LEE BADGER is a computer scientist at the National Institute of Standards and Technology (NIST) and manages the Security Components and Mechanisms group in the Computer Security Division of NIST’s Information Technology Laboratory. Badger has more than 20 years of experience with computer security research, with a focus on operating systems and access control. Prior to joining NIST in 2008, Badger served as a Defense Advanced Research Projects Agency (DARPA) program manager for 6 years, where he funded and managed a variety of programs focusing on self-regenerating systems, intrusion tolerance, self-defending applications, software security analysis, and software producibility. Prior to joining DARPA, Badger led development efforts culminating in implementations of Domain and Type Enforcement (DTE) for UNIX, a DTE-enforcing firewall, a Generic Software Wrappers system for UNIX, and application of software wrappers for intrusion detection. He holds an M.S. in computer science from the University of Maryland, College Park, awarded in 1987.
PAUL E. BLACK is a computer scientist in the Software Quality Group, Systems and Software Division, Information Technology Laboratory at NIST. Black has nearly 20 years of industrial experience in areas such as developing software for IC design and verification, assuring software quality, and managing business data processing. The website he began and edits at NIST, the online Dictionary of Algorithms and Data Structures (http://www.nist.gov/dads), was accessed almost 20,000 times a day from all over the world. Black began his Ph.D. at University of California, Berkeley, then transferred to Brigham Young University where he graduated in 1998. He has taught classes at Brigham Young University and Johns Hopkins University. Black has published in the areas of static analysis, software testing, software configuration control, networks and queuing analysis, formal methods, software verification, quantum computing, and computer forensics. He has been awarded the Department of Commerce Bronze Medal for leadership in the development of software assurance test methods and reference data and the ITL Outstanding Authorship Award in recognition of his publication, “Quantum Computer and Communications.” He is a senior member of the Institute of Electrical and Electronics Engineers (IEEE) and a member of IEEE Computer Society and the Association for Computing Machinery (ACM).
WILL DREWRY is a principal software engineer at Google leading security efforts for Chrome OS and Pixel. Joining in 2003, his contributions have spanned initiatives ranging from large-scale infrastructure assurance to defining and driving security and privacy for consumer products. Starting in 2009, Drewry built and led security and privacy engineering for Chrome OS ensuring a holistic and coherent product design. Along the way, he designed and implemented key enabling technology (dm-verity, seccomp-bpf) now in use across the industry. Drewry received his B.A. in computer science from Boston University and holds more than 20 patents.
KEVIN FU is an associate professor of computer science and engineering at the University of Michigan, where he conducts research on computer security and health care as part of the National Science Foundation’s (NSF’s) Trustworthy Health and Wellness (THAW. org) Frontiers project. He also directs the Archimedes Center for Medical Device Security, whose mission is to improve medical device security through research and education, and he co-founded Virta Labs, a health-care cybersecurity company based in Ann Arbor, Michigan. Over the last decade, Fu has given nearly 100 invited talks on medical device security to industry, government, and academia—including U.S. Senate and U.S. House hearings, the Institute of Medicine, and National Academy of Engineering (NAE) events. Beginning with his 2006 security seminar at Food and Drug Administration CDRH, Fu’s medical device security efforts were recognized with a Fed100 Award, Sloan Research Fellowship, NSF CAREER Award, the Massachusetts Institute of Technology (MIT) TR35 Innovator of the Year Award, and best paper awards on medical device security by organizations such as IEEE and ACM. Fu earned a Ph.D., master’s degree, and bachelor’s degree from MIT.
ED PARADISE is the vice president of engineering for the Security and Trust Organization. He is also the site executive for Cisco’s Research Triangle Park Site. As vice president of engineering, Paradise is responsible for the security and trustworthiness of Cisco’s product portfolio. He leads the engineering team that focuses on developing trustworthy systems by developing new tools, processes, and technologies that further enhance the security of Cisco product portfolios. Paradise joined Cisco in 1993. He has held various leadership positions in Cisco’s engineering organization, including general manager of the Mobile Wireless Group and general manager of the IP Communication Business Unit. He also became the RTP site executive in 2002. In this role, he leads the second-largest U.S. Cisco site, also being the liaison between Cisco and the local community, including local and state governments, and its philanthropic interests. Paradise holds an M.S. in electrical engineering from Syracuse University and a B.S. in electrical engineering from the University of Hartford.
CARLOS PICOTO is an engineering general manager at Microsoft. He started his career with Microsoft in 1997. He received his M.S. in computer science from the Instituto Superior Técnico and his B.S. in computer science from the Universidade de Lisboa.
EDMUND O. SCHWEITZER III is recognized as a pioneer in digital protection and holds the grade of fellow in the IEEE, a title bestowed on less than 1 percent of IEEE members. In 2002, he was elected as a member of the NAE. Schweitzer received the 2012 Medal in Power Engineering, the highest award given by IEEE, for his leadership in revolutionizing the performance of electrical power systems with computer-based protection and control equipment. Schweitzer is the recipient of the Regents’ Distinguished Alumnus Award and Graduate Alumni Achievement Award from Washington State University and the Purdue University Outstanding Electrical and Computer Engineer Award. He has also been awarded honorary doctorates from both the Universidad Autónoma de Nuevo León, in Monterrey, Mexico, and the Universidad Autónoma de San Luis Potosí, in San Luis Potosí, Mexico, for his contributions to the development of electric power systems worldwide. He has written dozens of technical papers in the areas of digital relay design and reliability and holds nearly 180 patents worldwide pertaining to electric power system protection, metering, monitoring, and control. Schweitzer received his bachelor’s and master’s degrees in electrical engineering from Purdue University and his doctorate from Washington State University. He served on the electrical engineering faculties of Ohio University and Washington State University, and in 1982, he founded Schweitzer Engineering Laboratories, Inc. (SEL), to develop and manufacture digital protective relays and related products and services.
