Members of Technical Staff at the Software Engineering Institute

Software Engineering Institute (SEI) Podcast Series

The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.

Author

Members of Technical Staff at the Software Engineering Institute

Category

Technology

Podcast website

www.sei.cmu.edu

Latest episode

Jul 8, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Software Defined Warfare: Expanding the Frontier 08.07.2026

Software-defined warfare is today's reality for national security, shifting the emphasis in military operations from hardware to software. In the latest podcast from the Carnegie Mellon University Software Engineering Institute, SEI director Paul Nielsen recently sat down with Matthew Butkovic, technical director of Risk and Resilience in the SEI's CERT Division, to discuss the evolution of softwa...

From Coordination Chaos to Mission Focus: The Waypoints Framework 24.06.2026

In aviation, waypoints guide pilots through complex flight plans, providing some structure but maintaining flexibility. Kevin Dooley, a senior Agile transformation leader at the SEI, adopted this concept to solve one of defense acquisition's most persistent challenges: synchronizing dozens of interdependent teams without drowning in administrative noise and overhead. In the latest podcast from the...

An LLM Evaluation Framework for High-Stakes AI 11.06.2026

Experimentation and validation of LLM performance is critical when building LLM-driven systems that must reliably deliver a service, from customer service chat bots to intelligence analysis tools. To help teams meet the need for rigorous evaluation methods, a research team in the SEI's AI Division led by  Violet Turri has developed the Evaluating Large Language Models (ELM)  library, which is buil...

Protecting AI Systems Against Data Poisoning 04.06.2026

Data poisoning—where adversaries tamper with training data to corrupt model behavior—poses significant risks as AI adoption expands across critical sectors. Organizations without mechanisms in place to detect or prevent data poisoning are open to   an avenue  of attack that, once exploited,  is difficult to  remedi ate . Machine unlearning and model retraining are not always  viable  or effective...

Goal-Line Defense: A Tool to Discover and Mitigate UEFI Vulnerabilities 15.04.2026

As recently as December 2025, the Carnegie Mellon University Software Engineering Institute (SEI's)  CERT Coordination Center (CERT/CC) documented a UEFI-related vulnerability in certain motherboard models, illustrating that early-boot firmware behavior continues to present security challenges despite requiring local physical access to exploit.  While CERT/CC reported seven UEFI vulnerabilities in...

Leadership, Legacy, and the Power of Mentors: Insights from Dr. Paul Nielsen 06.04.2026

In February 2026, Paul Nielsen announced that he will transition out of his role as director and chief executive officer of the Software Engineering Institute (SEI) at Carnegie Mellon University. During Nielsen's tenure, the SEI has marked major institutional milestones that underscore its enduring role in strengthening the security, resilience, and reliability of the nation's software- and AI-int...

With a Little Help from Our Civilian Friends: Cybersecurity Reserve Is Both Feasible and Advisable 20.03.2026

Cybersecurity staffing shortages are a major concern in the government given the increasingly sophisticated cyber attacks on the nation's critical infrastructure. In the FY2023 National Defense Authorization Act (NDAA), Congress tasked the Pentagon with finding flexible options to address cyber staffing needs. The Pentagon commissioned the SEI to conduct an independent study to assess the feasibil...

Maturing AI Adoption: From Chaos to Consistency 02.03.2026

While Stanford University found that AI investments, optimism, and accessibility are rising, a recent MIT report suggests that 95 percent of organizations are realizing no returns on their generative AI investments.   Research from Accenture found that only 8 percent of companies are scaling AI at an enterprise level and embedding the technology into core business strategy to maximize value. Misma...

Temporal Memory Safety in C and C++: An AI-Enhanced Pointer Ownership Model 09.02.2026

In October 2025,  CyberPress   reported  a critical security vulnerability in the Redis Server, an open-source in-memory database that allowed authenticated attackers to achieve remote code execution through a  use-after-free  flaw in the Lua scripting engine. In 2024, another prominent temporal memory safety flaw was found in the  Netfilter  subsystem in the Linux kernel:  CVE-2024-1086 . Bugs re...

AI for the Warfighter: Acquisition Challenges and Guidance 29.01.2026

On November 7, the Department of War released an acquisition transformation strategy that seeks to remove bureaucratic hurdles and streamline acquisition processes to enable even more rapid adoption of technologies, including artificial intelligence. Getting AI into the hands of warfighters requires disciplined AI Engineering. In this podcast from the Carnegie Mellon University Software Engineerin...

Visibility Through the Clouds with Network Flow Logs 15.01.2026

Organizations, including the U.S. military, are increasingly adopting cloud deployments for their flexibility and cost savings. The shared security model utilized by cloud service providers removes some of the adopting organization's responsibility for system administration and security. But it leaves them on the hook for monitoring hosted applications and resources. Cloud flow logs are a valuable...

Orchestrating the Chaos: Protecting Wireless Networks from Cyber Attacks 02.12.2025

From early 2022 through late 2024, a group of threat actors publicly known as APT28 exploited known vulnerabilities, such as CVE-2022-38028, to remotely and wirelessly access sensitive information from a targeted company network. This attack did not require any hardware to be placed in the vicinity of the targeted company's network as the attackers were able to execute remotely from thousands of m...

