search menu icon-carat-right cmu-wordmark

Publications

The SEI provides access to more than 5,000 documents from three decades of research on best practices in software engineering. These documents include technical reports, presentations, webinars, podcasts, blogs, and other searchable materials. You can search our database to find publications that span the SEI's history as well as current research.

SEI Digital Library

Our digital library holds over 30 years of publications that you can browse by topic, author, and publication type.

Browse Digital Library

New in Publications

Using Value Engineering to Propel Cyber-Physical Systems Acquisition

Using Value Engineering to Propel Cyber-Physical Systems Acquisition

May 14, 2021 • Conference Paper
Alfred SchenkerNickolas Guertin

This paper was initially presented at the 18th annual Acquisition Research Symposium, hosted by the Naval Postgraduate School in May 2021.

read
How Do We Teach Cybersecurity?

How Do We Teach Cybersecurity?

May 12, 2021 • Webinar
Rotem D. GuttmanJosh Hammerstein

Rotem Guttman shares the lessons he’s learned over a decade of developing engaging, immersive training and evaluation environments.

watch
How I Learned to Stop Worrying and Love SLAs

How I Learned to Stop Worrying and Love SLAs

May 11, 2021 • Webinar
Matthew J. Butkovic

In this webcast, Matt Butkovic and Alan Levin discuss how cybersecurity SLAs are vital to the success of third-party relationships and a core component of sound governance.

watch
Software Assurance Guidance and Evaluation (SAGE) Tool

Software Assurance Guidance and Evaluation (SAGE) Tool

May 03, 2021 • White Paper
Ebonie McNeilHasan YasarRobert Schiela

The Software Assurance Guidance and Evaluation (SAGE) tool helps an organization assess the security of its systems development and operations practices.

read
Prioritizing Vulnerability Response: A Stakeholder-Specific Vulnerability Categorization (Version 2.0)

Prioritizing Vulnerability Response: A Stakeholder-Specific Vulnerability Categorization (Version 2.0)

April 30, 2021 • White Paper
Jonathan SpringAllen D. HouseholderEric Hatleback

This paper presents version 2.0 of a testable Stakeholder-Specific Vulnerability Categorization (SSVC) that takes the form of decision trees and that avoids some problems with the Common Vulnerability Scoring System (CVSS).

read
My Story in Computing with Dave Zubrow

My Story in Computing with Dave Zubrow

April 29, 2021 • Podcast
David Zubrow

David Zubrow discusses his career journey, which led from a PhD in applied history and social sciences to his role as a manager and technical leader at the SEI.

learn more