This project focuses on creating a foundational model for all container reproducibility efforts (open-source, commercial, U.S. Department of Defense (DoD), etc.). The lack of build reproducibility is ...

Detecting malicious code is a challenge, particularly when it’s implanted in otherwise legitimate software. If undetected, malware injected into legitimate software can result in costly compromises of ...

Deploying critical software with certification and frequent updates is a major challenge. Exhaustive testing of safety-critical systems is not possible due to the exponential growth of test cases; ...

CaBSCE introduces a novel method for cost estimation that aligns with modern software practices, where flexibility and speed are paramount.

Hardware inefficiencies pose major limitations to U.S. Department of Defense (DoD) applications; current processors simply cannot keep up with the large and complex machine learning (ML) workloads ...

Assuring evolving large-scale systems (i.e., systems with multiple subsystems) can be a bottleneck in deploying capabilities with the speed and confidence needed for current Department of Defense (DoD ...

SEI Publications Annual Reviews 2024 Research Review Schedule ¦ 2024 Research Review ...

Join representatives from CMU SEI at the ACT-IAC Imagine Nation ELC Conference which brings together the government technology community to discuss the issues facing government and work together to ...

In this webcast, Justin Smith highlights a novel approach to providing independent verification and validation (IV&V) for projects that are using an Agile or iterative software development.

Producing secure programs requires secure designs. However, even the best designs can lead to insecure programs if developers are unaware of the many security pitfalls inherent in Java programming.