Questions? Call 800-624-6242
|
|
|
|
Below are the first 10 and last 10 pages of uncorrected machine-read text (when available) of this chapter, followed by the top 30 algorithmically extracted key phrases from the chapter as a whole.
Intended to provide our own search engines and external engines with highly rich, chapter-representative searchable text on the opening pages of each chapter.
Because it is UNCORRECTED material, please consider the following text as a useful but insufficient proxy for the authoritative book pages.
Do not use for reproduction, copying, pasting, or reading; exclusively for search engines.
OCR for page 60
C
Biosketches of Workshop Speakers
Cynthia Andres is a coauthor of Extreme Programming Explained: Embrace
Change, �nd edition. Her professional interests include team and individual
psychology and facilitating change with large-scale transformative con-
versations. She holds a B.A. in psychology from Pacific Union College
with advanced work in women’s studies at the University of California
at Santa Cruz and psychology at Portland State University.
Kristen J. baldwin works in the Office of the Under Secretary of Defense,
Acquisition, Technology and Logistics for the Director, Defense Systems.
Ms. Baldwin’s responsibilities span both systems engineering and systems
integration functional areas. She leads the OSD oversight and implemen-
tation of software acquisition process improvement legislation, commonly
referred to as Section 804. Ms. Baldwin formerly developed and man-
aged the Triservice Assessment Initiative, which is a DoD tool for pro-
gram managers to identify and mitigate system risk through independent
expert assessments. Previous assignments in her career include serving
as a science and technology advisor in the Army’s Office of the Deputy
Chief of Staff for Operations and Plans and at the Dismounted Battlespace
Battle Lab at Fort Benning. Ms. Baldwin received a bachelors degree in
mechanical engineering from Virginia Tech in 1990 and a master’s in sys-
tems management from Florida Tech in 1995.
Kent beck is the founder and director of Three Rivers Institute. His
career has combined the practice of software development with reflection,
�0
OCR for page 61
��
APPENDIX C
innovation, and communication. His contributions to software develop-
ment include patterns for software, the rediscovery of test-first program-
ming, the xUnit family of developer testing tools, and Extreme Program-
ming. He currently divides his time between writing, programming, and
coaching. Mr. Beck is an author and/or coauthor of Extreme Programming
Explained: Embrace Change, �nd Edition; Contributing to Eclipse; Test-Dri�en
De�elopment: By Example; Planning Extreme Programming; The Smalltalk Best
Practice Patterns; and the JUnit Pocket Guide. He received his B.S. and M.S.
in computer science from the University of Oregon.
Kris britton is the director for the National Security Agency (NSA) Center
for Assured Software. He has been involved with information assurance
issues for the past 15 years, during which time he worked to establish
commercial standards and programs to aid DoD customers in establish-
ing trust in commercial products they purchase. He began his career as
a commercial product evaluator in 1989, focusing on trust in operating
systems and databases using the DoD standard (DoD 5200.28/Orange
Book) and later helped to create the National Information Assurance
Partnership and was named its first technical director. More recently he
has been involved with software assurance issues, specifically working to
evolve the NSA’s software assurance paradigm to address today’s evolv-
ing and complex IT environment.
Mary Ann Davidson is the chief security officer at Oracle Corporation,
responsible for security evaluations, assessments, and incident handling.
As a senior executive in the IT industry she brings both a military and a
business background and in-depth experience with and perspective on
industrial capacity to respond to Defense needs. She represents Oracle on
the board of directors of the Information Technology Information Secu-
rity Analysis Center (IT-ISAC) and is on the editorial review board of the
Secure Business Quarterly. Ms. Davidson has a B.S.M.E. from the University
of Virginia and an M.B.A. from the Wharton School of the University of
Pennsylvania. She has also served as a commissioned officer in the U.S.
Navy Civil Engineer Corps, where she was awarded the Navy Achieve-
ment Medal.
Joe Jarzombek serves as director for software assurance in the Policy
and Strategic Initiatives Branch of the National Cyber Security Division
within the Department of Homeland Security (DHS) and, as such, is the
focal point on software integrity issues. He leads collaborative efforts in
analyzing software life-cycle components, including people, processes,
and technology and identifies areas for software quality and security
improvement with a focus on development, acquisition, and support.
