Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Irena Bojanova (Fed)

Computer Scientist

Irena Bojanova is the Primary Investigator (PI) and the lead of the NIST Bugs Framework (BF) project ( Previously she was a Professor in Information Technology at Johns Hopkins Carey Business School, a program chair at UMUC, an academic director at JHU-CTY, and a co-founder of OBS Ltd. (now CSC Bulgaria). She earned her Ph.D. in Mathematics/ Computer Science from the Bulgarian Academy of Sciences in 1991. Her research interests are in formal methods, distributed systems, and computer  security.

Bojanova is an IEEE Senior Member and is currently the Editor of the Cybersecurity column of IEEE IT Professional magazine,  the Chair of the Magazine Operations Committee (MOC) of IEEE Computer Society (CS), an ex officio member of IEEE CS Board of Governors (BoG), and a General Chair of STC 2023.  She was Editor-in-Chief of IEEE IT Professional magazine,  Editor of the Education column of IEEE Computer magazine, EIC of IEEE Transactions on Cloud Computing, Committee on Integrity Chair and a Member at Large of IEEE CS Publications Board, and the founding chair of IEEE CS Cloud Computing STC. She has served also as a General Chair of ISSRE 2015, QRS 2017, STC 2017 & 2022, and the COMPSAC 2018-2022 IT in Practice Symposium.


Critical Software Security Weaknesses

Assane Gueye, Carlos Eduardo Cardoso Galhardo, Irena Bojanova
In this work, we append our historical study on the most significant software security weaknesses, re-evaluate our findings, and look closely at the Injection

Heartbleed Revisited: Is it just a Buffer Over-Read?

Irena Bojanova, Carlos Eduardo Cardoso Galhardo
In this work, we examine in detail the weaknesses underlying the Heartbleed vulnerability and show how it may lead to private information exposure.
Created October 23, 2018, Updated January 18, 2023