering of malware analysis, including new tools, improvements, and bug fixes. Podcast - 12/12/2017