“Threat Modeling in Practice: Investigating how threat modeling is and can be done in real world settings”
Location: 177 Huntington Ave, conference room 503
Abstract: Threat modeling is recommended to produce secure-by-design software. However, there is currently a death of evidence regarding effective approaches, which hinders secure system design and auditing. In this talk, I will present the results of multiple studies investigating how professionals threat model in multiple real-world settings, including medical device development, open source development, and hospital operations. This talk will draw on these and the broader threat modeling literature to highlight strengths and weaknesses of current approaches and discuss directions for future threat modeling research.
Bio: Daniel Votipka is the Lin Family Assistant Professor in the Department of Computer Science at Tufts University. He received his PhD in Computer Science from the University of Maryland. His work focuses on understanding the processes and mental models of professionals who perform security-related tasks such as secure development, vulnerability discovery, network defense, and malware analysis to make security work more accessible and inclusive through improvements in automation, education, and policy. His work has been recognized with multiple best paper awards at top security and HCI venues and his work has been funded by the NSF, Google, Cisco, and MedCrypt. Previously, he served in the US Air Force as a Cyber Warfare Officer working in the National Security Agency.