Gray Girling

(Tailored Curriculum Vitae on request: Tel: 01223 561817, Email: cgg@cantab.net)

Personal details:

Dr C Gray Girling, married, two children
Address: Fulbourn, Cambridge, UK
Web: http://www.gdkc.homeip.net/work/

Gray is an experienced and well-regarded computing system designer and a network security researcher who has worked at its cutting edge.  He is versatile and flexible - as happy writing embedded C software near to the software/hardware boundary as specifying protocols or creating distributed security architectures. Experienced at providing constructive criticism he enjoys any mix of academic supervision & review, design, documentation and programming. With an enquiring nature Gray is always interested in applying new technology and methods. A friendly and positive attitude makes him an excellent team player who also has the capacity to work independently.

Education:

Cambridge University, Ph.D. in Computer Science (Authentication in Computer networks)

Imperial College of Science and Technology B.Sc.(Eng) in Computer Science (2.1)

Professional status:

Chartered Engineer (C.Eng.)
Chartered IT Professional (CITP)
Member of British Computer Society (MBCS)
Associate of City and Guilds Institute (ACGI)

Areas of expertise (these are summarized below the following Employment section ):

Software Engineering (System, Embedded & Application programming)
Computer system security
 Project management
LAN and WAN networking, protocol design and implementation
Hardware design
Security and communications (OSI) related standardization
Open Distributed Processing standardization
Formal requirements specification
Academic

Quick Summary of Recent Employment

Solarflare Communications

Conexant

AT&T Research

Employment:

Solarflare Communications/
Level 5 Ltd (from Jan 2005)

Designer and implementer of the control plane for the "onload" (shared user/kernel mode) accelerated TCP/IP protocol stack provided to support Solarflare ethernet controllers.  
This was a multi-platform modular revision of a previous ad-hoc implementation that noticably reduced maintenance requirements.  The stack switches, as infrequently as possible, between user-mode and kernel-mode executoin - the main technical challenge was to minimise any additional switching.

Co-designer and Implementer of a multi-platform (Linux, Windows, Solaris) configuration utility used to provide runtime per-application "onload" acceleration parameterization.

Attended OSR course "Writing WDM Kernel Mode Drivers" and provided control plane and configuration support to "online" over Windows NDIS driver. Packaged "onload" interface for the Solarflare iScsi driver.  Specified new architecture for Solarflare drivers for use on Windows and Linux.

Author of a security review of the "onload" architecture.
The review summarized a number of recommendations and defined relevant work items to improve software integrity.

Designer and maintainer of the test infrastructure used in Solarflare to define test cases & their testing environment and to create and execute compound test cases scheduled in a number of different ways.
Over one thousand test cases are now assembled in a single utility "snapper" and their execution in a regression suite is one of the most significant outputs of the Cambridge software team.  It is used thousands of times daily. The extensible infrastructure flexibly supports tests that can use a number of different interfaces provided at specific test points.  The way the interfaces are specified, in stacked implementations, is interpreted at run time so that the same test cases can be used in a wide variety of different test rigs.

Specified requirements for management protocol implementation in Solarflare's new "Siena" 10G/s Ethernet NIC.  

Implementer and tester of the DTMF's Network Controller - Sideband Interface (NC-SI) NIC management protocol which executes in an embedded MIPS processor (both client and server side).

Designer and implementer of a simple closure-based interpreted programming language "FTL" aimed at providing script-level access to C APIs.
This language was embedded into a number of command line utilities and has since been released from the code base under its own BSD license.

Implementer of utilities
to configure the "onload" control plane,
to access a wide variety of "virtual channel" implementation details at run time,
to retrieve and print out live NIC hardware state and registers,
to debug the embedded Management CPU (MCPU), and
to exercise NC-SI implementations.  

Implementer of various test cases
reception functionality, hardware integrity, MCPU debug, NC-SI protocol, NIC register specification checking.

