The Software Engineering Institute (SEI) is an American
research and development
Research and development (R&D or R+D), known in Europe as research and technological development (RTD), is the set of innovative activities undertaken by corporations or governments in developing new services or products, and improving existi ...
center headquartered in
Pittsburgh
Pittsburgh ( ) is a city in the Commonwealth (U.S. state), Commonwealth of Pennsylvania, United States, and the county seat of Allegheny County, Pennsylvania, Allegheny County. It is the most populous city in both Allegheny County and Wester ...
,
Pennsylvania
Pennsylvania (; ( Pennsylvania Dutch: )), officially the Commonwealth of Pennsylvania, is a state spanning the Mid-Atlantic, Northeastern, Appalachian, and Great Lakes regions of the United States. It borders Delaware to its southeast, ...
. Its activities cover
cybersecurity
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...
,
software assurance
Software assurance (SwA) is defined as "the level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions ...
,
software engineering
Software engineering is a systematic engineering approach to software development.
A software engineer is a person who applies the principles of software engineering to design, develop, maintain, test, and evaluate computer software. The term '' ...
and acquisition, and component capabilities critical to the
United States Department of Defense
The United States Department of Defense (DoD, USDOD or DOD) is an executive branch department of the federal government charged with coordinating and supervising all agencies and functions of the government directly related to national secu ...
.
Authority
The Carnegie Mellon Software Engineering Institute is a
federally funded research and development center
Federally funded research and development centers (FFRDCs) are public-private partnerships that conduct research and development for the United States Government. Under Federal Acquisition Regulationbr>§ 35.017 FFRDCs are operated by unive ...
headquartered on the campus of
Carnegie Mellon University
Carnegie Mellon University (CMU) is a private research university in Pittsburgh, Pennsylvania. One of its predecessors was established in 1900 by Andrew Carnegie as the Carnegie Technical Schools; it became the Carnegie Institute of Technology ...
in
Pittsburgh
Pittsburgh ( ) is a city in the Commonwealth (U.S. state), Commonwealth of Pennsylvania, United States, and the county seat of Allegheny County, Pennsylvania, Allegheny County. It is the most populous city in both Allegheny County and Wester ...
,
Pennsylvania
Pennsylvania (; ( Pennsylvania Dutch: )), officially the Commonwealth of Pennsylvania, is a state spanning the Mid-Atlantic, Northeastern, Appalachian, and Great Lakes regions of the United States. It borders Delaware to its southeast, ...
,
United States
The United States of America (U.S.A. or USA), commonly known as the United States (U.S. or US) or America, is a country primarily located in North America. It consists of 50 states, a federal district, five major unincorporated territorie ...
. The SEI also has offices in
Washington, DC
)
, image_skyline =
, image_caption = Clockwise from top left: the Washington Monument and Lincoln Memorial on the National Mall, United States Capitol, Logan Circle, Jefferson Memorial, White House, Adams Morgan ...
;
Arlington County, Virginia
Arlington County is a County (United States), county in the Virginia, Commonwealth of Virginia. The county is situated in Northern Virginia on the southwestern bank of the Potomac River directly across from the Washington, D.C., District of Co ...
; and
Los Angeles
Los Angeles ( ; es, Los Ángeles, link=no , ), often referred to by its initials L.A., is the largest city in the state of California and the second most populous city in the United States after New York City, as well as one of the world' ...
, California. The SEI operates with major funding from the
U.S. Department of Defense
The United States Department of Defense (DoD, USDOD or DOD) is an executive branch department of the federal government charged with coordinating and supervising all agencies and functions of the government directly related to national secur ...
. The SEI also works with industry and academia through research collaborations.
On November 14, 1984, the U.S. Department of Defense elected Carnegie Mellon University as the host site of the Software Engineering Institute. The institute was founded with an initial allocation of $6 million, with another $97 million to be allocated in the subsequent five years. The SEI's contract with the Department of Defense is subject to review and renewal every five years.
The SEI program of work is conducted in several principal areas: cybersecurity,
software assurance
Software assurance (SwA) is defined as "the level of confidence that software is free from vulnerabilities, either intentionally designed into the software or accidentally inserted at any time during its lifecycle, and that the software functions ...
