January 2023: Improving the Security of Open-Source Software Infrastructure
Remote monitoring and control of industrial control systems are protected using firewalls and user passwords. Cyberattacks that get past firewalls have unfettered access to command industrial control systems with potential to harm digital assets, environmental resources, and humans in proximity to the compromised system. In this talk, I will discuss our approach to prevent and mitigate such harms in scientific industrial control systems by enhancing the security of open-source cyberinfrastructure: the open-source Real-Time Executive for Multiprocessor Systems (RTEMS) real-time operating system and the Experimental Physics and Industrial Control System (EPICS) software and networks. The RTEMS and EPICS software projects are widely used cyberinfrastructure for controlling scientific instruments. This talk will discuss security problems that we have explored with these communities, and examine the salient challenges and opportunities presented by working with open-source communities on their cybersecurity needs.
Speaker Bio:
Gedare Bloom received his Ph.D. in computer science from The George Washington University in 2013. He joined the University of Colorado Colorado Springs as an Assistant Professor of Computer Science in 2019 and Associate Professor in 2022. He was an Assistant Professor of Computer Science at Howard University from 2015-2019. His research expertise is computer system security with emphasis on real-time embedded systems. He has published over sixty peer reviewed articles, serves as a program committee member and technical referee for flagship conferences and journals, and is an associate editor for the IEEE Transactions on Vehicular Technology.
Since 2011 Dr. Bloom has been a maintainer for the RTEMS open-source hard real-time operating system, which is used in robotics frameworks, unmanned vehicles, satellites and space probes, automotive, defense, building automation, medical devices, industrial controllers, and more. Some of his key contributions to RTEMS include the first 64-bit architectural port of RTEMS, design and implementation of a modern thread scheduling infrastructure, support for running RTEMS as a paravirtualized guest for avionics hypervisors, and implementation of POSIX services required to be compliant with the FACE avionics standard. Additionally, he mentors and guides students around the world through learning about and developing with RTEMS. He co-authored the textbook “Real-Time Systems Development with RTEMS and Multicore Processors” published by CRC Press in 2020.