Thuy D. Nguyen
Department of Computer Science
Cyber Academic Group (Joint Appointment)
Naval Postgraduate School, Monterey, CA 93943
Phone: (831) 656-3989
Email: tdnguyen@nps.edu
RESEARCH &
INSTRUCTION FOCUS
Ms.
Thuy D. Nguyen has 40+ years of experience in computer and cybersecurity
research and engineering. Her current research focuses on security in
cyber-physical systems/industrial control systems, cyber deception, security
testing, product vulnerability assessment, and behavior-based network anomaly
detection using machine learning techniques. She teaches CS courses on assembly
language programming, software reverse-engineering, malware analysis, network
security, secure management of systems, and security engineering. Prior to her
academic career, she was a senior engineering manager at Gemini Computers,
Inc., specializing in the development of a high-assurance military-grade
security kernel and network security guard applications. Her past work includes
secure multi-tenancy clouds, secure cloud-scale platforms and applications,
high-assurance kernels, secure hypervisors and operating systems, Field
Programmable Gate Array (FPGA) security, Common Criteria security evaluation,
and system certification (NIST standards).
PROFESSIONAL
EXPERIENCE
2002 - Present
|
Faculty
Associate-Research of Computer Science, Naval Postgraduate
School
|
1995 - 2002
|
Senior
Manager, Gemini Computers, Inc.
|
1992 - 1995
|
Product
Manager, Gemini Computers, Inc.
|
1985 - 1992
|
Senior
Kernel Engineer, Gemini Computers, Inc.
|
1982 - 1985
|
Principal
Programmer/Analyst, NCR Corp.
|
PROFESSIONAL
ACTIVITIES
2016 - Present
|
Lead
Architect and Developer, "Cyber-Physical Systems Platform Security
Laboratory," Naval Postgraduate School
|
2012 - Present
|
Lead
Architect and Developer, "Secure Industrial Control Systems
Laboratory," Naval Postgraduate School
|
2012 - 2015
|
Course
Developer and Instructor, "Advanced Cyber Systems and Operations,"
Cyber Academic Group, Naval Postgraduate School
|
2011 - 2015
|
Lead
Architect and Developer, "MLS Cloud and Big Data Testbed," Naval
Postgraduate School
|
2013 - 2014
|
Co-Investigator,
"Security Study of Communications Architectures for Classified Hosted
Payloads," National Reconnaissance Office
|
2004 - 2011
|
Lead
Architect and Developer, "Monterey Security Architecture" and
"MLS Testbed," Naval Postgraduate School
|
2008 - 2011
|
Course
Developer and Instructor, "Applied Information Systems Security
Engineering" and "Fundamentals of Information Systems Security
Engineering," Department of Computer Science, Naval Postgraduate School
|
2007 - 2009
|
Co-Author,
"Computing Platform Architecture & Security Criteria," High
Assurance Platform program, National Security Agency
|
2005 - 2008
|
Co-Principal
Investigator, "Collaborative Research: CT-T: Adaptive Security and
Separation in Reconfigurable Hardware," National Science Foundation
|
2004 - 2007
|
Co-Author,
"U.S. Government Protection Profile for Separation Kernels in
Environments Requiring High Robustness," National Security Agency
|
2007
|
Course
Developer and Instructor, "Application of Security Evaluation Criteria
for Information and Software Assurance," Department of Computer Science,
Naval Postgraduate School
|
2004 - 2006
|
Co-Instructor,
"Advance Topics in Computer Security," Department of Computer
Science, Naval Postgraduate School
|
1995 - 2000
|
NSA-Certified
Vendor Security Analyst for TCSEC Class A1 Gemini Trusted Network Processor,
Gemini Computers, Inc.
|
ACADEMIC INSTRUCTION
Courses
developed
|
CS3697
|
Secure
Management of Operational Technology Systems, Department of Computer
Science
|
CY4750
|
Advanced
Cyber Systems and Operations, Cyber Academic Group
|
CS4652
|
Applied
Information Systems Security Engineering, Department of Computer Science
|
CS4650
|
Fundamentals
of Information Systems Security Engineering, Department of Computer
Science
|
CS4650
|
Application
of Security Evaluation Criteria for Information and Software Assurance, Department of Computer
Science
|
Courses
taught/teaching
|
CS4648
|
Software
Reverse Engineering and Malware Analysis
|
CS3140
|
Low
Level Programming II (Intel x86 assembly language programming)
|
CS4677
|
Computer
Forensics
|
CY4750
|
Advanced
Cyber Systems and Operations
|
CS4652
|
Applied
Information Systems Security Engineering
|
CS4650
|
Fundamentals
of Information Systems Security Engineering
|
CS4650
|
Application
of Security Evaluation Criteria for Information and Software Assurance
|
CS4614
|
Advanced
Topics in Computer Security
|
CS3690
|
Network
Security (DL)
|
CS3670
|
Secure
Management of Systems (DL)
|
CS3600
|
Introduction
to Computer Security (DL)
|
PUBLICATIONS
Book
- Huffmire, T., Irvine, C. E.,
Nguyen, T. D., Levin, T. E., Kastner, R., and Sherwood, T., Handbook of
FPGA Design Security, 1st ed., New York, NY: Springer, 240 pp., 2010.
Book chapter
- Irvine, C. E., Clark, P. C., Nguyen, T. D.,
"Design Principles for Security (Appendix F of NIST SP 800-160).
Systems Security Engineering: Considerations for a Multidisciplinary
Approach in the Engineering of Trustworthy Secure Systems." Gaithersburg,
MD: National Institutes of Standards and Technology, November 2016.
- Levin, T. E., Irvine, C. E., and Nguyen, T. D.,
"Least Privilege in Separation Kernels", in E-Business and
Telecommunication Networks, J. Filipe and M. S. Obaidat, eds., Vol. 9,
Communications in Computer and Information Science, Springer-Verlag, 2008.
Refereed conference papers
1.
Landsborough,
J., Rowe, N., Nguyen, T., Fugate, S., "WiP:
Deception-in-Depth Using Multiple Layers of Deception," Symposium on the
Science of Security (HotSoS), virtual venue, April
2024.
2.
Landsborough,
J. A., Nguyen, T. D., Rowe, N. C., "Retrospectively Using Multilayer
Deception in Depth Against Advanced Persistent Threats," 57th Hawaii
International Conference on System Sciences (2024), Oahu, Hawaii, January 2024.
Nominated for Best
Paper Award.
3.
