National Academies Press: OpenBook
« Previous: Appendix B: Steering Committee Biographies
Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×

C

Speaker Biographies

LEE BADGER is a computer scientist at the National Institute of Standards and Technology (NIST) and manages the Security Components and Mechanisms group in the Computer Security Division of NIST’s Information Technology Laboratory. Badger has more than 20 years of experience with computer security research, with a focus on operating systems and access control. Prior to joining NIST in 2008, Badger served as a Defense Advanced Research Projects Agency (DARPA) program manager for 6 years, where he funded and managed a variety of programs focusing on self-regenerating systems, intrusion tolerance, self-defending applications, software security analysis, and software producibility. Prior to joining DARPA, Badger led development efforts culminating in implementations of Domain and Type Enforcement (DTE) for UNIX, a DTE-enforcing firewall, a Generic Software Wrappers system for UNIX, and application of software wrappers for intrusion detection. He holds an M.S. in computer science from the University of Maryland, College Park, awarded in 1987.

PAUL E. BLACK is a computer scientist in the Software Quality Group, Systems and Software Division, Information Technology Laboratory at NIST. Black has nearly 20 years of industrial experience in areas such as developing software for IC design and verification, assuring software quality, and managing business data processing. The website he began and edits at NIST, the online Dictionary of Algorithms and Data Structures (http://www.nist.gov/dads), was accessed almost 20,000 times a day from all over the world. Black began his Ph.D. at University of California, Berkeley, then transferred to Brigham Young University where he graduated in 1998. He has taught classes at Brigham Young University and Johns Hopkins University. Black has published in the areas of static analysis, software testing, software configuration control, networks and queuing analysis, formal methods, software verification, quantum computing, and computer forensics. He has been awarded the Department of Commerce Bronze Medal for leadership in the development of software assurance test methods and reference data and the ITL Outstanding Authorship Award in recognition of his publication, “Quantum Computer and Communications.” He is a senior member of the Institute of Electrical and Electronics Engineers (IEEE) and a member of IEEE Computer Society and the Association for Computing Machinery (ACM).

Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×

WILL DREWRY is a principal software engineer at Google leading security efforts for Chrome OS and Pixel. Joining in 2003, his contributions have spanned initiatives ranging from large-scale infrastructure assurance to defining and driving security and privacy for consumer products. Starting in 2009, Drewry built and led security and privacy engineering for Chrome OS ensuring a holistic and coherent product design. Along the way, he designed and implemented key enabling technology (dm-verity, seccomp-bpf) now in use across the industry. Drewry received his B.A. in computer science from Boston University and holds more than 20 patents.

KEVIN FU is an associate professor of computer science and engineering at the University of Michigan, where he conducts research on computer security and health care as part of the National Science Foundation’s (NSF’s) Trustworthy Health and Wellness (THAW. org) Frontiers project. He also directs the Archimedes Center for Medical Device Security, whose mission is to improve medical device security through research and education, and he co-founded Virta Labs, a health-care cybersecurity company based in Ann Arbor, Michigan. Over the last decade, Fu has given nearly 100 invited talks on medical device security to industry, government, and academia—including U.S. Senate and U.S. House hearings, the Institute of Medicine, and National Academy of Engineering (NAE) events. Beginning with his 2006 security seminar at Food and Drug Administration CDRH, Fu’s medical device security efforts were recognized with a Fed100 Award, Sloan Research Fellowship, NSF CAREER Award, the Massachusetts Institute of Technology (MIT) TR35 Innovator of the Year Award, and best paper awards on medical device security by organizations such as IEEE and ACM. Fu earned a Ph.D., master’s degree, and bachelor’s degree from MIT.

ED PARADISE is the vice president of engineering for the Security and Trust Organization. He is also the site executive for Cisco’s Research Triangle Park Site. As vice president of engineering, Paradise is responsible for the security and trustworthiness of Cisco’s product portfolio. He leads the engineering team that focuses on developing trustworthy systems by developing new tools, processes, and technologies that further enhance the security of Cisco product portfolios. Paradise joined Cisco in 1993. He has held various leadership positions in Cisco’s engineering organization, including general manager of the Mobile Wireless Group and general manager of the IP Communication Business Unit. He also became the RTP site executive in 2002. In this role, he leads the second-largest U.S. Cisco site, also being the liaison between Cisco and the local community, including local and state governments, and its philanthropic interests. Paradise holds an M.S. in electrical engineering from Syracuse University and a B.S. in electrical engineering from the University of Hartford.

Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×

CARLOS PICOTO is an engineering general manager at Microsoft. He started his career with Microsoft in 1997. He received his M.S. in computer science from the Instituto Superior Técnico and his B.S. in computer science from the Universidade de Lisboa.

EDMUND O. SCHWEITZER III is recognized as a pioneer in digital protection and holds the grade of fellow in the IEEE, a title bestowed on less than 1 percent of IEEE members. In 2002, he was elected as a member of the NAE. Schweitzer received the 2012 Medal in Power Engineering, the highest award given by IEEE, for his leadership in revolutionizing the performance of electrical power systems with computer-based protection and control equipment. Schweitzer is the recipient of the Regents’ Distinguished Alumnus Award and Graduate Alumni Achievement Award from Washington State University and the Purdue University Outstanding Electrical and Computer Engineer Award. He has also been awarded honorary doctorates from both the Universidad Autónoma de Nuevo León, in Monterrey, Mexico, and the Universidad Autónoma de San Luis Potosí, in San Luis Potosí, Mexico, for his contributions to the development of electric power systems worldwide. He has written dozens of technical papers in the areas of digital relay design and reliability and holds nearly 180 patents worldwide pertaining to electric power system protection, metering, monitoring, and control. Schweitzer received his bachelor’s and master’s degrees in electrical engineering from Purdue University and his doctorate from Washington State University. He served on the electrical engineering faculties of Ohio University and Washington State University, and in 1982, he founded Schweitzer Engineering Laboratories, Inc. (SEL), to develop and manufacture digital protective relays and related products and services.

JOHN VANGELOV is the embedded modem features manager at Ford Motor Company. He began his career at Ford in 2002, previously holding positions at Siemens, Lear Corporation, and AirTouch Cellular. Vangelov’s experience includes leading the production delivery of vehicle ECU software; the development of embedded operating systems, diagnostic kernels, and software bootloaders; vehicle electrical system and architecture design; RF engineering; and the development and delivery of cloud-based services for software update and consumer features for connected vehicles. He has 16 patents issued or in process in the domain of software updates. He received his M.S. in software engineering from the University of Michigan and his B.S. in electrical engineering from Lawrence Technological University.

NICKO VAN SOMEREN is the Linux Foundation’s chief technology officer (CTO), focused on the Core Infrastructure Initiative and other security-focused efforts at the organization.

Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×

He has extensive experience across the security and networking industries. Most recently, he was the CTO of Good Technology, and prior to this he served as chief security architect at Juniper Networks, where he was responsible for the company’s Network Security products. Before joining Juniper, he was founder and CTO of the security technology company nCipher Plc. Van Someren holds a doctorate and first-class degree in computer science from Cambridge University in the United Kingdom. He is a fellow of both the Royal Academy of Engineering and the British Computer Society.

DAVID E. WHITEHEAD, P.E., is the vice president of Research and Development at SEL. He also oversees the company’s Government Services Division and serves on the board of directors. After joining SEL in 1994, Whitehead worked as a hardware engineer, research engineer, and chief engineer of the Government Services Division before taking on the leadership of SEL R&D in 2006. Whitehead has been a passionate driver of product and talent development at SEL, and has had a hand in the steady stream of inventions and innovations to come out of U.S. based-technology company. He currently holds 55 patents worldwide. Whitehead is a leader in utility and industrial control system cybersecurity. He has presented at conferences, testified before FERC, chairs the IEEE Power and Energy Society Substations C6 group that addresses serial cryptographic protocols, and has authored numerous papers on the topic. Whitehead received his B.S.E.E. from Washington State University in 1989 and his MSEE from Rensselaer Polytechnic Institute in 1994. He is a registered Professional Engineer in Michigan, New York, North Carolina, and Washington.

RUTH YODAIKEN is a data protection attorney in the Division of Privacy and Identity Protection at the Federal Trade Commission. Her work revolves around how entities comply with existing laws and protect information about individuals from misuse.

Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×

OTHER RECENT REPORTS OF THE COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD

Cryptographic Agility and Interoperability: Proceedings of a Workshop (2017)

Foundational Cybersecurity Research: Improving Science, Engineering, and Institutions (2017)

Information Technology and the U.S. Workforce: Where Are We and Where Do We Go from Here? (2017)

A 21st Century Cyber-Physical Systems Education (2016)

Continuing Innovation in Information Technology: Workshop Report (2016)

Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop (2016)

Exploring Encryption and Potential Mechanisms for Authorized Government Access to Plaintext: Proceedings of a Workshop (2016)

Future Directions for NSF Advanced Computing Infrastructure to Support U.S. Science and Engineering in 2017-2020 (2016)

Privacy Research and Best Practices: Summary of a Workshop for the Intelligence Community (2016)

Bulk Collection of Signals Intelligence: Technical Options (2015)

Cybersecurity Dilemmas: Technology, Policy, and Incentives: Summary of Discussions at the 2014 Raymond and Beverly Sackler U.S.-U.K. Scientific Forum (2015)

Interim Report on 21st Century Cyber-Physical Systems Education (2015)

A Review of the Next Generation Air Transportation System: Implications and Importance of System Architecture (2015)

Telecommunications Research and Engineering at the Communications Technology Laboratory of the Department of Commerce: Meeting the Nation’s Telecommunications Needs (2015)

Telecommunications Research and Engineering at the Institute for Telecommunication Sciences of the Department of Commerce: Meeting the Nation’s Telecommunications Needs (2015)

At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues (2014)

Future Directions for NSF Advanced Computing Infrastructure to Support U.S. Science and Engineering in 2017-2020: An Interim Report (2014)

Geotargeted Alerts and Warnings: Report of a Workshop on Current Knowledge and Research Gaps (2013)

Professionalizing the Nation’s Cybersecurity Workforce? Criteria for Future Decision-Making (2013)

Public Response to Alerts and Warnings Using Social Media: Summary of a Workshop on Current Knowledge and Research Gaps (2013)

Computing Research for Sustainability (2012)

Continuing Innovation in Information Technology (2012)

The Safety Challenge and Promise of Automotive Electronics: Insights from Unintended Acceleration (2012, with the Board on Energy and Environmental Systems and the Transportation Research Board)

Limited copies of CSTB reports are available free of charge from:
Computer Science and Telecommunications Board
Keck Center of the National Academies of Sciences, Engineering, and Medicine
500 Fifth Street, NW, Washington, DC 20001
(202) 334-2605/cstb@nas.edu
www.cstb.org

Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×

Image
Image
Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×
Page 78
Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×
Page 79
Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×
Page 80
Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×
Page 81
Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×
Page 82
Suggested Citation:"Appendix C: Speaker Biographies." National Academies of Sciences, Engineering, and Medicine. 2017. Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop. Washington, DC: The National Academies Press. doi: 10.17226/24833.
×
Page 83
Software Update as a Mechanism for Resilience and Security: Proceedings of a Workshop Get This Book
×
Buy Paperback | $60.00 Buy Ebook | $48.99
MyNAP members save 10% online.
Login or Register to save!
Download Free PDF

Software update is an important mechanism by which security changes and improvements are made in software, and this seemingly simple concept encompasses a wide variety of practices, mechanisms, policies, and technologies. To explore the landscape further, the Forum on Cyber Resilience hosted a workshop featuring invited speakers from government, the private sector, and academia. This publication summarizes the presentations and discussions from the workshop.

  1. ×

    Welcome to OpenBook!

    You're looking at OpenBook, NAP.edu's online reading room since 1999. Based on feedback from you, our users, we've made some improvements that make it easier than ever to read thousands of publications on our website.

    Do you want to take a quick tour of the OpenBook's features?

    No Thanks Take a Tour »
  2. ×

    Show this book's table of contents, where you can jump to any chapter by name.

    « Back Next »
  3. ×

    ...or use these buttons to go back to the previous chapter or skip to the next one.

    « Back Next »
  4. ×

    Jump up to the previous page or down to the next one. Also, you can type in a page number and press Enter to go directly to that page in the book.

    « Back Next »
  5. ×

    Switch between the Original Pages, where you can read the report as it appeared in print, and Text Pages for the web version, where you can highlight and search the text.

    « Back Next »
  6. ×

    To search the entire text of this book, type in your search term here and press Enter.

    « Back Next »
  7. ×

    Share a link to this book page on your preferred social network or via email.

    « Back Next »
  8. ×

    View our suggested citation for this chapter.

    « Back Next »
  9. ×

    Ready to take your reading offline? Click here to buy this book in print or download it as a free PDF, if available.

    « Back Next »
Stay Connected!