• Home
  • Book Reviews
  • Companies
  • Learning
  • Open Source
  • Projects
  • Skills

Charles Wilson's Blog

How deep is the river?

Feeds:
Posts
Comments

Résumé

Charles Wilson

https://linkedin.com/in/charleswilson
charles.wilson@gmail.com
[Charles Wilson résumé PDF]

Principal Engineer

I research and develop technology. My current area of focus is cybersecurity. The OS doesn’t matter (bare metal, embedded, Linux, Macintosh, Windows.) I spend most of my time in the places in-between. Between development and marketing, developers and build systems, OS and application, application and user interface, technology and practitioner. I’ve participated in international standards bodies; investigated and researched emerging technologies; expanded development and infrastructure departments. I’ve managed multiple releases of a commercial products and led development teams.

Education

  • Machine Learning Specialization (7/2019)
  • Machine Learning: Clustering & Retrieval (5 – 7/2019)
  • Machine Learning: Classification, Coursera (2 – 4/2019)
  • Machine Learning: Regression, Coursera (10 – 12/2018)
  • Machine Learning Foundations: A Case Study Approach, Coursera (8 – 9/2018)

  • Stanford Cryptography I, Coursera (12/2017)
  • CERT Secure Coding in C and C++, CERT Online (3/2016)
  • CERT Secure Software Concepts, CERT Online (3/2016)
  • Intro to LaTeX, Portland Community College (Winter 2014)

  • General Game Playing, Coursera (9 – 12/2013)
  • Internet History, Technology, and Security, Coursera (6 – 8/2013)
  • Databases, Stanford Online (10 – 12/2011)
  • Machine Learning, Stanford Online (10 – 12/2011)
  • MS in Electrical Engineering, Rose-Hulman Institute of Technology (1994)
    Thesis: Aardvark: A Highly Virus-Resistant Computer Architecture [PDF]
  • BS in Computer Science, Rose-Hulman Institute of Technology (1984)

Professional Experience

Motional, Boston MA (12/2019 – current) Senior Principal Engineer, Cybersecurity Development Lifecycle Practice Lead
[AV group spun out from Aptiv / Hyundai-Aptiv Autonomous Driving Joint Venture]

Lifecycle Practice:

  • Served as Autonomous Vehicle Cybersecurity Development Lifecycle Practice Lead
  • Created a cybersecurity development lifecycle capable of satisfying ISO/SAE 21434 and UNECE WP.29 R155, and overlaying ISO 12207 / 15288 [https://github.com/nutonomy/AVCDL]
  • Served as editor and advisor to cybersecurity SMEs providing AVCDL secondary process documents
  • Worked with certification body to validate efficacy of AVCDL for tailoring toward certification
  • Developed a visual design language for use in cybersecurity process documentation
  • Created a vendor Cybersecurity Interface Agreement (CIA) framework and associated guidance document 
  • Adapted the MDS2 for use in the AV space
  • Participated in cybersecurity requirements development based on my cybersecurity taxonomy-based gap analysis
  • Designed a taxonomy for cybersecurity requirements allowing for effective gap analysis
  • Performed gap analysis of cybersecurity requirements

Leadership / Cross-team:

  • Participated in the efforts toward submission of multiple cybersecurity-related patent applications
  • Created and gave a presentation on the application of threat modeling tools to the issue of privacy
  • Mentored junior team members
  • Work with cybersecurity management and project management to develop group schedule
  • Worked with safety, systems, project management and development toward adoption of the AVPDL
  • Created and gave multiple presentations to educate other teams and management on various aspects of cybersecurity
  • Worked with safety group to ensure a coordinated development process

Industry Participation:

  • Created and presented a course on cybersecurity metrics for a joint Auto-ISAC / NHTSA training project
  • Co-chaired SAE TEVEES183A3 (maturity model for ISO/SAE 21434)
  • Worked on the team which provided official SAE feedback to NHTSA’s cybersecurity guidance
  • Created summaries of cybersecurity-related ISO standards under development
  • Twice served on joint MDIC / FDA / MITRE threat modeling bootcamp training staff
  • Member of the ISO/SAE 21434 committee (USTAG)
  • Member of the ISO C and C++ committees
  • Member of OASIS SARIF working group