Wikman,
E., Nguyen, T. D., Irvine, C., "ODSS: A Ghidra-based
Static Analysis Tool for Detecting Stack-Based Buffer Overflows," in the Proceedings
of the 56th Hawaii International Conference on System Sciences (2023), Maui,
Hawaii, January 2023. Nominated for Best Paper Award.
4.
Haynes,
N. J., Nguyen, T. D., Rowe, N. C., "Creating Synthetic Attacks with
Evolutionary Algorithms for Proactive Defense of Industrial Control
Systems," in the Proceedings of the 56th Hawaii International Conference
on System Sciences (2023), Maui, Hawaii, January 2023.
5.
Meier,
J. T., Nguyen, T. D., Rowe, N. C., "Hardening Honeypots for Industrial
Control Systems," in the Proceedings of the 56th Hawaii International
Conference on System Sciences (2023), Maui, Hawaii, January 2023.
6.
Ramirez,
R. P., Nguyen, T. D., Rowe, N. C., Meier, J. T., "Classifying RDP Remote
Attacks on User Interfaces to Industrial Control Systems," in the
Proceedings of the International Conference on Computational Science and
Computational Intelligence, Research Track on Cyber Warfare, Cyber Defense, and
Cyber Security, December 2022.
7.
Foley,
B. A., Rowe, N. C., Nguyen, T. D., " Analyzing Attacks on Client-Side Honeypots from
Representative Malicious Web Sites," in the Proceedings of the
International Conference on Computational Science and Computational
Intelligence, Research Track on Cyber Warfare, Cyber Defense, and Cyber
Security, December 2022.
8.
Washofsky, A. D., Rowe, N. C., Nguyen, T. D., "Using Cloud
Honeypot Platforms for Gathering Industrial-Control-System Attack
Intelligence,” Industrial Control System Security (ICSS), ACSAC, December 2021.
9.
Rowe,
N. C., Nguyen, T. D., Dougherty J. T., Bieker, M. C., Pilkington, D.,
"Identifying Anomalous Industrial-Control-System Network Flow Activity
Using Cloud Honeypots," in Choo KK.R., Morris T., Peterson G., Imsand E. (eds) National Cyber Summit (NCS) Research Track
2021. NCS 2021. Lecture Notes in Networks and Systems, vol 310. Springer, Cham.
10. Rowe, N. C., Nguyen, T. D.,
Kendrick, M. M., Rucker, Z. A., Hyun, D., and Brown, J. C., "Creating
Effective Industrial-Control-System Honeypots," in the Proceedings of the
53rd Hawaii International Conference on System Sciences (2020), Honolulu,
Hawaii, January 7, 2020.
11. Nguyen, T. D., Austin, S. C.,
and Irvine, C. E., "A Strategy for Security Testing Industrial
Firewalls," Industrial Control System Security (ICSS) Workshop, San Juan,
Puerto Rico, December 2019.
12. Blauwkamp, D., Nguyen, T. D.,
and Xi, G. G, "Toward a Deep Learning Approach to Behavior-based AIS
Traffic Anomaly Detection," DYnamic and Novel
Advances in Machine Learning and Intelligent Cyber Security (DYNAMICS)
Workshop, San Juan, Puerto Rico, December 2018.
13. Tacliad, F., Nguyen, T. D. and Gondree, M., "DoS Exploitation of Allen-Bradley's
Legacy Protocol through Fuzz Testing," Industrial Control System Security
(ICSS) Workshop, Orlando, Florida, December 2017.
14. Nguyen, T. D. and Irvine, C.
E., "Development of Industrial Network Forensics Lessons," 2017
Cybersecurity Symposium, Coeur d'Alene, Idaho, April 2017.
15. Nguyen, T. D. and Gondree, M. A., "Teaching industrial control system
security using collaborative projects," in Lecture Notes in Computer
Science, Volume 9588, "Security of Industrial Control Systems and Cyber
Physical Systems: First Workshop, CyberICS 2015 and
First Workshop, WOS-CPS 2015 Vienna, Austria, September 21–22, 2015 Revised
Selected Papers," eds. Becue, A., Cuppens-Boulahia, N., Cuppens,
F., Katsikas, S., Lambrinoudakis, C., (Springer
International Publishing), 2016, pp. 16-30.
16. Nguyen, T., Gondree, M., Khosalim, J., and
Irvine, C., "Re-thinking kernelized MLS database architectures in the
context of cloud-scale data stores, " in Engineering Secure Software and
Systems (ESSoS), pages 86–101, Milan, Italy, 2015.
Springer International Publishing.
17. Nguyen, T. D., Gondree, M. A., Khosalim and
Irvine, C. E., " Towards A Cross-Domain MapReduce Framework," in the
Proceedings of the 2013 Military Communications Conference (MILCOM 2013), San
Diego, CA, November 2013, pp. 1436-1441.
18. Nguyen, T., Gondree, M., Khosalim, J.,
Shifflett D., Levin, T. and Irvine, C., "An Approach for Cross-Domain
Intrusion Detection," 7th International Conference on Information Warfare
and Security (ICIW 2012), Seattle, Washington, USA, March 2012, pp. 203-212.
19. Levin, T. E., Nguyen, T. D.,
Irvine, C. E., and McEvilley, M., "Separation Kernel Protection Profile
Revisited: Choices and Rationale," Proceedings of the Fourth Annual
Layered Assurance Workshop (LAW 2010), Applied Computer Security Associates,
Austin, Texas, December 6, 2010.
20. Nguyen, T. D., Gondree, M. A., Shifflett, D. J., Khosalim,
J., Levin, T. E. and Irvine, C. E., "A Cloud-Oriented Cross-Domain
Security Architecture," Proceedings of the 2010 Military Communications
Conference (MILCOM 2010), pp. 1701-1707, San Jose, CA, November 2010.
21. C. E. Irvine, T. D. Nguyen,
D. J. Shifflett, T. E. Levin, J. Khosalim, C. Prince,
P. C. Clark, and M. Gondree, "MYSEA: The
Monterey Security Architecture," Proceedings of the Workshop on Scalable
Trusted Computing (ACM STC), Conference on Computer and Communications Security
(CCS), Association for Computing Machinery (ACM), Chicago, Illinois, November
2009, pp. 39-48.
22. T. E. Levin, J. Dwoskin, G.
Bhaskara, T. Nguyen, P. Clark, R. Lee, C. Irvine, and T. Benzel, "Securing
the Dissemination of Emergency Response Data with an Integrated
Hardware-Software Architecture," Proceedings of the 2nd International
Conference on Trusted Computing (TRUST 2009), Lecture Notes in Computer
Science, University of Oxford, Springer, April 2009.
