Software and Open Source SIG
“Best Practice for End to End Software Security”
15th January 2015
Hosted by Anglia Ruskin University
This SIG is championed by John Bechtel of Aquamatix, Phillip Burr, David Berry of
Qualcomm and David Roberts of Jabooh Software Services
Venue – LAB005, Anglia Ruskin University, East Road, Cambridge, CB1 1PT
AGENDA
13:30
Registration & Networking over Tea and Coffee
14:00
Introduction to the Cambridge Wireless Software & Open Source SIG from SIG Champion, David Berry
of Qualcomm
Session chaired by John Bechtel of Aquamatix
14:10
Welcome from our host Rob Toulson, Director of the Cultures of the Digital Economy Research
Institute (CoDE), Anglia Ruskin University
Rob’s short presentation will give an overview of the Cultures of the Digital Economy’s (CoDE’s) recent
research projects involving software development and user interaction. In particular our ‘Transforming
Digital Music’ project (funded by the Arts and Humanities Research Council) aims to bring novel audio
interaction features to commercial music. An overview of the project concept will be given and we will
consider how open source models might be utilised to reinvigorate the commercial music industry.
14:20
Q&A
14:25
“Smartphone Platform Security - What have we learned from Symbian?”
Craig Heath, Director, Franklin Heath Ltd
The Symbian OS platform security architecture was rolled out to production smartphones in 2006, and
was the first comprehensive mobile application security framework to be made available. Now that
there are several competing platforms to choose from, this talk will examine what has been learned
since that first rollout, and consider what, with hindsight, we might have done differently.
14:45
Q&A
14:50
“The Rules Of The Game - why security policy matters and how to translate policy into practice”
Richie Saville, CTO, Flexeye
Using examples from the energy industry, automotive supply chains and urban spaces, this talk will
introduce and discuss recent work on codifying security policies as declarative rule structures suitable
for machine analysis and execution.
15:10
Q&A
15:15
Coffee/Tea & Networking
Session chaired by Phil Burr
15:50
“Securing the endpoint with Micro-Virtualization”
Fraser Kyne, Principal Systems Engineer, Bromium
With an attack surface of many tens of millions of lines of code, commodity operating systems such as
Windows and OS X pose an easy target for hackers. Users may be duped into exposing their systems
to such attacks through a variety of means such as a malicious web links, poisoned email attachments
or rogue USB sticks, though increasingly attackers are using techniques such as malicious
advertisements or "watering hole" attacks that compromise systems without the user even having to
click on anything bad. Existing security products do a poor job of defending against such attacks and
are easily evaded by zero-day or polymorphic malware.
This talk introduces an new approach called micro-virtualization, in which a separate virtual machine OS
instance is created for each individual task that a user performs. Hence each web site, each document,
each spreadsheet etc opens in its own isolated micro-VM. Hardware virtualization capabilities of modern
CPUs can be used to achieved robust isolation between micro-VMs with excellent performance and an
unchanged user experience. Hence micro-virtualization provides a practical implementation of the
principal of least privilege that operates below the client OS, implemented using a small, hardened code
base that is orders of magnitude harder to attack.
16:10
Q&A
15.01.15 Cambridge, UK
#CWSWOS
www.cambridgewireless.co.uk
16:15
“Usable security – Why proving the security of your software does not prove its security”
Nithin Thomas, CEO, SQR Systems
The security world has always focussed on proving the security of algorithms and software. The
increased use of BYOD and consumer technology in even the most sensitive organisations has shown
that you need to do much more than prove the security of your system to achieve true security. This talk
will explore how we can develop better security systems by making them easier to use.
16:35
Q&A
16:40
Panel Session with All Speakers, chaired by David Roberts of Jabooh Software Services
17:20
Fill in Evaluation Forms and Event Closes
With the permission of the speakers, presentations will be loaded to the Cambridge Wireless website on the day following the event
Profile of Organisers
CW is the leading international community for companies involved in the research, development and application of
wireless & mobile, internet, semiconductor and software technologies. With 400 members from major network
operators and device manufacturers to innovative start-ups and universities, CW stimulates debate and
collaboration, harnesses and shares knowledge, and helps to build connections between academia and industry.
