LLMs show promising initial results in adjudicating static analysis alerts, offering possibilities for better vulnerability detection. This post discusses initial experiments using GPT-4 to evaluate static analysis alerts.

October 7, 2024 • By William Klieber , Lori Flynn

In Cybersecurity Engineering

This post introduces Redemption, an open source tool that uses automated code repair technology to repair static analysis alerts in C/C++ source code.

June 10, 2024 • By David Svoboda

In Cybersecurity Engineering

Key features in new release of SCAIFE System Version 2.0.0 including support for continuous-integration (CI) systems, and status of evolving SEI SCAIFE work

October 25, 2021 • By Lori Flynn

In Secure Development

The Jeep hack, methods to hack ATMs, and even hacks to a casino's fish tank provide stark evidence of the risks associated with the Internet of Things (IoT)....

March 31, 2019 • By David Svoboda

In Secure Development

The 2017 SEI Year in Review highlights the work of the institute undertaken from October 1, 2016, to September 30, 2017. This blog post, which was published in the 2017 …

March 25, 2018 • By Douglas Schmidt (Vanderbilt University)

This SEI Blog post explores the challenges of verifying evolving software and presents research efforts aimed at improving verification techniques and tools.

October 19, 2014 • By Arie Gurfinkel

The DoD relies heavily on mission- and safety-critical real-time embedded software systems (RTESs), which play a crucial role in controlling systems ranging from airplanes and cars to infusion pumps and …

December 5, 2011 • By Arie Gurfinkel