Publications
The SEI provides access to more than 5,000 documents from three decades of research on best practices in software engineering. These documents include technical reports, presentations, webinars, podcasts, blogs, and other searchable materials. You can search our database to find publications that span the SEI's history as well as current research.
SEI Digital Library
Our digital library holds over 30 years of publications that you can browse by topic, author, and publication type.
Filter by
-
AI Hygiene Starts with Models and Data Loaders
• White Paper
By Matt Churilla, Mahmoud Shabana, Shing-hon Lau, Renae Metcalf
This paper places a call to action for traditional cybersecurity tools and techniques to be applied to artificial intelligence (AI) for improving the cybersecurity of AI systems.
DOWNLOAD -
Security Engineering Framework (SEF): Managing Security and Resilience Risks Across the Systems Lifecycle
• Special Report
By Carol Woody, Christopher J. Alberts, Charles M. Wallen, Tom Merendino, Michael S. Bandor
The SEF is a collection of software-focused engineering practices for managing security and resilience risks across the systems lifecycle.
DOWNLOAD -
Dangers of AI for Insider Risk Evaluation (DARE)
• White Paper
By Austin Whisnant
This paper describes the challenges and pitfalls of using artificial intelligence for insider risk analysis and how to thoughtfully and efficiently use AI to find insider threats.
DOWNLOAD -
Assurance Evidence of Continuously Evolving Real-Time Systems (ASERT) Workshop 2024
• Special Report
By Dionisio de Niz, John Lehoczky (Carnegie Mellon University), Bjorn Andersson, Ronald Koontz (Boeing Company), Mark H. Klein, Floyd Fazi (Lockheed Martin Corporation), Daniel Shapiro (Institute of Defense Analysis), Jonathan Preston (Lockheed Martin Corporation), George Romanski (Federal Aviation Administration), Hyoseung Kim (University of California, Riverside)
This report summarizes the analysis of the Taiwanese flight CI202 incident from 2020 as well as ideas for future work for ASERT presented at its 2024 workshop.
DOWNLOAD -
Self-Assessment in Training and Exercise
• Technical Report
By Sean Huff, John Yarger, Dustin D. Updyke, Thomas G. Podnar
In this report, the authors introduce an approach to performance evaluation that focuses on self-assessment.
DOWNLOAD -
Counter AI: What Is It and What Can You Do About It?
• White Paper
By Nathan M. VanHoudnos, Shing-hon Lau, Matt Churilla, Carol J. Smith, Lauren McIlvenny, Greg Touhill
This paper describes counter artificial intelligence (AI) and provides recommendations on what can be done about it.
DOWNLOAD -
Terrain in Cyberspace Operations—Terminology
• White Paper
By Vincent LaPiana, Nathaniel Richmond
This paper defines several terms used to describe cyber operations and how they relate to other terms important to military operations and mission planning.
DOWNLOAD -
Lessons Learned in Coordinated Disclosure for Artificial Intelligence and Machine Learning Systems
• White Paper
By Lena Pons, Matt Churilla, Nathan M. VanHoudnos, Shing-hon Lau, Vijay S. Sarvepalli, Lauren McIlvenny, Allen D. Householder, Jeff Havrilla, Andrew Kompanek
In this paper, the authors describe lessons learned from coordinating AI and ML vulnerabilities at the SEI's CERT/CC.
DOWNLOAD -
Toward the Use of Artificial Intelligence (AI) for Advanced Persistent Threat Detection
• Technical Report
By Clarence Worrell, Matthew Walsh, Tom Scanlon
This report examines the feasibility and usefulness of implementing AI and ML in cyber defense with a particular focus on advanced persistent threats (APTs).
DOWNLOAD -
On the Design, Development, and Testing of Modern APIs
• White Paper
By Alejandro Gomez, Alex Vesey
This white paper discusses the design, desired qualities, development, testing, support, and security of modern application programming interfaces (APIs).
DOWNLOAD