CW's 19 Special Interest Groups (SIGs) provide its members with a dynamic forum where they can network with
their peers, track the latest technology trends and business developments and position their organisations in key
market sectors. CW also organises the annual Future of Wireless International Conference and Discovering StartUps Competition along with other high-quality industry networking events and dinners. With headquarters at the
heart of Cambridge, UK, CW partners with other international industry clusters and organisations to extend its reach
and remain at the forefront of global developments and business opportunities. For more information, please visit
www.cambridgewireless.co.uk
Profile of Host
Cultures of the Digital Economy Research Institute (CoDE), Anglia Ruskin University
The Cultures of the Digital Economy Research Institute (CoDE), at Anglia Ruskin University, specialise in research
and innovation projects that bridge the creative arts and technical sciences. CoDE has delivered a number of high
profile projects funded by, for example, the EC (FP7), ERDF, NESTA, AHRC, TSB and the Royal Society. CoDE’s
core expertise and interdisciplinary research themes are focused on a number of cross-disciplinary fields, these
include Digital Performance, Production and Play; Serious Gaming and Mobile Applications; Creative and User
Centred Design; Digital Humanities and Social Media.
Anglia Ruskin University was awarded university status in 1992. With a student population of 31,000, we are one of
the largest universities in the East of England, and a large provider of part-time education. Our main campuses at
Cambridge and Chelmsford attract students not only from the East of England but in increasing numbers from
mainland Europe and from further afield. In addition, our University has an extensive network of contacts with
institutions throughout the world, delivering courses in countries as far removed as Malaysia and Trinidad.
Profiles of SIG Champions
John Bechtel, Aquamatix
John is currently MD of Aquamatix Technologies, and Operations Director of Aquamatix, bringing his extensive
international experience in start-up, medium-sized and large organisations to the Internet of Things in the water
industry. John has successfully managed culturally and geographically diverse teams of high performers, and
creates productive, dynamic environments. John holds a Bachelor’s degree in Systems Design Engineering from the
University of Waterloo in Canada and is a certified PRINCE2 project management Practitioner. For further
information, please visit www.aquamatix.net
David Berry, Qualcomm
David Berry is a Director of Engineering at Qualcomm Cambridge. David joined Qualcomm in 2004, through the
acquisition of Cambridge-based Trigenix, where he led the development of the server side of the product through to
operator deployment. His most recent work is on the development of the Qualcomm Toq smartwatch. Prior to
joining Trigenix David held technical leadership roles at Cambridge companies FutureTV and Harlequin, in the areas
of interactive TV and printing. He was at Sun Microsystems in the San Francisco Bay Area where he worked on
software for video capture, colour management and image processing. David holds a BSc and PhD from HeriotWatt University in Electrical and Electronic Engineering. For further information, please visit www.qualcomm.com
15.01.15 Cambridge, UK
#CWSWOS
www.cambridgewireless.co.uk
Phillip Burr
Phil, as a senior product manager, has grown product revenue by focusing on the customer. Covering product
strategy, product marketing, business development and product management, Phil is driven by the desire to connect
customers to products that delight. Most recently Phil was Product Marketing Director at Arkessa (IoT SaaS
platform) and Senior Product Marketing Manager at Mentor Graphics (embedded software product). Phil co-founded
Octymo, a Cambridge start up focused on licensing a mobile phone applications platform. Phil brings extensive
global experience including living in Asia where, for TTPCom and Motorola, he built and led a pan-Asian division to
service multi-million dollar contracts.
