A Tale of Cybersecurity, With Applications to Automobiles

ABSTRACT — Once upon a time, computer systems were so big and expensive that there was only one major computer per campus. Failures were critical and security was important. We learned some lessons about how to design computers with strong internal boundaries so that one user couldn’t easily interfere with another user’s computations. But as computers grew small and cheap, those lessons were largely set aside. Computers and software designed for a single user became the norm. A failure simply triggered a reboot. These systems, and the methods used to build them, were increasingly integrated into systems of all kinds. Today we have infrastructures riddled with vulnerabilities that we largely know how to prevent. While perfection is not of this world, great improvements are possible if the appropriate incentives can be put in place to motivate them.

This talk will briefly review the history of cybersecurity and related policies that have been tried and failed. The history of building codes for physical structures, and how a building code for building code might help secure future automotive systems will be considered.

BIO — Dr. Landwehr is Lead Research Scientist at the Cyber Security and Privacy Research Institute at George Washington University and a consultant to research programs including NSA’s Science of Security program, the NSF-funded Trustworthy Health and Wellness project, and NSF’s Secure and Trustworthy Computing program. He recently served as Visiting McDevitt Professor of Computer Science at LeMoyne
College, where he developed and taught a new course, “Cybersecurity for Future Presidents.”

In the early 2000’s, Dr. Landwehr created and led research programs for the National Science Foundation (NSF) and the Intelligence Advanced Research Projects Activity (IARPA) that funded a wide range of groundbreaking university and industry research
related to cybersecurity and privacy. In the 1980s and 90s he was a Supervisory Computer Scientist at the U.S. Naval Research Laboratory, where he led a research
group in cybersecurity. He has taught computer science at Purdue, Georgetown, the University of Maryland and Virginia Tech.

He holds a BS degree in Engineering and Applied Science from Yale University and MS and PhD degrees from the University of Michigan. He is a fellow of the IEEE and a member of the National Cyber Security Hall of Fame. He has authored more than 40 technical publications, as well as several book chapters and a variety of opinion pieces. He was elected to the Board of Directors of the nonprofit Center for Democracy and
Technology in 2016.