Conexant/
GlobespanVirata (from Jul 2002)

Software activities at Conexant all involve direct interaction with licensees and internal staff through a web-based defect tracking system, use of a source control system (CVS), software development in the context of ISO 9001 procedures, and relatively rigid target specification and review management.

Primary maintainer of the embedded operating system at the heart of Conexant's line of ADSL silicon.
The "Quantum" kernel for Integrated Systems on Silicon software typically operates on an ARM in a dual-processor (master-slave) configuration. Some involvement with a port of the abstraction layer to a MIPS-based hardware base, to a Linux kernel environment, and to a emulated ARM simulated hardware base.

Operating system development through consensual local "interest group" meetings.
Implemented process-priority-inheritance-from-message-priority for better performance of QoS (Quality of Service) streams in the protocol stack. Implemented an alternative "interrupt" abstraction interface to allow gradual migration from legacy scheme to one involving process-based servicing, to reduce processor interrupt latency and to facilitate better control of QoS. Provided a process "service class" abstraction in Quantum to represent priorities and their alternatives.

Technical management of (Russian) contractors providing a port of Conexant's operating system and utilities to the "VxWorks" embedded kernel.

Technical lead in the multi-national team that produced a port of Conexant's operating system and utilities to the Windows CE.Net operating system (version 4.2).
This port subsequently became a product.  This port was the frist time the software had been used over a kernel with dynamic page mapping, and several intersting challenges were succesfully addressed.

Extended an embedded O/S system-object database to incorporate the limited multiple-inheritance of object attributes
All named objects in Quantum (such as tasks, semaphores, interfaces) have a set of associated attributes - this enabled the composition of objects from several more basic ones.

Developed an upwards compatible stream-based inter-process communication interface that can be used in operating systems using memory protection domains.

Author and presenter of the central contribution for a set of courses about porting Conexant software to other operating systems for external users.

Cotares Ltd (from Apr to Jul 2002)

Involved, as one of the founders, with the set-up of this consulting and research company specializing in wireless networks and vehicle information systems.  (Accepted a position elsewhere just prior its becoming a limited company.)

AT&T Laboratories Cambridge/
Olivetti and Oracle Research Laboratory/
Olivetti Research Laboratory (from Sep 1994 to Apr 2002)

PhD examiner of distributed media streams and storage project (using Olivetti "ATMOS" hardware and software) .

Security PhD supervisor contributing to a series (2) of PhDs on Location Information security (over the period): one concerning anonymity within a location sensing network and the other concerning location information confidentiality beyond such a network. 

4th year B.A. supervisor of a project involving the pragmatic use of existing tools for the construction of a secure voice-over-IP system.

Initial design of Muti-Protocol Label Switching (MPLS) network gateway to "Ethernet Virtual Circuits" using an Intel IXP 1200 processor using Columbia University's "netbind" software (involves ARM Linux).

Consumer broadband - Internet TV to home - project.  This included writing a Linux ATM network driver and substantially improving an Ethernet one.
Liaised with AT&T Labs in Florham Park, New Jersey - port Linux to Banyan (IDT 79RC32355)/Datapath ATM switch.  The Banyan chip was commissioned for this project.

"EEK" real-time embedded operating system (RTOS) design & implementation (C/assembler) including portable kernel, memory management, streams, accurate timer service, event mechanism, portable interrupt mechanism; documentation and user support, ports to Toshiba TLCS microprocessor and ARM and strong-ARM hardware platforms.  Development environment creation, including the system specification tool.
This operating system and its development environment was used by a number of research projects at AT&T including the following.

Leader of a small team implementing Prototype Embedded Network (PEN) pico-radio network systems - low power ad-hoc networking with no "base" station - design & implementation (in C) of protocols - all in "EEK".

Web CGI interface to daily sensor network readings compiled by PEN nodes (HTML/shell /expect/perl scripts & C).

"Quiver" compact Prolog-like language design, specification and implementation (in C) for program and data migration between embedded computer nodes + LINDA implementation for event communication.  Ports to Linux, ARM embedded system and Toshiba microcontroller.

