Skip to main content
U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Publications by: Jeff Voas (Fed)

Search Title, Abstract, Conference, Citation, Keyword or Author
Displaying 1 - 25 of 39

Aggregating Atomic Clocks for Time-Stamping

August 3, 2020
Temur Saidkhodjaev, Jeff Voas, D. Richard Kuhn, Joanna DeFranco, Phil Laplante
A timestamp is a critical component in many applications, such as proof of transaction ordering or analyzing algorithm performance. This paper reports on a method called Verified Timestamping (VT) that improves the standard timestamp protocol. VT was

Vetting the Security of Mobile Applications

April 19, 2019
Michael Ogata, Josh Franklin, Jeff Voas, Vincent Sritapan, Stephen Quirolgico
Mobile applications are an integral part of our everyday personal and professional lives. As both public and private organizations rely more on mobile applications, ensuring that they are reasonably free from vulnerabilities and defects becomes paramount

Rethinking Distributed Ledger Technology

March 20, 2019
David R. Kuhn, Dylan J. Yaga, Jeffrey M. Voas
Blockchains were designed to solve the problem of double-spending in cryptocurrencies, and the success of the Bitcoin design has generated vastly more interest than previous proposals for digital currencies. Blockchains are being used in other areas as

Cybertrust in the IoT Age

July 31, 2018
Jeff Voas, D. Richard Kuhn, Constantinos Kolias, Angelos Stavrou, Georgios Kambourakis
The Internet of Things generates new opportunities but creates new challenges with respect to trustworthiness. Computing, architecture, and verification changes are inevitable to meet these challenges, particularly if predictions of 20 billion to 50

In IoT We Trust?

July 13, 2018
Jeff Voas, D. Richard Kuhn, Phillip Laplante
In this short article, we review an abbreviated list of trust challenges that we foresee as increased adoption transforms the IoT into another ubiquitous technology just as the Internet is. These challenges are in no specific order, and are by no means a

Internet of Things (IoT) Metrology

June 11, 2018
Jeff Voas, D. Richard Kuhn, Phillip Laplante
The field of metrology has evolved into many classes and viewpoints over centuries of time. What we are suggesting is how that body of knowledge may be applicable to IoT and where the research opportunities for new measures that are IoT-centric might be in

Testing IoT Systems

March 26, 2018
Jeffrey M. Voas, David R. Kuhn, Phil Laplante
The ability to test systems that are based on the underlying products and services commonly referred to as the Internet of 'things' (IoT) is discussed. The role of a static metric that can be applied to design, architectures, hardware, 'things', and

Computer Science in Education 2018

February 14, 2018
Jeff Voas, D. Richard Kuhn, Celia Paulsen, Kim B. Schaffer
We surveyed six of our profession's best senior computer science educators for their views on the current state and trends in computer science education.

Educating Next-Gen Computer Scientists

January 31, 2018
Jeff Voas, D. Richard Kuhn, Celia Paulsen, Kim B. Schaffer
Just as yeast, flour, water, and salt are to bread, algorithms, data structures, operating systems, database design, compiler design, and programming languages were computer science (CS) education's core ingredients in past years. Then, universities led

Alexa, Can I Trust You?

September 29, 2017
Judy Chung, Michaela Iorga, Jeff Voas, Sangjin Lee
Security diagnostics expose vulnerabilities and privacy threats that exist in commercial Intelligent Virtual Assistants (IVA)-- diagnostics offer the possibility of securer IVA ecosystems. This paper explores security and privacy concerns with these

What Happened to Software Metrics?

May 25, 2017
Jeffrey M. Voas, David R. Kuhn
In the 1980's, the software quality community was all 'a buzz' with seemingly endless 'potential' approaches for producing higher quality software. At the forefront of that was software metrics, along with the corresponding software testing techniques and

Building Caring Healthcare Systems in the Internet of Things

February 22, 2017
Phillip Laplante, Mohamad Kassab, Nancy Laplante, Jeff Voas
The nature of healthcare and the computational and physical technologies and constraints present a number of challenges to systems designers and implementers. In spite of the challenges, there is a significant market for systems and products to support

Caring: An Undiscovered Super "Ility" of Smart Healthcare

October 28, 2016
Nancy Laplante, Phillip Laplante, Jeff Voas
As new and exciting applications emerge using smart technologies, the Internet of Things, data analytics, and others for healthcare, a critical problem is emerging: the potential loss of "caring." The interplay of technology and caring has been discussed

Demystifying the Internet of Things

September 26, 2016
Jeffrey M. Voas, Larry Feldman, Gregory A. Witte
This bulletin summarizes the information presented in NIST SP 800-183, Networks of 'Things'. This publication offers an underlying and foundational science to IoT based on the realization that IoT involves sensing, computing, communication, and actuation.

Guest Editors’ Introduction: Cybersecurity or Privacy

September 1, 2016
Irena V. Bojanova, Jeffrey M. Voas
Cybersecurity is a major concern. Governments’, industry, and even hospitals’ IT infrastructure is being penetrated with increasing frequency and sophistication. The growth of mobile and IoT devices and amateur software only add to that. But, privacy is

Whatever Happened to Formal Methods for Security?

August 23, 2016
Kim B. Schaffer, Jeffrey M. Voas
We asked 7 experts 7 questions to find out what has occurred recently in terms of applying formal methods (FM) to security-centric, cyber problems. We were curious as to whether this successful methodology in "safety-critical" has succeeded as well for

Networks of 'Things'

July 28, 2016
Jeffrey M. Voas
System primitives allow formalisms, reasoning, simulations, and reliability and security risk-tradeoffs to be formulated and argued. In this work, five core primitives belonging to most distributed systems are presented. These primitives apply well to

Demystifiying the Internet of Things

June 27, 2016
Jeffrey M. Voas
This short column introduces the need for a foundational science to the Internet of Things (IoT). It introduces the notion of primitives and elements, and their relationship to trustworthiness.

Metamorphic Testing for Cybersecurity

June 27, 2016
Tsong Yueh Chen, Fei-Ching Kuo, Wenjuan Ma, Willy Susilo, Dave Towey, Jeff Voas, Zhi Q. Zhou
Testing is a major approach for the detection of software defects, including security vulnerabilities. This article introduces metamorphic testing (MT), a relatively new testing method, and discusses how the new perspective of MT can help to conduct

Insights on Formal Methods of Cybersecurity

May 27, 2016
Jeffrey M. Voas, Kim B. Schaffer
We asked 7 experts 1 simple question to find out what has occurred recently in terms of applying formal methods (FM) to security-centric, cyber problems: Please summarize in a paragraph the state of the research and practitioner communities in formal

Learning Internet of Things Security "Hands-on"

February 3, 2016
Constantinos Kolias, Angelos Stavrou, Jeff Voas, Irena Bojanova, D. Richard Kuhn
Our research began from asking whether there is a science behind the Internet of Things (IoT). We started from zero knowledge and no bias. The results of that work determined that indeed there is a science, but it is a science of numerous actors, that when

Third-Party Software's Trust Quagmire

December 18, 2015
Jeffrey M. Voas, George Hurlburt
Integrating software developed by third-party organizations into a larger system raises concerns about the software's quality, origin, functionality, security, and interoperability. Addressing these concerns requires rethinking the roles of software's

Vetting the Security of Mobile Applications

January 26, 2015
Stephen Quirolgico, Jeffrey M. Voas, Tom T. Karygiannis, Christoph Michael, Karen Scarfone
The purpose of this document is to help organizations (1) understand the process for vetting the security of mobile applications, (2) plan for the implementation of an app vetting process, (3) develop app security requirements, (4) understand the types of