Speakers
Keynote Address
SPEAKER: Farnam Jahanian, Carnegie Mellon University
TITLE: Reflections on the Evolution of Internet Threats and Imperatives for a Cyber-Secure Society
ABSTRACT: The Internet plays a vital role in tightly integrating the economic, political, and social fabric of our lives. This interdependency leaves society vulnerable to a wide range of threats that impact the security, reliability, availability, and overall trustworthiness of IT resources in every sector of our economy. Assuring those properties in the face of adversarial behavior and an Internet that has changed dramatically in size, complexity, and diversity over the last decade has proven to be a critical challenge.
I will reflect on the evolution of Internet threats, from early threats, such as viruses and worms, to modern botnets and emerging threats to our critical infrastructure. I will explore how attackers’ changing technological means have intertwined with their changing social, behavioral, and economic motives to create today’s diverse range of threats. I will also touch on how the emerging threats, in particular how future innovation may occur in the threat landscape, will likely be driven by contemporary technology adoption patterns, such as the explosive growth of online data, the proliferation of mobile devices, and the emergence of cloud computing.
BIOGRAPHY: Farnam Jahanian leads the National Science Foundation Directorate for Computer and Information Science and Engineering (CISE). He guides CISE in its mission to uphold the nation’s leadership in scientific discovery and engineering innovation through its support of fundamental research in computer and information science and engineering and of transformative advances in cyberinfrastructure. Jahanian is on leave from the University of Michigan, where he holds the Edward S. Davidson Collegiate Professorship and served as Chair for Computer Science and Engineering from 2007 to 2011 and as Director of the Software Systems Laboratory from 1997 to 2000. His research on Internet infrastructure security formed the basis for the Internet security company Arbor Networks, which he co-founded in 2001 and where he served as Chairman until its acquisition in 2010. Jahanian has testified before Congress on a broad range of topics, including cybersecurity and Big Data. In September 2014, he will join Carnegie Mellon University as its Vice President for Research. He holds a master’s degree and a Ph.D. in Computer Science from the University of Texas at Austin. He is a Fellow of the ACM, IEEE, and AAAS.
Industry Panel
SPEAKERS: Bala Chidambaram, Boeing; Himanshu Khurana, Honeywell; Richard Schlichting, AT&T
BIOGRAPHIES:
Bala Chidambaram manages a Cyber Security and Network Technology organization in Boeing Research and Technology. His group develops advanced cyber security and networking technologies for commercial and military applications, e.g., embedded system (software) security, mobile device security, mobile ad hoc networking protocols for the tactical edge, simulation/emulation environments for networks, networking infrastructure for soldier handhelds, and reliable networking for commercial aviation. Prior to his current assignment, Bala managed a Networked Decision Systems group. His team developed software and mathematical modeling techniques for rotorcraft and other platforms in areas varying from logistics to sensor network optimization. He has a bachelor’s degree in Engineering from the Indian Institute of Technology, Madras (India), a Ph.D. in Engineering from the University of California at Berkeley, and an M.B.A from the University of California at Los Angeles. He recently completed an Advanced Cyber Security certificate at Stanford University.
Himanshu Khurana is Director of Engineering for Honeywell Building Solutions and focuses on technology strategy and product innovation. Honeywell Building Solutions provides end-to-end solutions covering energy, safety, physical security, and operations for building management systems and smart grid systems. Previously, he was Senior Manager for Integrated Security Technologies at Honeywell ACS Research Labs, where he focused on research, development, and technology transition in cybersecurity, computer vision, and physical security. Khurana has published over 50 articles and co-developed several software tools covering a range of topics in distributed system security and critical infrastructure systems. He has been involved with several global electric grid initiatives, including the North American Synchrophasor Initiative, the NIST Cyber Security Working Group, the DNP3 Technical Committee, OpenADR, SEP, the European Commission expert working group on Smart Grid cybersecurity, and the NIST CPS initiative, and has been active in developing relevant standards. Before joining Honeywell, he was Principal Research Scientist in the Information Trust Institute at the University of Illinois at Urbana-Champaign, and served as the Co-Principal Investigator and Principal Scientist for the Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) center. He obtained his M.S. and Ph.D. from the University of Maryland, College Park.