23. T. E. Levin, C. E. Irvine, T.
V. Benzel, T. D. Nguyen, P. C. Clark, and G. Bhaskara, "Idea: Trusted
Emergency Management," Proceedings of the First International Symposium on
Engineering Secure Software and Systems (ESSoS 2009)
(F. Massacci, S. T. R. Jr., and N. Zannone, eds.),
LNCS 5429, (Berlin), pp. 32 - 36, ACM/IEEE, Springer-Verlag, February 2009.
24. Nguyen, T. D. and Irvine, C.
E., "Use of Evaluation Criteria in Security Education," 3rd
International Conference on Information Warfare and Security (ICIW 2008),
Omaha, Nebraska, April 2008, pp. 285-292.
25. Ong, K. L., Nguyen, T. and
Irvine, C., "Implementation of a Multilevel Wiki for Cross-Domain
Collaboration," 3rd International Conference on Information Warfare and
Security (ICIW 2008), Omaha, Nebraska, April 2008, pp. 293-304.
26. Irvine, C. E., Levin, T. E.,
Clark, P. C., and Nguyen, T. D., "A Security Architecture for Transient
Trust, Computer Security Architecture Workshop", Fairfax, VA, October
2008.
27. Huffmire, T., Valamehr,
J., Sherwood, T, Kastner, R., Levin, T. E., Nguyen, T. D., and Irvine, C. E.,
"Trustworthy System Security through 3-D Integrated Hardware,"
Proceedings of the 2008 IEEE International Workshop on Hardware-Oriented
Security and Trust (HOST-2008), Anaheim, CA, June 2008. (Extended Abstract)
28. Chiang, K., Nguyen, T. D.,
Irvine C. E., "A Linux Implementation of Temporal Access Controls,"
Proceedings 8th IEEE Systems, Man, and Cybernetics Information Assurance
Workshop, West Point, NY, June 2007, pp. 309-316. (Won best paper)
29. DeLong, R. J., Nguyen, T. D.,
Irvine, C. E. and Levin, T. E., "Toward a Medium-Robustness Separation
Kernel Protection Profile," Annual Computer Security Applications
Conference (ACSAC), Miami Beach, Florida, USA, December 2007.
30. Levin, T. E., Irvine, C. E.,
Weissman, C., Nguyen, T. D., "Analysis of Three Multilevel Security
Architectures", Proceedings of the Computer Security Architecture Workshop,
ACM, Fairfax, Virginia, USA, November 2007.
31. Huffmire, T., Brotherton, B., Wang,
G., Sherwood, T., Kastner, R., Levin, T., Nguyen, T., Irvine, C., "Moats
and Drawbridges: An Isolation Primitive for Reconfigurable Hardware Based
Systems," Proceedings of the IEEE Symposium on Security and Privacy (Oakland
S&P), Oakland, CA, USA, May 2007, pp. 281-295.
32. Nguyen, T. D. and Irvine, C.
E., "Utilizing the Common Criteria for Advanced Student Research
Projects," in IFIP International Federation for Information Processing,
Volume 201, Security and Privacy in Dynamic Environments, eds. Fischer-Hubner,
S., Rannenberg, K., Yngstrom,
L., Lindskog, S., (Boston: Springer), 2006, pp. 317-328.
33. Nguyen, T. D., Levin, T. E.,
and Irvine, C. E., "High Robustness Requirements in a Common Criteria
Protection Profile," Proceedings of the 4th IEEE International Information
Assurance Workshop, Royal Holloway, University of London, UK, April 2006, pp.
66-75.
34. Nguyen, T. D., Irvine, C. E.,
and Kane, D. R., "Using Common Criteria Methodology to Express Informal
Security Requirements," Proceedings of the International Symposium on
Secure Software Engineering, Arlington, VA, March 2006, pp. 75-85.
35. Afinidad, F. B., Levin, T. E.,
Irvine, C. E., and Nguyen, T. D., "A Model for Temporal Interval
Authorizations," Proceedings of the Hawaii International Conference on
System Sciences, Software Technology Track, Information Security Education and
Foundational Research, Kauai, Hawaii, January 2006, pp. 218.
36. Levin, T. E., Irvine, C. E.,
and Nguyen, T. D., "Least Privilege in Separation Kernels,"
Proceedings of the International Conference on Security and Cryptography,
Setubal, Portugal, August 2006, pp. 355-362.
37. Cone, B. D., Thompson, M. F.,
Irvine, C. E. and Nguyen, T. D., "Cyber Security Training and Awareness
Through Game Play," in IFIP International Federation for Information
Processing, Volume 201, Security and Privacy in Dynamic Environments, eds.
Fischer-Hubner, S., Rannenberg, K., Yngstrom, L., Lindskog, S., (Boston: Springer), 2006, pp.
431-436.
38. Nguyen, T. D., Levin, T. E.,
and Irvine, C. E., "TCX Project: High Assurance for Secure Embedded
Systems", Proceedings of the 11th IEEE Real-Time and Embedded Technology
and Applications Symposium Work-In-Progress Session, San Francisco, CA, March
2005, pp. 21-25. (Also published in SIGBED Review, Volume 2, Number 2, April
2005, Special Issue on IEEE RTAS 2005 Work-in-Progress.)
39. Nguyen, T. D., Levin, T. E.,
and Irvine, C. E., "MYSEA Testbed," Proceedings of the 6th IEEE
Systems, Man and Cybernetics Information Assurance Workshop, West Point,
NY, June 2005, pp. 438-439.
40. Clark, P. C., Irvine, C. E.,
Levin, T. E., Nguyen, T. D., Shifflett, D. J., Miller, D., "Initial
Documentation Requirements for a High Assurance System: Lessons Learned,"
Proceedings of the 6th IEEE Systems, Man and Cybernetics Information Assurance
Workshop, West Point, NY, June 2005, pp. 434-435.
41. Afinidad, F. B., Levin, T. E.,
Irvine, C. E., and Nguyen, T. D., "Foundation for a Time Interval Access
Control Model," Proceedings of the Third International Workshop on
Mathematical Methods, Models, and Architectures for Computer Network Security,
MMM-ACNS 2005, St. Petersburg, Russia, September 2005. (Also published in
Lecture Notes in Computer Science, Springer-Verlag GmbH, Volume 3685 / 2005,
pp. 406, ISBN: 3-540-29113-X.)
42. Irvine, C. E., Levin, T. E.,
Nguyen, T. D., Shifflett, D. J., Khosalim, J., Clark,
P. C., Wong, A., Afinidad, F., Bibighaus,
D., and Sears, J., "Overview of a High Assurance Architecture for
Distributed Multilevel Security," Proceedings of the 2004 IEEE Systems,
Man and Cybernetics Information Assurance Workshop, West Point, NY, June 2004.
