Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
Leading and advancing software and cybersecurity to solve the nation's toughest problems

Research and Publications

  • The CISO Academy In this paper, the authors describe the project that led to the creation of the U.S. Postal Service's CISO Academy. White Paper - 02/23/2017
  • Supply Chain and Commercial-off-the-Shelf (COTS) Assurance The Software Engineering Institute can help your organization apply techniques to reduce software supply chain risk. White Paper - 01/24/2017
  • COTS-Based Systems This paper presents a summary of SEI commercial off-the-shelf (COTS) software documents and COTS tools. White Paper - 01/24/2017
  • SQUARE Frequently Asked Questions (FAQ) This paper contains information about SQUARE, a process that helps organizations build security into the early stages of the software production lifecycle. White Paper - 01/05/2017


Learn More About the SEI:


  • Trzeciak discusses new edition of Common Sense Guide to Mitigating Insider Threats
    Media Coverage - 02/16/2017


  • Software Solutions Symposium 2017
    The Software Solutions Symposium is a forum for learning about emerging technologies and practical solutions that you can apply today for help with systemic software issues such as assurance, cost, and schedule.
    Conferences - 03/20/2017




Establishing Trust in the Wireless Emergency Alerts Service

Three Roles and Three Failure Patterns of Software Architects

This podcast explores three roles and three failure patterns of software architects that he has observed working with industry and government software projects. Podcast - 01/26/2017
Establishing Trust in the Wireless Emergency Alerts Service

Security Modeling Tools

In this podcast, Julien Delange discusses security modeling tools that his team developed and how to use them to capture vulnerabilities and their propagation path in an architecture. Podcast - 01/12/2017
Establishing Trust in the Wireless Emergency Alerts Service

Best Practices for Preventing and Responding to Distributed Denial of Service (DDoS) Attacks

In this podcast, CERT researcher Rachel Kartch provides an overview of DDoS attacks and best practices for mitigating and responding to them. Podcast - 12/19/2016