Researcher

William L. Scherlis is a full Professor in the School of Computer Science at Carnegie Mellon University (CMU). He is Director of the Institute for Software Research (ISR) at Carnegie Mellon University, one of seven academic departments in the School of Computer Science. ISR research and educational programs relate to software engineering, cybersecurity, privacy engineering, network analysis, mobility, and other topics. ISR is home to two PhD programs and six professional Masters programs. Scherlis founded the PhD Program in Software Engineering in 1999 and directed it for more than a decade. During 2012 and early 2013 he was the Acting CTO for the Software Engineering Institute, a DoD FFRDC at CMU. Dr. Scherlis joined the Carnegie Mellon faculty after completing a Ph.D. in computer science at Stanford University, a year at the University of Edinburgh (Scotland) as a John Knox Fellow, and an A.B. at Harvard University in applied mathematics.

Scherlis’s research focuses on techniques and practices for software assurance. His project emphasizes issues of scalability, composability, usability, and judicious use of fragmentary specifications, with a focus on the development of techniques to verify safe concurrency, information flow, and other properties that tend to defy conventional testing and analysis. Some of the technologies are commercialized through a Carnegie Mellon spinoff.

Scherlis is principal investigator for the Carnegie Mellon / NSA Science of Security Lablet, which encompasses a diverse set of research efforts at CMU and several collaborating academic institutions that address cybersecurity technical challenges related to composition and usability. He is principal investigator for a number of other efforts including a Systems Engineering Research Center (SERC) task focused on Systemic Assurance. He was previously the principal investigator for the Carnegie Mellon / NASA High Dependability Computing Project (HDCP), in which CMU led a collaboration with five universities (MIT, USC, U Wash, U Md, U Wisc) to help NASA address software dependability challenges.

Scherlis interrupted his early career at CMU to serve at Defense Advanced Research Projects Agency (DARPA) for six years, departing in 1993 as an SES-4. While at DARPA his responsibilities related to research and strategy in software technology, computer security, information infrastructure, and other topics. He was involved in the initiation of the high performance computing and communications (HPCC) program (now NITRD) and, with Pethia, Squires, and Druffel, in creating the concept of operations for CERT-like organizations, hundreds of which are now in operation world-wide.

Scherlis has testified before Congress on software rejuvenation, on innovation and information technology, and on roles for a Federal CIO. He chaired the National Research Council (NRC) study committee on defense software producibility, which recently released its final report Critical Code: Software Producibility for Defense. He served multiple terms as a member of the DARPA Information Science and Technology Study Group (ISAT). He also chaired a NRC study on information technology, innovation, and e-government, and has led or participated in other national studies related to cybersecurity, crisis response, analyst information management, Ada, and health care informatics. He has been an advisor to major IT companies and is a founder of two Carnegie Mellon spin-off companies, Panopto and SureLogic. He has served as program chair for a number of technical conferences, including the ACM Foundations of Software Engineering (FSE) Symposium and the ACM Symposium on Partial Evaluation and Program Manipulation (PEPM). He has more than 80 scientific publications. He is a Fellow of the IEEE and a lifetime National Associate of the National Academy of Sciences.