Dr. Sam Farroha

Computer Science

Education History

  • BS Computer Engineering, Florida Institute of Technology
  • MS Electrical Engineering, Florida Institute of Technology
  • MBA Management, Johns Hopkins University
  • PMC Systems Engineering, Johns Hopkins University
  • Ph D Electrical Engineering, Florida Institute of Technology

Work Experience

Director, Technology, U.S. Government

Publications

SELECTED PUBLICATIONS:
National &International

* “Investigating End-to-End Security in 5G Capabilities and IoT Extensions”, The Next Wave publication, Vol. 21 | No. 4 | 2017 - Reprint
* “Introducing 5G”, The NextWave Vol. 21 | No. 3 | 2017
* “Denial of Sleep attacks in Bluetooth Low Energy wireless sensor networks”, MILCOM 2016, Baltimore Maryland November 2016
* Investigating end-to-end security in the fifth generation wireless capabilities and IoT extensions, SPIE Defense Security and Sensing Conference 2016, Baltimore, MD, April 2016
* "Securing Ubiquitous Mobile Communications: The Art of Protecting Systems and People from the Pitfalls of Increased Connectivity", (Proposed) MILCOM 2015
* "A Framework for Managing Mission Needs, Compliance and Trust in the DevOps Environment", MILCOM 2014, Baltimore, MD October 2014.
* "Network Analysis for Secure Assured Communications and Assured Information", MILCOM 2012, San Diego Nov 2012.
* "Architecting a Comprehensive Dynamic Cyber Defense through Hardening Privilege, Identity and Access management", SPIE Defense Security and Sensing Conference 2013, Baltimore, MD, April 2013
* "Architecting an Enhancing Secure Mobility for Data Centric Applications", IEEE International Systems Conference, Orlando, FL 2013
* "The Trust Engineering Framework: Architecting Native Security to Defend Against the Next Generation Threats", MILCOM 2012, Orlando, FL Nov 2012.
* "An Adaptive SoS Framework for Integrating Dynamic Cyber Defense", MILCOM 2012, Orlando, FL Nov 2012.
* "Architecting Dynamic Cyber Defense for a Secure Multi-Tenant Cloud Services Environment", MILCOM 2012, Orlando, FL Nov 2012.
* "An Agile Enabler Framework: Architecting Services in the Clouds", MILCOM 2012. Orlando, FL Nov 2012.
* "Overcoming the Challenges of Secure Mobile Applications for Network Centric Data Sensitive Applications", SPIE Defense Security and Sensing Conference 2012, Baltimore, MD, April 2012
* "A Framework for Developing Reliable Corporate Services in an Agile Environment", SPIE Defense Security and Sensing Conference 2012. Baltimore, MD, April 2012
* "Securing Services in the Cloud: An Investigation of the Threats and the Mitigations", SPIE Defense Security and Sensing Conference 2012, Baltimore, MD, April 2012
* The New Agile Systems Engineering: Meeting the Challenges of Functionality, Security, and Austerity, Software and System Conference, Salt Lake City, UT, April 2012
* "Architecting Dynamic Privileges in Protected Systems Through Hardening Identity and Access Management", IEEE International Systems Conference 2012, Vancouver, BC, March 2012 * "Architecting Security into the Clouds: An Enterprise Security Model", IEEE International Systems Conference 2012, Vancouver, BC, March 2012
* Challenges of "Operationalizing" Dynamic System Access Control: Transitioning from ABAC to RAdAC, IEEE International Systems Conference 2012, Vancouver, BC, March 2012
* "An Investigative Analysis Into Security in the Clouds and the Impact of Virtualization on the Security Architecture", MILCOM 2011, Baltimore, MD, Nov 2011
* "Developing Corporate Services in an Agile Environment", MIL COM 2011, Baltimore, MD, Nov 2011
* "Examining the Technologies and Processes for Key Management in the Enterprise and the Way Forward into the Virtualized Environment", MILCOM 2011, Baltimore, MD, Nov 2011
* "An Adaptive Framework for Integrating Heterogeneous Enterprise SoS Security", 21st Annual INCOSE International Symposium, Denver, CO June 2011
* "Architecting a Secure Enterprise Data Sharing Environment to the Edge". Invited for re-presentation at the 21st Annual INCOSE International Symposium, Denver, CO June 2011
* "Enabling the Net-Centric Systems Model through Adapting Enterprise Security Services to the Mobile Users", 21st Annual INCOSE International Symposium, Denver, CO June 2011
* "Analyzing the requirements for a robust security criteria and management of multilevel security in the clouds", SPIE Defense and Security-Defense Transformation and Network Centric track, Orlando, FL, April 2011
* "A novel approach to implementing a comprehensive digital policy management as an enabler for dynamic secure information sharing", SPIE Defense and Security-Defense Transformation and Network Centric track, Orlando, FL, April 2011
* "Agile enterprise development framework: utilizing services principles for building pervasive security in the enterprise", SPIE Defense and Security-Defense Transformation and Network Centric track, Orlando, FL, April 2011
* "Development of an Integrated Security Framework to Enable the Control and Security of a Heterogeneous Enterprise", IEEE International Systems Conference. Montreal, QC Canada, April 2011
