The SEI Digital Library provides access to more than 3,500 documents from three decades of research into best practices in software engineering. These documents include technical reports, presentations, webinars, podcasts and other materials searchable by user-supplied keywords and organized by topic, publication type, publication year, and author.
In this online download, the CERT Secure Coding Team describes the root causes of common software vulnerabilities, how they can be exploited, the potential consequences, and secure alternatives.
2015 SEI Year in Review
This report describes the Error Model Annex, Version 2 (EMV2), notation for architecture fault modeling, which supports safety, reliability, and security analyses.
This report describes a textual requirement specification language, called ReqSpec, for the Architecture Analysis & Design Language (AADL) and demonstrates its use.
DMPL is a language for programming distributed real-time, mixed-criticality software. It supports distributed systems in which each node executes a set of periodic real-time threads that are scheduled by priority and criticality.
In this podcast, Douglas Gray, a member of the CERT Cyber Risk Management team, discusses how to operationalize intelligence products to build operational resilience of organizational assets and services using IPOR.
In this podcast, Harry Levinson discusses the SEI’s work with the Air Force to further evolve the AF DCGS system using Agile techniques working in incremental, iterative approaches to deliver more frequent, more manageable deliveries of capability.
Art Manion and Allen Householder of CERT’s Vulnerability Analysis team, talk about threat modeling and its use in improving the security of the Internet of Things (IoT).
In this webinar, SEI researchers and an industry colleague discussed in two talks What Makes a Good Software Architect?
This webinar described a CISO organizational structure and functions for a typical large, diverse organization using input from CISOs, policies, frameworks, maturity models, standards, and codes of practice.
During this webinar we discussed the foundations of cyber situational awareness and how to apply situational awareness concepts to the cyber domain.