Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
Leading and advancing software and cybersecurity to solve the nation's toughest problems

Research and Publications

  • A Technical History of the SEI This report chronicles the technical accomplishments of the Software Engineering Institute and its impact on the Department of Defense software community, as well as on the broader software engineering community. Special Report - 01/06/2017
  • SQUARE Frequently Asked Questions (FAQ) This paper contains information about SQUARE, a process that helps organizations build security into the early stages of the software production lifecycle. White Paper - 01/05/2017
  • Using Malware Analysis to Identify Overlooked Security Requirements (MORE) In this presentation, Nancy Mead explains how malware analysis can be used effectively to identify otherwise overlooked security requirements. Presentation - 01/03/2017
  • Architecture-Led Safety Process Architecture-Led Safety Analysis (ALSA) is a safety analysis method that uses early architecture knowledge to supplement traditional safety analysis techniques to identify faults as early as possible. Technical Report - 12/21/2016


Learn More About the SEI:


  • SEI's Trzeciak Discusses CERT, Cyburgh, PA Initiative with Pittsburgh Post-Gazette
    Media Coverage - 02/05/2016


  • Software Solutions Symposium 2017
    The Software Solutions Symposium is a forum for learning about emerging technologies and practical solutions that you can apply today for help with systemic software issues such as assurance, cost, and schedule.
    Conferences - 03/20/2017




Establishing Trust in the Wireless Emergency Alerts Service

Security Modeling Tools

In this podcast, Julien Delange discusses security modeling tools that his team developed and how to use them to capture vulnerabilities and their propagation path in an architecture. Podcast - 01/12/2017
Establishing Trust in the Wireless Emergency Alerts Service

Best Practices for Preventing and Responding to Distributed Denial of Service (DDoS) Attacks

In this podcast, CERT researcher Rachel Kartch provides an overview of DDoS attacks and best practices for mitigating and responding to them. Podcast - 12/19/2016
Establishing Trust in the Wireless Emergency Alerts Service

Cyber Security Engineering for Software and Systems Assurance

In this podcast Nancy Mead and Carol Woody discuss their new book, Cyber Security Engineering: A Practical Approach for Systems and Software Assurance, which introduces a set of seven principles for software assurance. Podcast - 12/08/2016