Charles Wilson
https://linkedin.com/in/charleswilson
charles.wilson@gmail.com
[Charles Wilson résumé PDF]
Principal Engineer
I research and develop technology. My current area of focus is cybersecurity. The OS doesn’t matter (bare metal, embedded, Linux, Macintosh, Windows.) I spend most of my time in the places in-between. Between development and marketing, developers and build systems, OS and application, application and user interface, technology and practitioner. I’ve participated in international standards bodies; investigated and researched emerging technologies; expanded development and infrastructure departments. I’ve managed multiple releases of a commercial products and led development teams.
Education
- Machine Learning Specialization (7/2019)
- Machine Learning: Clustering & Retrieval (5 – 7/2019)
- Machine Learning: Classification, Coursera (2 – 4/2019)
- Machine Learning: Regression, Coursera (10 – 12/2018)
-
Machine Learning Foundations: A Case Study Approach, Coursera (8 – 9/2018)
- Stanford Cryptography I, Coursera (12/2017)
- CERT Secure Coding in C and C++, CERT Online (3/2016)
- CERT Secure Software Concepts, CERT Online (3/2016)
-
Intro to LaTeX, Portland Community College (Winter 2014)
- General Game Playing, Coursera (9 – 12/2013)
- Internet History, Technology, and Security, Coursera (6 – 8/2013)
- Databases, Stanford Online (10 – 12/2011)
- Machine Learning, Stanford Online (10 – 12/2011)
- MS in Electrical Engineering, Rose-Hulman Institute of Technology (1994)
Thesis: Aardvark: A Highly Virus-Resistant Computer Architecture [PDF] - BS in Computer Science, Rose-Hulman Institute of Technology (1984)
Professional Experience
Motional, Boston MA (12/2019 – current) Senior Principal Engineer, Cybersecurity Development Lifecycle Practice Lead
[AV group spun out from Aptiv / Hyundai-Aptiv Autonomous Driving Joint Venture]
Lifecycle Practice:
- Served as Autonomous Vehicle Cybersecurity Development Lifecycle Practice Lead
- Created a cybersecurity development lifecycle capable of satisfying ISO/SAE 21434 and UNECE WP.29 R155, and overlaying ISO 12207 / 15288 [https://github.com/nutonomy/AVCDL]
- Served as editor and advisor to cybersecurity SMEs providing AVCDL secondary process documents
- Worked with certification body to validate efficacy of AVCDL for tailoring toward certification
- Developed a visual design language for use in cybersecurity process documentation
- Created a vendor Cybersecurity Interface Agreement (CIA) framework and associated guidance document
- Adapted the MDS2 for use in the AV space
- Participated in cybersecurity requirements development based on my cybersecurity taxonomy-based gap analysis
- Designed a taxonomy for cybersecurity requirements allowing for effective gap analysis
- Performed gap analysis of cybersecurity requirements
Leadership / Cross-team:
- Participated in the efforts toward submission of multiple cybersecurity-related patent applications
- Created and gave a presentation on the application of threat modeling tools to the issue of privacy
- Mentored junior team members
- Work with cybersecurity management and project management to develop group schedule
- Worked with safety, systems, project management and development toward adoption of the AVPDL
- Created and gave multiple presentations to educate other teams and management on various aspects of cybersecurity
- Worked with safety group to ensure a coordinated development process
Industry Participation:
- Created and presented a course on cybersecurity metrics for a joint Auto-ISAC / NHTSA training project
- Co-chaired SAE TEVEES183A3 (maturity model for ISO/SAE 21434)
- Worked on the team which provided official SAE feedback to NHTSA’s cybersecurity guidance
- Created summaries of cybersecurity-related ISO standards under development
- Twice served on joint MDIC / FDA / MITRE threat modeling bootcamp training staff
- Member of the ISO/SAE 21434 committee (USTAG)
- Member of the ISO C and C++ committees
- Member of OASIS SARIF working group
Dräger Medical Systems, Andover MA (10/2016 – 12/2019) Senior Architect
- Designed a decentralized multicast cryptography system usable by highly-constrained embedded systems
- Served as Infinity product line security architect
- Served as cyber security subject matter expert
