search menu icon-carat-right cmu-wordmark

Software Engineering and Information Assurance, a Primer

These materials are intended to provide an introduction to SEI technical work in its software engineering and information assurance technical area.


Software Engineering Institute

The SEI categorizes its R&D and customer work in technical areas, one of which is SE&IA. Through SE&IA work, we provide technologies to enable those acquiring, developing, operating, or maintaining software-based capabilities to design-in assurance, reduce the attack surface, and increase resilience across the lifecycle yielding increased capability, more quickly, for reduce

SEI Cyber Minute: Enhancing Malware Analysis with AI

April 2017

Watch Elli Kanal in this SEI Cyber Minute as he discusses "Enhancing Malware Analysis with AI".

The QUELCE Method: Using Change Drivers to Estimate Program Costs

August 2016

This technical note introduces Quantifying Uncertainty in Early Lifecycle Cost Estimation (QUELCE), a method for estimating program costs early in development.

A Dynamic Model of Sustainment Investment

February 2015

This paper describes a dynamic sustainment model that shows how budgeting, allocation of resources, mission performance, and strategic planning are interrelated and how they affect each other over time.

Practical Considerations in Adopting Agile/Lean in Government Settings

July 2017

This webinar summarizes much of what the SEI has learned in its eight years of researching and facilitating adoption of Agile and Lean methods in software-reliant systems in government.

SEI Cyber Minute: Secure Coding Standards

August 2017

Watch Bob Schiela as he decribes how SEI Secure Coding Standards have codified best practices for properly using features of specific languages to avoid security flaws in your software, thus reducing vulnerabilities.

SCALe: Evaluating Source Code for Adherence to Secure Coding Standards

August 2017

SCALe help analysts be more efficient and effective at auditing source code for security flaws.

The CERT Software Assurance Framework

August 2017

In this podcast, Carol Woody and Christopher Alberts introduce the prototype Software Assurance Framework, a collection of cybersecurity practices that programs can apply across the acquisition lifecycle and supply chain.

Managing Technical Debt in Complex Software Systems

December 2016

This brochure describes the SEI's approach to make technical debt visible, determine what type of debt a project has, and integrate debt into project planning.

Vulnerability Discovery

November 2016

Overall aim is to increase assurance of DoD software through enhanced vulnerability discovery techniques