Since it was established in 1984 as a federally funded research and development center sponsored by the U.S. Department of Defense, the SEI has delivered innovative methods, tools, algorithms, and frameworks to meet current software and cybersecurity needs and provide a foundation for combating future ones.
In our role as a research leader, the SEI often produces technical work that bears fruit years later. For example, our pioneering work in software architecture led to the accepted understanding today that architecture determines the quality and longevity of a software system. And SEI experts closed gaps in network data collection and analysis by developing a suite of cybersecurity tools and a system that now provides traffic monitoring and protection throughout federal networks.
The stories below offer snapshots of the culture of innovation at the SEI as our researchers and engineers have investigated the nation's toughest problems in software and cybersecurity over the years.
You can also read these stories in the 2016 book History of Innovation at the SEI.
2022
DevSecOps Platform-Independent Model
The SEI created this first-of-its-kind model to help organizations in highly regulated environments implement DevSecOps securely using a model-based systems engineering approach.
Read More2021
SCAIFE: Secure Code Analysis for Continuous Integration
Read the Story2020
Crucible and GHOSTS: Enabling Realistic Cyber Simulations
The SEI released Crucible and GHOSTS, tools that help cyber simulation developers create simulated virtual environments and non-player characters (NPCs).
Read More2019
Foundry: A Training Asset Management Portal
Read the Story2018
Defining the Practice of Managing Technical Debt: From Research to Community
For a decade, the SEI has been at the forefront of shaping a definition of technical debt, forming and executing a research agenda applicable to government and industry, and cultivating a community of practice.
Read More2017
Helping Analysts Automate Reverse Engineering
Read the Story2017
Automating the Repair of Software Flaws
In 2017, CERT researchers developed tools to automatically detect and repair two common software-coding errors: integer overflows that lead to buffer overflow and reads of stale and potentially sensitive memory.
Read More2016
Contributing to Developing and Implementing the DoD Vulnerability Discovery Program
Read the Story2015
Enhancing Computing Power at the Edge
KD-Cloudlet, a tool for implementing tactical cloudlets, springs from years of research on cloud computing at the tactical edge. The SEI makes this tool freely available as part of its transition mission.
Read More2015
Creating a New Language to Verify Complex Systems
Read the Story2015
Integrating Early to Prevent Costly Problems
This research developed the SAE Architecture Analysis and Design Language standard in 2004, which was chosen for an aerospace initiative in 2008 and used to detect potential integration issues in the Joint Multi-Role helicopter program in 2015.
Read More2014
Taming Uncertainty in Software Cost Estimation
Read the Story2014
Enabling a Stronger Cyber Workforce
For more than 15 years, the SEI has been investing in developing platforms and courseware for DoD and government cyber warrior readiness.
Read More2014
Attacking Software Vulnerabilities
Read the Story2014
Building Capability to Defend Against Malware
To analyze malware, the SEI's CERT researchers have developed a suite of tools based on a framework called Pharos, which is built on top of Lawrence Livermore National Laboratory's ROSE compiler infrastructure.
Read More2011
Assessing Cyber Risk Readiness
Read the Story2009
Certifying the Software Architect Role
In 2009, the U.S. Army mandated that all PEOs appoint a chief software architect who had earned the Software Architecture Professional Certificate from the SEI (or equivalent).
Read More2009
Augmenting T&E with Assurance
Read the Story2009
Codifying Resilience Practice
After the 9/11 terror attacks, organizations sought greater operational resilience through security and business continuity. The SEI developed the CERT Resilience Management Model to improve operational resilience.
Read More2007
Strengthening Network Traffic Analysis
Read the Story2004
Leading the Growth of an Architectural Modeling Standard
From its focus on research in architectural modeling and analysis for safety- and mission-critical systems, the SEI became the technical lead for the SAE Architecture Analysis and Design Language standard.
Read More2003
Defining Non-Functional System Qualities
Read the Story2003
Standardizing More Secure Software
Since forming its Secure Coding Initiative in 2003, the SEI's CERT Division has analyzed and cataloged thousands of software vulnerabilities and discovered that many share the same coding errors.
Read More2002
Tailoring Risk Management Practice
Read the Story2001
Setting a Foundation for Software Architecture
The SEI's Simplex Architecture supports overall safety when a system is composed of components that vary in reliability and safety.
Read More2001
Changing Software Contractor Selection Criteria
Read the Story2000
Bringing Science to Insider Threat Mitigation
For nearly two decades, the SEI's CERT Division has focused on gathering and analyzing data about actual malicious insider acts and potential threats to U.S. critical infrastructures.
Read More2000
Enabling Large-Scale Network Flow Analysis
Read the Story1994
Evaluating System Architecture
To address the need to predict problems before a system has been built, the SEI pioneered the use of scenario-based methods to evaluate software architectures for modifiability and other qualities.
Read More1993
Meeting Real-Time Scheduling Needs
Read the Story1991
Transforming Software Quality Assessment
The SEI's publication of the Software Capability Maturity Model in 1991 provided an objective standard for software development and changed the view in government and industry about software quality.
Read More1990
Establishing a Basis for Software Reuse
Read the Story1989
Building the Master of Software Engineering Curriculum
During the early years of curriculum development in software engineering, the SEI held a workshop for leading software engineering educators to design a recommended curriculum for a software engineering degree.
Read More1988
Pointing the Way Toward a Software Architecture Discipline
Read the Story1988
Fostering Growth in Professional Cyber Incident Management
The Morris Worm disrupted the nascent Internet in 1988. In its aftermath, DARPA requested that the SEI create a computer emergency response team, and the CERT Coordination Center (CERT/CC) was born.
Read More