sei.cmu

Instantiating the Error Model Version 2 (EMV2) Annex

This report describes the EMV2 Instance Model’s structure, the challenges encountered when defining it, and the rationale used to choose its structure. The Error ...
sei.cmu

AI-Powered Memory Safety for C Applications

Proving the absence of use-after-free errors and other temporal memory safety vulnerabilities is complex and costly, particularly in large codebases such as those for mission-critical military systems ...
sei.cmu

Thread Safety Analysis in C and C++

Ballman, A., 2014: Thread Safety Analysis in C and C++. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed February 19, 2026 ...
sei.cmu

Send a Message

This contact form is for general questions and requests for contact. Do not use this contact form to send sensitive information. Please review the guidelines for sending sensitive information. If you ...
Software Engineering Institute

Temporal Memory Safety in C and C++: An AI-Enhanced Pointer Ownership Model

This podcast explores updates to the Pointer Ownership Model for C, a modeling framework designed to improve the ability of developers to statically analyze C programs for errors involving temporal ...
sei.cmu

Has your PMO built an Agile culture across the program office and its users?

This short video explains how important it is for PMOs to build an Agile culture as part of adopting the Software Acquisition Pathway. Brigid O'Hearn (Software Modernization Policy Lead) of the ...
sei.cmu

Pointer Ownership Model: AI-Powered Memory Safety for C Applications

The Pointer Ownership Model (POM) project automates enforcement of temporal memory safety for C programs using a Large Language Model and a SAT Solver. Preventing ...
sei.cmu

Prioritizing and Testing Non-Functional Requirements: A Practical Guide

Engineering secure software is hard to do! In this talk, I discuss two high-level, requirements-based approaches to improving software quality. The first is using a ...
sei.cmu

Dynamic Analysis of an Executable's System Impact

Presented at InfoSec World 2025 Home Publications Digital Library Dynamic Analysis of an Executable's System Impact ...
sei.cmu

Paul Nielsen to Conclude Over Two Decades of Guiding the SEI's Growth and Success

This newsletter compiles the latest SEI releases and news about Paul Nielsen stepping down as the SEI's director and CEO, milestones for the Stakeholder Specific Vulnerability Categorization (SSVC), ...
sei.cmu

Transforming Mission Through Volumetric Reconstruction

The Software Engineering Institute (SEI) is conducting research to leverage state-of-the-art generative AI techniques to allow warfighters to create digital twins of the physical world at the time and ...
sei.cmu

Does your PMO have a plan to use Agile methods in a DevSecOps environment?

This short video urges program offices to consider how to use both Agile methods and DevSecOps as part of adopting the Software Acquisition Pathway. Brigid O'Hearn (Software Modernization Policy Lead) ...