JOHN VANGELOV is the embedded modem features manager at Ford Motor Company. He began his career at Ford in 2002, previously holding positions at Siemens, Lear Corporation, and AirTouch Cellular. Vangelov’s experience includes leading the production delivery of vehicle ECU software; the development of embedded operating systems, diagnostic kernels, and software bootloaders; vehicle electrical system and architecture design; RF engineering; and the development and delivery of cloud-based services for software update and consumer features for connected vehicles. He has 16 patents issued or in process in the domain of software updates. He received his M.S. in software engineering from the University of Michigan and his B.S. in electrical engineering from Lawrence Technological University.
NICKO VAN SOMEREN is the Linux Foundation’s chief technology officer (CTO), focused on the Core Infrastructure Initiative and other security-focused efforts at the organization.
He has extensive experience across the security and networking industries. Most recently, he was the CTO of Good Technology, and prior to this he served as chief security architect at Juniper Networks, where he was responsible for the company’s Network Security products. Before joining Juniper, he was founder and CTO of the security technology company nCipher Plc. Van Someren holds a doctorate and first-class degree in computer science from Cambridge University in the United Kingdom. He is a fellow of both the Royal Academy of Engineering and the British Computer Society.
DAVID E. WHITEHEAD, P.E., is the vice president of Research and Development at SEL. He also oversees the company’s Government Services Division and serves on the board of directors. After joining SEL in 1994, Whitehead worked as a hardware engineer, research engineer, and chief engineer of the Government Services Division before taking on the leadership of SEL R&D in 2006. Whitehead has been a passionate driver of product and talent development at SEL, and has had a hand in the steady stream of inventions and innovations to come out of U.S. based-technology company. He currently holds 55 patents worldwide. Whitehead is a leader in utility and industrial control system cybersecurity. He has presented at conferences, testified before FERC, chairs the IEEE Power and Energy Society Substations C6 group that addresses serial cryptographic protocols, and has authored numerous papers on the topic. Whitehead received his B.S.E.E. from Washington State University in 1989 and his MSEE from Rensselaer Polytechnic Institute in 1994. He is a registered Professional Engineer in Michigan, New York, North Carolina, and Washington.
RUTH YODAIKEN is a data protection attorney in the Division of Privacy and Identity Protection at the Federal Trade Commission. Her work revolves around how entities comply with existing laws and protect information about individuals from misuse.
OTHER RECENT REPORTS OF THE COMPUTER SCIENCE AND TELECOMMUNICATIONS BOARD
Cryptographic Agility and Interoperability: Proceedings of a Workshop (2017)
Foundational Cybersecurity Research: Improving Science, Engineering, and Institutions (2017)
Information Technology and the U.S. Workforce: Where Are We and Where Do We Go from Here? (2017)
A 21st Century Cyber-Physical Systems Education (2016)
Continuing Innovation in Information Technology: Workshop Report (2016)
Data Breach Aftermath and Recovery for Individuals and Institutions: Proceedings of a Workshop (2016)
Exploring Encryption and Potential Mechanisms for Authorized Government Access to Plaintext: Proceedings of a Workshop (2016)
Future Directions for NSF Advanced Computing Infrastructure to Support U.S. Science and Engineering in 2017-2020 (2016)
Privacy Research and Best Practices: Summary of a Workshop for the Intelligence Community (2016)
Bulk Collection of Signals Intelligence: Technical Options (2015)
Cybersecurity Dilemmas: Technology, Policy, and Incentives: Summary of Discussions at the 2014 Raymond and Beverly Sackler U.S.-U.K. Scientific Forum (2015)
Interim Report on 21st Century Cyber-Physical Systems Education (2015)
A Review of the Next Generation Air Transportation System: Implications and Importance of System Architecture (2015)
Telecommunications Research and Engineering at the Communications Technology Laboratory of the Department of Commerce: Meeting the Nation’s Telecommunications Needs (2015)
Telecommunications Research and Engineering at the Institute for Telecommunication Sciences of the Department of Commerce: Meeting the Nation’s Telecommunications Needs (2015)
At the Nexus of Cybersecurity and Public Policy: Some Basic Concepts and Issues (2014)
Future Directions for NSF Advanced Computing Infrastructure to Support U.S. Science and Engineering in 2017-2020: An Interim Report (2014)
Geotargeted Alerts and Warnings: Report of a Workshop on Current Knowledge and Research Gaps (2013)
Professionalizing the Nation’s Cybersecurity Workforce? Criteria for Future Decision-Making (2013)
Public Response to Alerts and Warnings Using Social Media: Summary of a Workshop on Current Knowledge and Research Gaps (2013)
Computing Research for Sustainability (2012)
Continuing Innovation in Information Technology (2012)
The Safety Challenge and Promise of Automotive Electronics: Insights from Unintended Acceleration (2012, with the Board on Energy and Environmental Systems and the Transportation Research Board)
Limited copies of CSTB reports are available free of charge from:
Computer Science and Telecommunications Board
Keck Center of the National Academies of Sciences, Engineering, and Medicine
500 Fifth Street, NW, Washington, DC 20001