General Information
Biography
Dr. Gandhi is a Charles W. and Margre H. Durham Distinguished Professor of Cybersecurity at the College of Information Science and Technology, University of Nebraska at Omaha. He serves as the Director of the School of Interdisciplinary Informatics. He received his Ph.D. in Information Technology from The University of North Carolina at Charlotte. His research interests are in the areas of software security engineering, requirements modeling and analysis, data preservation for scientific workflows, and system certification and accreditation. Since the security of systems is a design problem, his work focuses on developing and assessing models that promote problem-solving in security engineering activities. He has designed courses and training materials that promote a culture of software security engineering in the development processes. His efforts have brought software security engineering, as part of a larger systems certification perspective, to the forefront of the US federal assessment and authorization processes for IT systems. He also serves as a member of the Common Weakness Enumeration (CWE) board, and is the Associate Editor for the National Cyber Watch Cybersecurity Skills Journal (CSJ). In his spare time, he loves to go on bike rides with his kids and explore new trails.
Teaching Interests
Teaching as a profession fascinates me for its role in the continuous advancement of knowledge for myself and the society around me. In my opinion, learning takes place when students can pursue the relevance of the knowledge or skills acquired in class in the context of real-world case studies. Cognitive and tactical engagement with class materials is important for retention. Multimodal learning through personal elaboration, peer instruction, exploration, repetition, practice, and discussion is necessary for creative thinking and emphasizing different aspects of the knowledge gained. These theories continuously influence my teaching style in adapting to different learning abilities, goals and desires of students. My teaching related research pursuits have lead to the development of novel theories and implementation of concept inventories in cybersecurity education. While most learning-related assessments in academia and industry focus on understanding population or group performance, my research in teaching is attempting to explain and diagnose issues with learning at an individual level.
Research Interests
My other research interests are in the areas of information and software assurance, requirements engineering, knowledge-intensive software systems, Certification and Accreditation (C&A), software metrics and measures, and risk assessment.The government, defense, and private sectors spend billions of dollars every year to gain assurance in software systems that support their critical missions/businesses. A large portion of this money is also allocated for C&A activities because of the growing number of regulatory requirements (e.g. FISMA, HIPPA, SOX) and the dire consequences of not complying with them. If done properly, the utility of regulatory and standards compliance towards analyzing and measuring security risk as well as guiding engineering decisions is high. However, the complexity of software systems, numerous regulatory requirements, and the diversity of socio-technical environments, significantly challenge current approaches to understand and assess software dependability. The goal of my research is to develop theories and tools to address these issues in software security engineering. My research builds a foundational theory for understanding dependability requirements and associated operational risks. My work contributes to a multi-dimensional understanding of dependability requirements by taking into account the nexus of constraints, and causal chains in a socio-technical environment where a software system is expected to operate. From the early stages of software development, such understanding produces a reasoned, audit-able argument for software assurance supported by meaningful evidence from the C&A and risk assessment processes.Large amounts of data are now available from sensing platforms. The problem is how to use it to use it in support of decision-making. As we move toward autonomous operations, data trustworthiness in a distributed processing environment is a challenging design problem. For example, Artificial Intelligence (AI) and Machine Learning (ML) at the edge with Internet of Things (IoT) devices challenge the traditional endpoint security or server-based architectures. System boundaries and membership criteria are necessary to enforce security policies for digital objects in a distributed computing environment. My current research focuses on identifying data representation formats that are necessary and sufficient for the expression of multi-level confidentiality and integrity of data in a smart-data pipeline. In particular, such representation formats would need to support the negotiation of security and privacy requirements during missing planning with a third-party organization or allies in a hostile environment.
Service Summary
Dr. Gandhi is highly active in service-related activities at the university, local, national, and international levels. He serves as the Director of the School of Interdisciplinary Informatics, which offers cutting-edge degree programs in Cybersecurity, Bioinformatics, and IT Innovation. He has held several leadership positions within the college and the university, such as chairing the Faculty Senate – Faculty Personnel and Welfare Committee. He has also served on several national-level committees and open communities related to cybersecurity and data standards. He also serves as the Research Associate Editor for the Cybersecurity Skills Journal and has supported special issues on critical issues such as workforce standards and diversity in cybersecurity. He is a member of the Common Weakness Enumeration (CWE) board.
Awards and Honors
Charles W. and Margre H. Durham Distinguished Chair of Information Science and Technology, Scholarship/Research - 2015
UNO Alumni Outstanding Teaching Award, Teaching - 2014
Excellence in Research Award , Scholarship/Research - 2014
USSTRATCOM Fellows Program Teamwork Award Recognition, Scholarship/Research - 2016
Education
BS, Sardar Patel University, Vidyanagar, Gujarat, India, Electronics Engineering, 2000
MS, The University of North Carolina at Charlotte, Charlotte, NC, USA, Computer Science, 2001
Ph D, The University of North Carolina at Charlotte, Charlotte, NC, USA, Information Technology, Software and Information Systems, 2008
Scholarship/Research/Creative Activity
Selected Publications
Gandhi, Robin, Khazanchi, Deepak, Linzell, Daniel, Ricks, Brian, Sim, Chungwook. 2018. The Hidden Crisis: Developing Smart Big Data pipelines to address Grand Challenges of Bridge Infrastructure health in the United States, ISCRAM 2018 Conference Proceedings – 15th International Conference on Information Systems for Crisis Response and Management, 1016-1021.
Avande, Mahugnon, Gandhi, Robin, Siy, Harvey. 2020. Understanding user engagement with multi-representational license comprehension interfaces, International Journal of Open Source Software and Processes (IJOSSP), IGI-Global, 11, 4, 27-45.
Gandhi, Robin, Lee, Seok-Won. 2010. Discovering Multi-dimensional Correlations among Regulatory Requirements to Understand Risk, Transactions of Software Engineering, ACM.
Tobey, David, Gandhi, Robin, Watkins, Alan, Casey, O'Brien. 2018. Competency is Not a Three Letter Word: A Glossary Supporting Competency-based Instructional Design in Cybersecurity, Cybersecurity Skills Journal: Practice and Research.
Gandhi, Robin, Sharma, Anup, Mahoney, William, Sousan, William, Zhu, Qiuming, Laplante, Phillip. 2011. The Social, Political, Economic, and Cultural Dimensions of Cyber Attacks, IEEE Technology and Society.
Externally Funded Research
SMART Analytics for Critical Infrastructures inside a Resilient Data Fabric (SMART-RDF), Federal, 01/01/2023 - 12/31/2024
BD Spokes Medium SMARTI, National Science Foundation, Federal, 09/01/2018 - 08/31/2023
CIRI/CISA Curriculum Development, Universities, 09/29/2021 - 09/28/2022
NSA CNAP Security Concept Inventory, National Security Agency, Federal - present
2022 GenCyber Student, Federal, 07/25/2022 - 07/24/2024
Service
Administrative Assignments
Director, 08/17/2020