OCR for page 62
�� SOFTWARE-INTENSIVE SYSTEMS AND UNCERTAINTY AT SCALE
Mr. Jarzombek guides DHS initiatives in analyzing and resolving soft-
ware challenges; supports the evolution of policy and guidance on soft-
ware assurance, including assessment of federal policies, procedures, and
evaluation schemes, such as the National Information Assurance Partner-
ship. He functions as DHS coordinator for software quality and acquisi-
tion initiatives; working with other federal agencies, state agencies, and
international allies to focus on identifying and specifying organizational
software-related processes and software-enabled technologies to mitigate
risks attributable to software. Mr. Jarzombek works with federally funded
research and development centers (FFRDCs), consortiums, foundations,
universities, and standards groups to coordinate relevant initiatives and
leverage organizational resources to share best practices, tools, processes,
and research to improve software assurance. He serves as DHS liaison
on government/industry working groups and serves on NIST, IEEE, and
ISO/IEC standards committees and advisory groups, and other execu-
tive groups to ensure software assurance needs are addressed in stan-
dards, best practices, process models and product lifecycle initiatives.
He publishes best practices in software security on the Web site https://
buildsecurityin.us-cert.gov/portal/ as information for developers and
acquisition managers. In working with government/academic/industry
groups, he leads team efforts to develop the Software Assurance Common
Body of Knowledge, which is intended to provide a framework to rec-
ommend updates in curriculum to enhance IT acquisition and software-
related education and training across the federal acquisition workforce
curricula, within universities and colleges, and within industrial training
programs. Mr. Jarzombek has an M.S. in computer information systems
from the Air Force Institute of Technology, Dayton, Ohio; a B.B.A. in data
processing and analysis from the University of Texas, Austin; and a B.A.
in computer science from the University of Texas, Austin, where he was
also an Air Force ROTC distinguished graduate.
Patrick Lardieri is manager of Distributed Processing Programs at the
Lockheed Martin Advanced Technology Laboratory in Cherry Hill, New
Jersey. He has spent over 10 years researching the suitability of open,
standards-based middleware, operating systems, and networks for build-
ing distributed real-time systems. Recently, he has been leading Lockheed
Martin’s Software Technology Initiative, which is focused on developing
technologies for managing the complexity of integrating large-scale soft-
ware systems. He received a master’s in electrical engineering from the
University of Pennsylvania.
gary Mcgraw, the CTO of Cigital, Inc., researches software security
and sets technical vision in the area of software quality management.
OCR for page 63
��
APPENDIX C
Dr. McGraw is coauthor of five best-selling books: Exploiting Software
(Addison-Wesley, 2004), Building Secure Software (Addison-Wesley, 2001),
Software Fault Injection (Wiley 1998), Securing Ja�a (Wiley, 1999), and Ja�a
Security (Wiley, 1996). His new book, Software Security: Building Security
In (Addison-Wesley), was released in February 2006. A world authority
on software security, Dr. McGraw consults with major software producers
and consumers. Dr. McGraw has written over 75 peer-reviewed technical
publications and functions as PI on grants from Air Force Research Labo-
ratories, DARPA, the National Science Foundation, and NIST’s Advanced
Technology Program. He serves on advisory boards of Authentica, Coun-
terpane, and Fortify Software, as well as advising the Computer Science
Department at the University of California, Davis, the Computer Science
Department at the University of Virginia, and the School of Informatics at
Indiana University. Dr. McGraw holds a dual Ph.D. in cognitive science
and computer science from Indiana University and a B.A. in philosophy
from the University of Virginia. He is a member of the IEEE Security
and Privacy Task Force, and was recently elected to the IEEE Computer
Society’s board of governors. He writes a monthly security column for the
magazine IT Architect, is the editor of “Building Security In” for IEEE’s
Security & Pri�acy magazine, and is often quoted in the press.
Richard W. Selby is the head of software products at Northrop Grum-
man Space Technology in Redondo Beach, California. He manages a 250-
person software organization and has served in this position since 2001.
