sei.cmu

10 Benefits and 10 Challenges of Applying Large Language Models to DoD Software Acquisition

Robert, J., and Schmidt, D., 2024: 10 Benefits and 10 Challenges of Applying Large Language Models to DoD Software Acquisition. Carnegie Mellon University, Software ...
sei.cmu

Ping Sweeping in IPv6

Giobbi, R., 2008: Ping Sweeping in IPv6. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed October 9, 2025, https://www.sei.cmu ...
sei.cmu

Probably Don’t Rely on EPSS Yet

Spring, J., 2022: Probably Don’t Rely on EPSS Yet. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed October 14, 2025, https ...
sei.cmu

How Easy Is It to Make and Detect a Deepfake?

Bernaciak, C., and Ross, D., 2022: How Easy Is It to Make and Detect a Deepfake?. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Rust Software Security: A Current State Assessment

Sible, J., and Svoboda, D., 2022: Rust Software Security: A Current State Assessment. Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Rust Vulnerability Analysis and Maturity Challenges

Wassermann, G., and Svoboda, D., 2023: Rust Vulnerability Analysis and Maturity Challenges. Carnegie Mellon University, Software Engineering Institute's Insights ...
sei.cmu

Architecting the Future of Software Engineering: A National Agenda for Software Engineering Research & Development

Software is vital to our country’s global competitiveness, innovation, and national security. It also ensures our modern standard of living and enables continued advances in defense, infrastructure, ...
sei.cmu

2000 CERT Advisories

CERT/CC advisories are now part of the US-CERT National Cyber Awareness System. We provide these advisories, published by year, for historical purposes. This report details the description, impact, ...
sei.cmu

Secure Coding in C and C++, 2nd Edition

Write secure C and C++ code—and avoid the software defects most likely to cause exploitable vulnerabilities! Straight from the world-renowned security experts at CERT/CC, Secure Coding in C and C++ ...
sei.cmu

Ultra-Large-Scale Systems: The Software Challenge of the Future

Ultra-Large-Scale Systems: The Software Challenge of the Future is the product of a 12-month study of ultra-large-scale (ULS) systems software. The study brought together experts in software and other ...
sei.cmu

A Hybrid Threat Modeling Method

In FY 2016, the research team evaluated Security Cards, STRIDE (Spoofing identity, Tampering with data, Repudiation, Information disclosure, Denial of service, Elevation of privilege), and persona non ...
sei.cmu

VPN - A Gateway for Vulnerabilities

Sarvepalli, V., 2019: VPN - A Gateway for Vulnerabilities. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed October 14, 2025 ...