For further information please visit: uk.linkedin.com/in/phillipburr/
David Roberts, Jabooh Software Services
David has been around the software industry for more than 20 years and has worked in some of the UK's top
software companies. His experience and interest in mobile platforms goes back over 10 years when he first joined
Symbian, initially as head of a technical consulting group which assisted Symbian customers and shareholders in
creating products and platforms based on Symbian OS and then as head of a small research team looking at
possible disruptions to, and opportunities in, Symbian's business models and practices. David is currently interim
Head of Product Management at Citrix where he leads a small group of product managers responsible for
XenServer, a Cambridge-developed hypervisor that is deployed in many of the world's largest clouds. For more
information please email: [email protected]
Profiles of Speakers
Rob Toulson, Director Cultures of the Digital Economy Research Institute, Anglia Ruskin University
Dr Rob Toulson is Director of the Cultures of the Digital Economy (CoDE) Research Institute and Anglia Ruskin
University. Rob’s role is to engage in research that bridges the technical and creative communities in both academia
and industry. Rob’s background is in electronics and embedded systems as well as music production and sound
engineering. He holds a first degree in Mechanical Engineering and a PhD in Digital Signal Processing.
Craig Heath, Director, Franklin Heath Ltd
Craig has worked in computer security for over 25 years, on UNIX systems, Enterprise Java and mobile device
platforms. He was Chief Security Technologist at the Symbian Foundation and now offers independent security
consultancy as well as volunteering at Bletchley Park. Craig is author of several publications on computer security,
including the book “Symbian OS Platform Security”. For further information, please visit: www.franklinheath.co.uk
Richie Saville, CTO, Flexeye
Richie Saville is Director and CTO of Flexeye Ltd, where he oversees the development of the EyeHub IoT service
and the underlying Flexeye engine technology. He is a software engineer with over 25 years experience developing
enterprise systems in the US and Europe. He was technical lead on the recently completed, InnovateUK-funded
SASSI project, with partner JaguarLandRover. He now plays a similar role on the AMSCI Jubilee project, with
partners Cosworth and Cranfield University.
For further information, please visit www.flexeye.com
Fraser Kyne, Principal Systems Engineer, Bromium
Fraser Kyne is currently the Principle Systems Engineer for Bromium in Europe, a role held since Jan 2014. He
spent the previous 18 months at Bromium as Director of Products reporting directly to the SVP of Products and cofounder Dr. Ian Pratt. Fraser s role has encompassed a wide range of both engineering and customer-facing activity.
Prior to joining Bromium Fraser was a Technical Specialist and Business Development Manager at Citrix Systems.
He has been a speaker at various industry events on topics such as virtualization, security, desktop transformation
and cloud computing. For further information, please visit: www.bromium.com
Nithin Thomas, CEO, SQR Systems
Dr. Nithin Thomas is a technology entrepreneur, co-founder and CEO of SQR Systems, a cybersecurity company he
set up to commercialise his patented PhD research on secure transmission of video over low bandwidth networks.
He has worked with the MoD and various other government agencies in the UK and more recently the US to bring
the technology to market to address some of the security challenges in government and enterprise. He is involved in
advising startups in the cybersecurity sector on various issues from technology development to fund raising. A finalist
of the Shell LiveWIRE Young Entrepreneur of the Year and winner of the Shell LiveWIRE Innovation award, Nithin is
passionate about technology and entrepreneurship and is enjoying being part of London’s vibrant startup scene. For
further information, please visit: www.sqrsystems.com
15.01.15 Cambridge, UK
#CWSWOS
www.cambridgewireless.co.uk
Delegate List
Name
Organisation
Company Profile
John Bechtel
Badger Pass
SIG Champion
David Berry
Qualcomm Technologies Inc.