Design and implementation (in C) of Linux Ethernet (ATM LAN Emulation) driver for Virata ATM protocol processor Network Interface Card (NIC).

Monitor ROMs (c.f. "BIOS") for various ARM-based hardware platforms and support for EEPROM & flash filing system, remote debugging (ATM protocol), ATM support, booting from serial ROM (C/assembler).

ROM and ATMos remote debugging servers and Unix & Windows clients - ATM and PCI bus transport mechanisms - remote booting, breakpointing, register modification etc. (in C).

Internet (TCP/IP) protocol stack design and implementation (in C/C++) for "ATMOS" embedded operating system including related protocols: ICMP, UDP, RIP II; over AAL5 (ATM protocol) and over Ethernet; implementation of "MIB II" SNMP management information base.  
This was transferred to a spin-out company (Conexant/GlobespanVirata above) and became a core part of its product portfolio.

Integration of Xpress Transport Protocol (XTP) with TCP/IP (on ATMOS) and general protocol performance evaluation (C++).

Routine network maintenance of two ATM networks with about 150 nodes.

Documentation of "ATMOS" kernel and development environment and user support (Framemaker/Word/HTML).

Architecture Projects Management (from Oct 1992)

International standardization of normal two-party communications protocol is centred around "the OSI seven layer model" (ISO 7498).  Broader standardization to support more diverse communicatng sytems, for example involving remote procedure calls, falls under the banner of Open Distributed Processing (ODP).  APM ran the Advanced Network Systems Architecture (ANSA) project, the seminal source for the main architectural standard in this area (ISO 10746).

Business unit

Open Distributed Processing (ODP) Security Standardization (over six months) for Department of Trade and Industry (DTI) and British Standards Institute - Delivering Information Solutions to Customers (BSI/DISC) (standards contribution, ISO meeting attendance).

R&D in Advanced Communications technologies in Europe (RACE) II "Cassiopeia" project dealing with the application of ODP to the telecommunications industry (over eight months) for Cray Communications Ltd (programme evaluation and recommendations).

DTI Programme of Research on Conformance Testing (PROST) ODP scoping study (over seven months) - (report editor and contributor).
The framework and standards for testing OSI protocols was well established.  This report summarized the way in which a conformance testing framework can be developed for ODP standards.

Defence Research Agency (DRA) Technology Demonstrator - analysis of extant distributed security architectures (over three weeks) for DMR UK (consultancy report).


Research unit:

ANSA project work addressing the integration of heterogeneous distributed computing systems - in particular the design, as part of a team of 4, of an advanced properties "trader" based on extant database technology.
A trader enables clients to find remote services that match a formally defined specification.  This advanced trader would form a key part of a system that would be able to construct new service instances dynamically.

Perihelion Software - Cambridge Office (from 1991) 

I chaired the BSI committee advancing the Security Framework Standard (ISO 10181) in the UK (continuing for the whole period) for DTI & BSI. (Chairing committee, attendance at ISO meetings, submission of and comment on standards contributions.)
This is a "standard for standards" providing basic concepts and nomenclature for the most important security services and mechanisms, including confidentialy, integrity, access control, authentication, and auditing.  It is now referred to in a large number of security standards.  It is used in some computer security university courses.

"COMPOSITE" Commission of the European Communities (CEC) Security Investigations project - development of security architectures/principles for distributed computer systems (consultancy report writing).

Transputer based IED fault tolerant system demonstrator project - fault tolerance model (for six months) for DTI (consultancy report writing).

Analysis of security provision in "ITRON" radio-based wide area utilities servicing network (over 1 month) for a UK Utilities consortium (consultancy report writing).

Unix (SunOS) and Acorn RISC-OS system maintenance.

Topexpress (from 1985)

Advancement of the Security Framework (ISO 10181) Standard and the "seven layer model" security architecture (ISO 7498-2) in the UK.  Involvement in national, European and international standards creation (over three years) for DTI and BSI/DISC.

