U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cybersecurity Insights

a NIST blog

Director's Corner Series with Ram D. Sriram

By: Ram Sriram

Share

Director's Corner with Ram Sriram image

Our third Director’s Corner series blog post brings insights from Ram D. Sriram, NIST’s Information Technology Laboratory’s Software and Systems Division (SSD) chief. Ram oversees the work of NIST staff members who conduct state-of-the-art software testing and standards development by creating scientifically rigorous and innovative techniques, which includes cybersecurity software. 

Ram has worked at NIST for more than 25 years in several different laboratories and divisions. He developed the engineering design program in the Manufacturing Engineering Laboratory (now just Engineering Laboratory) and became the SSD chief in 2010. He was named a Solid Modeling Association (SMA) Fellow in 2020 in recognition of his more than three decades of research in manufacturing systems integration and qualitative geometric modeling. Before joining NIST, Ram was on the engineering faculty at the Massachusetts Institute of Technology (MIT). 

What major accomplishments or goals has the Software and Systems Division (SSD) achieved in the past couple of years?

Our staff work on a number of NIST initiatives. We are involved with software testing and standards development, computer forensics for the digital forensic industry and law enforcement, computational metrology, material design, accelerator-based computing, voting systems, cloud computing, electronic health records, semantic interoperability foundations, and so much more. 

What’s being done to help defeat the coronavirus?

In response to a March 2020 White House Call to Action for the nation’s AI researchers to develop methods to analyze literature related to the coronavirus, SSD Staff, along with collaborators from MML and EL, created the COVID-Data Repository. The repository provides a one-stop shop for AI experts to develop new text and data mining techniques that can help the science community answer high-priority scientific questions related to COVID-19. Some SSD staff have been collaborating with the Center for Disease Control and Prevention (CDC) to develop COVID-19 surveillance systems by providing support in standards creation and quality, test case creation, and conformance testing tools. 

Is there any important cybersecurity work in your division that you’d like to highlight for this blog?

SSD has several cybersecurity projects. The Federal Cybersecurity Research and Development Strategic Plan underscores the importance of developing robust and trusted software systems. Software is like a house’s plumbing system. If security is not properly designed into software, then harmful leaks can happen. We are developing materials to help people find and prevent security-relevant software bugs through the Software Assurance Reference Dataset, a large collection of software with known specific bugs and often with a matched piece of software without the bug. The Common Vulnerability and Exposures (CVE) list provides a basis for gaining understanding of the cybersecurity threat landscape. To test the CVE’s effectiveness, we developed the Cybersecurity Knowledge Mining and Discovery Platform, which uses automated and data-driven approaches for reporting cybersecurity vulnerabilities and exposures. Other major cybersecurity projects are the National Software Reference Library (NSRL) and the TrojAI project, which will let us develop an evaluation infrastructure for trojan detectors. 

What’s the next big thing coming out of your division we should be watching for this/next year?

There will be a considerable focus on the use of AI tools for metrology, including testing algorithms and developing standard datasets. We are working on several machine and deep learning metrology projects to help industry, academia and government build secure software and software systems, and working with stakeholders to develop standards to ensure fair and reliable software.

What do you like best about working at NIST?

I came to NIST from MIT in 1994 thinking I would spend a couple of years and move on to another university. However, 25 years have elapsed, and I am still here.  The things I like about NIST include the great support from my supervisors, excellent technical staff who are willing to collaborate, marvelous administrative staff, high quality researchers from all over the world, excellent balance between family and work, and reasonable financial support for research activities. 

Remember to follow us on Twitter: @NISTcyber!

About the author

Ram Sriram

Ram Sriram

Ram D. Sriram is currently the chief of the Software and Systems Division, Information Technology Laboratory, at the National Institute of Standards and Technology. Before joining the Software and Systems Division, Sriram was the leader of the Design and Process group in the Manufacturing Systems Integration Division, Manufacturing Engineering Laboratory, where he conducted research on standards for interoperability of computer-aided design systems. He was also the manager of the Sustainable Manufacturing Program. Prior to joining NIST, he was on the engineering faculty (1986-1994) at the Massachusetts Institute of Technology (MIT) and was instrumental in setting up the Intelligent Engineering Systems Laboratory. At MIT, Sriram initiated the MIT-DICE project, which was one of the pioneering projects in collaborative engineering and documented in the book entitled Distributed and Integrative Collaborative Engineering Design, Sarven Publishers, 2002.

Sriram has extensive experience in developing knowledge-based expert systems, natural language interfaces, machine learning, object-oriented software development, life-cycle product and process models, geometrical modelers, object-oriented databases for industrial applications, health care informatics, bioinformatics, and bioimaging. He has consulted for several leading corporations all over the world. His client list (during his tenure at MIT) included Boeing, GE, NTT Data (Japan), NASA, Xerox Corporation, United Technologies, IIC (Spain).

Sriram has co-authored or authored nearly 275 publications, including several books on Artificial Intelligence. He has published in a wide range of journals in engineering, computer science, and health care fields. The papers he and his group wrote have won many recognitions and awards, including many best paper awards and most cited paper awards. Sriram received several awards including: an NSF's Presidential Young Investigator Award (1989); ASME Design Automation Award (2011); ASME CIE Distinguished Service Award (2014); the Washington Academy of Sciences' Distinguished Career in Engineering Sciences Award (2015);  ASME CIE Lifetime Achievement Award (2016), CMU CEE Lt. Col. Christopher Raible Distinguished Public Service Award (2018).

Sriram was a founding co-editor of the International Journal for AI in Engineering (1986). He also served on the Executive Committee of the ASME's Computers in Engineering Division for six years, including as its chair.  Sriram's other professional activities include the following: an associate editor of ACM Computing Surveys,  co-chair of NITRD's Software Design and Productivity group, VP membership of the Washington Academy of Sciences,  and federal representative to ONC's Health IT Advisory Committee.  

Sriram is a Fellow of the American Society of Mechanical Engineers (ASME),  the American Association for the Advancement of Science (AAAS), the Institute of Electrical and Electronics Engineers (IEEE), the Solid Modeling Association (SMA), and the Washington Academy of Sciences. He is also a Distinguished Member (life) of the Association for Computing Machinery (ACM) and a Senior Member (life) of the Association for the Advancement of Artificial Intelligence (AAAI).

Comments

Gayathri Prabhakar on July 9, 2020 3:40 PM

Permalink

Dr. Ram, this is a great article regarding the research being done in your Department and in NIST.

Ivan De Lo Santos on July 9, 2020 6:58 PM

Permalink

Good insights into the type of work being done at NIST.

I would like to learn more on any NIST research involving software bill of materials to address risks in software supply chains.

The scope and breadth of the work is amazing!

Add new comment

CAPTCHA
Image CAPTCHA
Enter the characters shown in the image.
This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.
Please be respectful when posting comments. We will post all comments without editing as long as they are appropriate for a public, family friendly website, are on topic and do not contain profanity, personal attacks, misleading or false information/accusations or promote specific commercial products, services or organizations. Comments that violate our comment policy or include links to non-government organizations/web pages will not be posted.