sei.cmu

Software Isolation: Why It Matters to Software Evolution and Why Everybody Puts It Off

Benitez Preciado, M., 2023: Software Isolation: Why It Matters to Software Evolution and Why Everybody Puts It Off. Carnegie Mellon University, Software Engineering ...
sei.cmu

How Easy Is It to Make and Detect a Deepfake?

Bernaciak, C., and Ross, D., 2022: How Easy Is It to Make and Detect a Deepfake?. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Using ChatGPT to Analyze Your Code? Not So Fast

Sherman, M., 2024: Using ChatGPT to Analyze Your Code? Not So Fast. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed October 15 ...
sei.cmu

Probably Don’t Rely on EPSS Yet

Spring, J., 2022: Probably Don’t Rely on EPSS Yet. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed October 14, 2025, https ...
sei.cmu

Rust Vulnerability Analysis and Maturity Challenges

Wassermann, G., and Svoboda, D., 2023: Rust Vulnerability Analysis and Maturity Challenges. Carnegie Mellon University, Software Engineering Institute's Insights ...
sei.cmu

CMMI for Development: Guidelines for Process Integration and Product Improvement, 3rd Edition

This book describes best practices for the development and maintenance of products and services across their lifecycle. By integrating essential bodies of knowledge, CMMI-DEV provides a single, ...
sei.cmu

Acquisition Archetypes Seen in the Wild, DevSecOps Edition: Clinging to the Old Ways

Novak, W., 2023: Acquisition Archetypes Seen in the Wild, DevSecOps Edition: Clinging to the Old Ways. Carnegie Mellon University, Software Engineering Institute's ...
sei.cmu

Architecting the Future of Software Engineering: A National Agenda for Software Engineering Research & Development

Software is vital to our country’s global competitiveness, innovation, and national security. It also ensures our modern standard of living and enables continued advances in defense, infrastructure, ...
sei.cmu

2000 CERT Advisories

CERT/CC advisories are now part of the US-CERT National Cyber Awareness System. We provide these advisories, published by year, for historical purposes. This report details the description, impact, ...
sei.cmu

Ultra-Large-Scale Systems: The Software Challenge of the Future

Ultra-Large-Scale Systems: The Software Challenge of the Future is the product of a 12-month study of ultra-large-scale (ULS) systems software. The study brought together experts in software and other ...
sei.cmu

A Hitchhiker’s Guide to ML Training Infrastructure

Palat, J., 2022: A Hitchhiker’s Guide to ML Training Infrastructure. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed October ...
sei.cmu

A Hybrid Threat Modeling Method

In FY 2016, the research team evaluated Security Cards, STRIDE (Spoofing identity, Tampering with data, Repudiation, Information disclosure, Denial of service, Elevation of privilege), and persona non ...