43. Irvine, C. E., Levin, T. E.,
Nguyen, T. D., and Dinolt, G. W., "The Trusted
Computing Exemplar Project," Proceedings of the 2004 IEEE Systems, Man and
Cybernetics Information Assurance Workshop, West Point, NY, June 2004, pp.
109-115.
Journal articles
- Irvine, C. E. and Nguyen, T. D.,
"Educating the Systems Security Engineer's Apprentice," IEEE
Security & Privacy, Volume 8, Issue 4, pp. 58-61, July/August 2010.
- Huffmire, T., Levin, T. E.,
Nguyen, T. D., Irvine, C. E., Brotherton, B., Wang, G., Sherwood, T., and
Kastner, R., "Security Primitives for Reconfigurable Hardware-Based
Systems," ACM Transactions on Reconfigurable Technology and Systems,
Volume 3, Issue 2, Article No.: 10, May 10, 2010.
- Huffmire, T. , Brotherton, B.,
Sherwood, T., Kastner, R., Levin, T. E., Nguyen, T. D., and Irvine, C. E.,
"Managing Security in FPGA-Based Embedded Systems", IEEE Design
and Test of Computers, Vol 25, No. 6, pp 590-598.
- Cone, B. D., Irvine, C. E., Thompson, M. F., and
Nguyen, T. D., "A Video Game for Cyber Security Training and
Awareness," Computers & Security, Vol. 26, Issue 1, pp.
63-72, February 2007.
- Dodge, C., Irvine, C.E., and Nguyen, T. D., "A
Study of Initialization in Linux and OpenBSD," ACM SIGOPS Operating
Systems Review, Vol. 39, Issue 2, pp. 79-93, April 2005.
Technical reports
- Neil C. Rowe, Thuy D. Nguyen, Jefferey T. Dougherty,
"Identifying Anomalous Network Flow Activity Using Cloud-Based
Honeypots," NPS Technical Report NPS-CS-20-003, October 2020.
- Thuy D. Nguyen, "Network Forensics Lessons for
Industrial Control Systems," NPS Technical Report NPS-CS-16-004,
December 2016.
- Thuy D. Nguyen, "A Study of Covert Communications
in Space Platforms Hosting Government Payloads," NPS Technical Report
NPS-CAG-15-002, February 2015.
- David J. Shifflett and Thuy D. Nguyen, "An
Experiment with RTEMS," NPS Technical Report NPS-CAG-15-003, February
2015.
- Thuy D. Nguyen, "Towards MIL-STD-1553B Covert
Channel Analysis," NPS Technical Report NPS-CAG-15-001, January 2015.
- Paul C. Clark, Cynthia E. Irvine, Timothy Levin and
Thuy D. Nguyen, "Trusted Computing Exemplar: Life Cycle Management
Plan," NPS Technical Report NPS-CAG-14-002, December 2014.
- Paul C. Clark, Cynthia E. Irvine, Timothy Levine, Thuy
D. Nguyen, and Daniel Warren, "Trusted Computing Exemplar:
Configuration Management Plan," NPS Technical Report NPS-CAG-14-003,
December 2014.
- Paul C. Clark, Cynthia E. Irvine, Timothy Levine, Thuy
D. Nguyen, and Daniel Warren, "Trusted Computing Exemplar:
Configuration Management Procedures," NPS Technical Report
NPS-CAG-14-004, December 2014.
- Paul C. Clark, Cynthia E. Irvine, Timothy Levin and
Thuy D. Nguyen, "Trusted Computing Exemplar: Personnel Security
Plan," NPS Technical Report NPS-CAG-14-005, December 2014.
- Paul C. Clark, Phil Hopfner, Cynthia E. Irvine, Timothy
Levin, and Thuy D. Nguyen, "Trusted Computing Exemplar: Physical
Security Plan," NPS Technical Report NPS-CAG-14-006, December 2014.
- Paul C. Clark, Cynthia E. Irvine, Timothy Levin, Thuy
D. Nguyen, and David Shifflett, "Trusted Computing Exemplar: Software
Development Standards," NPS Technical Report NPS-CAG-14-007, December
2014.
- Paul C. Clark, Cynthia E. Irvine, Timothy Levin and
Thuy D. Nguyen, "Trusted Computing Exemplar: Low-level Design
Document Standards," NPS Technical Report NPS-CAG-14-008, December
2014.
- Paul C. Clark, Cynthia E. Irvine, Timothy Levin and
Thuy D. Nguyen, "Trusted Computing Exemplar: Quality Assurance
Plan," NPS Technical Report NPS-CAG-14-009, December 2014.
- Paul C. Clark, Cynthia E. Irvine, Timothy Levin and
Thuy D. Nguyen, "Trusted Computing Exemplar: Trusted Distribution
Plan - Preliminary Design," NPS Technical Report NPS-CAG-14-010,
December 2014.
- Levin T. E., Irvine, C. E., Benzel, T., Nguyen, T. D.,
Clark, P. C., Bhaskara, G., "Trusted Emergency Management," NPS
Technical Report NPS-CS-09-001, Naval Postgraduate School, Monterey, CA,
March 2009.
- Nguyen, T. D., Irvine, C. E. and Levin, T. E., "A
Testbed for High Assurance and Dynamic Security," NPS Technical
Report NPS-CS-08-010, May 2008.
- Nguyen, T. D., Khosalim, J.,
Shifflett, D. J., and Irvine, C. E., "Monterey Security Architecture:
STOP OS 7 Migration Analysis," NPS Technical Report NPS-CS-08-013,
July 2008.
- Levin, T. E., Nguyen, T. D., Clark, P. C., Irvine, C.
E, Shifflett, D. J., and Vidas, T. M., "Use of Trusted Software
Modules for High Integrity Data Display," NPS Technical Report
NPS-CS-08-012, June 2008.
- Shifflett, D. J., Clark, P. C., Irvine, C. E., Nguyen,
T. D., Vidas, T. M., Levin, T. E., "SecureCore
Software Architecture: Trusted Management Layer (TML) Kernel Extension
Module Interface Specification," NPS Technical Report NPS-CS-07-021,
January 2008.
- Nguyen, T. D., Irvine, C. E., Levin, T. E.,
"Initial Review of NC3A XML Guard Draft Security Target," NPS
Technical Report NPS-CS-07-011, October 2007.
- Nguyen, T. D., "Security Requirements Analysis for
NC3A XML Guard Security Target," NPS Technical Report NPS-CS-07-019,
December 2007.