, software engineering and acquisition,
DevOps
DevOps is a set of practices that combines software development (''Dev'') and IT operations (''Ops''). It aims to shorten the systems development life cycle and provide continuous delivery with high software quality. DevOps is complementary to a ...
, and component capabilities critical to the Department of Defense.
Areas of work
The SEI defines specific initiatives aimed at improving organizations' software engineering capabilities.
Management practices
Organizations need to effectively manage the acquisition, development, and evolution (ADE) of software-intensive systems. Success in software engineering management practices helps organizations predict and control quality, schedule, cost, cycle time, and productivity. The best-known example of SEI in management practices is the SEI's
Capability Maturity Model (CMM) for Software (now
Capability Maturity Model Integration (CMMI)). The CMMI approach consists of models, appraisal methods, and training courses that have been proven to improve process performance. In 2006, Version 1.2 of the CMMI Product Suite included the release of CMMI for Development. CMMI for Development was the first of three constellations defined in Version 1.2: the others include CMMI for Acquisition and CMMI for Services. The CMMI for Services constellation was released in February 2009. Another management practice developed by CERT, which is part of the SEI, is the Resilience Management Model (CERT-RMM). The CERT-RMM is a capability model for operational resilience management. Version 1.0 of the Resilience Management Model was released in May 2010.
Engineering practices
SEI work in engineering practices increases the ability of software engineers to analyze, predict, and control selected
functional and non-functional properties of software systems. Key SEI tools and methods include the SEI
Architecture Tradeoff Analysis Method In software engineering, architecture tradeoff analysis method (ATAM) is a risk-mitigation process used early in the software development life cycle.
ATAM was developed by the Software Engineering Institute at the Carnegie Mellon University. Its pu ...
(ATAM) method, the SEI Framework for Software Product Line Practice, and the SEI Service Migration and Reuse Technique (SMART).
Security
The SEI is also the home of the
CERT/CC
The CERT Coordination Center (CERT/CC) is the coordination center of the computer emergency response team (CERT) for the Software Engineering Institute (SEI), a non-profit United States federally funded research and development center. The CERT/C ...
(CERT Coordination Center), a federally funded computer security organization. The SEI CERT Program's primary goals are to ensure that appropriate technology and systems-management practices are used to resist attacks on networked systems and to limit damage and ensure continuity of critical services in spite of successful attacks, accidents, or failures. The SEI CERT program is working with
US-CERT
The United States Computer Emergency Readiness Team (US-CERT) is an organization within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Specifically, US-CERT is a branch of the Office of C ...
to produce the Build Security In (BSI) website, which provides guidelines for building security into every phase of the
software development lifecycle
In software engineering, a software development process is a process of dividing software development work into smaller, parallel, or sequential steps or sub-processes to improve design, product management. It is also known as a software devel ...
. The SEI has also conducted research on insider threats and
computer forensics
Computer forensics (also known as computer forensic science) is a branch of digital forensic science pertaining to evidence found in computers and digital storage media. The goal of computer forensics is to examine digital media in a forensical ...
. Results of this research and other information now populate the CERT Virtual Training Environment.
Special programs
SEI Partner Network
The SEI Partner Network helps the SEI disseminate software engineering best practices. Organizations and individuals in the SEI Partner Network are selected, trained, and licensed by the SEI to deliver authentic SEI services, which include courses, consulting methods, and management processes. The network currently consists of nearly 250 partner organizations worldwide.
Conferences
The SEI sponsors national and international conferences, workshops, and user-group meetings. Other events cover subjects including acquisition of software-intensive systems,
commercial off-the-shelf
Commercial off-the-shelf or commercially available off-the-shelf (COTS) products are packaged or canned (ready-made) hardware or software, which are adapted aftermarket to the needs of the purchasing organization, rather than the commissioning of ...
(COTS)-based systems, network security and survivability, software process research,
software product line Software product lines (SPLs), or software product line development, refers to software engineering methods, tools and techniques for creating a collection of similar software systems from a shared set of software assets using a common means of pro ...
s, CMMI, and the SEI Team Software Process.
