Login
Login

:Robert C. Seacord

{{short description|American computer security expert (born 1963)}}

File:Rcs-bust.jpg

Robert C. Seacord (born June 5, 1963) is an American computer security specialist and writer. He is the author of books on computer security, legacy system modernization, and component-based software engineering.

Education

Seacord earned a Bachelor's degree in computer science from Rensselaer Polytechnic Institute in December 1983. He has also completed graduate-level courses at Carnegie-Mellon University in software design, creation and maintenance; user interfaces; software project management; formal methods; human factors; operating systems; and entrepreneurship.{{Citation needed|date=January 2018}}

Career

Seacord began programming professionally for IBM in 1984, working in processor development, then communications and operating system software, and software engineering. He led the Secure Coding Initiative in the CERT Division of Carnegie Mellon University's Software Engineering Institute (SEI) in Pittsburgh, Pennsylvania until 1991, working on the User Interface Project.{{Cite web|url=https://www.us-cert.gov/bsi/about-us/authors/robert-c-seacord|title=Robert C. Seacord {{!}} US-CERT|website=www.us-cert.gov|language=en|access-date=2018-10-10}} He also has worked at the X Consortium in Cambridge, Massachusetts, where he developed and maintained code for the Common Desktop Environment and the X Window System. He returned to SEI in 1996, working on component-based software engineering and joined CERT in 2003.{{Cite book|url=http://www.informit.com/articles/article.aspx?p=1315064|title=Robert Seacord on the CERT C Secure Coding Standard|last1=Chisnall|first1=David|last2=Seacord|first2=Robert C.|date=2008-12-15}} He left CERT and the SEI and joined NCC Group in 2015,{{Cite web|url=https://www.nccgroup.trust/us/about-us/newsroom-and-events/press-releases/2015/november/renowned-secure-coding-expert-and-author-joins-ncc-groups-us-team/|title=Renowned secure coding expert and author joins NCC Group's US team|date=4 November 2015|website=www.nccgroup.trust|access-date=28 January 2018}} as a Technical Director.

Seacord was an adjunct professor in the Carnegie Mellon School of Computer Science and in the Information Networking Institute. He was also a part-time faculty member at the University of Pittsburgh.{{Cite web|date=September 11, 2010|title=CoMeT : Dangerous Optimizations and a Loss of Causality. Speaker bio|url=http://halley.exp.sis.pitt.edu/comet/presentColloquium.do?col_id=814|access-date=2020-12-20|website=halley.exp.sis.pitt.edu}}

Seacord is on the Advisory Board for the Linux Foundation{{Cite web|date=2020|title=Core Infrastructure Initiative Advisory Board|url=https://www.coreinfrastructure.org/advisory-board/|access-date=December 19, 2020|website=The Linux Foundation}} and convenor for the ISO/IEC JTC1/SC22/WG14 international standardization working group for the C programming language.{{Cite web|url=https://www.open-std.org/jtc1/sc22/wg14/23895|title=New Convenor|access-date=14 September 2023}} He co-wrote the 2016 Facebook osquery audit.{{Cite web|last1=Salas|first1=Ralph|last2=Rahimi|first2=Andrew|last3=Seacord|first3=Robert|date=March 11, 2016|title=OSQuery Application Security Assessment|url=https://www.nccgroup.com/globalassets/our-research/us/public-reports/2016/march/security_assessment_2016_01_25v2.pdf|website=NCCGROUP}}

In February 2022 Seacord joined Woven by Toyota, Inc., where he is Standardization Lead, working with Toyota and its suppliers on quality software development.{{Cite web |date=2022-03-03 |title=Secure Coding and Integers (Show notes) |url=https://cppcast.com/secure-coding-integers/ |access-date=2022-04-14 |website=cppcast.com |language=en-us}}

Selected publications

= Books =

  • {{Cite book|last=Seacord|first=Robert C.|title=Effective C: An Introduction to Professional C Programming|publisher=No Starch Press|year=2020|isbn=9781718501041|location=San Francisco, California}}
  • Seacord, Robert. The CERT® C Coding Standard, Second Edition: 98 Rules for Developing Safe, Reliable, and Secure Systems (2nd Edition), Addison-Wesley Professional, 2014. {{ISBN|0-321-98404-8}}.
  • Lon, Fred; Mohindra, Dhruv; Seacord, Robert; Sutherland, Dean F.; and Svoboda, David. Java Coding Guidelines: 75 Recommendations for Reliable and Secure Programs, Addison-Wesley, 2014. {{ISBN|978-0321933157}}.
  • Seacord, Robert. Secure Coding in C and C++, Second Edition, Addison Wesley, 2013. {{ISBN|0-321-33572-4}}
  • Seacord, Robert; Long, Fred; Mohindra, Dhruv; Sutherland, Dean; Svoboda, David. The CERT® Oracle® Secure Coding Standard for Java, Addison Wesley, 2011. {{ISBN|0-321-803-957}}
  • Seacord, Robert. The CERT® C Secure Coding Standard, Addison Wesley, 2008. {{ISBN|0-321-56321-2}}
  • Seacord, Robert; Plakosh, Daniel; Lewis, Grace. Modernizing Legacy Systems: Software Technologies, Engineering Processes, and Business Practices, Addison Wesley, 2003. {{ISBN|0-321-11884-7}}
  • Seacord, Robert, Wallnau, Kurt; Hissam, Scott. Building Systems from Commercial Components, Addison Wesley, 2001. {{ISBN|0-201-70064-6}}

