Software Engineering Institute

Bridging Research and Practice in LLM Agent Security

This systematic review discusses academic surveys, grey literature sources, and real-world case studies on securing LLM agents.
Software Engineering Institute

From Data to Performance: Understanding and Improving Your AI Model

Drift in data and concept, evolving edge cases, and emerging phenomena can undermine the correlations that AI classifiers rely on. In this podcast, SEI researchers discuss a new tool to help improve ...
Software Engineering Institute

What Could Possibly Go Wrong? Safety Analysis for AI Systems

SEI researchers discuss their work on System Theoretic Process Analysis, or STPA, a hazard-analysis technique uniquely suitable for dealing with AI complexity when assuring AI systems.
sei.cmu

7 Recommendations to Improve SBOM Quality

Tobar, D., Jamieson, J., Priest, M., and Fricke, J., 2025: 7 Recommendations to Improve SBOM Quality. Carnegie Mellon University, Software Engineering Institute's ...
sei.cmu

Dangers of AI for Insider Risk Evaluation (DARE)

Artificial Intelligence (AI) holds the promise of reducing insider risk incidents, but it comes with a unique set of challenges. This paper outlines the potential pitfalls of leveraging AI for insider ...
sei.cmu

Independent Verification and Validation for Agile Projects

In this webcast, Justin Smith highlights a novel approach to providing independent verification and validation (IV&V) for projects that are using an Agile or iterative software development.
sei.cmu

An Introduction to Model-Based Systems Engineering (MBSE)

Shevchenko, N., 2024: An Introduction to Model-Based Systems Engineering (MBSE). Carnegie Mellon University, Software Engineering Institute's Insights (blog ...
sei.cmu

Auditing Bias in Large Language Models

Robinson, K., and Turri, V., 2024: Auditing Bias in Large Language Models. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed ...
sei.cmu

The Dangers of VHD and VHDX Files

Dormann, W., 2019: The Dangers of VHD and VHDX Files. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed November 26, 2025, https ...
sei.cmu

What Recent Vulnerabilities Mean to Rust

Svoboda, D., 2024: What Recent Vulnerabilities Mean to Rust. Carnegie Mellon University, Software Engineering Institute's Insights (blog), Accessed November 21, 2025 ...
sei.cmu

Applying Large Language Models to DoD Software Acquisition: An Initial Experiment

Schmidt, D., and Robert, J., 2024: Applying Large Language Models to DoD Software Acquisition: An Initial Experiment. Carnegie Mellon University, Software Engineering ...
sei.cmu

Using Large Language Models in the National Security Realm

Shannon Gallagher discusses findings and recommendations from the Mayflower Project and provides additional background information about LLMs and how they can be engineered for national security use.