Richard D. Schlichting is a Distinguished Member of Technical Staff − Research, working in Cloud Technologies and Services Research at AT&T Labs. He is an expert in distributed and cloud computing, fault-tolerant and highly dependable systems, and networks, with over 25 years of experience as a computer scientist in both industry and academia. In his career at AT&T, he has managed some of the core software-related research activities for the company, while maintaining his own active research program. Prior to joining AT&T, he was on the faculty of the Department of Computer Science at the University of Arizona, where he rose to the rank of professor. Schlichting has published over 100 articles. He holds M.S. and Ph.D. degrees in Computer Science from Cornell University. He is a Fellow of both the IEEE and the ACM. In 2011, he won the IFIP Outstanding Service Award for outstanding contributions to the International Federation of Information Processing (IFIP) and the Informatics Community. He holds multiple patents and has served on the educational boards of several IEEE magazines and journals and the technical program committees of more than 70 conferences and workshops.
Impact on Education
SPEAKER: Roy Campbell, University of Illinois at Urbana-Champaign
BIOGRAPHY: Roy Campbell is the Sohaib and Sara Abbasi Professor in the Department of Computer Science, Director of the NSA-designated Center for Academic Excellence in Information Assurance Education and Research, Director of the Air Force-funded Assured Cloud Computing Center in the Information Trust Institute, and 2013−2014 Chair of the University Senate of the University of Illinois at Urbana-Champaign. He is also an affiliate faculty member of the Department of Electrical and Computer Engineering and member of the Coordinated Science Laboratory and Information Trust Institute. He received his Honors B.S. degree in Mathematics with a minor in Physics from the University of Sussex in 1969, and his M.S. and Ph.D. degrees in Computer Science from the University of Newcastle upon Tyne in 1972 and 1976, respectively. His previous research includes path expressions as declarative specifications of process synchronization, real-time deadline recovery mechanisms, error recovery in asynchronous systems, streaming video for the Web, real-time Internet video distribution systems, object-oriented parallel processing operating systems, CORBA security architectures, and active spaces in ubiquitous and pervasive computing. His current research interests include cloud computing, MapReduce scheduling and resource allocation, big data storage issues, distributed monitoring, and power grid SCADA security. He is a Fellow of the IEEE.
Panel on Impact of Information Trust Institute on Government Research Programs
SPEAKERS: Bruce Bakis, MITRE; William Martin, National Security Agency; Zachary Tudor, SRI International
BIOGRAPHIES:
Bruce Bakis is a Principal Cyber Security Engineer with The MITRE Corporation (www.mitre.org), a not-for-profit organization chartered to work in the public interest. He focuses on cyber partnerships and corporate cyber initiatives. Previously, Bakis created information security policies for the protection of MITRE’s information assets and helped MITRE’s government sponsors establish privacy programs. During a decade away from MITRE, he worked at information security consultancy start-ups developing security and privacy programs and policies for Fortune 100 companies. He serves on the Steering Committee of the Advanced Cyber Security Center (ACSC), a cross-sector cyber-threat information-sharing consortium based in New England. He also serves on the Executive Committee of Dartmouth College’s Institute for Information Infrastructure Protection (I3P), a multidisciplinary research consortium of leading universities, national laboratories, and nonprofit institutions dedicated to strengthening the cyber infrastructure of the United States. Additionally, Bakis serves on the Cyber Security Council at Worcester Polytechnic Institute, for which he is helping identify advanced educational needs for cyber security. He received his B.S. in mathematics and M.S. in computer science from Northeastern University.
William Martin currently serves as the research advisor to the National Security Agency Director’s Special Assistant for Cyber. Prior to assuming that role, Martin served as the Office of the Director of National Intelligence Science & Technology Lead for Cyber and Chair of the NSTC Subcommittee on Special Cyber Operations Research and Engineering (SCORE). Additionally, he is serving as the NITRD HCSS Coordinating Group co-chair, as a member of the Cyber Security & Information Assurance Interagency Working Group, and as a member of both the Cyber Security Senior Steering Group and the Cyber Physical Systems Senior Steering Group. Lastly, within NSA’s Research Directorate, Martin leads R&D activities supporting the national strategic cybersecurity themes.
