New initiative aims to fix software security flaws

The top scientist for a Defense Department-backed cybersecurity program is overseeing a new initiative to help tech professionals identify design flaws and vulnerabilities in software.

The new project is based at the Institute of Electrical and Electronics Engineers, a worldwide trade group for technical professionals with more than 400,000 members.

ADVERTISEMENT

Greg Shannon, currently chief scientist for the Software Engineering Institute's CERT Division at Carnegie Mellon University, will head the new initiative.

Shannon’s goal is to set guidelines for secure software coding while educating the tech sector on cybersecurity.

“Many of the cybersecurity exploits that continue to make the daily news feeds come from avoidable engineering and operational mistakes that result in large-scale coordinated cyber attacks,” Shannon said, explaining the new project’s focus.

“As networks continue to juggle exponential growth, new threats will emerge,” he added. “Now is the time not only for better defensive measures, but also for cybersecurity standards and best practices that consider the entire technology lifecycle.”

Currently at the CERT Division, Shannon studies national cybersecurity issues sponsored by the Pentagon and working closely with Homeland Security. He previously worked for Los Alamos National Laboratory as well as at a number of private firms, including Lucent Technologies.