U.S. Flag Official website of the Department of Homeland Security

Note: This page is part of the us-cert.gov archive.This document is part of the US-CERT website archive. These documents are no longer updated and may contain outdated information. Links may also no longer function. Please contact info@us-cert.gov if you have any questions about the US-CERT website archive.

TLP:WHITE

C.C. Michael

Dr. Michael holds a technical staff position at Cigital as a Senior Research Scientist. Dr. Michael's areas of research include automated software analysis and intrusion prevention. Dr. Michael has led numerous government-funded research projects in software mutation analysis, information system intrusion detection, malicious code detection, and failure prediction.

Dr. Michael designed and implemented the mutation analysis algorithms used in Cigital's commercial product WhiteBox. He developed a simple and flexible interface language for specifying how code is mutated by WhiteBox, as well as schema-based methods for runtime mutant evaluation. Dr. Michael also developed a significant portion of the source-code processing methods in the original release of WhiteBox, as well as the parse-based fault injection system sAM, which is an extension of the system used in WhiteBox. The latter system is designed to allow arbitrary schema-based modifications of source code to be generated from abstract specifications. This system is to be used in the compile-time injection of textual faults into programs and the run-time injection of data-state and timing faults. The system has also been used to generate code that reports coverage statistics on itself.

Dr Michael received his PhD from the College of William and Mary in 1994, where he studied theoretical machine learning.

Articles

Namesort descending Content Areas
Black Box Security Testing Tools Tools/Black Box Testing
Complete Mediation Knowledge/SDLC Process
Defense in Depth Knowledge/SDLC Process
Risk-Based and Functional Security Testing Best Practices/Security Testing
Source Code Analysis Tools - Business Case Tools/Source Code Analysis
Source Code Analysis Tools - Overview Tools/Source Code Analysis
Back to Top