- Levin, T. E., Bhaskara, G., Nguyen, T. D., Clark, P.
C., Benzel, T. V., and Irvine, C. E., "SecureCore Security Architecture: Authority Mode
and Emergency Management," NPS-CS-07-012, Naval Postgraduate
School, October 2007.
- Clark, P. C., Irvine, C. E., Nguyen, T. D., Levin, T.
E., Vidas, T. M., Shifflett, D. J., "SecureCore
Software Architecture: SecureCore Operating
System (SCOS) Functional Specification", NPS-CS-07-018, December
2007.
- Clark, P. C., Irvine, C. E., Levin, T. E., Nguyen, T.
D., Vidas, T. M., "SecureCore Software
Architecture: Trusted Path Application (TPA) Requirements," NPS
Technical Report NPS-CS-07-001, December 2007.
- Shifflett, D. J., Clark, P. C., Irvine, C. E., Nguyen,
T. D., Vidas, T. M., Levin, T. E., "SecureCore
Software Architecture: Trusted Management Layer (TML) Kernel Extension
Module Integration Guide," NPS Technical Report NPS-CS-07-022,
December 2007.
- Levin, T. E., Irvine, C. E., Benzel, T. V., Bhaskara,
G., Clark, P. C., and Nguyen, T. D., "Design Principles and
Guidelines for Security", NPS Technical Report NPS-CS-07-014, Naval
Postgraduate School, November 2007.
- Bhaskara, G., Levin, T. E., Nguyen, T. D., Benzel, T.
V., Irvine, C. E., Dwoskin, J. S., and Lee., R. B., "Virtualization
of a Processor-based Crypto-Protection Mechanism and Integration within a
Separation Kernel Architecture," Princeton University Department of
Electrical Engineering Technical Report CE-L2006-006, November 2006.
- Nguyen, T. D., Levin, T. E., Irvine, C. E., Benzel, T.
V. and Bhaskara, G., "Preliminary Security Requirements for SecureCore Hardware," Naval Postgraduate School
Technical Report, NPS-CS-06-01, September 2006.
- Levin, T.E., Irvine, C. E. and Nguyen, T. D., "An
Analysis of Three Kernel-based Multilevel Security Architectures,"
Naval Postgraduate School Technical Report, NPS-CS-06-001, August
2006.
- Bhaskara, G., Levin, T. E., Nguyen, T. D., Benzel, T.
V., Irvine, C. E. and Clark, P. C., "Integration of User Specific
Hardware for SecureCore Cryptographic
Services," Naval Postgraduate School Technical Report, NPS-CS-06-012,
July 2006.
- Clark, P. C., Irvine, C. E., Levin, T. E. and Nguyen,
T. D., "The GIG Information Access Control Policy: An Interpretation,
Analysis and Conceptual Design," Naval Postgraduate School Technical
Report, NPS-CS-06-018, June 2006.
- Clark, P. C., Irvine, C. E., Levin, T. E., Nguyen, T.
D., Shifflett, D. J. and Miller, D., "Initial Documentation
Requirements for a High Assurance System: Lessons Learned," Naval
Postgraduate School Technical Report, NPS-CS-06-007, February 2006.
- Benzel, T. V., Irvine C. E., Levin, T. E., Bhaskara,
G., Nguyen, T. D., Clark, P. C., "Design Principles for
Security," NPS-CS-05-010, Naval Postgraduate School, Monterey, California,
September 2005.
- Afinidad, F., Irvine, C. E.,
Nguyen, T. D., and Levin, T. E., "A Time Interval Memory Protection
System," NPS-CS-06-002, Naval Postgraduate School, Monterey,
California, November 2005.
- Irvine, C. E., Nguyen, T. D. and Levin, T. E.,
"High Assurance Testbed For Multilevel
Interoperability 2004 Developments," NPS Technical Report
NPS-CS-05-002, October 2004.
- Irvine, C. E., Levin, T. E. and Nguyen, T. D.,
"Trusted Computing Exemplar 2004 Developments," NPS Technical
Report NPS-CS-05-001, October 2004.
- Levin, T. E., Irvine, C. E. and Nguyen, T. D., "A
Least Privilege Model for Static Separation Kernels," NPS Technical
Report NPS-CS-05-003, October 2004.
- Nguyen, T. D. and Levin, T. E., "Policy Enforced
Remote Login," NPS Technical Report NPS-CS-03-004, February 2003.
TALKS, WORKSHOPS
& CONFERENCE PRESENTATIONS
Presenter is underlined.
Conference presentations (with full proceedings)
- Haynes, N. J., Nguyen, T. D., Rowe, N. C.,
"Creating Synthetic Attacks with Evolutionary Algorithms for
Proactive Defense of Industrial Control Systems." Presented at the
56th Hawaii International Conference on System Sciences (2023), Maui,
Hawaii, January 2023.
- Meier, J. T., Nguyen, T. D., Rowe, N. C.,
"Hardening Honeypots for Industrial Control Systems." Presented
at the 56th Hawaii International Conference on System Sciences (2023),
Maui, Hawaii, January 2023.
- Nguyen, T. D. and Irvine, C. E., "Development of Industrial
Network Forensics Lessons." Presented at the 2017 Cybersecurity
Symposium, Coeur d'Alene, Idaho, April 2017.
- Nguyen, T. D. and Gondree, M. A.,
"Teaching industrial control system security using collaborative
projects." Presented at the CyberICS 2015
and First Workshop, WOS-CPS 2015 Vienna, Austria, September 21–22, 2015.
- Nguyen, T., Gondree, M., Khosalim, J., and Irvine, C., "Re-thinking
kernelized MLS database architectures in the context of cloud-scale data
stores." Presented at the Engineering Secure Software and Systems (ESSoS) Conference, Milan, Italy, 2015.
- Nguyen, T.D., Gondree, M.A., Khosalim and Irvine, C. E., "Towards a
Cross-Domain MapReduce Framework." Presented at the 2013 Military
Communications Conference (MILCOM 2013), San Diego, CA, November 2013
- Nguyen, T., Gondree, M., Khosalim, J., Shifflett D., Levin, T. and Irvine, C.,
"An Approach for Cross-Domain Intrusion Detection." Presented at
the 7th International Conference on Information Warfare and Security (ICIW
2012), Seattle, Washington, USA, March 2012.
- Nguyen, T. D., Gondree, M. A., Shifflett,
D. J., Khosalim, J., Levin, T. E. and Irvine, C.
E., "A Cloud-Oriented Cross-Domain Security Architecture."
Presented at the 2010 Military Communications Conference (MILCOM 2010),
San Jose, CA, November 2010.
