Biosketch for Spaf

Links

Home

In the News & On the WWW

Short Bio

Full C.V. PDF indicator

Selected Firsts

Notable Activities

My CERIAS Blog Posts

Spaf & the US Gov

Courses & Teaching

Information for Grad Students

Students Past and Present

Research and Papers

Selected Quotes

Miscellaneous Items

• • •


Following are six bios. You can pick whichever one you like. If none are appropriate, you can edit the long one down to whatever you want. Or you can cut, paste, and invent to make one up using whatever information you like!

You can find a high-quality picture of Spaf here. Other, older pictures are here.

You can download a brief, 2-page bio in the form (approximately) used by DoD here.

A full academic C.V. is available at the link in the left column.

Short & Whimsical

Eugene H. Spafford is one of the most senior academics in the field of cybersecurity. During his 47 years in computing—including 38 years as a faculty member at Purdue University — Spaf (as he is widely known) has worked on issues in privacy, public policy, law enforcement, software engineering, education, social networks, operating systems, and cyber security. He has been involved in the development of fundamental technologies in intrusion detection, incident response, firewalls, integrity management, and forensic investigation. His interests range over these and many other areas, and this has been one of the factors behind his leadership of CERIAS, the Center for Education and Research in Information Assurance and Security, of which he is now the Executive Director Emeritus. In that role, he continues to be a polymathic futurist, although occasionally, some view him as simply an iconoclastic crank.

His most recent book, co-authored with L. Metcalf and J. Dykstra, Cybersecurity Myths and Misconceptions, has been inducted into the Cybersecurity Canon Hall of Fame.

More information may be found at <https://spaf.cerias.purdue.edu/narrate.html>.

Short & Boring

Eugene H. Spafford is a Distinguished Professor of Computer Sciences at Purdue University. He is also the founder and Executive Director Emeritus of the Center for Education and Research in Information Assurance and Security (CERIAS). He has worked in computing as a student, researcher, consultant, and professor for more than 47 years. Some of his work is at the foundation of current security practice, including intrusion detection, incident response, firewalls, integrity management, and forensic investigation. His most recent work has been in cybersecurity policy, security of real-time systems, and future threats. He has also been a pioneer in education, including starting and heading the oldest degree-granting cybersecurity program.

Dr. Spafford has been recognized with significant honors from various organizations. These include being elected as a Fellow of the American Academy of Arts and Sciences (AAA&S), and the Association for the Advancement of Science (AAAS); a Life Fellow of the ACM, the IEEE, and the (ISC)2; a Life Distinguished Fellow of the ISSA; and a member of the Cyber Security Hall of Fame — the only person to ever hold all these distinctions. In 2012 he was named one of Purdue's inaugural Morrill Professors — the university's highest award for the combination of scholarship, teaching, and service. In 2016, he received the State of Indiana's highest civilian honor by being named as a Sagamore of the Wabash.

Among many other activities, he is editor-in-chief of the journal Computers & Security, serves on the Board of Directors of the Computing Research Association, and is a member of the National Security Advisory Board for Sandia Laboratories.

His most recent book, co-authored with L. Metcalf and J. Dykstra, Cybersecurity Myths and Misconceptions, has been inducted into the Cybersecurity Canon Hall of Fame.

More information may be found at <https://spaf.cerias.purdue.edu/narrate.html>.

Midsize and fairly complete

Eugene H. Spafford is one of the most senior academics in the field of cybersecurity. During his 47 years in computing—including 38 years as a faculty member at Purdue University — Spaf (as he is widely known) has worked on issues in privacy, public policy, law enforcement, software engineering, education, social networks, operating systems, and cyber security. He has been involved in the development of fundamental technologies in intrusion detection, incident response, firewalls, integrity management, and forensic investigation. His interests range over these and many other areas, and this has been one of the factors behind his leadership of CERIAS, the Center for Education and Research in Information Assurance and Security, where he is the Executive Director Emeritus.