From Data to Performance: Understanding and Improving Your AI Model 10.11.2025

Modern data analytic methods and tools—including artificial intelligence (AI) and machine learning (ML) classifiers—are revolutionizing prediction capabilities and automation through their capacity to analyze and classify data. To produce such results, these methods depend on correlations. However, an overreliance on correlations can lead to prediction bias and reduced confidence in AI outputs.  ...

What Could Possibly Go Wrong? Safety Analysis for AI Systems 31.10.2025

How can you ever know whether an LLM is safe to use? Even self-host ed LLM system s are vulnerable to adversarial prompt s left on the internet and waiting to be found by system search engines . These at tacks and others exploit the complexity of even seemingly secure AI systems .    In our latest podcast from the Carnegie Mellon University Software Engineering Institute (SEI), David Schulker and...

Getting Your Software Supply Chain In Tune with SBOM Harmonization 23.10.2025

Software bills of materials or SBOMs are critical to software security and supply chain risk management. Ideally, regardless of the SBOM tool, the output should be consistent for a given piece of software. But that is not always the case. The divergence of results can undermine confidence in software quality and security. In our latest podcast from the Carnegie Mellon University Software Engineeri...

API Security: An Emerging Concern in Zero Trust Implementations 08.10.2025

Application programing interfaces, more commonly known as APIs, are the engines behind the majority of internet traffic . The pervasive and public nature of APIs have increased the attack surface of the systems and applications they are used in . In this   podcast from the Carnegie Mellon University Software Engineering Institute (SEI) , McKinley Sconiers-Hasan, a solutions engineer in the SEI 's...

Delivering Next-Generation AI Capabilities 29.09.2025

Artificial intelligence (AI) is a transformational technology, but it has limitations in challenging operational settings. R esearchers in the AI Division of the Carnegie Mellon University Software Engineering Institute (SEI) work to deliver reliable and secure AI capabilities to warfighters in mission-critical environments. In our latest podcast , Matt Gaston , director of the SEI's AI Division,...

The Benefits of Rust Adoption for Mission-and-Safety-Critical Systems 16.09.2025

A recent Google survey found that many developers felt comfortable using the Rust programming language in two months or less. Yet barriers to Rust adoption remain, particularly in safety-critical systems , where features such as memory and processing power are in short supply and compliance with regulations is mandatory. In our latest podcast from the Carnegie Mellon University Software Engineerin...

Threat Modeling: Protecting Our Nation's Complex Software-Intensive Systems 05.09.2025

In response to Executive Order (EO) 14028,  Improving the Nation's Cybersecurity , the National Institute of Standards and Technology (NIST) recommended  11 practices for software verification . Threat modeling is at the top of the list. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Natasha Shevchenko and Alex Vesey, both engineers with the SEI's CERT Di...

Understanding Container Reproducibility Challenges: Stopping the Next Solar Winds 30.07.2025

Container images are increasingly being used as the main method for software deployment, so ensuring the reproducibility of container images is becoming a critical step in protecting the software supply chain. In practice, however, builds are often not reproducible due to elements of the build environment that rely on nondeterministic factors such as timestamps and external dependencies. Lack of r...

Mitigating Cyber Risk with Secure by Design 14.07.2025

Software enables our way of life, but market forces have sidelined security concerns leaving systems vulnerable to attack. Fixing this problem will require the software industry to develop an initial standard for creating software that is secure by design. These are the findings of a recently released paper coauthored by Greg Touhill, director of the Software Engineering Institute (SEI) CERT Divis...

The Magic in the Middle: Evolving Scaled Software Solutions for National Defense 18.06.2025

A January 2025 Defense Innovation Board study on scaling nontraditional defense innovation stated, "We must act swiftly to ensure the DoD leads in global innovation and competition over AI and autonomous systems – and is a trendsetter for their responsible use in modern warfare." In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), chief technical officer Tom L...

Making Process Respectable Again: Advancing DevSecOps in the DoD Mission Space 04.06.2025

Warfighters in the Department of Defense (DoD) operate in high-stakes environments where security, efficiency, and speed are critical. In such environments DevSecOps has become crucial in the drive toward modernization and overall mission success. A recent study led by researchers at the Carnegie Mellon University Software Engineering Institute (SEI) examined the state of DevSecOps within the Depa...

Deploying on the Edge 28.05.2025

Deploying cloud-centric technologies such as Kubernetes in edge environments poses challenges, especially for mission-critical defense systems. In this podcast from the Carnegie Mellon University Software Engineering Institute (SEI), Patrick Earl, Doug Reynolds, and Jeffrey Hamed, all DevOps engineers in the SEI's Software Solutions Division, sit down with senior reesearcher Jose Morales to discus...

The Best and Brightest: 6 Years of Supporting the President's Cup Cybersecurity Competition 12.05.2025

A strong cyber defense is vital to   public - and private-sector activities in the United States. In 2019, in response to an executive order to strengthen America's cybersecurity workforce, the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA) partnered with the SEI to develop and run the President's Cup Cybersecurity Competition, a national cyber competitio...

Listen to the Software Engineering Institute (SEI) Podcast Series podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.