= Videos =

  • Professional C Programming LiveLessons, (Video Training) Part I: Writing Robust, Secure, Reliable Code {{ISBN|978-0-13-312335-7}}
  • Secure Coding Rules for Java LiveLessons, Part I {{ISBN|978-0-13-419119-5}}
  • Secure Coding Rules for Java: Serialization LiveLessons (Video Training) {{ISBN|978-0-13-419120-1}}

= Selected articles =

  • {{Citation|last=Seacord|first=Robert C.|title=Accessing Shared Atomic Objects from within a Signal Handler in C|date=2014-04-24|url=https://www.informit.com/articles/article.aspx?p=2204014|access-date=2019-01-23}}
  • {{Citation|last1=Long|first1=Fred|title=Java Coding Guidelines for Reliability|date=2013-09-27|url=https://www.informit.com/articles/article.aspx?p=2133373|access-date=2019-01-23|last2=Mohindra|first2=Dhruv|last3=Seacord|first3=Robert C.|last4=Sutherland|first4=Dean F.|last5=Svoboda|first5=David}}
  • {{Citation|last=Seacord|first=Robert C.|title=C Secure Coding Rules: Past, Present, and Future|date=2013-06-26|url=https://www.informit.com/articles/article.aspx?p=2088511|access-date=2019-01-23}}
  • {{Citation|last=Seacord|first=Robert C.|title=Silent Elimination of Bounds Checks|date=2013-06-12|url=https://www.informit.com/articles/article.aspx?p=2086870|access-date=2019-01-23}}
  • {{Citation|last1=Kalev|first1=Danny|title=Secure Coding in C and C++: An Interview with Robert Seacord|date=2013-04-18|url=https://www.informit.com/articles/article.aspx?p=2044344|access-date=2019-01-23|last2=Seacord|first2=Robert C.}}
  • {{Citation|last1=Long|first1=Fred|title=The CERT® Oracle® Secure Coding Standard for Java: Input Validation and Data Sanitization (IDS)|date=2011-10-24|url=https://www.informit.com/articles/article.aspx?p=1751371|access-date=2019-01-23|last2=Svoboda|first2=David|last3=Mohindra|first3=Dhruv|last4=Seacord|first4=Robert C.|last5=Sutherland|first5=Dean F.}}
  • {{Citation|last1=Chisnall|first1=David|title=Robert Seacord on the CERT C Secure Coding Standard|date=2008-12-15|url=https://www.informit.com/articles/article.aspx?p=1315064|access-date=2019-01-23|last2=Seacord|first2=Robert C.}}
  • {{Cite web|url=https://cacm.acm.org/magazines/2017/4/215033-uninitialized-reads/abstract|title=Uninitialized Reads|last=Seacord|first=Robert C.|website=cacm.acm.org|language=en|access-date=2019-01-23}}
  • {{Cite book|last=Seacord|first=R. C.|title=2017 IEEE Cybersecurity Development (SecDev) |chapter=Java Deserialization Vulnerabilities and Mitigations |date=2017|pages=6–7|doi=10.1109/SecDev.2017.13|isbn=978-1-5386-3467-7|s2cid=8023550 }}

References

{{Reflist|30em}}

External links

  • [https://web.archive.org/web/20220403221833/https://content.libsyn.com/p/9/2/1/92133200448bcc3f/cppcast-339.mp3?c_id=122473388&cs_id=122473388&response-content-type=audio%2Fmpeg&Expires=1649027966&Signature=MjR566HhwCKRna0BxAngwKA08yN~Qd7OnLjsZ29CbVDr~1CUudB6UjAiHt8FesaYVCNGotVycX~cH9n58TFcf6KVpfK-xEuP5Tzk~NDPlS4YkEBkrGQU0ytMcXd496LGP1TxLkjE~-WTzDws1PP4FckTjerUT9vKagw7KsD~FzVo8hmBTETc14~t4kV69o6b8rNEd-14fqm5AS8tKCMj54E1eWjlbvQ7ovyNJ-DvVD-jCt~Ouv0tkZqN04UvB8CmbVYldz1YktPGLmCQ1OQkkolM2W6Oemtv5b1QuQuuBgOm-IHJmdnG2EFNA613fW3t~-valE0-6TwmrrrvdQ8i5g__&Key-Pair-Id=K1YS7LZGUP96OI Secure Coding and Integers] (audio, 45:46)
  • {{YouTube|id=T0b6q7UNP8Y|title=Robert Seacord on Avoiding Defects in C Programming}} (video, 1:12:24)
  • {{YouTube|id=oWtLyUQoJzo|title=Java Serialization: The Serial Killer - Robert Seacord}} (video, 47:10)
  • [https://www.fedscoop.com/radio/robert-seacord-on-the-intersection-of-devops-and-security/ Robert Seacord on the intersection of DevOps and security] (audio, 14:39)
  • [https://dev-videos.com/videos/cjQQCrQ_wvs/AppSec-EU-2017-Dangerous-Optimizations-And-The-Loss-Of-Causality-by-Robert-C--Seacord Dangerous Optimizations And The Loss Of Causality] (video, 45:05)
  • {{YouTube|id=1ew0GvB3NpE|title=CERT® Secure Coding Initiative}} (video, 4:30)
  • [https://www.nccgroup.trust/globalassets/our-research/us/public-reports/2016/march/security_assessment_2016_01_25v2.pdf osquery Application Security Assessment Public Report] (public report commissioned by Facebook, March 2016)

{{Authority control}}

{{DEFAULTSORT:Seacord, Robert}}

Category:People from New York (state)

Category:1963 births

Category:Living people

Category:American technology writers

Category:Writers about computer security

Category:Computer security specialists

Category:Rensselaer Polytechnic Institute alumni