About the SEIWe establish and advance software as a strategic advantage for national security. We lead and direct research and transition of software engineering and related disciplines at the intersection of academia, industry, and government.Our Objectives and Research:* Agile* Artificial Intelligence Engineering* Cloud Computing* Cyber Workforce Development* Cybersecurity Center Development* Cybersecurity Engineering* DevSecOps* Edge Computing* Enterprise Risk and Resilience Management* Insider Threat* Quantum Computing* Reverse Engineering for Malware Analysis* Secure Development* Security Vulnerabilities* Situational Awareness* Software ArchitectureSoftware Engineering InstituteSEI_6ef12c8e-af79-11ec-a8c5-46ad1983ea00The Software Engineering Institute (SEI) at Carnegie Mellon University is a Federally Funded Research and Development Center (FFRDC)—a nonprofit, public–private partnership that conducts research for the United States government.Carnegie Mellon UniversityPart of the Carnegie Mellon University Community ~ The SEI is based at Carnegie Mellon University in Pittsburgh, Pennsylvania. A national and international leader in higher education and research, Carnegie Mellon University is at the forefront of cybersecurity and software initiatives. The university provides the SEI with infrastructure and business processes while our technical staff are part of the university's world-class community of researchers and innovators.We work with Carnegie Mellon University on major initiatives, contributing to the university's intellectual capital through research, collaboration, teaching, and strong management practices.U.S. Department of DefenseOne of only 10 FFRDCs sponsored by the U.S. Department of Defense (DoD), the SEI conducts R&D in software engineering, systems engineering, cybersecurity, and many other areas of computing, working to introduce private-sector innovations into government.SEI PartnersAs the only FFRDC sponsored by the DoD that is also authorized to work with organizations outside of the DoD, the SEI is unique. We work with partners throughout the U.S. government, the private sector, and academia. These partnerships enable us to take innovations from concept to practice, closing the gap between research and use.U.S. GovernmentHow We Work With Government ~ As an FFRDC, we fulfill core DoD software engineering needs that are unmet by in-house and private sector R&D centers...By charter, we offer fast-track contracting for DoD and other federal organizations. We stay close to our sponsor in Washington, DC, with offices in Arlington, Virginia, in addition to our headquarters in Pittsburgh, Pennsylvania.U.S. ArmyFor example, the U.S. Army and the SEI engaged in a multiyear partnership to improve the Army's capability to acquire software-reliant systems.U.S. Air ForceOur engineers stepped in to help a prototyping team accelerate its use of Agile methods in an acquisition for a critical U.S. Air Force intelligence system.Department of TransportationWe also collaborated with the Department of Transportation and US-CERT on research aimed at securing the U.S. government's fleet of vehicles.US-CERTPrivate SectorAcademiaSEI LeadersWith strong ties to Carnegie Mellon University, SEI leadership provides strategic vision as the institute works to innovate from rigorous research, improve the state of the practice in software and cybersecurity, and transition new technologies into the public sector, private industry, and academia.SEI Executive Leadership TeamThe Software Engineering Institute Executive Leadership Team sets strategy and aligns the institute with the goals set by its sponsor. Highly visible, the team embodies the core values of the institute.Paul NielsenDirector and CEO ~ Dr. Paul D. Nielsen is the Director and Chief Executive Officer of Carnegie Mellon University’s Software Engineering Institute (SEI), a U.S. Department of Defense federally funded research and development center (FFRDC). The SEI is a global leader in advancing software, cybersecurity, and the engineering of AI systems to support the nation by advancing the science, technologies and practices needed to acquire, develop, operate and sustain software systems that are innovative, affordable, trustworthy and enduring.David ThompsonDeputy Director and COO ~ David Thompson currently serves as the SEI’s Deputy Director and Chief Operating Officer and oversees and directs internal and external operations for the organization. Additionally, Thompson is the SEI’s Chief Information Officer, with primary responsibility for designing and delivering information and infrastructure services. As CIO, he has executive oversight for operational units that include IT, physical and industrial security, enterprise application development, web content and delivery, public relations, and communication and transition services.Tom LongstaffChief Technology Officer ~ Tom Longstaff is Chief Technology Officer of the SEI. As CTO, Longstaff is responsible for formulating a technical strategy and leading the funded research program of the institute based on current and predicted