Education and training
SEI courses are currently offered at the SEI's locations in the United States and Europe. In addition, using licensed course materials, SEI Partners train individuals.
Membership program
The SEI Membership Program helps the software engineering community to network. SEI Members include small business owners, software and systems programmers, CEOs, directors, and managers from both Fortune 500 companies and government organizations
Affiliate program
Through the SEI Affiliate Program, organizations place technical experts with the SEI for periods ranging from 12 months to four years. Affiliates currently are working on projects with the SEI to identify, develop, and demonstrate improved software engineering practices.
Software Process Achievement award program
In order to recognize outstanding achievement in improving an organization's ability to create and evolve software-dependent systems, the SEI and
IEEE Computer Society
The Institute of Electrical and Electronics Engineers (IEEE) is a 501(c)(3) professional association for electronic engineering and electrical engineering (and associated disciplines) with its corporate office in New York City and its operati ...
created the
Software Process Achievement Award
The Software Process Achievement Award is a non-competitive award offered by the IEEE Computer Society and Software Engineering Institute (SEI) and annually presented for outstanding and innovative contributions to the field of software quality.
A ...
program. In addition to rewarding excellence, the purpose of this award is to foster continuous advancement in the practice of software engineering and to disseminate insights, experiences, and proven practices throughout the relevant research and practitioner communities.
Research and publications
The SEI publishes reports that offer new technical information about software engineering topics, whether theoretical or applied. The SEI also publishes books on
software engineering
Software engineering is a systematic engineering approach to software development.
A software engineer is a person who applies the principles of software engineering to design, develop, maintain, test, and evaluate computer software. The term '' ...
for industry, government and military applications and practices.
In addition, the SEI offers public courses, workshops, and conferences in process improvement, software architecture and product lines, and security.
Controversies
On November 11, 2015, the head of
the Tor Project
The Tor Project, Inc. is a Seattle-based 501(c)(3) research-education nonprofit organization founded by computer scientists Roger Dingledine, Nick Mathewson and five others. The Tor Project is primarily responsible for maintaining software for ...
accused the Software Engineering Institute of aiding
Federal Bureau of Investigation
The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, ...
in uncovering the identities of users of the
Tor network
Tor, short for The Onion Router, is free and open-source software for enabling anonymous communication. It directs Internet traffic through a free, worldwide, volunteer overlay network, consisting of more than seven thousand relays, to conc ...
. Later prosecution showed the hack was paid for by the Department of Defense and subpoena by the FBI.
Focus of progressive protests
SEI has been an occasional site of
anti-war movement
An anti-war movement (also ''antiwar'') is a social movement, usually in opposition to a particular nation's decision to start or carry on an armed conflict, unconditional of a maybe-existing just cause. The term anti-war can also refer to ...
and
peace movement
A peace movement is a social movement which seeks to achieve ideals, such as the ending of a particular war (or wars) or minimizing inter-human violence in a particular place or situation. They are often linked to the goal of achieving world peac ...
protests,
many of which have been organized by
Pittsburgh's Thomas Merton Center.
References in popular culture
*SEI served as the Blackgate Prison in the 2012 film ''
The Dark Knight Rises
''The Dark Knight Rises'' is a 2012 superhero film directed by Christopher Nolan, who co-wrote the screenplay with his brother Jonathan Nolan, and the story with David S. Goyer. The film is based on the DC Comics character Batman, it is th ...
''.
See also
*
Software engineer
Software engineering is a systematic engineering approach to software development.
A software engineer is a person who applies the principles of software engineering to design, develop, maintain, test, and evaluate computer software. The term ''p ...
*
Personal software process (PSP)
*
Team software process
In combination with the personal software process (PSP), the team software process (TSP) provides a defined operational process framework that is designed to help teams of managers and engineers organize projects and produce software for
products ...
(TSP)
References
Further reading
*
External links
*
{{Authority control
Software engineering organizations
Computer science institutes in the United States
Federally Funded Research and Development Centers
Carnegie Mellon University
Organizations based in Pittsburgh
Organizations established in 1984
1984 establishments in the United States
Cyberwarfare