SEI Digital Library

Considerations for Evaluating Large Language Models for Cybersecurity Tasks

February 20, 2024 • White Paper

By Jeff Gennari, Shing-hon Lau, Samuel J. Perl, Joel Parish (OpenAI), Girish Sastry (OpenAI)

In this paper, researchers from SEI and OpenAI explore the opportunities and risks associated with using Large Language Models (LLMs) for cybersecurity tasks.

Read

When Agile and Earned Value Management Collide: 7 Considerations for Successful Interaction

February 9, 2024 • Podcast

By Patrick R. Place, Stephen Wilson

Patrick Place and Stephen Wilson discuss seven considerations for successful use of Agile and EVM.

Listen

Navigating Capability-Based Planning: The Benefits, Challenges, and Implementation Essentials

February 8, 2024 • White Paper

By Anandi Hira, William Nichols

Based on industry and government sources, this paper summarizes the benefits and challenges of implementing Capability-Based Planning (CBP).

Read

Ask Us Anything: Supply Chain Risk Management

January 31, 2024 • Webcast

By Brett Tucker, Matthew J. Butkovic

In this webcast, Brett Tucker and Matthew Butkovic, answer your enterprise risk management questions to help your organization achieve operational resilience in the cyber supply chain.

Watch

The Impact of Architecture on the Safety of Cyber-Physical Systems

January 30, 2024 • Podcast

By Jerome Hugues

Jerome Hugues discusses challenges that arise from the increasing autonomy in cyber-physical systems including transferring and processing multiple data streams.

Listen

The Future of Software Engineering and Acquisition with Generative AI

January 23, 2024 • Webcast

By Douglas Schmidt (Vanderbilt University), Anita Carleton, James Ivers, Ipek Ozkaya, John E. Robert, Shen Zhang

In this webcast, SEI researchers explore the future of software engineering and acquisition using generative AI technologies.

Watch

Encoding Verification Arguments to Analyze High-Level Design Certification Claims: Experiment Zero (E0)

January 18, 2024 • White Paper

By Dionisio de Niz, Bjorn Andersson, Mark H. Klein, John Lehoczky (Carnegie Mellon University), Hyoseung Kim (University of California, Riverside), George Romanski (Federal Aviation Administration), Jonathan Preston (Lockheed Martin Corporation), Daniel Shapiro (Institute of Defense Analysis), Floyd Fazi (Lockheed Martin Corporation), Douglas Schmidt (Vanderbilt University), David Tate (Institute of Defense Analysis), Gordon Putsche (The Boeing Company), Ronald Koontz (Boeing Company)

This paper discusses whether automation of certification arguments can identify problems that occur in real systems.

Read

The Measurement Challenges in Software Assurance and Supply Chain Risk Management

December 22, 2023 • White Paper

By Nancy R. Mead, Carol Woody, Scott Hissam

This paper recommends an approach for developing and evaluating cybersecurity metrics for open source and other software in the supply chain.

Read

ChatGPT and the Evolution of Large Language Models: 4 Case Studies

December 14, 2023 • Podcast

By Matthew Walsh, Dominic A. Ross

Matthew Walsh, a senior data scientists in CERT, and Dominic Ross, Multi-Media Design Team Lead, discuss their work in developing four case studies to understand limitations and future uses of …

Listen

Report to the Congressional Defense Committees on National Defense Authorization Act (NDAA) for Fiscal Year 2022 Section 835 Independent Study on Technical Debt in Software-Intensive Systems

December 7, 2023 • Technical Report

By Ipek Ozkaya, Forrest Shull, Julie B. Cohen, Brigid O'Hearn

This independent study of technical debt in software-intensive systems was sent to Congress in December 2023 to satisfy the requirements of NDAA Section 835.

Read

Software Engineering Institute