Software Engineering Institute

Maturing AI Adoption: From Chaos to Consistency

Our latest podcast highlights an AI Adoption Maturity Model that organizations can use to create a roadmap for predictable AI adoption and realization of AI benefits.
sei.cmu

7 Recommendations to Improve SBOM Quality

Tobar, D., Jamieson, J., Priest, M., and Fricke, J., 2025: 7 Recommendations to Improve SBOM Quality. Carnegie Mellon University, Software Engineering Institute's ...
sei.cmu

DataOps: Towards More Reliable Machine Learning Systems

DeCapria, D., 2025: DataOps: Towards More Reliable Machine Learning Systems. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed ...
sei.cmu

Introducing MLTE: A Systems Approach to Machine Learning Test and Evaluation

Derr, A., Echeverría, S., Maffey, K., and Lewis, G., 2025: Introducing MLTE: A Systems Approach to Machine Learning Test and Evaluation. Carnegie Mellon University ...
sei.cmu

Using LLMs to Adjudicate Static-Analysis Alerts

Software analysts use static analysis as a standard method to evaluate the source code for potential vulnerabilities, but the volume of findings is often too large to review in their entirety, causing ...
sei.cmu

Introduction to MLOps: Bridging Machine Learning and Operations

DeCapria, D., 2024: Introduction to MLOps: Bridging Machine Learning and Operations. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

An Introduction to Model-Based Systems Engineering (MBSE)

Shevchenko, N., 2024: An Introduction to Model-Based Systems Engineering (MBSE). Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Measurement Challenges in Software Assurance and Supply Chain Risk Management

Mead, N., Woody, D., and Hissam, S., 2024: Measurement Challenges in Software Assurance and Supply Chain Risk Management. Carnegie Mellon University, Software ...
sei.cmu

Independent Verification & Validation (IV&V) for Agile Developed Projects

This IEEE publication highlights an Agile approach to Independent Verification and Validation (IV&V) which can be particularly useful for projects using an Agile development methodology. Independent ...
sei.cmu

Using Large Language Models in the National Security Realm

Shannon Gallagher discusses findings and recommendations from the Mayflower Project and provides additional background information about LLMs and how they can be engineered for national security use.
sei.cmu

10 Lessons in Security Operations and Incident Management

Ruefle, R., 2024: 10 Lessons in Security Operations and Incident Management. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed ...
sei.cmu

Insider Threat Program Evaluation

The Insider Threat Program Evaluation (ITPE) is an evidence-based, capability-level assessment. The ITPE is designed to benchmark an organization's insider threat program against a reference model ...