future trends in technology, government, and industry.Heidi MagneliaChief Financial Officer ~ Heidi S. Magnelia is chief financial officer of the Software Engineering Institute, where she is responsible for financial, business, facilities, and central administrative services. She has more than 30 years of experience as a financial professional, with previous experience in government-funded research, consulting, and commercial organizations.Gregory J. TouhillDirector, CERT Division ~ Gregory J. Touhill is director of the SEI’s world-renowned CERT Division, where he leads a diverse group of researchers, software engineers, security analysts, and digital intelligence specialists working together to research security vulnerabilities in software products, contribute to long-term changes in networked systems, and develop cutting-edge information and training to improve the practice of cybersecurity.Anita CarletonDirector, Software Solutions Division ~ Anita Carleton is an Executive Leadership Team Member and Division Director of the Software Solutions Division (SSD) at the Software Engineering Institute (SEI), Carnegie Mellon University, with more than 30 years of technical and senior leadership experience in the software engineering industry. The mission of SSD is to advance the state of the practice in software engineering through applied research, development, and transition of innovative technologies for building and acquiring software-intensive systems, with the specific goal of making software a strategic advantage for the Department of Defense. SSD provides leadership through research collaborations with CMU and others in academia, directly engaging with major defense acquisition projects, partnering with industry, and informing DoD policy makers.Matthew GastonDirector, SEI AI Division ~ Dr. Matt Gaston is the director of the AI Division at the Carnegie Mellon University Software Engineering Institute and the founding director of the SEI’s Emerging Technology Center. He also holds an appointment as an adjunct associate professor at the Carnegie Mellon University Institute for Software Research.As the director of the AI Division, Dr. Gaston leads a diverse team of researchers, engineers, and innovators who assist the US Department of Defense in developing and using leap-ahead AI capabilities that are reliable, responsible, safe, fair, and transparent. He is a leader of the community-wide National AI Engineering Initiative focused on establishing and growing the discipline of AI engineering. Since 2011, Dr. Gaston has led the establishment and growth of the SEI Emerging Technology Center (ETC). With his leadership, the ETC research portfolio has grown to include work in the fields of autonomy, analytics, visualization, and quantum computing.Mary Catherine WardChief Strategy Officer ~ As chief strategy officer for the Software Engineering Institute (SEI), Mary Catherine Ward develops strategic options to keep the SEI’s strategy relevant, to ensure that decisions at all levels align with the strategy, and to develop, execute, and institutionalize strategic initiatives that advance the SEI’s mission and strategic goals.Sandra BrownAssistant General Counsel and Assistant Vice President ~ Sandra Brown is assistant general counsel and assistant vice president of Carnegie Mellon University and general counsel to the Software Engineering Institute (SEI).Brown focuses on contractual issues arising out of Carnegie Mellon University's contract with the U.S. Department of Defense for the operation of the SEI. She advises the SEI's leadership on all legal matters, including contracting, intellectual property rights, and human resources. She interprets federal and state laws and advises the SEI and its personnel on the applicability of these laws in areas such as conflict of interest, export control, and human-subject research. Brown's responsibilities also include reviewing, negotiating, and drafting multiple types of legal documents as well as overseeing and enforcing the compliance functions of the SEI.SEI Board of VisitorsIn addition to advising the Director of the SEI, the SEI Board of Visitors monitors SEI activities and reports to the Carnegie Mellon University Provost, offering recommendations for improvement.Barry BoehmMember of the Board of Visitors ~ TRW Professor of Software Engineering, Computer Science Department Director, USC Center for Software Engineering ~ Dr. Boehm's research interests include software process modeling, software requirements engineering, software architectures, software metrics and cost models, software engineering environments, and knowledge-based software engineering. His contributions to the field include the Constructive Cost Model (COCOMO), the Spiral Model of the software process, the Theory W (win-win) approach to software management and requirements determination, and two advanced software engineering environments: the TRW Software Productivity System and Quantum Leap Environment.Russell CrockettMember of the Board of Visitors ~ Russell Crockett is Managing Partner and CEO of Aeon Blue Technologies, a