* "Agile Development for System of Systems: Cyber Security Integration into Information Repositories Architecture", IEEE International Systems Conference, Montreal, QC Canada, April 2011
* "Architecting a Secure Enterprise Data Sharing Environment to the Edge", IEEE International Systems Conference, Montreal, QC Canada, April 2011
* "Cyber Security Framework for Enterprise System Development: Enhancing Domain Security Through ESM", IEEE Military Communications Conference -• MIL COM 2010, San Jose, CA, November 2010. *"Cyber Security Components for Pervasive Enterprise Security Management and the Virtualization Aspects", IEEE International Systems Conference 2010, San Diego, CA.
* "Cyber Capability Assessment: Architecting a seamless Assured Information Sharing Infrastructure for the Tactical Warfighter", IEEE International Systems Conference 2010, San Diego, CA.
* "Enterprise Systems Security Management: A framework for breakthrough protection", SPIE Defense and security 2010, Orlando, FL.
* "Security core to the edge: Securing critical information through enhanced Cross Domain Systems (CDS) to the tactical edge", SPIE Defense and security 2010, Orlando, FL.
* "Building the Enterprise Cross Domain Services to Enable Cyber Security: Core to Edge", System and Software Technology Conference (SSTC 2010) Salt Lake City, UT 2010.
* "A Framework for Enterprise Security Management to Enable Enhanced Information Sharing", System and Software Technology Conference (SSTC 2010) Salt Lake City, UT 2010.
* "Challenges and Alternatives in Building a Secure Information Sharing Environment through a Community Driven Cross Domain Infrastructure", MILCOM 2009, Boston. MA.
* "Exploring Critical System of Systems Issues for the Warfighter", MILCOM 2009, Boston, MA. * "SO A as a Catalyst to Empower the Warfighter through Improved Enterprise Data Access Over the GIG", IEEE International Systems Engineering Conference 2009, Vancouver, Canada.
* "Net-centric transformation to empower the Warfighter through enhanced enterprise data services: exploring the SOA approaches". SPIE Defense and Security Symposium 2009, Orlando, FL.
* "Enabling Information Sharing through Cross Domain Solutions: Architecting the Enterprise", SPIE Defense and Security Symposium 2009, Orlando, FL.
* "Enabling Net-centricity through Cross Domain Information Sharing", IEEE International Systems Engineering Conference 2009, Vancouver, Canada.
* "IA Consideration of Assured Services in a Transformational Network Centric Environment", MILCOM 2008, San Diego, CA.
* "Satisfying Warfighter Information Imperatives Across Security Domains", MILCOM 2008, San Diego, CA.
* "An Investigative Analysis of Information Assurance Issues Associated with the GIG's P&P Architecture". SPIE Defense and Security Symposium 2007 under the Defense Transformation and Net-Centric Systems session. April 2007, Orlando, FL
* "Policy-Based QOS Implementation in a SOA Enterprise Framework", MILCOM 2007, November 2007 Orlando, FL.
* "Implications of Precedence and Preemption Requirements on Packet Based Transport Architectures", MILCOM 2007, November 2007. Orlando, FL.
* "Requirements and Architectural Analysis for Precedence Capabilities in the Global Information Grid". MILCOM 2006 proceedings Washington D.C. October 2006.
* "United States and Singapore Tactical Command and Control Interoperability Study". DARPA study, October 2006.
* Requirements Engineering Analysis for Precedence and Preemption in the Global Information Grid; IETF Draft, November 2006
* The Precedence and Preemption Architecture for the Global Information Grid Requirements Engineering Analysis; OSDINII; 30 September, 2005.
* "Communications Technology for Improved Aviation Security" 2005 NASA ICNS Conference & Workshop, May 2 - 5, 2005, Fairfax, VA
* "VDLM2/ATN the Next Generation Datalink", Flight Deck International, March 2002.
* "Next Generation Datalink", Air Traffic Technology International 2002, UK & International Press.
* "Mobile Vision Tracking Technique for Real-Time Applications", SPIE AeroSense 1998 proceedings, Orlando, FL.
* "A Novel High-Speed Architecture For Machine Vision Applications", SPIE Photonics-East 1996 proceedings, Boston, MA.
* "An Advanced Layered MPP Architecture for Industrial Imaging", IEEE SouthCON '96 proceedings, Orlando, FL.
* "Real-time VLSI Techniques for Processing of Computer Images", SPIE Denver '96 Symposium proceedings.
* "An Alternative Method For Designing Parallel Image Recognition Systems: A Feasibility Study", IEEE Southeastcon '95 proceedings, Raleigh, NC.
* "A Novel Approach to Design a Massively Parallel Application Specific Architecture for Image Recognition Systems", IEEE Southeastcon '95 proceedings, Raleigh, NC.
* "Problems In Robotic Vision", IEEE Southeastcon '91 Proceedings, Williamsburg, VA.
* "Development of an Identification Method For Fast Routing", IEEE Southeastcon '91 Proceeding, Williamsburg, VA.
* "A Novel Approach To Design A Massively Parallel Application Specific Architecture For Image Recognition Systems", Ph.D. Dissertation. Florida Institute of Technology, 1996. Melbourne, FL.
* "Development Of An Identification System Appropriate For Fast Routing And Robotic Operations". MS Thesis. Florida Institute of Technology, 1988. Melbourne, FL.

