Software and Open Source SIG “Best Practice for End to End Software Security” 15th January 2015 Hosted by Anglia Ruskin University This SIG is championed by John Bechtel of Aquamatix, Phillip Burr, David Berry of Qualcomm and David Roberts of Jabooh Software Services Venue – LAB005, Anglia Ruskin University, East Road, Cambridge, CB1 1PT AGENDA 13:30 Registration & Networking over Tea and Coffee 14:00 Introduction to the Cambridge Wireless Software & Open Source SIG from SIG Champion, David Berry of Qualcomm Session chaired by John Bechtel of Aquamatix 14:10 Welcome from our host Rob Toulson, Director of the Cultures of the Digital Economy Research Institute (CoDE), Anglia Ruskin University Rob’s short presentation will give an overview of the Cultures of the Digital Economy’s (CoDE’s) recent research projects involving software development and user interaction. In particular our ‘Transforming Digital Music’ project (funded by the Arts and Humanities Research Council) aims to bring novel audio interaction features to commercial music. An overview of the project concept will be given and we will consider how open source models might be utilised to reinvigorate the commercial music industry. 14:20 Q&A 14:25 “Smartphone Platform Security - What have we learned from Symbian?” Craig Heath, Director, Franklin Heath Ltd The Symbian OS platform security architecture was rolled out to production smartphones in 2006, and was the first comprehensive mobile application security framework to be made available. Now that there are several competing platforms to choose from, this talk will examine what has been learned since that first rollout, and consider what, with hindsight, we might have done differently. 14:45 Q&A 14:50 “The Rules Of The Game - why security policy matters and how to translate policy into practice” Richie Saville, CTO, Flexeye Using examples from the energy industry, automotive supply chains and urban spaces, this talk will introduce and discuss recent work on codifying security policies as declarative rule structures suitable for machine analysis and execution. 15:10 Q&A 15:15 Coffee/Tea & Networking Session chaired by Phil Burr 15:50 “Securing the endpoint with Micro-Virtualization” Fraser Kyne, Principal Systems Engineer, Bromium With an attack surface of many tens of millions of lines of code, commodity operating systems such as Windows and OS X pose an easy target for hackers. Users may be duped into exposing their systems to such attacks through a variety of means such as a malicious web links, poisoned email attachments or rogue USB sticks, though increasingly attackers are using techniques such as malicious advertisements or "watering hole" attacks that compromise systems without the user even having to click on anything bad. Existing security products do a poor job of defending against such attacks and are easily evaded by zero-day or polymorphic malware. This talk introduces an new approach called micro-virtualization, in which a separate virtual machine OS instance is created for each individual task that a user performs. Hence each web site, each document, each spreadsheet etc opens in its own isolated micro-VM. Hardware virtualization capabilities of modern CPUs can be used to achieved robust isolation between micro-VMs with excellent performance and an unchanged user experience. Hence micro-virtualization provides a practical implementation of the principal of least privilege that operates below the client OS, implemented using a small, hardened code base that is orders of magnitude harder to attack. 16:10 Q&A 15.01.15 Cambridge, UK #CWSWOS www.cambridgewireless.co.uk 16:15 “Usable security – Why proving the security of your software does not prove its security” Nithin Thomas, CEO, SQR Systems The security world has always focussed on proving the security of algorithms and software. The increased use of BYOD and consumer technology in even the most sensitive organisations has shown that you need to do much more than prove the security of your system to achieve true security. This talk will explore how we can develop better security systems by making them easier to use. 16:35 Q&A 16:40 Panel Session with All Speakers, chaired by David Roberts of Jabooh Software Services 17:20 Fill in Evaluation Forms and Event Closes With the permission of the speakers, presentations will be loaded to the Cambridge Wireless website on the day following the event Profile of Organisers CW is the leading international community for companies involved in the research, development and application of wireless & mobile, internet, semiconductor and software technologies. With 400 members from major network operators and device manufacturers to innovative start-ups and universities, CW stimulates debate and collaboration, harnesses and shares knowledge, and helps to build connections between academia and industry. CW's 19 Special Interest Groups (SIGs) provide its members with a dynamic forum where they can network with their peers, track the latest technology trends and business developments and position their organisations in key market sectors. CW also organises the annual Future of Wireless International Conference and Discovering StartUps Competition along with other high-quality industry networking events and dinners. With headquarters at the heart of Cambridge, UK, CW partners with other international industry clusters and organisations to extend its reach and remain at the forefront of global developments and business opportunities. For more information, please visit