licensing and support company. Aeon Blue uses an interruptible green electrolysis technology that enables industrial plants to run purely on variable renewable energy, eliminating nearly all carbon production in these industries while producing products at significantly lower costs. He will continue to serve as Principal and Owner of RTC Energy LLC, a management consulting firm he started in 2014. During his career, Crockett has served as Senior Vice President, Commercial at TPC Group, from 2008 to 2013. He was also Vice President, Chemical Sales Americas for Lyondell Chemical Company from 2001 to 2008. While at Lyondell, he also served as Vice President Responsible Care and Engineering; Channelview Hydrocarbons Plant Manager; Business Director, Aromatics & Fuels; and Treasury Management Consultant. Crockett began his career with EI Dupont de Nemours & Co., serving in successive business and operations assignments.Philip DowdMember of the Board of Visitors ~ Mr. Dowd has been Senior Vice President of SunGard Data Systems since 1979. SunGard is an information technology company specializing in Investment Support application software and Disaster Recovery. It began in 1978 as SunData, a wholly owned subsidiary of Sun Oil; was spun out as an LBO in 1983 (with J.H. Whitney and Welsh, Carson, Anderson & Stowe); and went public in 1986. It currently has revenues of about $1 billion with a market value of about $4 billion.John GilliganMember of the Board of Visitors ~ John Gilligan is President of Gilligan Group, a Virginia-based consulting company specializing in government information technology. He has over 25 years of managerial experience in leading large information technology organizations. He has expertise in business strategy, organizational innovation, program implementation, and cybersecurity.Prior to starting Gilligan Group, Mr. Gilligan was Senior Vice President & Director, Defense Sector, for SRA International. In this role, he was general manager of SRA's defense business. Before joining SRA, Gilligan held a number of senior executive positions in a 24-year government career. His last government position was Air Force Chief Information Officer (CIO), the principal advisor to Air Force leadership on information management, business processes, and information technology (IT) standards.Elizabeth HightMember of the Board of Visitors ~ Elizabeth A. Hight is a retired U.S. Navy rear admiral who served as the Vice Director of the Defense Information Systems Agency (DISA).Since January 2010, she has been with Hewlett Packard's Enterprise Services (HPES), U.S. Public Sector, first as Director of U.S. Defense Command and Control Infrastructure practice and then as Vice President of the Cybersecurity Solutions Group.Tom LoveMember of the Board of Visitors ~ Tom Love is a hands-on leader with on-site experience leading rapid application development projects to achieve something that neither the customer nor the development team thought was possible at the outset. He has led eight successful 100-day projects at ShouldersCorp and has had indirect responsibility for 11 others. His current mega-project involves guidance and planning support for the reengineering of VistA, the electronic medical records system in use at all Veterans Health Administration Medical Centers.Alan McLaughlinMember of the Board of Visitors ~ In 1992 McLaughlin was appointed assistant director at MIT Lincoln Laboratory and subsequently was responsible for advanced electronic technology, air traffic control and surface surveillance mission areas. Since 2000 he has been a consultant for strategic planning and advanced technology.Donald StitzenbergMember of the Board of Visitors ~ Mr. Stitzenberg is a Pittsburgh native. He is currently President of CBA Associates, a Global Supply Chain consulting company to clients in the pharmaceutical and cosmetics industries. Prior to his retirement, he spent 33 years in a variety of executive positions with Merck &Co., Inc.SEI FellowsSEI Fellows are individuals who have made an outstanding contribution to the work of the SEI. They are leading researchers and practitioners in their fields, working to ensure the continued success of the institute's mission.Roger BateSEI Fellow ~ Roger R. Bate's work with the Software Engineering Institute was instrumental in seeding best practices for software engineering worldwide. Bate, who was a former chair and member of the SEI Board of Visitors, senior member of the technical staff, and, later, a visiting scientist at the SEI, died at the age of 86 in 2009.Peter FeilerSEI Fellow and Principal Research Scientist ~ For the last 31 years, Peter Feiler has been a member of the Software Engineering Institute (SEI), where his duties include 5 years of management. His interests include safety-critical real-time systems, architecture languages, software-reliant systems, and software system assurance.Feiler is the technical lead and author of the SAE AS-2C Architecture Analysis & Design Language (AADL) standard. This standard was published in November 2004 as SAE Document AS5506. Version 2.1 of the standard