Dräger Medical Systems, Andover MA (10/2016 – 12/2019) Senior Architect

  • Designed a decentralized multicast cryptography system usable by highly-constrained embedded systems
  • Served as Infinity product line security architect
  • Served as cyber security subject matter expert
  • Served as C/C++ subject matter expert
  • Led the effort to perform a modern threat modeling across the entire product line
  • Trained and mentored threat modeling facilitators
  • Designed and oversaw the refit of a conference room for use in threat modeling efforts
  • Created and presented (multiple times) a 2 hour software security fundamentals class for managers and software developers
  • Created and presented an 8 hour threat modeling class for software developers and risk managers
  • Designed and led an effort to do modern threat modeling on company products
  • Designed and led an effort to move code signing to a self-contained, FIPS-compliant, HSM-based system
  • Mentored junior developers and interns
  • Led an effort to uplift 3M lines of C89 / C++98 code to C11 / C++11
  • Member of the ISO C and C++ committee
  • Chair of ISO JTC1 SC22 WG14 TS17961 (Safe and Secure C)
  • Subject matter expert to legal department on open source library integration
  • Created and presented (multiple times) a 15 hour Python class for software developers
  • Created and presented (multiple times) a 15 hour C++14/17 jumpstart class for C developers
  • Created and presented (multiple times) a 15 hour C++14/17 advanced class for C++03 developers
  • Championed modern secure software development practices
  • Championed open source software best practices
  • Championed adoption and use of C++14/17
  • Wrote code to support Windows-specific cryptographic operations (C++)
  • Designed and led an effort to move a 20 year old Sun SPARCstation-based Unix cluster to a virtualized environment capable of producing binary-identical programs

Dell, Round Rock TX, Portland OR (5/2010 – 5/2016) Principal Software Engineer

[Portland office closed 5/2016]

  • Created threat model and remediation recommendations for the Windows version of Fluid Cache
  • Coordinated and tracked use of open source libraries
  • Designed and implemented the security framework for the Windows version of Fluid Cache
  • Provided guidance to local and remote junior developers
  • Served as subject matter expert for ongoing Fluid Cache SNMP sub-agent (Linux/Windows)
  • Ported Fluid Cache process manager service to Windows (C on Linux/Windows)
  • Designed and implemented a methodology to adapt Linux daemons to Windows services
  • Designed and implemented a methodology to allow for efficient cross-platform (Linux/Windows) development and ease of exploration of and migration to new tool chains and open source/third-party components
  • Designed and implemented a methodology to allow Dell’s Fluid Cache product to segregate privileged operations (C on Linux) [privilege bracketing]
  • Designed and implemented a high-resolution log to act as a black box for Fluid Cache (C on Linux)
  • Designed and implemented an SNMP sub-agent for Fluid Cache (C on Linux)
  • Developed cross-platform (Windows/Linux) software in C++ (with boost and Xerces) that abstracts device protocols (SNMP, ICMP, IPMI, WSMan, SSH, etc.) so that Dell’s device management software can focus on managing devices (C++ on Windows/Linux)
  • Led the effort to replace the use of the pre-STL RogueWave in a 500K line C++ code base with C++ standard library and boost (C++ on Windows)
  • Designed and implemented an SSH protocol plug-in and associated mapper to discover and inventory linux systems (C++ on Windows)
  • Designed and implemented remote execution support to our WSMan protocol plug-in to monitor servers
  • Authored a 70-page white paper on using the Jenkins continuous build system
  • Authored a white paper on parallel software development using branches and subversion
  • Authored a white paper on performing code coverage analysis with Visual Studio 2012
  • Led the effort to use modern C++11 in Dell’s Open Manage Essentials product
  • Championed software development, source code control and build and security best practices

ESLX / XtremeEDA, Austin TX (3/2007 – 5/2009) Senior Consultant

[Austin office closed 5/2009]

  • Designed and implemented CPU simulators (C++ with STL, boost and SystemC on Linux/Windows/MacOS)
  • Developed and presented training for C++, SystemC and TLM 2
  • Participated in and developed code for the OSCI SystemC language and TLM 2 standards bodies
  • Participated in the establishment of coding standards within company

Wireless Computing, Austin TX (5/2002 – 2/2007) Senior Software Engineer (VP of Engineering)

  • Designed and implemented software for wireless devices (C/ASM on PIC/TMS)
  • Designed and implemented protocols (RF,USB,PS/2,serial)
  • Co-designed and developed long-range wireless RF-based hardware (encrypted keyboards, USB and PS/2 receivers, handheld and wireless mice, presentation remotes)

Veriprise Wireless, Austin TX (10/2000 – 3/2001) Research Scientist

[company folded 3/2001]

  • Investigated cross-platform C++ development environments (Windows/Linux)
  • Investigated VoiceXML development environments for use with wireless devices

Altamira Group, Burbank CA (6/1999 – 9/2000) Chief Software Architect (VP of Technology)

  • Designed a distributed image scaling system (C++ on Windows/Linux)
  • Designed and implemented the Canto Cumulus STiNG file format plug-in (C++ on MacOS)
  • Served as Director of Development over development and IS operations

Metrowerks, Austin TX (9/1995 – 5/1999) Version Control Systems Architect (Product Engineering Manager)

  • Designed and implemented Visual SourceSafe for Macintosh (C++ on MacOS)
  • Designed the CodeWarrior IDE version control plug-in API
  • Coordinated third party CodeWarrior version control plug-in efforts
  • Managed six releases of Visual SourceSafe for Macintosh (C++)
  • Managed several CodeWarrior IDE (C++) embedded products (m*Core/SH)
  • Managed the CodeWarrior ClearCase version control plug-in development

