Designed-In Security
Presented as part of the 2011 HCSS conference.
Abstract
Today, one might look at how most systems are produced and described the process as “designed insecurity”. But in fact, advances in static and dynamic analysis, model checking, proof-carrying code, correct-by-construction development and other techniques in the past decade provide some cause of optimism that software with significantly fewer vulnerabilities and better understood properties may be within reach. This talk will introduce a new research theme intended to stimulate, accelerate, and focus research in the many disciplines that contribute to the design and delivery of large-scale software systems that require verifiable assurance of the system’s resistance to attack.
Biography
Dr. Carl Landwehr currently directs the Trustworthy Computing Program at the National Science Foundation. Following a 23-year research career with the U.S. Naval Research Laboratory, he was the first Program Director for NSF’s Trusted Computing and Cyber Trust research programs. He is on assignment from his position as Senior Research Scientist at the University of Maryland’s Institute for Systems Research. As a Program Manager at IARPA, he developed a program with an acronym that one reporter dubbed the worst ever. Recently, he completed a four-year term as Editor-in-Chief of IEEE Security & Privacy Magazine. He has received awards from NSF, IFIP, IEEE Computer Society, and ACM SIGSAC for his research and professional activities.