- Served as C/C++ subject matter expert
- Led the effort to perform a modern threat modeling across the entire product line
- Trained and mentored threat modeling facilitators
- Designed and oversaw the refit of a conference room for use in threat modeling efforts
- Created and presented (multiple times) a 2 hour software security fundamentals class for managers and software developers
- Created and presented an 8 hour threat modeling class for software developers and risk managers
- Designed and led an effort to do modern threat modeling on company products
- Designed and led an effort to move code signing to a self-contained, FIPS-compliant, HSM-based system
- Mentored junior developers and interns
- Led an effort to uplift 3M lines of C89 / C++98 code to C11 / C++11
- Member of the ISO C and C++ committee
- Chair of ISO JTC1 SC22 WG14 TS17961 (Safe and Secure C)
- Subject matter expert to legal department on open source library integration
- Created and presented (multiple times) a 15 hour Python class for software developers
- Created and presented (multiple times) a 15 hour C++14/17 jumpstart class for C developers
- Created and presented (multiple times) a 15 hour C++14/17 advanced class for C++03 developers
- Championed modern secure software development practices
- Championed open source software best practices
- Championed adoption and use of C++14/17
- Wrote code to support Windows-specific cryptographic operations (C++)
- Designed and led an effort to move a 20 year old Sun SPARCstation-based Unix cluster to a virtualized environment capable of producing binary-identical programs
Dell, Round Rock TX, Portland OR (5/2010 – 5/2016) Principal Software Engineer
[Portland office closed 5/2016]
- Created threat model and remediation recommendations for the Windows version of Fluid Cache
- Coordinated and tracked use of open source libraries
- Designed and implemented the security framework for the Windows version of Fluid Cache
- Provided guidance to local and remote junior developers
- Served as subject matter expert for ongoing Fluid Cache SNMP sub-agent (Linux/Windows)
- Ported Fluid Cache process manager service to Windows (C on Linux/Windows)
- Designed and implemented a methodology to adapt Linux daemons to Windows services
- Designed and implemented a methodology to allow for efficient cross-platform (Linux/Windows) development and ease of exploration of and migration to new tool chains and open source/third-party components
- Designed and implemented a methodology to allow Dell’s Fluid Cache product to segregate privileged operations (C on Linux) [privilege bracketing]
- Designed and implemented a high-resolution log to act as a black box for Fluid Cache (C on Linux)
- Designed and implemented an SNMP sub-agent for Fluid Cache (C on Linux)
- Developed cross-platform (Windows/Linux) software in C++ (with boost and Xerces) that abstracts device protocols (SNMP, ICMP, IPMI, WSMan, SSH, etc.) so that Dell’s device management software can focus on managing devices (C++ on Windows/Linux)
- Led the effort to replace the use of the pre-STL RogueWave in a 500K line C++ code base with C++ standard library and boost (C++ on Windows)
- Designed and implemented an SSH protocol plug-in and associated mapper to discover and inventory linux systems (C++ on Windows)
- Designed and implemented remote execution support to our WSMan protocol plug-in to monitor servers
- Authored a 70-page white paper on using the Jenkins continuous build system
- Authored a white paper on parallel software development using branches and subversion
- Authored a white paper on performing code coverage analysis with Visual Studio 2012
- Led the effort to use modern C++11 in Dell’s Open Manage Essentials product
- Championed software development, source code control and build and security best practices
ESLX / XtremeEDA, Austin TX (3/2007 – 5/2009) Senior Consultant
[Austin office closed 5/2009]
- Designed and implemented CPU simulators (C++ with STL, boost and SystemC on Linux/Windows/MacOS)
- Developed and presented training for C++, SystemC and TLM 2
- Participated in and developed code for the OSCI SystemC language and TLM 2 standards bodies
- Participated in the establishment of coding standards within company
