SAMATE Technical Advisory Panel

[SAMATE Home | IntrO TO SAMATE | SARD | SATE | Bugs Framework | Publications | Tool Survey | Resources]

The NIST Software Assurance Metrics and Tool Evaluation (SAMATE) program began in 2005 to (1) test software security assurance evaluation tools, (2) measure the effectiveness of tools, and (3) identify gaps in tools and methods. Our scope is very broad: from operating systems to firewalls, from SCADA to web services, from source code analyzers to correct-by-construction methods. For each class of tool or method, we will lead test development and effectiveness measurement.

To reach these goals, the project needs a panel to advise on the following issues:

A taxonomy of all software security assurance tools and methods.

The order in which classes of tools and methods should be addressed.

Identifying domain experts for each class to comment on specifications, test plans, and test cases.

We believe people with the following characteristics will be excellent panel members:

• expertise in software security and security assurance
• familiarity with many domains
• contact with the worldwide software security assurance community
• mix of academic, government, and industry

The panel meets face-to-face about once a year at mutually agreeable times and places. Between meetings email is exchanged approximately bimonthly to comment on drafts or new tool classes.

The panel first met on April 3 & 4 2007 at NIST.

This is not a funded position.

We seek additional members, especially from outside the United States.

Members 

Djenana Campara

Chief Executive Officer

KDM Analytics

Paul R. Croll

Convener, ISO/IEC JTC1/SC7 WG9

Industry Co-Chair, NDIA Systems Assurance Committee

Computer Sciences Corporation

Brett D. Fleisch

Program Director

Parallel and Distributed Operating Systems

Computing Systems Cluster

U.S. National Science Foundation

NSF/CISE/CNS

Gene Fredriksen

Global Chief Information Security Officer

Tyco International

Joe Jarzombek, PMP

Director for Software & Supply Chain Assurance

Office of Cyber Security and Communications

U.S. Department of Homeland Security

Paul L. Jones

Center for Devices and Radiological Health

U.S. Food and Drug Administration

Pradeep K. Khosla

Dean, College of Engineering

Dowd Professor of Engineering

Carnegie Mellon University

James W. Moore

CSDP, F-IEEE

The MITRE Corp

Don O'Neill

President 

Center for National Software Studies

William Pugh

Dept. of Computer Science

Univ. of Maryland

Daniel J. Quinlan

Senior Research Scientist

Lawrence Livermore National Laboratory

Samuel Redwine

Principal

Sam Redwine Consulting

Howard A. Schmidt

President & CEO

R & H Security Consulting LLC

member, American Academy of Forensic Scientists

Kenneth R. van Wyk

CERT Certified Computer Security Incident Handler

KRvW Associates, LLC

Jeffrey Voas

Science Applications International Corporation

Larry Wagoner

Information Assurance Directorate

U.S. National Security Agency

Dr. David O. Ward

Professor of Practice

Department of Business and Information Technology

Capitol College

Dave Wichers

Chief Operating Officer

Aspect Security