Spaf has served as a senior advisor to US and International agencies, companies, and organizations. This has included advising corporate boards, consulting in judicial actions, and serving on study commissions. He has worked extensively with the U.S. Air Force, the U.S. Naval Academy, FBI, DOE National Labs, the National Science Foundation, the ACM, Microsoft, Intel, Unisys, and the Computing Research Association — among others.

Dr. Spafford has been recognized with significant honors from various organizations. These include being elected as a Fellow of the American Academy of Arts and Sciences (AAA&S), and the Association for the Advancement of Science (AAAS); a Life Fellow of the ACM, the IEEE, and the (ISC)2; a Life Distinguished Fellow of the ISSA; and a member of the Cyber Security Hall of Fame — the only person to ever hold all these distinctions. In 2012 he was named one of Purdue's inaugural Morrill Professors — the university's highest award for the combination of scholarship, teaching, and service. In 2016, he received the State of Indiana's highest civilian honor by being named as a Sagamore of the Wabash.

Among many other activities, he is editor-in-chief of the journal Computers & Security, serves on the Board of Directors of the Computing Research Association, and is a member of the National Security Advisory Board for Sandia Laboratories.

His most recent book, co-authored with L. Metcalf and J. Dykstra, Cybersecurity Myths and Misconceptions, has been inducted into the Cybersecurity Canon Hall of Fame.

More information may be found at <https://spaf.cerias.purdue.edu/narrate.html>.

Just Silly

Eugene H. Spafford is a Distinguished Professor of Computer Sciences at Purdue University, much to the chagrin of the other faculty. There, he mostly focuses on avoiding faculty meetings and committee assignments.

Spaf obtained degrees in math, computer science, and whiskey (the latter was an honorary degree bestowed by peers) from Georgia Tech. That outcome was less about his contributions and more about his talent for frustrating his committee to such an extent that they expedited his departure in 1986. He spent the following year involved in what he now describes as "a postdoc… nothing more, and certainly nothing involving explosives," all said in a low voice while casting furtive glances over his shoulder.

At Purdue since 1987, Professor Spafford is still unclear when the statute of limitations runs out for his "postdoc." However, after 38 years in Indiana, he is beginning to relax about possibly visiting several Southern states and Central American countries again, and he no longer giggles nervously when people mention "grits" or "kudzu."

Spaf has traveled extensively, having lost his luggage (and his way) in at least two dozen countries. Leaders in government and industry frequently call him, mainly because his cell phone number is close to that of a good pizza parlor. He has frequently addressed large audiences, although more often than not, uninvited.

In his spare time, he learns new languages: he currently speaks 12 languages, although no one else understands any of them. He has also memorized the first 12,400 digits of PI; he may someday memorize them in correct order.

More information may be found at <https://spaf.cerias.purdue.edu/narrate.html>.

<100 Words

Eugene H. Spafford has been on the faculty of Computer Sciences at Purdue University for 38 years. and was the founder of CERIAS. His research underlies many technologies used in modern cybersecurity.

Dr. Spafford has been recognized with significant honors from various organizations. These include being elected as a Fellow of the American Academy of Arts and Sciences (AAA&S), and the Association for the Advancement of Science (AAAS); a Life Fellow of the ACM, the IEEE, and the (ISC)2; a Life Distinguished Fellow of the ISSA; and a member of the Cyber Security Hall of Fame.

Long & Tedious

Eugene H. Spafford is a Distinguished Professor of Computer Sciences at Purdue University, where he has been on the faculty for 38 years. He is also a professor of Electrical and Computer Engineering (courtesy appointment), nuclear engineering (courtesy), Philosophy (courtesy), a professor of Communication (courtesy), a professor of Political Science (courtesy). He is the founder and Executive Director Emeritus of the Center for Education and Research in Information Assurance and Security. CERIAS is a campus-wide multi-disciplinary Center with a broadly-focused mission to explore issues related to protecting information and information resources. CERIAS was established in 1998 from the earlier COAST Laboratory, headed by Professor Spafford, established in 1992.