Previously, he was the chief technology officer and senior vice president
at Pacific Investment Management Company (PIMCO) in Newport Beach,
California, where he managed a 105-person organization for 3 years. From
1985 to 1998, he was a full professor of information and computer science
(with tenure) at the University of California at Irvine. Since 2004, he has
held an adjunct faculty position at the University of Southern California
Computer Science Department at Los Angeles. In 1993, he held visiting
faculty positions at the MIT Laboratory for Computer Science and MIT
Sloan School of Management in Cambridge, Massachusetts, and in 1992,
he held a visiting faculty position at the Osaka University Department of
Computer Science in Osaka, Japan. His research focuses on development
and management of large-scale systems, software, and processes. He
has authored over 100 refereed publications and given over 205 invited
presentations at professional meetings. At Northrop, he led the $3 billion
company to a successful enterprise-wide rating of Capability Maturity
Model Integration (CMMI) level 5 for software. He served as the chief
software engineer for the NASA Prometheus spacecraft to Jupiter. He
also received the company’s highest quality award, named after former
President Tim W. Hannemann, for improvements in development, man-
OCR for page 64
�� SOFTWARE-INTENSIVE SYSTEMS AND UNCERTAINTY AT SCALE
agement, process, and quality. At PIMCO, he led the $1 billion company
to be ranked as the fourth most innovative technology organization in
financial services, according to Wall Street & Technology. At the University
of California, Irvine, he coauthored an international best-selling book that
analyzed Microsoft’s technology, strategy, and management: Microsoft
Secrets: How the World’s Most Powerful Software Company Creates Technol-
ogy, Shapes Markets, and Manages People. The book, written with Michael
Cusumano, has been translated into 12 languages, has 150,000 copies in
print, and was ranked as a #6 best-seller in Business Week. He received
his Ph.D. and M.S. degrees in computer science from the University of
Maryland, College Park, Maryland, in 1985 and 1983, respectively. He
received his B.A. degree in mathematics from St. Olaf College, Northfield,
Minnesota, in 1981.
Alfred Spector, NAE, is currently an independent consultant working
with IBM and a few small companies, and performing some government
service. In his previous position as CTO and vice president of Strategy &
Technology for IBM’s Software Group, Dr. Spector was responsible for its
technical and business strategy, standards, software development meth-
odologies, advanced technology, and cutting-edge technical engagements.
Prior to this position, Dr. Spector was vice president of IBM’s world-
wide services and software research, general manager of marketing and
strategy for IBM’s middleware business, and general manager of IBM’s
transaction software business. Dr. Spector was also the founder and CEO
of Transarc Corporation, a pioneer in distributed transaction processing
and wide-area file systems and a tenured faculty member in the Carnegie
Mellon University computer science department. Dr. Spector received
his Ph.D. in computer science from Stanford University and his A.B. in
applied mathematics from Harvard University. He is recognized for his
contributions to the design, implementation, and commercialization of
reliable, scalable architectures for distributed file systems, transaction sys-
tems, and other applications. Dr. Spector is also an ACM and IEEE fellow
and a recipient of the IEEE Kanai Award in distributed computing.
Werner vogels is vice president and chief technology officer at Amazon.
com, where he is responsible for driving the technology vision to continu-
ously enhance the innovation on behalf of Amazon’s customers at a global
scale. Prior to joining Amazon, he worked as a research scientist at Cornell
University, where he was a principal investigator in several advanced
research projects that target the scalability and robustness of mission-criti-
cal enterprise computing systems. He has held positions of vice president
of technology and chief technology officer in companies that handled the
transition of academic technology into industry. Dr. Vogels holds a Ph.D.
OCR for page 65
��
APPENDIX C
from the Vrije Universiteit in Amsterdam and has authored a large num-
ber of articles for journals and conferences, most of them on distributed
systems technologies for enterprise computing.
John vu is a technical fellow at Boeing’s engineering, operations, and
technology. He has worked in various technical and management posi-
tions in Boeing, including computer-aided design and computer-aided
manufacturing supporting the development of the 777 airplane, leading
software and systems process improvement, and managing Boeing global
software outsourcing. Prior to joining Boeing, Mr. Vu worked at Teradyne
Semiconductor; Litton Industries, Motorola, and GTE. He led teams to
build navigation and avionics systems (F-15 and Tomahawk cruise mis-
sile) and design the array processors for several signal processing systems
(AWAC and several space exploration satellites). Mr. Vu is a visiting
scientist at the Software Engineering Institute (SEI), where he focused
on the development and implementation of several capability maturity
models. As senior scientist at Carnegie Mellon University, he is conduct-
ing research on software trends in the industry, such as process improve-
ment, e-business, and outsourcing. He has authored several benchmark-
ing papers on these topics. He published over 40 technical papers on
software and systems engineering disciplines, three books on software
engineering and has presented papers at various software engineering
conferences worldwide. He is a member of the Technical Advisory Board
of IEEE Software, and adjunct faculty at Carnegie Mellon University and
Seattle University.
OCR for page 66