Great Plains Software, Fargo ND (12/1993 – 9/1995) Senior Product Analyst

  • Served as Macintosh technical lead
  • Designed and implemented Windows 95 UI to Dexterity (database development system)
  • Designed and implemented Macintosh AOCE support for Great Plains Dexterity (C on MacOS)
  • Ported Great Plains Dexterity to the Power Macintosh (C on MacOS)

The Dreamers Guild, Northridge CA (6/1991 – 9/1992) Project Manager (COO)

  • Managed game development projects
  • Consulted on UI issues

Tri-Data Systems, Santa Clara CA (4/1989 – 8/1990) User Interface Designer

  • Redesigned and implemented the UI of an IBM 3270 terminal emulator Mac3270 (C on MacOS)
  • Designed and implemented a keyboard remapping utility for Mac3270 (C on MacOS)
  • Developed a multi-programmer code management system (Macintosh/MPW)

Qubix Graphic Systems, San Jose CA (5/1987 – 4/1989) Software Engineer

[company folded 4/1989]

  • Designed and implemented the Leonardo Macintosh UI [technical illustration product] (C on MacOS)
  • Redesigned the Sun user interface of Leonardo
  • Redesigned and implemented a vector font editor to allow for Kanji fonts (C on Unix)
  • Designed and implemented a program to convert low resolution raster Kanji fonts to vector format
  • Redesigned and implemented the user interface of the internal text editor (C on Unix)

Volt Information Sciences / Autologic, Los Angeles CA (7/1985 – 5/1987) Engineer

  • Implemented the graphic editor of the photocomposition product Microcomposer (C/x86/PLM on NGEN)
  • Designed and implemented a GICL assembler/disassembler to expedite new typesetter feature testing
  • Designed and implemented a process to migrate and catalog font information from legacy hardware
  • Designed a network cable to enable dynamic RS-422 termination
  • Served as Systems Manager for a government electronic publishing system benchmark (600S)

General Electric, Valley Forge PA (3/1984 – 6/1985) Applications Programmer

  • Implemented scientific applications (FORTRAN on IBM 370)
  • Redesigned and implemented a PDL analysis program (FORTRAN on Convergent NGEN)
  • Collaborated on the Space Systems Division/DSRM portable operating systems IR&D
  • Collaborated on the DSRM Communication Protocol Optimization and Conversion Blue Ribbon IR&D

Contract Experience

  • Designed a DVD vending kiosk for Videodisgo [2004]
  • Designed the UI for a cross-platform configuration utility for AMD (Palm OS/WinCE) [2003]
  • Co-designed and implemented the SXSW schedule application (C/PHP/MySQL on Palm OS) [2002-2005]
  • Designed and implemented a new RF technology demonstration (C on Palm OS/Windows) [2001-2002]
  • Designed and implemented Alpha Phi Omega national web site apo.org (HTML/CSS/PHP/MySQL) [2001]
  • Designed and implemented a CodeWarrior CVS plug-in (C++ on Windows/MacOS) [1999-2000]
  • Designed and implemented a Hell scanner system Macintosh interface (C on MacOS) [1991-1993]

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to email a link to a friend (Opens in new window)

Like this:

Like Loading...

  • February 2023
    S M T W T F S
     1234
    567891011
    12131415161718
    19202122232425
    262728  
    « Jun    
  • Archives

    • June 2021 (3)
    • August 2020 (1)
    • October 2019 (1)
    • September 2019 (3)
    • May 2019 (1)
    • January 2019 (1)
    • December 2018 (3)
    • October 2018 (1)
    • August 2018 (1)
    • July 2018 (2)
    • May 2018 (1)
    • April 2018 (2)
    • March 2018 (2)
    • February 2018 (1)
    • December 2017 (2)
    • October 2017 (2)
    • September 2017 (1)
    • July 2017 (1)
    • June 2017 (3)
    • May 2017 (1)
    • September 2016 (2)
    • August 2016 (2)
    • June 2016 (1)
    • May 2016 (3)
    • March 2016 (1)
    • January 2016 (1)
    • December 2015 (2)
    • October 2015 (1)
    • September 2015 (2)
    • March 2015 (2)
    • January 2015 (1)
    • November 2014 (1)
    • October 2014 (1)
    • September 2014 (1)
    • July 2014 (1)
    • March 2014 (2)
    • February 2014 (1)
    • January 2014 (1)
    • August 2013 (2)
    • June 2013 (2)
    • January 2013 (1)
    • November 2012 (3)
    • August 2012 (1)
    • July 2012 (6)
    • June 2012 (6)
    • May 2012 (2)
    • April 2012 (1)
    • February 2011 (1)
    • October 2009 (1)
    • October 2005 (1)

Blog at WordPress.com.

WPThemes.


  • Follow Following
    • Charles Wilson's Blog
    • Join 62 other followers
    • Already have a WordPress.com account? Log in now.
    • Charles Wilson's Blog
    • Customize
    • Follow Following
    • Sign up
    • Log in
    • Copy shortlink
    • Report this content
    • View post in Reader
    • Manage subscriptions
    • Collapse this bar
%d bloggers like this: