National Academies Press: OpenBook

Summary of a Workshop on Software Certification and Dependability (2004)

Chapter: Appendix C: Committee Member and Staff Biographies

« Previous: Appendix B: Panelist Biographies
Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

C
Committee Member and Staff Biographies

COMMITTEE MEMBER BIOGRAPHIES

Daniel Jackson (Chair) is an associate professor of computer science at the Massachusetts Institute of Technology. He received an M.A. from Oxford University (1984) in physics and his S.M. (1988) and Ph.D. (1992) from MIT in computer science. He was a software engineer for Logica UK Ltd. and an assistant professor of computer science at Carnegie Mellon University, and has been an associate professor at MIT since 1997. He has sat on the editorial boards of ACM’s Transactions on Programming Languages and Systems and Transactions on Software Engineering and Methodology, and of Springer’s Software Tools for Technology Transfer, and he has served on the program committee of more than 20 international conferences, including FSE, ISSTA, OOPSLA, and CAV. He has broad interests in several areas of software construction, including development methods, automatic analysis of designs and specifications, and reverse engineering of code.


Joshua Bloch is a principal software engineer at Google. Previously he was a distinguished engineer at Sun Microsystems, where he was an architect in the Core Java Platform Group. He wrote the bestselling book Effective Java (Addison-Wesley, 2001), winner of the 2002 Jolt Award. He led the design and implementation of many parts of the Java platform, including the collections framework, Tiger language enhancements (JSR-201), annotations (JSR-175), multiprecision arithmetic, preferences (JSR-10), and assertions (JSR-41). Previously he was a senior systems designer at Transarc Corporation, where he designed and implemented many parts of the Encina distributed transaction processing system. He holds a Ph.D. in computer science from Carnegie Mellon University and a B.S. in computer science from Columbia University.


Michael DeWalt is chief scientist, aviation systems, for Certification Services, Inc., a Seattle-area aviation consultancy. DeWalt is authorized by the FAA, as a consultant Designated Engineering Representative (DER), to approve software for any aircraft system, at any software level. In addition to his DER duties, he helps clients who have unusual project requirements to develop acceptable software-approval techniques. For 11 years, he was the FAA’s National Resource Specialist (NRS) for aircraft software. He was responsible for starting the international committee that created DO-178B and served as its secretary. He was also secretary of the committee that created DO-248B and DO-278. DeWalt has been involved with both civil and military software avionics and certification

Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

for 26 years, working for airframe manufacturers and avionics suppliers. In addition to his DER certificate, he has a B.S.E.E., a master’s in software engineering, and a commercial pilot’s license.


Reed Gardner is a professor and chair of the Department of Medical Informatics at the University of Utah. He has been a codirector of medical computing at LDS, Cottonwood, and Alta View Hospitals in Salt Lake City. He is one of the principal developers and evaluators of the medical expert system known as HELP (Health Evaluation through Logical Processing). Gardner’s primary academic and research interests are evaluating the benefits of medical expert systems as they relate to quality and cost-effectiveness; development of software oversight committee methods for evaluation of safety and effectiveness of medical software and systems; public health informatics; applying computers in intensive care medicine; and developing devices and communications methods to acquire patient data at the bedside. He is the author or coauthor of more than 300 articles in the fields of medical informatics and engineering. Gardner has been a journal editor and on the editorial boards of Critical Care Medicine and other critical care journals as well as the Journal of the American Medical Informatics Association (JAMIA). He is a fellow of the American College of Medical Informatics and past president of the American Medical Informatics Association. Gardner holds a B.S.E.E. from the University of Utah (1960) in electrical engineering and Ph.D. from the University of Utah (1968) in biophysics and bioengineering.


Peter Lee is a professor of computer science at Carnegie Mellon University. He joined the faculty of Carnegie Mellon’s School of Computer Science in 1987, after completing his doctoral studies at the University of Michigan. He is known internationally for his research contributions in areas related to information assurance, especially the application of programming language technology to operating systems design, networking, and computer security. Lee is best known for his co-invention of the “proof-carrying code” technology for ensuring the security of mobile code. Today, proof-carrying code is the subject of several DARPA- and NSF-sponsored research projects and forms the basis for the products and services provided by Cedilla Systems Incorporated, a Java technology start-up company he cofounded in 1999. Lee is also the associate dean for undergraduate education in Carnegie Mellon’s School of Computer Science. In this capacity, he has been involved in the administration of Carnegie Mellon’s undergraduate programs in computer science. His tenure as associate dean has seen the undergraduate program rise to national prominence, both for its intensive problem-oriented curriculum and for its success in attracting and retaining women in the field of computer science. He has published extensively in major international symposia and is the author of two books. He has been invited to give distinguished lectures and keynote addresses at major universities and symposia and has been called on as an expert witness in key judicial court cases such as the Sun v. Microsoft “Java lawsuit.” Lee has also been a member of the Army Science Board since 1997, for which he has served on four major summer studies, and a Technology Panel cochair for the 2001 Defense Science Board study on Defense Science and Technology. In addition to holding M.S. and Ph.D. degrees in computer and communication sciences, Lee earned a B.S. in mathematics from the University of Michigan in 1982. He has been a principal investigator on several DARPA, NSF, and NASA grants and contracts.


Steven B. Lipner is director of security engineering strategy at Microsoft. He was previously the head of Microsoft’s Security Response Center. He will be responsible for defining Microsoft's security development processes and plans for their application to new product generations. His team will also define and execute new programs to help Microsoft customers deploy and operate their systems securely. Lipner, who was previously the director of security assurance, has been at Microsoft since 1999. He joined the company after working at the MITRE Corp. and Digital Equipment Corp., among others. He has almost 30 years’ experience in computer and network

Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

security as a researcher, development manager, and business unit manager. He holds eight patents in computer and network security and is a member of the National Computer Systems Security and Privacy Advisory Board. He holds an M.S. (1966) in civil engineering from the Massachusetts Institute of Technology.


Charles (Chick) Perrow is a professor emeritus of sociology at Yale University. He is a past vice president of the Eastern Sociological Society; a fellow of the Center for Advanced Study in the Behavioral Sciences, 1981-1982, 1999; fellow of the American Academy for the Advancement of Science; resident scholar, Russell Sage Foundation, 1990-1991; fellow, Shelly Cullom Davis Center for Historical Studies, 1995-1996; visitor, Institute for Advanced Study, 1995-1996; and a former member of the National Research Council’s Committee on Human Factors, of the Sociology Panel of the National Science Foundation, and of the editorial boards of several journals. An organizational theorist, he is the author of six books—The Radical Attack on Business (1972), Organizational Analysis: A Sociological View (1970), Complex Organizations: A Critical Essay (1972; 3rd ed., 1986), Normal Accidents: Living with High Risk Technologies (1984; revised, 1999), The AIDS Disaster: The Failure of Organizations in New York and the Nation (1990) with Mauro Guillen, Organizing America: Wealth, Power, and the Origins of American Capitalism (2002)—and over 50 articles. His current interests are in managing complexly interactive, tightly coupled systems (including hospitals, nuclear plants, power grids, the space program, and intelligent transportation systems); the challenge and limits of network-centric warfare; self-organizing properties of the Internet, the electric power grid, networks of small firms, and terrorist organizations; and the possibilities for restructuring society to reduce our vulnerability to increasing disasters, whether natural, industrial/technological, or deliberate. These grow out of his work on “normal accidents,” with its emphasis on organizational design and systems theory, and reflect current consultations and workshops with NASA, the FAA, Naval War College, DaimlerChrysler, NIH, and NSF.


Jon Pincus works at Microsoft Research on software reliability tools and technologies, concentrating on static analysis. As founder and chief technology officer of Intrinsa Corporation, he was one of the original developers of PREfix and continues to be involved in its development and deployment inside Microsoft. Before that, he worked on CAD and document management systems and collected the usual degrees from the usual institutions.


John Rushby is program director for formal methods and dependable systems at SRI International. He worked at the Atlas Computer Laboratory (now part of the Computation and Information Department of the Central Laboratory of the UK Research Councils) from 1974 to 1975, as a lecturer in the Computer Science Department at Manchester University from 1975 to 1979, and as a research associate in the Department of Computing Science at the University of Newcastle upon Tyne from 1979 to 1982, before joining SRI in 1983. At SRI, he was successively promoted to computer scientist, senior computer scientist, program manager and, from 1986 to 1990, the acting director of CSL. In 1991 he assumed his current role as program director. He is interested primarily in the design and assurance of “critical systems,” including properties such as security and safety, mechanisms such as kernelization and fault tolerance, and formal methods for assurance. He considers the main value of formal methods to lie in their use for constructing mathematical models whose properties can be analyzed and verified by computational means. This has led him to focus on the development of effective tools for formal methods. Rushby holds his Ph.D. in computer science from the University of Newcastle (1977).


Lui Sha is a professor of computer science at the University of Illinois at Urbana-Champaign. Before joining UIUC in 1998, he was a senior member of the technical staff at the Software Engineering

Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

Institute at Carnegie Mellon University, which he joined in 1986. Sha’s accomplishments are many, including critical assistance on NASA’s Mars Pathfinder project, the application of rate monotonic theory to Global Positioning System software, and design assistance with the Air Force’s F-22 Raptor project. His knowledge and application of theory and software designs to real-time computing platforms have made him an indispensable resource for numerous efforts. He is a leader in the real-time computing community, was the chair of the IEEE Real-Time Systems Technical Committee from 1999 to 2000, and received that committee’s Outstanding Technical Contributions and Leadership Award in December 2001. He has consulted on many national high-technology projects, and his work has been recognized by several national leaders. He holds a Ph.D. and an M.S. in electrical and computer engineering from Carnegie Mellon University and a B.S.E.E. from McGill University.


Martyn Thomas graduated as a biochemist in 1969 from University College, London, and immediately entered the computer industry. From 1969 to 1983, he worked in universities (in London and the Netherlands), in industry (designing switching software for STC), and at the South West Universities Regional Computer Centre in Bath. In 1983 (with David Bean), he founded a software engineering company, Praxis, to exploit modern software development methods. In December 1992, Praxis was sold to Deloitte and Touche, an international firm of accountants and management consultants, and Thomas became a Deloitte Consulting international partner while remaining chair and, later, managing director of Praxis. He left Deloitte Consulting in 1997. Thomas is now an independent consultant software engineer, specializing in the assessment of large, real-time, safety-critical, software-intensive systems, software engineering, and engineering management. He is a member of the Expert Witness Institute and serves as an expert witness where complex software engineering issues are involved. He is a visiting professor in software engineering at the University of Oxford and a visiting professor at the University of Bristol and the University of Wales, Aberystwyth. He has advised the UK government and the Commission of the European Union on policy in the fields of software engineering and VLSI design. He has had close links with the academic research community throughout his career, as a member of two University Funding Council Research Assessments in Computer Science, numerous international conference program committees, and several UK government and Research Council panels and boards. He has been a member of the IT Foresight Panel of the UK Government Office of Science and Technology, a member of the Advisory Board for the DERA Systems and Software Engineering Centre, and a member of the Research Advisory Council of the UK Civil Aviation Authority. He is a fellow of the British Computer Society and of the Institution of Electrical Engineers. He currently serves on the Management Committee of the Engineering and Technology Forum of the British Computer Society, the IT Sector Panel of the IEE, the Industry Advisory Board for IEEE Software, the Advisory Group to the Foresight Cyber Trust and Crime Prevention Project, the Executive of the UK Computing Research Committee, and as a member of the Advisory Council of the Foundation for Information Policy Research. He is chair of the steering committee for the UK Interdisciplinary Research Collaboration on Dependable Systems (DIRC) and a member of the Council of EPSRC, the UK Engineering and Physical Sciences Research Council.


Scott Wallsten is a fellow at the AEI-Brookings Joint Center for Regulatory Studies and a resident scholar at the American Enterprise Institute. Before joining the Joint Center, he had been an economist at the World Bank, a scholar at the Stanford Institute for Economic Policy Research, and a staff economist at the U.S. President’s Council of Economic Advisers. His interests include industrial organization and public policy, and his research has focused on regulation, privatization, competition, and science and technology policy. His work has been published in journals including the RAND

Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

Journal of Economics, the Journal of Industrial Economics, and the Journal of Regulatory Economics, and Regulation.


David Woods is a professor in the Institute for Ergonomics at the Ohio State University. He was president (1998-1999) and is a fellow of the Human Factors and Ergonomic Society, and is also a fellow of the American Psychological Society and the American Psychological Association. He has received the Ely Award for best paper in the journal Human Factors (1994), the Kraft Innovators Award from the Human Factors and Ergonomic Society for developing the foundations of cognitive engineering, a Laurels Award from Aviation Week and Space Technology (1995) for research on the human factors of highly automated cockpits, and five patents for computerized decision aids. He was on the board of the National Patient Safety Foundation from its founding until 2002 and was associate director of the Midwest Center for Inquiry on Patient Safety (GAPS Center) of the Veterans Health Administration from 1999 to 2003. He is coauthor of Behind Human Error and has written over 40 book chapters and over 45 journal articles on problems such as human error and how complex systems fail, how to make intelligent systems team players, how to support anomaly response and diagnosis, cooperative cognition, and automation surprises in application areas such as space operations, automated flight decks, nuclear power plant safety, and critical-care medicine. His current work examines the themes of data overload, how complex systems fail, human-robot coordination, and how distributed teams modify plans in progress. Based on this body of work he has been an advisor to various government agencies and other organizations on issues pertaining to human performance and error, including the Federal Aviation Administration, Nuclear Regulatory Commission, National Patient Safety Foundation, Veterans Health Administration, and National Science Foundation. Most recently he served on a National Academy of Engineering/Institute of Medicine study panel applying engineering to improve health care systems, and on a National Research Council panel that defined the future of the national air transportation system. Woods earned a Ph.D. from Purdue University in 1979.

STAFF BIOGRAPHIES

Lynette I. Millett is a program officer and study director at the Computer Science and Telecommunications Board of the National Research Council and has been with CSTB since 2000. She is currently involved in several CSTB projects, including a comprehensive exploration of privacy in the information age, an examination of radio frequency identification technologies, and a study on biometrics, in addition to this project on certification and dependable software systems. She recently completed a CSTB project that produced the reports Who Goes There? Authentication Technologies and Their Privacy Implications and IDs—Not That Easy: Questions About Nationwide Identity Systems. Before joining CSTB, she was involved in research on static analysis techniques for concurrent programming languages as well as research on value-sensitive design and informed consent online. She has an M.Sc. in computer science from Cornell University along with a B.A. in mathematics and computer science with honors from Colby College.


Phil Hilliard was a research associate with the Computer Science and Telecommunications Board until May 2004. He provided research support as part of the professional staff and worked on projects focusing on telecommunications research, supercomputing, and dependable systems. Before joining the National Academies, he worked at BellSouth in Atlanta, Georgia, as a competitive intelligence analyst and at NCR as a technical writer and trainer. He has a master’s in library and information science from Florida State University (2003), an M.B.A. from Georgia State University (2000), and a B.S. in computer and information technology from the Georgia Institute of Technology (1986).

Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×

Penelope Smith worked temporarily with the Computer Science and Telecommunications Board between February and July 2004 as a senior program assistant. Prior to joining the National Academies, she worked in rural Angola as a health project manager and community health advisor for Concern Worldwide. She also worked for Emory University as a project coordinator and researcher on reproductive health and HIV, and for the Centers for Disease Control as a technology transfer evaluator for HIV/AIDS programs. She earned an M.P.H. from Emory University and a B.A. in medical anthropology from the University of California at Santa Cruz. She is also a certified health education specialist.

Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page 39
Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page 40
Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page 41
Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page 42
Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page 43
Suggested Citation:"Appendix C: Committee Member and Staff Biographies." National Research Council. 2004. Summary of a Workshop on Software Certification and Dependability. Washington, DC: The National Academies Press. doi: 10.17226/11133.
×
Page 44
Next: What is CSTB? »
Summary of a Workshop on Software Certification and Dependability Get This Book
×
Buy Paperback | $29.00 Buy Ebook | $23.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Certification of critical software systems (e.g., for safety and security) is important to help ensure their dependability. Today, certification relies as much on evaluation of the software development process as it does on the system’s properties. While the latter are preferable, the complexity of these systems usually makes them extremely difficult to evaluate. To explore these and related issues, the National Coordination Office for Information technology Research and Development asked the NRC to undertake a study to assess the current state of certification in dependable systems. The study is in two phases: the first to frame the problem and the second to assess it. This report presents a summary of a workshop held as part of the first phase. The report presents a summary of workshop participants’ presentations and subsequent discussion. It covers, among other things, the strengths and limitations of process; new challenges and opportunities; experience to date; organization context; and cost-effectiveness of software engineering techniques. A consensus report will be issued upon completion of the second phase.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!