Non-Proprietary Publications, Copyrights and Trademarks:
* STARTRAX (C) Hemispheric Theater Operating System
* ST ARTRAX (TM) Distributed Multiprocessing Multimedia System
* ARINC VDL mode 2 A VLCIDLS Guidance Materials
* ARINC's ACARS over A VLC (AOA) External ICD.
* ARINC Aeronautical VHF Link Control (AVLC) Flight Profile
* ARINC V8208 Flight Profile
* ARINC Aeronautical Telecommunication Network (ATN) Flight Profile
* ARINC and Eurocontrol Joint Test and Verification Cross-reference Matrix
* Ground/Ground Interoperability Joint Test Plan between ARINC and the FAA
* IDRP/DLAP Interoperability Joint Test Plan between ARINC and the FAA
Proprietary & Internal Publications
* Strategy to Rebrand Emerging Mobile Technologies 2015
* Emerging Mobile Technologies overview to current projects and future Direction 2015
* Tackling the migration to mobile 5G Technologies
* The National Security Agency DevOps Strategy 2014 and implementation plans
* The Intelligence Community Cloud University charter and program plans 2014
* Proposal for Strategic Corporate Dataflow Services and Architecture Report -2014
* Lessons learned on co-managing mission programs in the agile development Environment 2013
* Architecting a secure commercial mobile computing and communications capabilities through a built in security in the iOS, Android, and the lower IT stack layers. March 2012
* Training plan to transition the multi-disciplined Information Security workforce to become security architects that can produce baked-in security and capabilities utilizing commercial solutions where possible 2012
* Implementing ESM in the Clouds and the Security Implications, April 2011
* Cloud Security for DoD and NSA, analyzing the technologies and risks, April 2011
* Cloud Architecture and Security Alternatives for the DoD, March 2011
* Automating Digital Policy Management to enable intelligent access control in the Enterprise and the Cloud, March 2011.
* Critical Technology for Next Generation Cross Domain Systems, January 2010
* Community Requirements Assessment and identification of levels of service to support information sharing Core to the Edge, January 2010.
* Cloud computing for the Enterprise: Initial Analysis and security implications, Delivered to DoD and IC Enterprise analysis leadership tiger team, October 14, 2009
* Community Cross Domain Enterprise Services Challenges, Delivered to DoD and IC Enterprise analysis leadership tiger team, Feb 18, 2009
* Moving to the Enterprise, Capability analysis and collaboration initiatives, Delivered to DNI Enterprise services leadership, Dec 2008.
* Building the Community Cross Domain Enterprise Architecture, DoD & IC Partnership Conference for this Oct. 27-30, 2008
* Analyzing the requirements, trends, and Taxonomy of Cross Domain Capabilities, Sept 2008.
* JHU/APL VCS-06-002 OSD NII Requirements Engineering for the GIG Precedence and Preemption. May 16, 2006.
* JHU/APL VCS-06-013 000 Requirements and Architecture flow down from DoD8100.3, CJCSI 6215.XX and the NCID XX for QoS in the GIG. June 25, 2006.
* JHU/APL VCS-06-115 Analysis and Recommendations to OSD NII and DISA on the requirements for the Precedence-Based Assured Services for the GIG's transport services to be incorporated in the NCID 3.0. August 25, 2006.
* "The Precedence and Preemption Architecture for the Global Information Grid Requirements Engineering Analysis, Developed for NCID