Spaf has written and spoken extensively about information security, cybercrime, software engineering, and professional ethics. He has published over 100 articles and reports on his research, has written or contributed to over a dozen books, and serves on the editorial boards of several major infosec-related journals. In his career to date, Professor Spafford and his students are credited with several security "firsts," including the first open security scanner, the first widely-available intrusion detection tool, the first integrity-based control tool, the first multistage firewall, the first formal bounds on intrusion detection, the first reference model of firewalls, and some of the first work in vulnerability classification databases. Much of the current security product industry can therefore be viewed as based partly on his past research; some of his ideas directly led to the establishment of two commercial firms: Tripwire and Signacert. His current research is directed towards issues of public policy and information security, architecture and construction of highly-secure systems, and cyberforensic technologies.

Soaf has served as a senior advisor to US and International agencies, companies, and organizations. This has included advising corporate boards, consulting in judicial actions, and serving on study commissions. He has worked extensively with the US Air Force, the US Naval Academy, FBI, DOE National Labs, the National Science Foundation, the ACM, Microsoft, Intel, Unisys, and the Computing Research Association — among others.

Dr. Spafford has been recognized with significant honors from various organizations. These include being elected as a Fellow of the American Academy of Arts and Sciences (AAA&S), and the Association for the Advancement of Science (AAAS); a Life Fellow of the ACM, the IEEE, and the (ISC)2; a Life Distinguished Fellow of the ISSA; and a member of the Cyber Security Hall of Fame — the only person to ever hold all these distinctions. In 2012 he was named one of Purdue's inaugural Morrill Professors — the university's highest award for the combination of scholarship, teaching, and service. In 2016, he received the State of Indiana's highest civilian honor by being named as a Sagamore of the Wabash. He is a charter recipient of the Computer Society's Golden Core award. He was the year 2000 recipient of the NIST/NCSC National Computer Systems Security Award, generally regarded as the field's most significant honor in information security research. In 2001, he was named one of the recipients of the "Charles B. Murphy" award and named a Fellow of the Purdue Teaching Academy, and in 2003 was named to the "Book of Great Teachers" — thus receiving all three of Purdue University's highest awards for outstanding teaching.

In 2001, Spaf was elected to the ISSA Hall of Fame, and he was awarded the Founder's Medal of the NCISSE for his contributions to research and education in infosec. He is a 2003 recipient of the Air Force medal for Meritorious Civilian Service. In 2004, Spaf was named the recipient of the IEEE Computer Society's Taylor Booth medal and the ACM SIGCAS's "Making a Difference" award. In 2005 he was named a recipient of the IEEE Computer Society's Technical Achievement Award. In 2006, he received the ACM SIGSAC's "Outstanding Contribution" award, and in 2007 he was named the recipient of the prestigious ACM President's Award. In 2008, he was cited as the recipient of CRA's Distinguished Service Award; in 2009 was named a Distinguished Fellow of the ISSA; and in 2011 was awarded a SANS Lifetime Achievement Award. In 2013 he was named as the recipient of the (ISC)2 Harold F. Tipton Lifetime Achievement Award and was elected into the national Cyber Security Hall of Fame. He is the 2017 awardee of the IFIP Kristian Beckman Award and received the ISE® Luminary Leadership Award in 2018.

Among many other activities, he is editor-in-chief of the journal Computers & Security, serves on the Board of Directors of the Computing Research Association, and is a member of the National Security Advisory Board for Sandia Laboratories.

His most recent book, co-authored with L. Metcalf and J. Dykstra, Cybersecurity Myths and Misconceptions, has been inducted into the Cybersecurity Canon Hall of Fame.

In his spare time, Spaf wonders why he has no spare time!

More information may be found at <https://spaf.cerias.purdue.edu/narrate.html>.