My research focuses on embedded security: the art and science of designing embedded systems to withstand analog threats attempting to inject false information into sensors with lasers, acoustics, RF, and pretty much anything not digital. Medical devices, autonomous vehicles, and the Internet of Things depend crucially on embedded security. In 2021, I am serving as the Acting Director of Medical Device Cybersceurity at FDA's Center for Devices and Radiological Health.
As part of my 164-year research plan to improve the trustworthiness of medical device software, I direct the Archimedes Center for Medical Device Security and the Security and Privacy Research (SPQR) group. I write a blog on medical device security and safety. I am a founding member of the N95decon.org team on decontamination science for emergency reuse of N95 filtering facepiece respirators during healthcare worker PPE shortages.
Selected Talks and Events (less incomplete list):
Archimedes Center for Healthcare and Device Security Virtual
Symposium (April 12, 2021),
Honors: IEEE Fellow for contributions to embedded and medical device security, IEEE mellow fellow, Top Influencers in Health InfoSec, Top Security Change Agents, World Economic Forum Young Scientist, Fed100 Award, TR35 Innovator of the Year, Sloan Fellowship, NSF CAREER, Paper Awards [ACM SIGCOMM, IEEE S&P, USENIX Security]
News: NY Times and Wired and Ars Technica on Light Commands, NY Times on an acoustic virus, Slashdot interview, NBC Chicago, NY Times, Scientific American, MIT Technology Review, Slashdot, Economist, PBS Newshour, Forbes, BBC, LA Times, NIST. [Archived news]
Fun stuff: Cybersecurity standup comedy. I wrote the lyrics of a Taylor Swift-inspired a capella music video about programming. I used to maintain a collection of links on why Ann Arbor is cool.
Undergrads considering graduate school: When my students are not kiteboarding on the beautiful shores of Lake Michigan, they are probably publishing security research with an emphasis on analog sensor security or medical device security within the field of embedded security. Prospective graduate students can read advice on how to write more effective graduate school applications. This event was part of a larger national set of workshops to broaden participation in computing research. Also see my links to reports on women in computing research.
Selected publications (less incomplete list):
Selected talks (complete list):
Announcements: Chair of CCC Cybersecurity Task Force; Senate testimony; House testimony; Program chair for USENIX Security; Appointment to ACM Committee on Computers and Public Policy; first graduate course in the nation dedicated to medical device security.
Affiliations: THaW, Security @Michigan, SPQR Lab, Archimedes
Recent research support: National Science Foundation, ADI, Archimedes