- Nguyen, T. D. and Irvine, C. E., "Utilizing the Common Criteria
for Advanced Student Research Projects." Presented at the IFIP
TC-11 21st International Information Security Conference (SEC 2006),
Karlstad, Sweden, May 2006.
- Nguyen, T. D., Levin, T. E., and Irvine, C. E., "High
Robustness Requirements in a Common Criteria Protection Profile."
Presented at the 4th IEEE International Information Assurance Workshop,
Royal Holloway, University of London, UK, April 2006.
- Nguyen, T. D., Irvine, C. E., and Kane, D. R., "Using Common
Criteria Methodology to Express Informal Security Requirements."
Presented at the International Symposium on Secure Software Engineering,
Arlington, VA, March 2006.
- Cone, B. D., Thompson, M. F., Irvine, C. E. and Nguyen,
T. D., "Cyber Security Training and Awareness Through Game
Play." Presented at the IFIP TC-11 21st International Information
Security Conference (SEC 2006), Karlstad, Sweden, May 2006.
- Nguyen, T. D., Levin, T. E., and Irvine, C. E., "TCX Project:
High Assurance for Secure Embedded Systems." Presented at the 11th
IEEE Real-Time and Embedded Technology and Applications Symposium
Work-In-Progress Session, San Francisco, CA, March 2005.
Conference and workshop presentations (without full proceedings)
- Nguyen, T. D. and Irvine, C. E., "Hands-on Network Analysis
Lessons for ICS Forensics Education." Presented at the Industrial
Control System Joint Working Group (ICSJWG) 2017 Fall Meeting, Pittsburgh,
Pennsylvania, September 2017.
- Nguyen, T. D., Irvine, C. E., and Khosalim,
J., "A Multilevel Secure MapReduce Framework for Cross-Domain
Information Sharing in the Cloud." Presented at the Ground System
Architectures Workshop (GSAW 2013), Los Angeles, California, USA, March
2013.
- Nguyen, T. D. and Irvine, C. E., "System Security Engineering
in Ground System Life Cycle." Presented at the Information Assurance
Working Group, Ground System Architectures Workshop 2011 (GSAW 2011), Los
Angeles, California, March 2, 2011.
- Nguyen, T. D. and Irvine, C. E., "A High Assurance
Adaptive Multi-Domain Security Architecture for Cloud Computing."
Presented at the Department of Defense Intelligence Information Systems (DoDIIS) Worldwide Conference, Detroit, Michigan, May
2011.
- Nguyen, T. D. and Irvine, C. E., "MYSEA: An Approach to
Building High Assurance Composite System for Cloud Computing."
Presented at the 11th International Common Criteria Conference (ICCC
2010), Antalya, Turkey, September 2010.
- Nguyen, T. D., Irvine, C. E., Khosalim, J.
and Shifflett, D. J., "An Architecture for Multilevel Secure Dynamic
Services." Presented at The Open Group, Real-Time Embedded Systems
Forum, San Diego, CA, February 2009.
- Irvine, C. E., Nguyen, T. D., Levin, T. E., Clark, P. C., Vidas, T.
M., and Shifflett, D. J, "Towards An Open
Source Least Privilege Architecture." Presented at The Open Group,
Real-Time Embedded Systems Forum, San Francisco, CA, January 2008.
- Nguyen, T. D., Irvine, C. E., Levin, T. E., and McEvilley, M.,
"Assurance Considerations for a Highly Robust TOE." Presented at
the 8th International Common Criteria Conference (ICCC), Rome, Italy,
September 2007.
- Nguyen, T. D., Irvine, C. E., and Harkins, R. M., "An
Experiment with CC Version 3.0 Migration." Presented at the 7th
International Common Criteria Conference (ICCC 06), September 19-21, 2006.
- Levin, T. E., Irvine, C. E., and Nguyen, T. D.,
"A Note on High Robustness Requirements for Separation Kernels."
Presented at the 6th International Common Criteria Conference 2005, Tokyo,
Japan, September 2005.
Professional Tutorials
- Nguyen, T. D. and Irvine, C. E., "System Life Cycle
Security Engineering Tutorial." Presented at the Ground System
Architectures Workshop 2011 (GSAW 2011), Los Angeles, California, March 2,
2011.
- Nguyen, T. D. and Irvine, C. E., "System Life Cycle
Security Engineering Tutorial." Presented at the Annual Computer
Security Application Conference (ACSAC 2010), Austin, Texas, December
2010.
ADVISORY ACTIVITIES
Ph. D. Dissertation
- Landsborough,
J. A., "Multilayered Deception in Depth," Doctoral Dissertation,
Computer Science Department, Naval Postgraduate School, in progress (June
2025 expected).
- Afinidad, F. B., "An Interval
Algebra-Based Temporal Access Control Protection Architecture," Doctoral Dissertation, Computer Science Department,
Naval Postgraduate School, June 2005.
M. S. Theses
- Colvin, S., “Implementing a High-Interaction Hybrid
Honeypot for Facility Automation Systems,” Master’s Thesis, Naval
Postgraduate School, December 2023.
- Sciuto, J., “Implementation of Security Information and
Event Management Software in a Honeypot,” Master’s Thesis, Naval
Postgraduate School, December 2023.
- Sill, A., “Developing a Dual-Purpose Web Honeypot for
Characterizing Attacks on a Simulated Power Grid,” Master’s Thesis, Naval
Postgraduate School, December 2023.
- Song, M. W., "Analysis of the Feasibility and
Benefit of Applying Zero Trust Paradigm to Operational Technology
Systems," Master’s Thesis, Naval Postgraduate School, September 2023.
- Abramson, K., "Enhancing Cyber Decoy Deception
with Virtual Network Computing Technology," Master’s
Thesis, Naval Postgraduate School, December 2022.
- Foley, B., "Analysis of Client-Side Attacks
Through Drive-by Honeypots," Master’s Thesis, Naval Postgraduate
School, December 2022.
- Rance, C., "Defeating Cyber Deception Capability
of a Hardened Network Environment," Master’s Thesis, Naval
Postgraduate School, December 2022.
- Ramirez, R., "Behavioral Characterization of
Attacks on the Remote Desktop Protocol," Master’s Thesis, Naval Postgraduate
School, September 2022.
- Haynes, N., "Creating Synthetic Attacks with
Evolutionary Algorithms for Industrial-Control-System Security
Testing," Master’s Thesis, Naval Postgraduate School, September 2022.
- Meier, J., "Hardening Windows-based Honeypots to
Protect Collected Data," Master’s Thesis, Naval Postgraduate School,
June 2022.