www.cambridgewireless.co.uk Profile of Host Cultures of the Digital Economy Research Institute (CoDE), Anglia Ruskin University The Cultures of the Digital Economy Research Institute (CoDE), at Anglia Ruskin University, specialise in research and innovation projects that bridge the creative arts and technical sciences. CoDE has delivered a number of high profile projects funded by, for example, the EC (FP7), ERDF, NESTA, AHRC, TSB and the Royal Society. CoDE’s core expertise and interdisciplinary research themes are focused on a number of cross-disciplinary fields, these include Digital Performance, Production and Play; Serious Gaming and Mobile Applications; Creative and User Centred Design; Digital Humanities and Social Media. Anglia Ruskin University was awarded university status in 1992. With a student population of 31,000, we are one of the largest universities in the East of England, and a large provider of part-time education. Our main campuses at Cambridge and Chelmsford attract students not only from the East of England but in increasing numbers from mainland Europe and from further afield. In addition, our University has an extensive network of contacts with institutions throughout the world, delivering courses in countries as far removed as Malaysia and Trinidad. Profiles of SIG Champions John Bechtel, Aquamatix John is currently MD of Aquamatix Technologies, and Operations Director of Aquamatix, bringing his extensive international experience in start-up, medium-sized and large organisations to the Internet of Things in the water industry. John has successfully managed culturally and geographically diverse teams of high performers, and creates productive, dynamic environments. John holds a Bachelor’s degree in Systems Design Engineering from the University of Waterloo in Canada and is a certified PRINCE2 project management Practitioner. For further information, please visit www.aquamatix.net David Berry, Qualcomm David Berry is a Director of Engineering at Qualcomm Cambridge. David joined Qualcomm in 2004, through the acquisition of Cambridge-based Trigenix, where he led the development of the server side of the product through to operator deployment. His most recent work is on the development of the Qualcomm Toq smartwatch. Prior to joining Trigenix David held technical leadership roles at Cambridge companies FutureTV and Harlequin, in the areas of interactive TV and printing. He was at Sun Microsystems in the San Francisco Bay Area where he worked on software for video capture, colour management and image processing. David holds a BSc and PhD from HeriotWatt University in Electrical and Electronic Engineering. For further information, please visit www.qualcomm.com 15.01.15 Cambridge, UK #CWSWOS www.cambridgewireless.co.uk Phillip Burr Phil, as a senior product manager, has grown product revenue by focusing on the customer. Covering product strategy, product marketing, business development and product management, Phil is driven by the desire to connect customers to products that delight. Most recently Phil was Product Marketing Director at Arkessa (IoT SaaS platform) and Senior Product Marketing Manager at Mentor Graphics (embedded software product). Phil co-founded Octymo, a Cambridge start up focused on licensing a mobile phone applications platform. Phil brings extensive global experience including living in Asia where, for TTPCom and Motorola, he built and led a pan-Asian division to service multi-million dollar contracts. For further information please visit: uk.linkedin.com/in/phillipburr/ David Roberts, Jabooh Software Services David has been around the software industry for more than 20 years and has worked in some of the UK's top software companies. His experience and interest in mobile platforms goes back over 10 years when he first joined Symbian, initially as head of a technical consulting group which assisted Symbian customers and shareholders in creating products and platforms based on Symbian OS and then as head of a small research team looking at possible disruptions to, and opportunities in, Symbian's business models and practices. David is currently interim Head of Product Management at Citrix where he leads a small group of product managers responsible for XenServer, a Cambridge-developed hypervisor that is deployed in many of the world's largest clouds. For more information please email: [email protected] Profiles of Speakers Rob Toulson, Director Cultures of the Digital Economy Research Institute, Anglia Ruskin University Dr Rob Toulson is Director of the Cultures of the Digital Economy (CoDE) Research Institute and Anglia Ruskin University. Rob’s role is to engage in research that bridges the technical and creative communities in both academia and industry. Rob’s background is in electronics and embedded systems as well as music production and sound engineering. He holds a first degree in Mechanical Engineering and a PhD in Digital Signal Processing. Craig Heath, Director, Franklin Heath Ltd Craig has worked in computer security for over 25 years, on UNIX systems, Enterprise Java and mobile device platforms. He was Chief Security Technologist at the Symbian Foundation and now offers independent security consultancy as well as volunteering at Bletchley Park. Craig is author of several publications on computer security, including the book “Symbian OS Platform Security”. For further information, please visit: www.franklinheath.co.uk Richie Saville, CTO, Flexeye Richie Saville is Director and CTO of Flexeye Ltd, where he oversees the development of the EyeHub