Computer security in distributed computer (Trusted NETwork) systems - various research (over six years) for the Communications-Electronics Security Group at Government Communications Headquarters (GCHQ) including: formal modelling of confidentiality; specification of a layered architecture for secure distributed systems; evaluation of US trusted computing standards; and, a demonstration of covert-channel capacity on LANs.
The US produced the first national criteria for evaluating the security of networked systems.  My covert-channel paper is one of its few references, and the only one authored in the UK.

"TopMail" extension - design of AppleTalk product extension to interwork with X.400 (over three months) for Topexpress.

Postscript drivers for word processors and "GCAL" mark-up language (in C).

Acorn Computers (from 1983)

Distributed mail server design and implementation (over 1 year) for Acorn

Cambridge University Computer Laboratory (from 1978)

Work at the computer lab revolved around the Cambridge Model Distributed System bult over a Local Area Network type that was an early competitor to the Ethernet and populated with a variety of client/server nodes that supported a distributed operating system, which eventually matured to provide a live service to students.
 
Distributed authentication and access control service design, implementation and maintenance (Thesis) (over the period) (BCPL, Z80 assembler).  
After a meeting with Paul Karger, a security contributor to X from MIT, the X consortium adopted some of the ideas in this thesis and consequently use "cookies" for authentication in the X windowing system, used in almost all *unix computers.

DTI Project "UNIVERSE" satellite network authentication experiment and demonstrations - including of low level Cambridge Ring protocols implementation (6502 assembler, BASIC) on Acorn BBC microprocessor (over the period).

"Gyp" debugging server together with a small networking operating system implementation (assembler) on Z80 (over 1 year).

Cambridge Distributed system maintenance, "TRIPOS" self-maintaining help system implementation (own mark-up language).

Implementation (BCPL) and maintenance of a set of microprocessor assemblers and linkers (over the period).

Extra-curricular activity:

Interests in travel, SCUBA diving, swimming, skiing, food, wine, films.

Home network with many PCs, inc. "TV PC", Linux security gateway,  IEEE 802.11n radio LAN.

"FTL" programming language.

Other details:

Familiar with a number of formal definition and programming languages.

Attendance at a number of computer security conferences.

Attendance at a large number of ISO (and some CEN/CENELEC) standards meetings.

Have published in the areas of network security, conformance assessment and low-power protocol design.

 

Summaries of Areas of Expertise

The following re-arranges some of the experience listed above under separate headings.

Software Engineering (System, Embedded & Application programming)

Flexible test case specification and execution framework for Solarflare Network Interface Controllers supporting multiple test points and interfaces.

Architecture, design and implementation of "FTL" simple closure-based interpreted language specializing in providing scripting and command line utilities from C APIs.

Co-design and implementation of the control plane for Solarflare "onload" (combined kernel/user-mode) NIC driver.

Per-application "onload" stack configuration management system.

FTL-based utilities for Solarflare control plane configuration, "onload" stack feature configuration, dynamic "onload" stack virtual channel data-structure access, direct access to NIC registers, management CPU remote access, and Network Control - Side-band Interface (NC-SI) NIC management protocol use.

"Quantum" extensible interrupt system, stream I/O system, scheduler enhancements for QoS.

Porting Operating System abstraction PI to Windows CE.Net and aiding port to VxWorks and Linux.

Installation of "netbind" modular switch on Intel IXP 1200 processor  (using ARM-Linux) for MPLS gateway.

Linux port + ATM driver for IDT ("Banyan") MIPS processor.

Embedded Environment Kernel "EEK" (and build environment) design & implementation including ports to various hardware bases.  EEK is a small message-based multitasking O/S based on the "µCos" kernel.

"ATMos" TCP/IP and related protocols, ATM and Ethernet design and implementation, maintenance (subsequently used as basis of commercial product).

