Robert C. Seacord

Robert C. Seacord (born June 5, 1963) is an American computer security specialist and writer. He is the author of books on computer security, legacy system modernization, and component-based software engineering.

Robert C. Seacord

Education

Seacord earned a Bachelor's degree in computer science from Rensselaer Polytechnic Institute in December 1983. He has also completed graduate-level courses at Carnegie-Mellon University in software design, creation and maintenance; user interfaces; software project management; formal methods; human factors; operating systems; and entrepreneurship.

Career

Seacord began programming professionally for IBM in 1984, working in processor development, then communications and operating system software, and software engineering. He led the Secure Coding Initiative in the CERT Division of Carnegie Mellon University's Software Engineering Institute (SEI) in Pittsburgh, Pennsylvania until 1991, working on the User Interface Project.[1] He also has worked at the X Consortium in Cambridge, Massachusetts, where he developed and maintained code for the Common Desktop Environment and the X Window System. He returned to SEI in 1996, working on component-based software engineering and joined CERT in 2003.[2] He left CERT and the SEI and joined NCC Group in 2015,[3] where he is currently a Technical Director.

Seacord was an adjunct professor in the Carnegie Mellon School of Computer Science and in the Information Networking Institute.[3] He was also a part-time faculty member at the University of Pittsburgh..

Seacord is on the Advisory Board for the Linux Foundation [4] and a technical expert for the ISO/IEC JTC1/SC22/WG14 international standardization working group for the C programming language.[5]

Selected publications

Books
  • Seacord, Robert. The CERT® C Coding Standard, Second Edition: 98 Rules for Developing Safe, Reliable, and Secure Systems (2nd Edition), Addison-Wesley Professional, 2014. ISBN 0-321-98404-8
  • Seacord, Robert. Secure Coding in C and C++, Second Edition, Addison Wesley, 2013. ISBN 0-321-33572-4
  • Seacord, Robert; Long, Fred; Mohindra, Dhruv; Sutherland, Dean; Svoboda, David. The CERT® Oracle® Secure Coding Standard for Java, Addison Wesley, 2011. ISBN 0-321-803-957
  • Seacord, Robert. The CERT® C Secure Coding Standard, Addison Wesley, 2008. ISBN 0-321-56321-2
  • Seacord, Robert; Plakosh, Daniel; Lewis, Grace. Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices, Addison Wesley, 2003. ISBN 0-321-11884-7
  • Seacord, Robert, Wallnau, Kurt; Hissam, Scott. Building Systems from Commercial Components, Addison Wesley, 2001. ISBN 0-201-70064-6

Videos
  • Professional C Programming LiveLessons, (Video Training) Part I: Writing Robust, Secure, Reliable Code ISBN 978-0-13-312335-7
  • Secure Coding Rules for Java LiveLessons, Part I ISBN 978-0-13-419119-5
  • Secure Coding Rules for Java: Serialization LiveLessons (Video Training) ISBN 978-0-13-419120-1

Selected articles
  • Accessing Shared Atomic Objects from within a Signal Handler in C[6]
  • Java Coding Guidelines for Reliability[7]
  • C Secure Coding Rules: Past, Present, and Future[8]
  • Silent Elimination of Bounds Checks[9]
  • Secure Coding in C and C++: Strings and Buffer Overflows[10]
  • The CERT® Oracle® Secure Coding Standard for Java: Input Validation and Data Sanitization (IDS)[11]
  • Robert Seacord on the CERT C Secure Coding Standard[12]
  • Uninitialized Reads[13]
  • Java Deserialization Vulnerabilities and Mitigations[14]

References
  1. "Robert C. Seacord | US-CERT". www.us-cert.gov. Retrieved 2018-10-10.
  2. Chisnall, David; Seacord, Robert C. (2008-12-15). Robert Seacord on the CERT C Secure Coding Standard.
  3. "Renowned secure coding expert and author joins NCC Group's US team". www.nccgroup.trust. 4 November 2015. Retrieved 28 January 2018.
  4. "Advisory Board".
  5. "CERT Research Annual Report" (PDF). 2009. p. 76. Retrieved 28 January 2018.
  6. Seacord, Robert C. (2014-04-24), Accessing Shared Atomic Objects from within a Signal Handler in C, retrieved 2019-01-23
  7. Long, Fred; Mohindra, Dhruv; Seacord, Robert C.; Sutherland, Dean F.; Svoboda, David (2013-09-27), Java Coding Guidelines for Reliability, retrieved 2019-01-23
  8. Seacord, Robert C. (2013-06-26), C Secure Coding Rules: Past, Present, and Future, retrieved 2019-01-23
  9. Seacord, Robert C. (2013-06-12), Silent Elimination of Bounds Checks, retrieved 2019-01-23
  10. Kalev, Danny; Seacord, Robert C. (2013-04-18), Secure Coding in C and C++: An Interview with Robert Seacord, retrieved 2019-01-23
  11. Long, Fred; Svoboda, David; Mohindra, Dhruv; Seacord, Robert C.; Sutherland, Dean F. (2011-10-24), The CERT® Oracle® Secure Coding Standard for Java: Input Validation and Data Sanitization (IDS), retrieved 2019-01-23
  12. Chisnall, David; Seacord, Robert C. (2008-12-15), Robert Seacord on the CERT C Secure Coding Standard, retrieved 2019-01-23
  13. Seacord, Robert C. "Uninitialized Reads". cacm.acm.org. Retrieved 2019-01-23.
  14. Seacord, R. C. (2017). "Java Deserialization Vulnerabilities and Mitigations". 2017 IEEE Cybersecurity Development (SecDev): 6–7. doi:10.1109/SecDev.2017.13. ISBN 978-1-5386-3467-7.
This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.