IoT service and the underlying Flexeye engine technology. He is a software engineer with over 25 years experience developing enterprise systems in the US and Europe. He was technical lead on the recently completed, InnovateUK-funded SASSI project, with partner JaguarLandRover. He now plays a similar role on the AMSCI Jubilee project, with partners Cosworth and Cranfield University. For further information, please visit www.flexeye.com Fraser Kyne, Principal Systems Engineer, Bromium Fraser Kyne is currently the Principle Systems Engineer for Bromium in Europe, a role held since Jan 2014. He spent the previous 18 months at Bromium as Director of Products reporting directly to the SVP of Products and cofounder Dr. Ian Pratt. Fraser s role has encompassed a wide range of both engineering and customer-facing activity. Prior to joining Bromium Fraser was a Technical Specialist and Business Development Manager at Citrix Systems. He has been a speaker at various industry events on topics such as virtualization, security, desktop transformation and cloud computing. For further information, please visit: www.bromium.com Nithin Thomas, CEO, SQR Systems Dr. Nithin Thomas is a technology entrepreneur, co-founder and CEO of SQR Systems, a cybersecurity company he set up to commercialise his patented PhD research on secure transmission of video over low bandwidth networks. He has worked with the MoD and various other government agencies in the UK and more recently the US to bring the technology to market to address some of the security challenges in government and enterprise. He is involved in advising startups in the cybersecurity sector on various issues from technology development to fund raising. A finalist of the Shell LiveWIRE Young Entrepreneur of the Year and winner of the Shell LiveWIRE Innovation award, Nithin is passionate about technology and entrepreneurship and is enjoying being part of London’s vibrant startup scene. For further information, please visit: www.sqrsystems.com 15.01.15 Cambridge, UK #CWSWOS www.cambridgewireless.co.uk Delegate List Name Organisation Company Profile John Bechtel Badger Pass SIG Champion David Berry Qualcomm Technologies Inc. SIG Champion Aasha Bodhani The Institution of Engineering & Technology Engineering & Technology Phil Burr SIG Champion Wireless Communications, Bluetooth, DECT, Zigbee, LTE, Satellite Communications Amol Kailash Chidambaran Cambridge Consultants Ltd Simon Cloke Eversheds LLP Andy Crisp 7Layers Test experts for Wireless Technologies; LTE, HSPA, W-CDMA, GSM, Bluetooth, NFC, WLAN Dominic Crutchley Cambridge Consultants Product Developers & Technology Consultants Ayse Cufoglu ARU ARU Peter Debenham Plextek Consulting Phil Dempster Cambridge Consultants Product Development and Technology Consulting John Edwards Edwards & Co Law firm Paul Galwas CDEC Connected Digital Economy Catapult Mat Gilbert Cambridge Consultants Steven Gilbert eXplanoTech Mark Graham Anglia Ruskin University Steve Haigh Cambridge Consultants Craig Heath Franklin Heath Ltd Peter Hooper Cambridge Consultants HiTech Consultancy Jordan Hrycaj PA Consulting consulting, technology Sibel Ibr Cambridge Smart Solutions Ltd Sean Irons Omnisense Malkit Jhitta RoodMicrotec Soraya Jones Cambridge Wireless Paull Kimber Selex ES Limited Eva Kirkby Imperial Innovations Emily Knight SignalCheck Stephan Kollmann University of Cambridge Kamran Kordi Nokia Networks Fraser Kyne Bromium Peter Mason Welwyn Business Services Gerald McQuaid Vodafone Josephine Monney Cambridge Consultants Ltd Paul Morris CSR Wireless platforms Donal Morrissey Zinwave LTD Provider of Distributed Antenna Systems Stuart Morton ADI 15.01.15 Cambridge, UK University Semiconductor Design, Test, Qualification and Supply Chain Management Services Selex ES is a Systems Solution supplier to the Global Aerospace and Defence domain. NEtwork and Security consulting services Vodafone Group PLC #CWSWOS www.cambridgewireless.co.uk Jonathan Pallant Cambridge Consultants Rado Petrik Cambridge Consultants Amyas Phillips ARM Thomas Pircher Cambridge Consultants Bart Platak Philips Research Laboratories Haydn Povey Spiral Semiconductor security consultants David Roberts Jabooh Software SIG Champion Tim Robertson Requaero Specialists in Technology recruitment Gerry Rutherford Cambridge Smart Solutions Ltd Richie Saville Flexeye Mauro Scagnol CSR Laurent Simon Computer Laboratory, University of Cambridge Diya Soubra ARM Processor IP supplier Clive Stubbings Xentech Solutions Limited Xentech Solutions is a design consultancy specialising in hardware and embedded software development Mahendra Tailor Ezurio Ltd (A division of Laird) Wireless Module manufacturer Nithin Thomas SQR Systems Andy Thompson Australian Trade Commission Rob Toulson Cultures of the Digital Economy Research Institute Luke Tunmer Qualcomm Technologies Inc. Sam Turner Cambridge Consultants Ltd Alex van Someren Amadeus Capital Partners Amadeus Capital Partners Adrian Wagstaff MASS Cybersecurity, secure IT and networks Amna Wahid Queen Mary UoL Nigel Wall Climate Associates Ltd thought leaders on sustainable communications systems and apps Andrew Wallace Hermes Integration Ltd Consulting, Interim, Board advisory & NED Aaron Whitehouse Cambridge Judge Business School Business School Adrian Winckles ARU Anglia Ruskin University - Department of Computing David Wood Delta Wisdom Intelligence for profound change Suzan Ziobro Graveley Associates Business development in high tech B2B 15.01.15 Cambridge, UK ARM . #CWSWOS www.cambridgewireless.co.uk
© Copyright 2024