was published in January 2012. Feiler is also the author of the Error Model Annex V2 Annex standard for AADL, published in 2015. Feiler received the Carnegie Science Award for Information Technology in 2009 for his work with AADL.John ForemanSEI Fellow ~ For 35 years, John Foreman has worked in the complete lifecycle of software and systems, developing and transitioning software technologies. Foreman is currently the director of the Client Technical Solutions Directorate in the Software Solutions Division of the Software Engineering Institute (SEI). He is responsible for providing direct acquisition and technical support to the Ground, Air, Space, C4, Enterprise Sectors, Intelligence Community, and Civil Agencies. In this role, he manages a $20+ million portfolio of work and supervises 52 full-time and 6 part-time software engineers. He has also led the SEI's research and development activities focused on the application of agile methods in government contexts.John GoodenoughSEI Fellow ~ Although John Goodenough, an ACM and SEI fellow, retired from the SEI in December 2011, he has continued as a part-time employee. During this time, his research has focused on methods for establishing how much confidence one should have in an argument intended to justify claims about system properties. This work has most recently been extended to establishing confidence in properties of a portfolio of research projects.Watts HumphreySEI Fellow ~ When Watts Humphrey arrived at the Carnegie Mellon Software Engineering Institute (SEI) in 1986, he made what he called an "outrageous commitment to change the world of software engineering." By all accounts, he succeeded.During his tenure at the SEI, he established the Software Process Program, led development of the Software Capability Maturity Model, and introduced the Software Process Assessment and Software Capability Evaluation methods. These later became the basis for the development of Capability Maturity Model Integration (CMMI). Humphrey also led the development of the Personal Software Process (PSP) and the Team Software Process (TSP).Known as the "Father of Software Quality," Humphrey dedicated the majority of his career to addressing problems in software development, including schedule delays, cost increases, performance problems, and defects.Nancy MeadSEI Fellow ~ Nancy R. Mead is a fellow at the Software Engineering Institute (SEI) and an adjunct professor of software engineering at Carnegie Mellon University. She is currently involved in the study of security requirements engineering and the development of software assurance curricula. She also served as director of education for the SEI from 1991 to 1994. Her research interests are in the areas of software security and software requirements engineering.Linda NorthropSEI Fellow, Office of the CTO ~ Linda Northrop has more than 45 years of experience in the software development field as a practitioner, researcher, manager, consultant, and educator. She retired from full-time employment at the Software Engineering Institute (SEI) in 2015 and currently works part-time for the CTO on strategic technical activities.Richard PethiaSEI Fellow ~ Richard Pethia was the Director of the CERT Division at Carnegie Mellon University's Software Engineering Institute (SEI). The CERT Division grew from the CERT Coordination Center (CERT/CC) that Mr. Pethia established in 1988 with DARPA sponsorship. The charter of the CERT/CC was to serve as a focal point for reporting and responding to security vulnerabilities, to respond to security emergencies on the Internet, and to serve as a model to help others establish Computer Security Incident Response Teams. Since then, the CERT mission has grown to include research and development in the areas of vulnerability analysis, malicious code analysis, cybersecurity engineering, secure coding, network situational awareness, insider threat, cyber intelligence, cyber forensics, risk analysis and mitigation, operational resilience, and workforce development. The CERT Division is widely recognized as a trusted, authoritative organization, and it regularly partners with government, industry, and academia to develop advanced methods and technologies to counter large-scale, sophisticated cyber threats.Shaping the future of software for a better world_6ef12f40-af79-11ec-a8c5-46ad1983ea00To establish and advance software as a strategic advantage for national security_6ef130ee-af79-11ec-a8c5-46ad1983ea00InnovationBringing Innovation to Government ~ The SEI is the only FFRDC sponsored by the DoD that can work with organizations outside of the DoD. This enables us to introduce innovation to a broad swath of government agencies, as well as to collaborate with Carnegie Mellon University and academia at large.ResearchWe support government initiatives by conducting research and development that is objective, long-term, and free from the constraints of commercialism.ObjectivityNational SecuritySoftware EngineeringLead and direct research and transition of software engineering and related disciplines at the intersection of academia, industry, and