- Washofsky, A., "Deploying
and Analyzing Containerized Honeypots in the Cloud with T-Pot,"
Master’s Thesis, Naval Postgraduate School, September 2021.
- Bieker, M. and Pilkington D., "Deploying an ICS
Honeypot in a Cloud Computing Environment and Comparatively Analyzing
Results against Physical Network Deployment," Master’s Thesis, Naval
Postgraduate School, December 2020. (CS Outstanding Thesis Award)
- Dougherty, J., "Evasion of Honeypot Detection
Mechanisms Through Improved Interactivity of ICS-based Systems,"
Master's Thesis, Naval Postgraduate School, September 2020. (NPS
Outstanding Academic Achievement Award for DoD Student, CS Outstanding
Thesis Award)
- Norton, G., "Security Analysis of Industrial
Security Appliances," Master's Thesis, Naval Postgraduate School,
September 2020. (CS Outstanding Thesis Award)
- Purser, J., "Using Generative Adversarial Networks
for Intrusion Detection in Cyber-physical Systems," Master's Thesis,
Naval Postgraduate School, September 2020.
- Wetzel, J., "A Sequence-aware Intrusion Detection
System for EtherNet/IP Industrial Control
Networks," Master's Thesis, Naval Postgraduate School, September
2020.
- Wikman, E., "Static Analysis Tools for Detecting
Stack-based Buffer Overflows," Master's Thesis, Naval Postgraduate
School, June 2020. (Rear Admiral Grace Murray Hopper Computer Science
Award, CS Outstanding Thesis Award)
- Kendrick, M. and Rucker, Z., "Energy-Grid Threat
Analysis Using Honeypots," Master's Thesis, Naval Postgraduate
School, June 2019.
- Austin, S., "Security Analysis of Firewalls for
Industrial Control Systems," Master's Thesis, Naval Postgraduate
School, December 2018.
- Hyun, D., "Collecting Cyberattack Data for
Industrial Control Systems Using Honeypots," Master's Thesis, Naval
Postgraduate School, March 2018.
- Gormley, J., "Fuzz Testing of Industrial Network
Protocols in Programmable Logic Controllers," Master's Thesis, Naval
Postgraduate School, December 2017.
- Tacliad, F., "ENIP Fuzz: A
Scapy-based EtherNet/IP
Fuzzer for Security Testing," Master's
Thesis, Naval Postgraduate School, September 2016.
- Sheridan-Barbian, K., "A Feasibility Study of a
Virtual Execution Environment for Microsatellite and Industrial Control
Systems," Master's Thesis, Naval Postgraduate School, March 2015.
- Nelson, S., "An Architectural Analysis of Modern
Ship Machinery Control Systems," Master's Thesis, Naval Postgraduate
School, September 2014.
- Javate, M., "Study of Adversarial and Defensive
Components in an Experimental Machinery Control Systems Laboratory
Environment," Master's Thesis, Naval Postgraduate School, September
2014.
- Desso, N., "Designing a Machinery Control System
(MCS) Security Testbed," Master's Thesis, Naval Postgraduate School,
September 2014.
- Miguel Cueva, M., "Impact Study of Machinery
Control System Data on U.S. Navy and Coast Guard Ships," Master's
Thesis, Naval Postgraduate School, March 2014.
- Ang, K. K., "A Multilevel Secure Constrained
Intrusion Detection System Prototype," Master's Thesis, Naval
Postgraduate School, December 2010.
- LaVelle, C., "A
Preliminary Analysis for Porting XML-Based Chat to MYSEA," Master's
Thesis, Naval Postgraduate School, June 2008.
- Tenhunen, T. F., "Implementing an Intrusion
Detection System in the MYSEA Architecture," Master's Thesis, Naval
Postgraduate School, June 2008.
- Ong, K. L., "Design And
Implementation Of Wiki Services In A Multilevel Secure Environment,"
Master's Thesis, Naval Postgraduate School, December 2007.
- Portner, A. D., "A Prototype Of
Multilevel Data Integration In The MYSEA Testbed," Master's Thesis,
Naval Postgraduate School, September 2007.
- Wiese, B., "Preliminary Analysis Of A Trusted Platform Module (TPM) Initialization
Process," Master's Thesis, Naval Postgraduate School, June 2007.
- Bradney, J. A., "Use Of Webdav To Support A Virtual File System In A Coalition
Environment," Master's Thesis, Naval Postgraduate School, June 2006.
- Chiang, K. H., "A Prototype Implementation Of A Time Interval File Protection System (TIFPS) In
Linux," Master's Thesis, Naval Postgraduate School, September 2006.
- Egan, M., "An Implementation Of
Remote Application Support In A Multilevel Environment," Master's
Thesis, Naval Postgraduate School, March 2006.
- Whitehorn, P., "Security Requirements Elicitation
for Application Platforms in Environments Requiring High Robustness,"
Master's Thesis, Naval Postgraduate School, March 2006.
- Bui, S., "Single Sign-On Solution For MYSEA Services," Master's Thesis, Naval
Postgraduate School, September 2005.
- Cooper, R. C., "Remote Application Support in a
Multi-Level Environment," Master's Thesis, Naval Postgraduate School,
March 2005.
- Horn, J. F., "IPSec-Based Dynamic Security
Services for the MYSEA Environment," Master's Thesis, Naval
Postgraduate School, June 2005.
- Kane, D. R., "Web-Based Dissemination System for
the Trusted Computing Exemplar Project," Master's Thesis, Naval
Postgraduate School, June 2005.
- Lysinger III, J.E., "Multilevel Print Server
Requirements for DoN Application," Master's
Thesis, Naval Postgraduate School, June 2005.
- Tse, L., "Feasibility
Study Of VOIP Integration Into The Mysea Environment," Master's Thesis, Naval
Postgraduate School, September 2005.
- Baumgartner, T. J., and Phillips, M. D. W.,
"Implementation of a Network Address Translation Mechanism Over
IPV6," Master's Thesis, Naval Postgraduate School, June 2004.
- Dodge, C. A., "Recommendations for Secure
Initialization Routines in Operating Systems," Master's Thesis, Naval
Postgraduate School, September 2004.
- Herbig, C. F., "Use of OpenSSH Support for Remote
Login to a Multilevel Secure System," Master's Thesis, Naval
Postgraduate School, December 2004.
- Sears, J. D., "Simultaneous Connection Management
and Protection in a Multilevel Security Environment," Master's
Thesis, Naval Postgraduate School, September 2004.
- O'Neal, M. R., "A Design Comparison Between IPV4
and IPV6 in the Context of MYSEA, and Implementation of an IPV6 MYSEA
Prototype," Master's Thesis, Naval Postgraduate School, June 2003.