2.0", OSD/NII and DISA on October 26, 2005
* "The Precedence Based Assured Services for the QoS Architecture in the Global Information Grid, Requirements Engineering Analysis Developed for the Net- Centric Implementation Document Version 3.0", Delivered to ODSINII and DISA on July 22, 2006
* "Potential Information Assurance Issues Associated with the Proposed GIG P&P Architecture", JHU/APL, 24 January 2006 sent to NSA TSAT SPO.
* JHU APL VIC-05-085 OSD/NII Requirements Engineering for the GIG Precedence and Preemption
* JHU APL VIC-05-016 RTCA standards and guidelines DO-178B and applicability to MUOS which was presented to the MUOS PM office
* JHU/APL VIC-05-024 Technology Tracking IRAD which investigated Network Management standards, trends, and state of the arts development and research
* JHU/APL VIC-05-038 IP Modem Discussion which investigated Satellite over IP/ IP Modem
* JHU/APL VIC-05-041 ODOCS System Engineering Support Status
* JHU /APL VIT Memo on GIG BE requirements, architecture and applications
* ARINC VDL Mode 2 Preliminary System Analysis and Design of ground network
* ARINC VDL Mode 2 Air Traffic Control Statement of Needs
* ARINC VOL Mode 2 Air Operation Control Statement of Needs
* ARINC VOL Mode 2 SQP Statement of Needs
* ARINC VOL Mode 2 System Segment Specifications
* ARINC VOL Mode 2 Terrestrial Network Architecture trade studies and design (White Paper).
* ARINC VOL Mode 2 System Design Document
* ARINC VDL Mode 2 System Threads, Scenarios and Operational use-Cases
* ARINC VDL Mode 2 Detailed hardware analysis and design and complete system hardware architecture
* ATN/VDLM2 Flight Test Support Proposal Using ARINC Air Ground Test Station for American Airlines
* ARINC Engineering Support Proposal for the Honeywell Air/Ground Datalink Avionics Interoperability and Certification.
* ATN/VDLM2 Flight Test Support and data analysis Proposal Using ARINC Air Ground Test Station for NASA. Phase II Development of a Video/Audio Capability over VOL Mode 2 for security studies.
* Development of an Avionics simulator and independent Ground ATN Infrastructure for NASA.
* AOA/ATN Interoperability and Flight Test Support Proposal for the Teledyne Systems Avionics Using the ARINC Air Ground Test Station
* Interoperability and Flight Test Support Proposal for the AIRBUS AOA/ATN Avionics Using the ARINC Air Ground Test Network
* Development of interoperability plan and system architecture to provide A VICOM of Japan with VOL Mode 2 capability for AOA services.
* Mitigation Plans for Alleviating the aviation frequency congestion and cross talk over the ARINC Far-East service region.
* Architecture and design alternatives to utilizing VDLM2 on an automated carrier landing.
* Architecting ARINC Direct to delivers first-class suite of services for business aviation including advanced flight planning, weather, flight following, fueling, data link and satellite communications.
*Detailed design of 24 Axis depended controller that tracks to 1/37K degrees in a domed theater. The system was adapted by Minolta Inc as the next generation standard controller. June 1994
* Development of fast tracking and display laser guidance system for hemispheric projection.
* Development of audio video tracking and control systems for Iwerks Entertainment System.
* Architecture and Detailed design of the AMPO proprietary internal network with custom built controller

Professional Organizations

IEEE
ACM
SPIE