government_6ef132e2-af79-11ec-a8c5-46ad1983ea00AcademiaIndustryGovernmentAgileBuild and deliver software incrementally from the start of a project instead of trying to deliver it all at once near the end._6ef13440-af79-11ec-a8c5-46ad1983ea001AIDevelop tools, systems, and processes to enable the application of artificial intelligence in real-world contexts._6ef1358a-af79-11ec-a8c5-46ad1983ea002Cloud ComputingDeliver capabilities, such as applications for analytics and decision support, and infrastructure—such as servers, storage, or networking—over the Internet by cloud service providers (CSPs) who manage those capabilities and infrastructure for the users who access them._6ef136e8-af79-11ec-a8c5-46ad1983ea003Cloud Service ProvidersCyber WorkforceDevelop methods and technology to help organizations effectively cultivate the knowledge and skills their cyber workforce needs to meet today’s emerging cyber challenges._6ef13832-af79-11ec-a8c5-46ad1983ea004Cyber WorkforceCybersecurity CentersIncrease the overall U.S. cybersecurity posture by developing, operationalizing, and improving government and industry organizations’ incident management capabilities so they can protect themselves from attacks and limit the damage and scope of attacks._6ef1397c-af79-11ec-a8c5-46ad1983ea005Cybersecurity CentersCybersecurity EngineeringBuild knowledge and capabilities that enhance acquisition and development lifecycle methods, processes, and practices._6ef13ada-af79-11ec-a8c5-46ad1983ea006CSE reduces security weaknesses and ensures that resulting systems, software components, and compositions address software assurance, information assurance, supply chain risk management, and more.DevSecOpsProvide faster delivery of secure software capabilities._6ef13f26-af79-11ec-a8c5-46ad1983ea007Software Development TeamsIT OperatorsSecurity StaffSoftware System AcquirersSoftware System SuppliersProvide faster delivery of secure software capabilities by improving the collaboration and communication between software development teams, IT operations, and security staff within an organization, as well as with acquirers, suppliers, and other stakeholders in the life of a software system.Edge ComputingPush applications, data, and computing power from central computing locations like servers to the edge of the Internet—to mobile devices, sensors, and end users that are distributed all over the world._6ef141ce-af79-11ec-a8c5-46ad1983ea008Risk & Resilience ManagementHelp organizations plan for and predict problems, quickly pivot to address issues, and build the capability to thrive in the face of disruption._6ef143a4-af79-11ec-a8c5-46ad1983ea009Insider ThreatsUnderstand how different types of insider incidents evolve over time, what vulnerabilities exist within organizations that enable insiders to carry out their attacks, and how to most effectively prevent, detect, and respond to insider threats._6ef14aa2-af79-11ec-a8c5-46ad1983ea0010Quantum ComputingIntroduce the next era of computing speed and power._6ef14c50-af79-11ec-a8c5-46ad1983ea0011It builds on the phenomena of quantum physics to create new kinds of computing elements that will revolutionize how computers process information.Malware AnalysisReverse engineer malware to understand what it does, what it impacts, and how to remove it._6ef14e94-af79-11ec-a8c5-46ad1983ea0012Secure DevelopmentIdentify and prevent security flaws during early development of software systems._6ef1502e-af79-11ec-a8c5-46ad1983ea0013Secure development refers to the set of tools, practices, and approaches that the SEI has created to identify and prevent security flaws during early development of software systems, when it is most cost effective to do so.Security VulnerabilitiesImprove discovery of vulnerabilities and make them public to prevent attackers from exploiting them._6ef152cc-af79-11ec-a8c5-46ad1983ea0014Security vulnerabilities refer to flaws that make software act in ways that designers and developers did not intend it to, or even expect. Research in vulnerability analysis aims to improve ways of discovering vulnerabilities and making them public to prevent attackers from exploiting them.Situational AwarenessCollect information, synthesize it into usable intelligence, and disseminate it._6ef15498-af79-11ec-a8c5-46ad1983ea0015Situational awareness (SA) is the process of collecting information from across your organization, synthesizing it into usable intelligence, and disseminating it effectively so your employees understand how to make good decisions to keep your organization, its assets, and its employees safe and secure.Software ArchitectureUnderstand and analyze how systems achieve essential qualities such as modifiability, availability, and security._6ef1565a-af79-11ec-a8c5-46ad1983ea0016The software architecture of a system represents the design decisions related to overall system structure and behavior. Architecture helps stakeholders understand and analyze how the system will achieve essential qualities such as modifiability, availability, and security.2022-03-29https://www.sei.cmu.edu/about/OwenAmburOwen.Ambur@verizon.net