Wireless Computing, Austin TX (5/2002 – 2/2007) Senior Software Engineer (VP of Engineering)
- Designed and implemented software for wireless devices (C/ASM on PIC/TMS)
- Designed and implemented protocols (RF,USB,PS/2,serial)
- Co-designed and developed long-range wireless RF-based hardware (encrypted keyboards, USB and PS/2 receivers, handheld and wireless mice, presentation remotes)
Veriprise Wireless, Austin TX (10/2000 – 3/2001) Research Scientist
[company folded 3/2001]
- Investigated cross-platform C++ development environments (Windows/Linux)
- Investigated VoiceXML development environments for use with wireless devices
Altamira Group, Burbank CA (6/1999 – 9/2000) Chief Software Architect (VP of Technology)
- Designed a distributed image scaling system (C++ on Windows/Linux)
- Designed and implemented the Canto Cumulus STiNG file format plug-in (C++ on MacOS)
- Served as Director of Development over development and IS operations
Metrowerks, Austin TX (9/1995 – 5/1999) Version Control Systems Architect (Product Engineering Manager)
- Designed and implemented Visual SourceSafe for Macintosh (C++ on MacOS)
- Designed the CodeWarrior IDE version control plug-in API
- Coordinated third party CodeWarrior version control plug-in efforts
- Managed six releases of Visual SourceSafe for Macintosh (C++)
- Managed several CodeWarrior IDE (C++) embedded products (m*Core/SH)
- Managed the CodeWarrior ClearCase version control plug-in development
Great Plains Software, Fargo ND (12/1993 – 9/1995) Senior Product Analyst
- Served as Macintosh technical lead
- Designed and implemented Windows 95 UI to Dexterity (database development system)
- Designed and implemented Macintosh AOCE support for Great Plains Dexterity (C on MacOS)
- Ported Great Plains Dexterity to the Power Macintosh (C on MacOS)
The Dreamers Guild, Northridge CA (6/1991 – 9/1992) Project Manager (COO)
- Managed game development projects
- Consulted on UI issues
Tri-Data Systems, Santa Clara CA (4/1989 – 8/1990) User Interface Designer
- Redesigned and implemented the UI of an IBM 3270 terminal emulator Mac3270 (C on MacOS)
- Designed and implemented a keyboard remapping utility for Mac3270 (C on MacOS)
- Developed a multi-programmer code management system (Macintosh/MPW)
Qubix Graphic Systems, San Jose CA (5/1987 – 4/1989) Software Engineer
[company folded 4/1989]
- Designed and implemented the Leonardo Macintosh UI [technical illustration product] (C on MacOS)
- Redesigned the Sun user interface of Leonardo
- Redesigned and implemented a vector font editor to allow for Kanji fonts (C on Unix)
- Designed and implemented a program to convert low resolution raster Kanji fonts to vector format
- Redesigned and implemented the user interface of the internal text editor (C on Unix)
Volt Information Sciences / Autologic, Los Angeles CA (7/1985 – 5/1987) Engineer
- Implemented the graphic editor of the photocomposition product Microcomposer (C/x86/PLM on NGEN)
- Designed and implemented a GICL assembler/disassembler to expedite new typesetter feature testing
- Designed and implemented a process to migrate and catalog font information from legacy hardware
- Designed a network cable to enable dynamic RS-422 termination
- Served as Systems Manager for a government electronic publishing system benchmark (600S)
General Electric, Valley Forge PA (3/1984 – 6/1985) Applications Programmer
- Implemented scientific applications (FORTRAN on IBM 370)
- Redesigned and implemented a PDL analysis program (FORTRAN on Convergent NGEN)
- Collaborated on the Space Systems Division/DSRM portable operating systems IR&D
- Collaborated on the DSRM Communication Protocol Optimization and Conversion Blue Ribbon IR&D
Contract Experience
- Designed a DVD vending kiosk for Videodisgo [2004]
- Designed the UI for a cross-platform configuration utility for AMD (Palm OS/WinCE) [2003]
- Co-designed and implemented the SXSW schedule application (C/PHP/MySQL on Palm OS) [2002-2005]
- Designed and implemented a new RF technology demonstration (C on Palm OS/Windows) [2001-2002]
- Designed and implemented Alpha Phi Omega national web site apo.org (HTML/CSS/PHP/MySQL) [2001]
- Designed and implemented a CodeWarrior CVS plug-in (C++ on Windows/MacOS) [1999-2000]
- Designed and implemented a Hell scanner system Macintosh interface (C on MacOS) [1991-1993]