General Information
Biography
Robin Gandhi is a Charles W. and Margre H. Durham Distinguished Professor of Cybersecurity at the College of Information Science and Technology, University of Nebraska at Omaha. He serves as the Director of the School of Interdisciplinary Informatics. He received his Ph.D. in Information Technology from The University of North Carolina at Charlotte. His research interests are in the areas of software security engineering, requirements modeling and analysis, data preservation for scientific workflows, and system certification and accreditation. Since the security of systems is a design problem, his work focuses on developing and assessing models that promote problem-solving in security engineering activities. He has designed courses and training materials that promote software security engineering culture in the development processes. His efforts have brought software security engineering, as part of a larger systems certification perspective, to the forefront of the US federal assessment and authorization processes for IT systems.
Teaching Interests
Teaching as a profession fascinates me for its role in the continuous advancement of knowledge for myself and the society around me. In my opinion, learning takes place when students can pursue the relevance of the knowledge or skills acquired in class in the context of real-world case studies. Cognitive and tactical engagement with class materials is important for retention. Multimodal learning through personal elaboration, peer instruction, exploration, repetition, practice, and discussion is necessary for creative thinking and emphasizing different aspects of the knowledge gained. These theories continuously influence my teaching style in adapting to different learning abilities, goals and desires of students. My teaching related research pursuits have lead to the development of novel theories and implementation of concept inventories in cybersecurity education.
Research Interests
If done properly, the utility of regulatory and standards compliance towards analyzing and measuring security risk as well as guiding engineering decisions is high. The goal of my research is to develop theories and tools for designing dependable software systems. My research interests are in the areas of information and software assurance, requirements engineering, knowledge-intensive software systems, Certification and Accreditation (C&A), software metrics and measures, and risk assessment. The government, defense, and private sectors spend billions of dollars every year to gain assurance in software systems that support their critical missions/businesses. A large portion of this money is also allocated for C&A activities because of the growing number of regulatory requirements (e.g. FISMA, HIPPA, SOX) and the dire consequences of not complying with them. However, the complexity of software systems, numerous regulatory requirements, and the diversity of socio-technical environments, significantly challenge current approaches to understand and assess software dependability. To address these issues, my research builds a foundational theory for understanding dependability requirements and associated operational risks. My work contributes to a multi-dimensional understanding of dependability requirements by taking into account the nexus of constraints, and causal chains in a socio-technical environment where a software system is expected to operate. From the early stages of software development, such understanding produces a reasoned, audit-able argument for software assurance supported by meaningful evidence from the C&A and risk assessment processes.Large amounts of data are now available from sensing mechanisms. The problem is how to use it to use it in support of decision-making. As we move toward autonomous operations, data trustworthiness in a distributed processing environment is a challenging design problem. For example, Artificial Intelligence and Machine Learning at the edge with IoT devices challenge the traditional endpoint security or server-based architectures for information assurance. System boundaries and membership criteria are necessary to enforce security policies for digital objects in a distributed computing environment. My current research focuses on identifying data representation formats that are necessary and sufficient for the expression of multi-level confidentiality and integrity of data in a smart-data pipeline. In particular, such representation formats would need to support the negotiation of security and privacy requirements during missing planning with a third-party organization or allies in a hostile environment.
Service Summary
Dr. Gandhi is highly active in service-related activities at the university, local, national, and international levels. In addition, he serves as the Director of the School of Interdisciplinary Informatics, which offers cutting-edge degree programs in Cybersecurity, Bioinformatics, and IT Innovation. He has held several leadership positions within the college and the university, such as chairing the Faculty Senate – Faculty Personnel and Welfare Committee. He has also served on several national-level committees and open communities related to cybersecurity and data standards. He also serves as the Research Associate Editor for the Cybersecurity Skills Journal and has supported special issues on critical issues such as workforce standards and diversity in cybersecurity.
Awards and Honors
Charles W. and Margre H. Durham Distinguished Chair of Information Science and Technology, Scholarship/Research - 2015
UNO Alumni Outstanding Teaching Award, Teaching - 2014
Excellence in Research Award , Scholarship/Research - 2014
USSTRATCOM Fellows Program Teamwork Award Recognition, Scholarship/Research - 2016
Education
BS, Sardar Patel University, Vidyanagar, Gujarat, India, Electronics Engineering, 2000
MS, The University of North Carolina at Charlotte, Charlotte, NC, USA, Computer Science, 2001
Ph D, The University of North Carolina at Charlotte, Charlotte, NC, USA, Information Technology, Software and Information Systems, 2008
Scholarship/Research/Creative Activity
Selected Publications
Gandhi, Robin, Siy, Harvey, Crosby, Keesha, Mandal, Sayonnha. 2014. Gauging the Impact of FISMA on Software Security, IEEE Computer, 47, 9.
Gandhi, Robin, Germonprez, Raymond, Link, Georg. 2018. Open Data Standards for Open Source Software Risk Management Routines: An Examination of SPDX, ACM GROUP 2018, 219-229.
Gandhi, Robin, Lee, Seok-Won. 2010. Discovering Multi-dimensional Correlations among Regulatory Requirements to Understand Risk, Transactions of Software Engineering, ACM.
Jones, Connie, Gandhi, Robin, Mahoney, William. 2012. A Freshman Level Course on Information Assurance: Can it be Done? Here’s How, Inroads - The SIGCSE Bulletin, Association for Computing Machinery, 3, 3, 50-61.
Gandhi, Robin, Sharma, Anup, Mahoney, William, Sousan, William, Zhu, Qiuming, Laplante, Phillip. 2011. The Social, Political, Economic, and Cultural Dimensions of Cyber Attacks, IEEE Technology and Society.
Externally Funded Research
BD Spokes Medium SMARTI, National Science Foundation, Federal, 09/01/2018 - 08/31/2023
Scholarships for Service, National Science Foundation, Federal, 10/01/2015 - 09/30/2016
UP Open Source Monitoring Project, Union Pacific Railroad Company, Industry, 05/15/2015 - 05/14/2016
Software Assurance Workforce Assess, National Security Agency, Federal - present
2018 GenCyber, National Security Agency, Federal, 05/17/2018 - 05/16/2019