Eugene Vasserman, PhD
Eugene Vasserman, PhD
Associate Professor, Department of Computer Science
Kansas State University
Eugene Vasserman is an Associate Professor in the Department of Computer Science at Kansas State University, specializing in the security of distributed systems. He is also the director of the Kansas State University Center for Cybersecurity and Trustworthy Systems and runs the Cybersecurity degree program. He received a B.S. in Biochemistry and Neuroscience with a Computer Science minor from the University of Minnesota in 2003. His M.S. and Ph.D. in Computer Science are also from the University of Minnesota, in 2008 and 2010, respectively. His current research is chiefly in the area of privacy, anonymity, censorship resistance, and socio-technical aspects of security. His research has resulted in over 45 peer reviewed publications in computer science, psychology, and education, with work spanning the gamut from medical cyber-physical systems, authorization with integrated break-glass capabilities, security vulnerabilities emergent from the BGP infrastructure of the internet, blockchains, energy depletion attacks in low-power systems, secure hyper-local social networking, and privacy and censorship resistance on a global scale (systems capable of supporting up to a hundred billion users). He has collaborated with the U.S. Food and Drug Administration on medical device cybersecurity and contributed to FDA policies on building safety-focused cybersecurity into legacy and future medical devices and systems-of-systems.In 2013, he received the NSF CAREER award for work on secure next-generation medical systems. He contributed to the UL 2900 standardization process for cybersecurity of network-connectable devices, the AAMI interoperability working group, and the ANSI / AAMI / UL 2800 standards effort for medical device interoperability. He has served on numerous program committees including USENIX Security, ACSAC, PETS/PoPETs, USEC, ASIACCS, HotWiSec, WPES, and SecureComm.
10-minute Cybersecurity Primer
Cybersecurity of medical devices and systems is critical for the health and safety of patients. In addition to privacy concerns, even seemingly non-life-critical systems may, under particularly unfortunate circumstances, be in a position to physically harm patients. Designing medical devices with cybersecurity in mind is a challenging task that is not well-adapted for separate teams of safety engineers and security engineers. Integrated teams working together from conception, through design, and into implementation, deployment, and support can lead to more cost- and time-efficient efficient development of systems that simultaneously maximize clinical utility and patient safety and minimize the complexity of continued support after deployment. This talk attempts to (quickly) bootstrap a minimal conceptual understanding of the integration and interdependence of safety and security and introduce basic security concepts and terminology.