The twelve foundational practices for decision makers describe the groundwork for turning AI capability into mission value.

Metcalf, R., and Churilla, M., 2026: Data Poisoning in AI Models: The Case for Chain of Custody Controls. Carnegie Mellon University, Software Engineering Institute's ...

Ozkaya, I., and Schmidt, D., 2024: Generative AI and Software Engineering Education. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...

This brochure provides an overview of Crucible, which provides AI-powered, open source cyber ranges for operations in the information environment. Crucible aims to be both simple and powerful, highly ...

The core ideas of the SEI's AI Engineering: 11 Foundational Practices have remained relevant since its publication in 2019, but the practice of building, using, and deploying AI has changed ...

Since our foundation in 1984, we have helped the Department of War (DoW), government agencies, and private industry meet mission goals and gain strategic advantage by innovating and advancing the ...

Gregory Touhill, CERT Division Director, and Matthew Butkovic, technical director of cyber risk and resilience, co-authored tools for corporate boards dealing with quantum computing, AI, and other ...

The Architecture Tradeoff Analysis Method (ATAM) is a method for evaluating software architectures relative to quality attribute goals. ATAM evaluations expose architectural risks that potentially ...

Wassermann, G., and Svoboda, D., 2023: Rust Vulnerability Analysis and Maturity Challenges. Carnegie Mellon University, Software Engineering Institute's Insights ...

Software is vital to our country’s global competitiveness, innovation, and national security. It also ensures our modern standard of living and enables continued advances in defense, infrastructure, ...

This paper presents version 2.0 of a testable Stakeholder-Specific Vulnerability Categorization (SSVC) that takes the form of decision trees and that avoids some problems with the Common Vulnerability ...