June 24, 2025—The Carnegie Mellon University (CMU) Software Engineering Institute (SEI) is marking 40 years as a cornerstone of advancing software as a strategic advantage for national security. For four decades, the SEI has worked to make software do more, be more secure, deploy faster, and cost less, improving software systems vital to national defense and the broader information technology ecosystem. To continue the SEI’s mission, the U.S. Department of Defense (DoD) yesterday renewed its contract with CMU to operate the SEI as a federally funded research and development center (FFRDC). The contract for 2025-2030, with a five-year extension option, ensures that the institute will keep advancing and transitioning the science, technologies, and practices needed to make software a strategic advantage for the DoD.

The DoD established the SEI in 1984, and the institute began operation in early 1985. Since then, the SEI has been at the forefront of technology transformations that changed how the DoD provides capabilities and protects its systems and networks. Early on, the SEI recognized the importance of process improvement in software development and evolved the Capability Maturity Model Integration (CMMI), a framework for assessing an organization’s software process maturity. Following the Morris worm attack in 1988, the SEI became a leader in incident response, vulnerability analysis, and cybersecurity research. The SEI led a third key technology transformation in software architecture, particularly through creation of the Architecture Analysis and Design Language (AADL), which enabled modeling and analysis of complex systems. And in the last decade, the SEI has advanced artificial intelligence (AI) from bespoke solutions and isolated algorithms toward an AI Engineering discipline and an AI system development lifecycle.

AI-enabled software systems, socio-technical systems, and quantum computing systems will continue to shift software engineering fundamentally, especially as software development becomes AI-enabled. Cybersecurity operation will increasingly depend on AI and machine learning to detect and repair software vulnerabilities, identify risk exposure better and faster, and respond to adversarial operations. The challenge of developing and designing trustworthy, operator-centered AI systems will be a key focus for the AI Engineering discipline, ensuring that these systems are explainable, reliable, responsible, safe, fair, and transparent. Harnessing these transformations will require the SEI’s strength in integrating software engineering, cybersecurity, and AI Engineering for software quality.

“Carnegie Mellon University’s operation of the Software Engineering Institute advances pivotal research and development that is deeply consequential to our national security and defense,” said CMU President Farnam Jahanian. “We are honored to build on our partnership with the Department of Defense—which stretches back four decades and has positioned the SEI as a trusted national resource at the forefront of software, cybersecurity, and AI. Together, we will continue driving innovation, guiding defense strategy, and helping to secure the systems that power our economy, our security, and our way of life.”

As part of CMU, the SEI has access to some of the world’s greatest resources and researchers working at the forefront of emerging technologies. “The institute’s R&D portfolio puts Carnegie Mellon squarely at the center of the nation’s goal to maintain world leadership in the advancement and implementation of critical trustworthy AI and other emerging software innovations,” said Theresa Mayer, CMU vice president for research.

Those innovations include contributions to the Software Acquisition Pathway, which earlier this year the DoD adopted as its preferred pathway for all software development components. In late 2024, the Defense Department officially established the Cybersecurity Maturity Model Certification (CMMC), co-created by the SEI, to secure the defense industrial base supply chain against cyber threats. The first-of-its-kind SEI AI Security Incident Response Team (AISIRT) is in its second year of identifying, analyzing, and responding to the threats, vulnerabilities, and incidents that emerge from advances in AI and machine learning. As part of its remit to transition industry technology to the DoD, SEI experts frequently collaborate with the Defense Innovation Unit (DIU), which accelerates adoption of commercial and dual-use technology across the department. Since 2020, the SEI has led a national initiative in engineering AI for defense and national security sponsored by the Office of the Director of National Intelligence. The SEI also works with acquisition programs to apply industry best practices such as Agile and continuous deployment of capability, stand up software factories, and implement zero-trust architectures.

The institute’s agile execution strategy, integrated research approach, and role as a trusted, independent advisor and conduit of the latest R&D enable SEI researchers to investigate and recommend tools, technologies, and procedures for the DoD’s software modernization objectives. The SEI, which is sponsored by the Office of the Under Secretary of Defense for Research and Engineering (USD(R&E)), is the only FFRDC focusing specifically on software-related security and engineering. Its FFRDC status allows the SEI to focus on long-term, mission-critical research driven not by profit but by the need to solve hard DoD problems.

The renewal of the SEI’s contract will enable it to determine and lead new areas of research not because a technology is novel but because it can support the DoD mission. Meeting that goal means exploring new technologies and integrating them into complex systems at scale, reliably and securely. It also means developing practices, policies, guidance, and workforce training to support the technology’s adoption, use, and sustainment. Structured technology transition models will close the gaps between innovation and operation.

The DoD’s recommitment to the SEI’s mission comes after four decades of impact on software engineering, cybersecurity, and AI Engineering. “To continue to make a difference for the DoD as the future unfolds means anticipating change and making it work to the DoD’s advantage in its software ecosystem,” said SEI Director and CEO Paul Nielsen. “Our history proves that we are always in position to provide key guidance on the next big thing in software technology in service to the nation.”