Carnegie Mellon University Software Engineering Institute

Watch Sam Procter’s talk on “Probabilistic Verification for Next Generation Certification” from DATAWorks 2026 at IDA FFRDC in Alexandria, VA.

In this talk, Sam highlights how probabilistic verification -- a statistical technique from computer science research -- can generate quantitative evaluations of system properties using the sorts of testing that are being done now. This provides users and evaluators with confidence intervals over important system aspects like performance or stability so they can make better informed go or no-go decisions -

Session 4A: Probabilistic Verification for Next Generation Certification Sam ProcterPrincipal Architecture Researcher, Software Engineering...

A New CERT Vulnerability Note: Securly Chrome Extension contains multiple weak encryption and access control vulnerabilities - https://kb.cert.org/vuls/id/595768

A New CERT Vulnerability Note: Appsmiths SQL Query autocomplete renderer contains a cross site scripting vulnerability - https://kb.cert.org/vuls/id/265691?_gl=1

The Fortran programming language underlies services ranging from weather prediction to supercomputing. But this popular, long-lived language has had no rules to guide the writing of secure code. To help developers create more secure and compliant programs in Fortran, the SEI has released the first-ever secure coding standard for the language, on the new GitHub home for SEI coding standards -

SEI Releases Fortran Coding Standard | CMU Software Engineering Institute The rules aim to improve security compliance of simulation and supercomputing software.

Organizations across sectors are undergoing a structural shift as AI solutions redefine operational workflows and challenge traditional ex*****on models. SEI researchers, in partnership with Accenture, have studied how organizations can mature their AI practices to bring clarity, structure, and consistency to AI adoption. A new blog post outlines our findings on defining the scope of AI adoption, practical steps for advancing organizational maturity, and outcomes from our joint pilot assessment with Accenture Global IT -

Managing the Complexities of AI Adoption | CMU Software Engineering Institute SEI researchers, in partnership with Accenture, studied how organizations can mature AI practices to bring clarity, structure, and consistency to AI adoption. This post outlines our findings.

Register for "Rethinking and Maturing AI Adoption" on June 9, 1:30 p.m. ET.

In this webcast, experts from the Software Engineering Institute at Carnegie Mellon University and Accenture will share technical insights and lessons learned from maturing AI adoption in complex environments. They will demonstrate how a nimble assessment instrument such as the road-tested AI Adoption Maturity Model fills critical gaps faced by organizations adopting AI.

The panel of speakers include Anita Carleton, John Haller, Ipek Ozkaya, Tony Leraris, Majd Sakr, Kaveh Safavi, and Rajendra Prasad (RP) -

Rethinking and Maturing AI Adoption Experts from the CMU SEI and Accenture share technical insights and lessons learned from maturing AI adoption in complex environments.

Detect and respond to ML drift before it causes harm. Our latest SEI Blog post explores what causes drift and how to identify it early -

Expecting the Unexpected: Monitoring for Drift in ML Systems | CMU Software Engineering Institute Measures need to detect and respond to drift in ML systems before real-world harms are enacted. This post describes what causes drift and how to detect it.

A new SEI Blog post details an approach that draws from Agile Architecture Risk Management (AARM) and Continuous Risk Management (CRM) to create a practice for evaluating software architecture risks early in development -

Managing Architectural Risk During Agile Development | CMU Software Engineering Institute By weighing the tradeoffs between design pattern attributes and quality attributes, software developers can identify architectural risks early and assess the system impacts of design decisions.

A New CERT Vulnerability Note: Local privilege escalation in Linux Kernel (Dirty Frag) - https://kb.cert.org/vuls/id/980487

Today at 1:30 p.m. ET - In the free SEI webcast "AI-Native Software Engineering: Enduring Principles, New Pace," Scott Sinclair, James Ivers, and Mario Benitez discuss their observations and lessons from applying AI-native software engineering and studying its use across multiple projects.

AI-Native Software Engineering: Enduring Principles, New Pace SEI researchers discuss observations from their application of AI-native SW engineering and the study of its use across multiple industries.