ARM-based Monitor ROM modularization, implementation and porting - remote debugging, flash filing system, booting over ATM.

Linux LAN Emulation driver for Virata ATM protocol processor.

"TRIPOS" device drivers, tasks, utilities and maintenance.

Simple Z80 operating system implementation.

Familiar with a number of programming and scripting languages including object orientated ones.

Extensive microprocessor assembler programming.

At home: 6502 Wordstar style screen editor, Acorn "RISC-OS" modules, tools, paginators, WIMP code, BBC basic accountancy package, Microsoft Access/Visual Basic accountancy package  (in support of a business).

Computer system security

Implementation of distributed network security on the Cambridge Distributed Computing System

PhD in network Authentication

6 years designing secure Local Area Networks for CESG (part of GCHQ in the UK)

Developed wide variety of security mechanisms in ISO 10181 (ISO security frameworks standard)

Configuration & use of FreeSwan Linux IPSEC solution for home/work networking

Supervised 2 PhDs in Location Confidentiality & Access Control and 4th year project in Secure Voice over IP.

Analysed security vulnerabilities in Solarflare "onload" TCP

LAN and WAN networking, design and implementation

Ad-hoc Solarflare NIC Management CPU debug interface protocol clients.

Distributed Task Management Forum's Network Controller Side-band Interface (NC-SI) protocol client and server (for management of Solarflare's "Siena" NIC).

Protocol stack design for Prototype Embedded Network (PEN) radio-computer nodes including low-power MAC Protocol implementation over radio

"Quiver" design and implementation - Prolog-like modular interpreted language supporting migration in frequently partitioned networks

Remote debug and boot servers (Monitor ROM and ATMos) and clients (MS-DOS and Unix)

Early experience with "Cambridge Ring" systems and Project Universe satellite backbone LAN system

Authentication server and debugging server implementation (and associated applications)

6 years distributed system design with accent on security (as above)

TCP/IP and related protocols (e.g. ICMP, RIP II) implementation over ATM and Ethernet

Network and Application layer architecture from OSI standards

Development of fault tolerance model

Contribution to directly relevant Open Distributed Processing (ODP) standards

Application of ODP to Telecoms in "CASSIOPIEA" European project

Work in Advanced Network System Architecture (ANSA) programme (including federation with OMG's "CORBA")

Design of architecture for trusted distributed network systems

Involvement in ISO/IEC JTC1/SC21, the committee that defined the OSI "7-layer" model

Hardware Design

Outline of specification method appropriate for hardware implementation of layered protocols in VHDL

Initial VHDL specification and animation of MAC-symbol "layer" in FPGA to support low power radio nodes

Security and communications (OSI) related standardization

9 year involvement in ISO security standards (especially ISO 10181)

Attendance at ISO OSI (JTC1/SC21) meetings 1988 - 1994

Contribution to CEN/CENELEC taxonomy of security standards (to drive European work)

Analysis of various security criteria standards for government

Open Distributed Processing standardization

Contributions to BSI ODP panel improving ODP Reference Model

Wrote security architecture for ODP Reference Model

Formal requirements specification

Large volume of Z specification for secure LAN design

Some knowledge of CSP and VDM

Project management

Technical management of 4-6 person team porting "Quantum" to Windows CE.Net.

Technical management of (Russian) contractors providing a port of ISOS software to VxWorks.

Lead small team implementing PEN mobile low-power device network

Chair of BSI IST/21/-/1/1 (communications security standards) for 5 years

Management of DTI standards contract

De facto management of "PROST" project with APM, NIST, OMG, NPL and University of Kent at Canterbury

Also of APM's "Cassiopeia" involvement

Personal management of short DMR contract

Secretary of childrens' after school club for 3 years and 7 years on management committee

Academic

Small number of papers (Covert channels, ODP traders, Low-power protocol design)

Ph.D./4th year student supervision (security)

MA/Ph.D. student vivas (interface design/security)

Reviewer of submitted papers in various subjects