Software Engineering Institute

Kubernetes (k8s) in the Air Gap

April 15, 2025 • White Paper

By Matthew Heckathorn, Maxwell Trdina

This paper explains how the act of mirroring the required container images for a k8s deployment in the air gap has become increasingly simplified in the past few years.

DOWNLOAD this paper explains how the act of mirroring the required container images for a k8s deployment in the air gap has become increasingly simplified in the past few years. DevSecOps 2025

Center for Calibrated Trust Measurement and Evaluation (CaTE)—Guidebook for the Development and TEVV of LAWS to Promote Trustworthiness

April 11, 2025 • White Paper

By Christopher Fairfax, Daniel Justice, Tyler Brooks, Andrew O. Mellinger

This guidebook supports personnel in the development and testing of autonomous weapon systems that employ ML, focusing on system reliability and operator trust.

DOWNLOAD this guidebook supports personnel in the development and testing of autonomous weapon systems that employ ml, focusing on system reliability and operator trust. Artificial Intelligence Engineering,Artificial Intelligence 2025

Reference Architecture for Assuring Ethical Conduct in LAWS

April 11, 2025 • White Paper

By Andrew O. Mellinger, Tyler Brooks, Eric Heim, Andrew Schellenberg Charles Loughin Emily Newman

This reference architecture provides guidance to reason about designing and developing ML-enabled autonomous systems that have the capability to use lethal force.

DOWNLOAD this reference architecture provides guidance to reason about designing and developing ml-enabled autonomous systems that have the capability to use lethal force. Artificial Intelligence Engineering,Artificial Intelligence 2025

Key Takeaways from Zero Trust Industry Day 2024

April 3, 2025 • White Paper

By Patsy Bulisco Rhonda Brown

This paper describes key takeaways from Zero Trust Industry Day 2024.

DOWNLOAD this paper describes key takeaways from zero trust industry day 2024. Zero Trust 2025

AI Hygiene Starts with Models and Data Loaders

March 13, 2025 • White Paper

By Renae Metcalf, Shing-hon Lau, Mahmoud Shabana, Matt Churilla

This paper places a call to action for traditional cybersecurity tools and techniques to be applied to artificial intelligence (AI) for improving the cybersecurity of AI systems.

DOWNLOAD this paper places a call to action for traditional cybersecurity tools and techniques to be applied to artificial intelligence (ai) for improving the cybersecurity of ai systems. Artificial Intelligence Engineering,Cybersecurity Engineering 2025

Security Engineering Framework (SEF): Managing Security and Resilience Risks Across the Systems Lifecycle

December 12, 2024 • Special Report

By Carol Woody, Christopher J. Alberts, Tom Merendino, Michael S. Bandor, Charles M. Wallen

The SEF is a collection of software-focused engineering practices for managing security and resilience risks across the systems lifecycle.

DOWNLOAD the sef is a collection of software-focused engineering practices for managing security and resilience risks across the systems lifecycle. Security Vulnerabilities,Risk,Cyber Risk and Resilience Management 2024

Dangers of AI for Insider Risk Evaluation (DARE)

November 19, 2024 • White Paper

By Austin Whisnant

This paper describes the challenges and pitfalls of using artificial intelligence for insider risk analysis and how to thoughtfully and efficiently use AI to find insider threats.

DOWNLOAD this paper describes the challenges and pitfalls of using artificial intelligence for insider risk analysis and how to thoughtfully and efficiently use ai to find insider threats. Risk,Measurement and Analysis,Insider Threat 2024

Assurance Evidence of Continuously Evolving Real-Time Systems (ASERT) Workshop 2024

November 15, 2024 • Special Report

By Bjorn Andersson, Dionisio de Niz, Ronald Koontz (Boeing Company), Mark H. Klein, John Lehoczky (Carnegie Mellon University), Floyd Fazi (Lockheed Martin Corporation), Jonathan Preston (Lockheed Martin Corporation), Hyoseung Kim (University of California, Riverside), Daniel Shapiro (Institute of Defense Analysis), George Romanski (Federal Aviation Administration)

This report summarizes the analysis of the Taiwanese flight CI202 incident from 2020 as well as ideas for future work for ASERT presented at its 2024 workshop.

DOWNLOAD this report summarizes the analysis of the taiwanese flight ci202 incident from 2020 as well as ideas for future work for asert presented at its 2024 workshop. Assurance Cases 2024

Leveraging LLMs for Data Coding

November 4, 2024 • White Paper

By Declan Kutscher, Austin Whisnant

In this paper, we investigate the usefulness and design methodology of applying large language models (LLMs) to improve and automate the process of coding case data. We introduce tools to …

DOWNLOAD in this paper, we investigate the usefulness and design methodology of applying large language models (llms) to improve and automate the process of coding case data. we introduce tools to guide llms to assist in this coding process. Insider Threat,Artificial Intelligence Engineering,Incident Management 2024

Self-Assessment in Training and Exercise

October 24, 2024 • Technical Report

By Sean Huff, John Yarger, Dustin D. Updyke, Thomas G. Podnar

In this report, the authors introduce an approach to performance evaluation that focuses on self-assessment.

DOWNLOAD in this report, the authors introduce an approach to performance evaluation that focuses on self-assessment. Cyber Workforce Development 2024