SIG Champion
Aasha Bodhani
The Institution of Engineering &
Technology
Engineering & Technology
Phil Burr
SIG Champion
Wireless Communications, Bluetooth, DECT, Zigbee,
LTE, Satellite Communications
Amol Kailash Chidambaran
Cambridge Consultants Ltd
Simon Cloke
Eversheds LLP
Andy Crisp
7Layers
Test experts for Wireless Technologies; LTE, HSPA,
W-CDMA, GSM, Bluetooth, NFC, WLAN
Dominic Crutchley
Cambridge Consultants
Product Developers & Technology Consultants
Ayse Cufoglu
ARU
ARU
Peter Debenham
Plextek Consulting
Phil Dempster
Cambridge Consultants
Product Development and Technology Consulting
John Edwards
Edwards & Co
Law firm
Paul Galwas
CDEC
Connected Digital Economy Catapult
Mat Gilbert
Cambridge Consultants
Steven Gilbert
eXplanoTech
Mark Graham
Anglia Ruskin University
Steve Haigh
Cambridge Consultants
Craig Heath
Franklin Heath Ltd
Peter Hooper
Cambridge Consultants
HiTech Consultancy
Jordan Hrycaj
PA Consulting
consulting, technology
Sibel Ibr
Cambridge Smart Solutions Ltd
Sean Irons
Omnisense
Malkit Jhitta
RoodMicrotec
Soraya Jones
Cambridge Wireless
Paull Kimber
Selex ES Limited
Eva Kirkby
Imperial Innovations
Emily Knight
SignalCheck
Stephan Kollmann
University of Cambridge
Kamran Kordi
Nokia Networks
Fraser Kyne
Bromium
Peter Mason
Welwyn Business Services
Gerald McQuaid
Vodafone
Josephine Monney
Cambridge Consultants Ltd
Paul Morris
CSR
Wireless platforms
Donal Morrissey
Zinwave LTD
Provider of Distributed Antenna Systems
Stuart Morton
ADI
15.01.15 Cambridge, UK
University
Semiconductor Design, Test, Qualification and Supply
Chain Management Services
Selex ES is a Systems Solution supplier to the Global
Aerospace and Defence domain.
NEtwork and Security consulting services
Vodafone Group PLC
#CWSWOS
www.cambridgewireless.co.uk
Jonathan Pallant
Cambridge Consultants
Rado Petrik
Cambridge Consultants
Amyas Phillips
ARM
Thomas Pircher
Cambridge Consultants
Bart Platak
Philips Research Laboratories
Haydn Povey
Spiral
Semiconductor security consultants
David Roberts
Jabooh Software
SIG Champion
Tim Robertson
Requaero
Specialists in Technology recruitment
Gerry Rutherford
Cambridge Smart Solutions Ltd
Richie Saville
Flexeye
Mauro Scagnol
CSR
Laurent Simon
Computer Laboratory, University of
Cambridge
Diya Soubra
ARM
Processor IP supplier
Clive Stubbings
Xentech Solutions Limited
Xentech Solutions is a design consultancy specialising
in hardware and embedded software development
Mahendra Tailor
Ezurio Ltd (A division of Laird)
Wireless Module manufacturer
Nithin Thomas
SQR Systems
Andy Thompson
Australian Trade Commission
Rob Toulson
Cultures of the Digital Economy
Research Institute
Luke Tunmer
Qualcomm Technologies Inc.
Sam Turner
Cambridge Consultants Ltd
Alex van Someren
Amadeus Capital Partners
Amadeus Capital Partners
Adrian Wagstaff
MASS
Cybersecurity, secure IT and networks
Amna Wahid
Queen Mary UoL
Nigel Wall
Climate Associates Ltd
thought leaders on sustainable communications
systems and apps
Andrew Wallace
Hermes Integration Ltd
Consulting, Interim, Board advisory & NED
Aaron Whitehouse
Cambridge Judge Business School
Business School
Adrian Winckles
ARU
Anglia Ruskin University - Department of Computing
David Wood
Delta Wisdom
Intelligence for profound change
Suzan Ziobro
Graveley Associates
Business development in high tech B2B
15.01.15 Cambridge, UK
ARM
.
#CWSWOS
www.cambridgewireless.co.uk