Master's Capstone
- Pitts, J. and Hasse, E., "Detecting Anomalies on
Programmable Logic Controllers through Fuzz Testing and Network Protocol
Analysis," Master's Capstone Project Report, Naval Postgraduate
School, March 2019.
- Doucet, R., Dontchev, D. M.,
Burden, J. and Skoff T., "Big Data Analytics
Test Bed," Master's Capstone Project Report, Naval Postgraduate
School, September 2013.
GRANTS
Principal Investigator
- Naval Postgraduate School Foundation. Security Testing
and Forensics Analysis of Cyber-Physical Systems. PI: Thuy D. Nguyen,
$10,000. (FY 2018).
Co-Investigator
- National Security Agency. Courses and Customizable Labs
to Teach ICS Security. PI: Cynthia Irvine. $407,110. (FY 2017).
- Naval Sea Systems Command. Study of SoC FPGA Security
Vulnerabilities. PI: Cynthia Irvine. $128,205. (FY 2016).
- National Reconnaissance Office. Security Study of
Communications Architectures for Classified Hosted Payloads. PI: Cynthia
Irvine. $287,430. (FY 2014).
Co-Principal Investigator
1.
Department
of Energy. GMLC Firmware Command & Control-Naval Postgraduate School. PI:
Neil Rowe. $305,448.39. (FY 2021-2023).
2.
National
Science Foundation. Adaptive Security and Separation in Reconfigurable
Hardware. PI: Timothy Sherwood. NPS Co-PI: Cynthia Irvine. NPS Portion:
$282,603. (3-year, started 2005).
Key/Senior Personnel
- Office of Naval Research. NPS Naval Machinery Control
System (MCS) Laboratory. PI: Mark Gondree.
$113,301. (FY 2016).
- Naval Postgraduate School. Cybersecurity Framework for
Ship Industrial Control Systems. PI: Randy Maul. $120,000. (FY 2016).
- National Reconnaissance Office. Scalable Distributed
Datastore for an MLS Cloud. PI: Cynthia Irvine. $479,580. (FY 2013).
- National Reconnaissance Office. MapReduce for a
Multilevel Cloud. PI: Cynthia Irvine. $479,350. (FY2012).
- Department of Homeland Security. Methodology for
Assessment of Security Properties. PI: Cynthia Irvine. $405,000. (1 Oct
2011 - 30 Sep 2014).
- Defense Advanced Research Projects Agency. F6 Security
Assistance. PI: Cynthia Irvine. $338,772 (partially funded due to program
cancellation by DARPA). (May 2011 - FY2012).
- National Reconnaissance Office. MYSEA Certification and
Accreditation Readiness Analysis. PI: Cynthia Irvine. $100,000. (Aug 2011
- 30 Sep 2012).
- National Reconnaissance Office. Multilevel Secure Cloud
Services. PI: Cynthia Irvine. $406,400. (FY2011).
- National Reconnaissance Office. Multilevel Secure
Collaborative Web Technologies. PI: Cynthia Irvine. $386,500. (FY2011).
- National Reconnaissance Office. MYSEA - Phase VII. PI:
Cynthia Irvine. $1,000,000. (FY2010).
- National Reconnaissance Office. MYSEA - Phase VI. PI:
Cynthia Irvine. $1,458,023. (FY2009).
- Office of Naval Research/Office of the Secretary of Defensed. Trusted Computing Exemplar: Least Privilege
Separation Kernel - Vertical Slice. PI: Cynthia Irvine. $500,000.
(FY2008).
- National Reconnaissance Office. High Assurance Testbed
for Multilevel Interoperability: Research Stage 2-3, Contract Phase V. PI:
Cynthia Irvine. $500,000. (FY2008).
- National Security Agency. High Assurance Platform: Core
Platform Architecture and Security Criteria Requirements Elicitation and
Analysis. PI: Cynthia Irvine. $122,000. (Nov 2007 to Nov 2008).
- National Reconnaissance Office. Phase IV - High
Assurance Testbed for Multilevel Interoperability. PI: Cynthia Irvine.
$450,000. (FY2007).
- Office of Naval Research. Trusted Computing Exemplar
Phase V: Functional Specification and Design. PI: Cynthia Irvine.
$282,000. (FY2007).
- National Reconnaissance Office. Phase III - High
Assurance Testbed for Multilevel Interoperability. PI: Cynthia Irvine.
$696,600. (FY2006).
- Office of Naval Research. Trusted Computing Exemplar
Phase IV: Tools and Development. PI: Cynthia Irvine. $300,000.
(FY2006).
- North Atlantic Treaty Organization. Analysis of XML
Security Labels for Control of Access to Sensitive Information. PI:
Cynthia Irvine. $45,800. (2006).
- Office of Naval Research. Trusted Computing Exemplar
Phase III: Component Design. PI: Cynthia Irvine. $300,000. (FY2005).
- National Reconnaissance Office. Phase II - High
Assurance Testbed for Multilevel Interoperability. PI: Cynthia Irvine.
$180,000. (FY 2005).
- SPAWAR Systems Center. Multilevel Print Server, Phase
II: Requirements for Common Criteria V3.0. PI: Cynthia Irvine. $15,000.
(FY2005).
- SPAWAR Systems Center. Multilevel Print Server, Phase
I: Requirements. PI: Cynthia Irvine. $27,000. (FY2005).
- National Security Agency. High Assurance Platform
Security Support. PI: Cynthia Irvine. $300,000. (1 Dec 2004 - Nov 2005).
- National Science Foundation/Defense Advanced Research
Projects Agency. SecureCore for Trustworthy
Commodity Computing and Communications. PI: Ruby Lee. NPS Co-PI:
Cynthia Irvine. NPS portion: $568,450. (3-year, started late 2004).
- National Security Agency. Separation Kernel Protection
Profile. PI: Cynthia Irvine. High assurance Platform Security Support
(several phases)
- 1 Oct 2003 - 31 Mar
2004: $70,000
- 1 Feb 2005 - 31 Dec
2005: $70,000
- 21 Feb 2006 - 30 Nov
2006: $294,600
PATENTS
Timothy
Evert Levin, Timothy
Peter Sherwood, Theodore
Douglas Huffmire, Cynthia
Emberson Irvine, Ryan
Charles Kastner, Thuy
Diep Nguyen, Jonathan
Kaveh Valamehr, Superpositional
Control of Integrated Circuit Processing, US Patent Application US20130117838
A1, The Regents of the University of California and The Government of the
United States of America. Filed 11 February 2011. Published 09 May 2013.