Zach Tudor, a Program Director in the Computer Science Laboratory at SRI International, serves as a management and technical resource for operational and research & development cyber security programs for government, intelligence, and commercial projects. He supports DHS’s Cyber Security Research and Development Center (CSRDC) on projects including the Linking the Oil and Gas Industry to Improve Cybersecurity (LOGIIC) consortium, and the Industrial Control System Joint Working Group (ICSJWG) R&D working group. He is a member of (ISC)2’s Application Security Advisory Board and the Nuclear Cyber Security Working Group, is the past Co-Chair of the Institute for Information Infrastructure Protection (I3P), and represents SRI in the International Information Integrity Institute (I-4), a world forum for senior information security professionals. Prior to joining SRI, he led a team supporting the Control Systems Security Program (CSSP) at DHS. Other past assignments include service as on-site deputy program manager for the NRO’s worldwide operational network, as information security manager for OSD CIO’s Enterprise Operations Support Team, and as security management support for the Centers for Medicare and Medicaid Services. He is a retired U.S. Navy Submarine LDO Electronics Officer and Chief Data Systems Technician. Tudor holds an M.S. in Information Systems from George Mason University. He holds CISSP, CISM, and CCP credentials.
Challenges and Looking Ahead within ITI
SPEAKER: David Nicol, University of Illinois at Urbana-Champaign
BIOGRAPHY: David M. Nicol is the Franklin W. Woeltge Professor of Electrical and Computer Engineering at the University of Illinois at Urbana-Champaign, as well as the Director of the Information Trust Institute. Previously, he was Professor of Computer Science at Dartmouth College, where he helped establish and lead the Institute for Security Technology Studies, first as Associate Director of Research, and then as Acting Director. He is widely known for his research contributions in modeling and simulation methodologies for discrete systems, and in rigorous methods for studying the security of large complex systems. Currently his research focuses on means of providing cyber-security to industrial control systems such as those of the electric power grid. He was elected Fellow of the IEEE and Fellow of the ACM for his research contributions, and is the inaugural recipient of ACM SIGSIM’s Distinguished Contributions Award. He began his academic career at the College of William and Mary, where he was Assistant, and then Associate, Professor of Computer Science. Prior to that he held the position of Staff Scientist at the Institute for Computer Applications in Science and Engineering at NASA Langley Research Center. He holds M.S. and Ph.D. degrees in Computer Science from the University of Virginia, and a B.A. in Mathematics from Carleton College.
Closing Remarks
SPEAKER: Bill Sanders, University of Illinois at Urbana-Champaign
BIOGRAPHY: William H. Sanders is a Donald Biggar Willett Professor of Engineering and the Head of the Department of Electrical and Computer Engineering at the University of Illinois at Urbana-Champaign. He is also an Affiliate Professor in the Department of Computer Science. He is a Fellow of the IEEE and the ACM, a past Chair of the IEEE Technical Committee on Fault-Tolerant Computing, and past Vice-Chair of the IFIP Working Group 10.4 on Dependable Computing. He was the founding Director of the Information Trust Institute at Illinois. His research interests include secure and dependable computing, and security and dependability metrics and evaluation, with a focus on critical infrastructures. He has published more than 200 technical papers in those areas. He is currently the Director and PI of the DOE/DHS Trustworthy Cyber Infrastructure for the Power Grid (TCIPG) Center (www.tcipg.org), which is at the forefront of national efforts to make the U.S. power grid smart and resilient. He is also co-developer of three tools for assessing computer-based systems: METASAN, UltraSAN, and Möbius. More than 500 licenses for Möbius and UltraSAN have been distributed to universities, companies, and NASA for evaluating the performance, dependability, and security of a variety of systems. Sanders is also a co-developer of the NetAPT (Network Access Policy Tool) for assessing the security of networked systems.