David Malcolm Nicol
Q: What is your area of expertise?
A: I do system evaluation, which means developing models and methodologies for determining what properties a system, either real or simply contemplated, will have. This sort of work helps to answer questions like, "How fast does the system run", "How reliable is the system?" and "How secure is this system against a cyber-attack?"
Q: Give me a brief synopsis of your education and career.
A: I majored in math at Carleton College, earning a B.A. in 1979. An interest aptitude test I’d taken in high school suggested that I learn about computers, so I took what few computing courses were offered at Carleton. Upon graduating I took a job as a programmer-analyst with Control Data Corporation, which made supercomputers and special systems for the government. I worked there for three years, learned computing on the job so to speak, but also learned that the job I wanted was with the research group who developed some of the algorithms I was implementing. So I took a leave of absence to get the necessary Ph.D. to work in research, but when I was done the company was busy disintegrating and I didn’t go back. I got M.S. and Ph.D. degrees from the University of Virginia, finishing in 1985. From there I did a two-year post-doc with the Institute for Computer Applications in Science and Engineering, at NASA Langley Research Center. In 1987, I joined the computer science department at the College of William and Mary. By 1996 the environment for doing research was deteriorating there, and I joined the computer science department at Dartmouth College. I served as the department chair and was a key player in the establishment and administration of a large research center focused on computer security. The ECE department at Illinois recruited me in 2002, and I joined the department in 2003.
Q: You were at Dartmouth for seven years? What made you want to come to Illinois?
A: I wasn’t looking to leave Dartmouth; it’s a great place to live and work. It is small, however, and the research opportunities at Illinois are significantly greater. The security center at Dartmouth was funded by congressional allocations, a source that was bound to dry up. Dartmouth just didn’t have the critical mass to continue on in that way by the funding efforts of its security-oriented faculty. So the opportunity to join Illinois came at a good time.
Q: You have been at Illinois since 2003. What do you enjoy most about being here?
A: Since coming here, I’ve been involved in a number of inter-disciplinary proposals and projects, in ways and in areas that just weren’t possible at Dartmouth. Illinois has critical mass. I like learning about new scientific/engineering domains and finding ways to solve problems in those areas using tools and techniques from my own area.
Q: Why did you become an engineer?
A: I suppose I really only became an engineer when I, for the first time, joined the faculty of an engineering school in 2003! But what I have always practiced is an engineering approach to my work: using mathematical rigor to provide a firm foundation for solutions to problems that exist in the real world and whose solutions make a difference to someone.
Q: Tell me about a research accomplishment you’re proud of.
A: My early work focused on ways to perform a certain kind of computation, a discrete-event simulation, on massively parallel computers. This kind of computation emulates how a system (such as a computer/communication system or manufacturing system) behaves as time goes by. Different processors in the parallel computer are responsible for simulating different physical regions of the system being simulated, so computations that occur in one processor provide results that are needed by another processor; each result has a “time-stamp" on it, specifying precisely when (in simulation time) the result is available. The necessary interactions between processors is hard to predict, but needs to be done in such a way that no processor gets too far ahead of the others (in simulation time) so that it misses some result it needs from another processor. Anyway, there was a raging debate going on in the community about how best to solve this problem. I approached it using mathematical models and discovered, much to my surprise, a technique which was provable, almost optimal, and provably had good performance even on truly massively parallel computers.
Q: You are the theme leader in Critical Infrastructures and Homeland Defense at the Information Trust Institute. What is your role? What do you hope to accomplish?
A: My role as theme leader has really been as a membe of a group of senior faculty that strategizes about directions in which ITI ought to grow and facilitate ways for it to grow in those directions. As theme leader in Critical Infrastructures and Homeland Defense, I lead proposals and projects that bring better cyber-security to systems that control the electrical power grid, manage oil refineries and oil/gas pipeline systems, nationwide telecommunications, and so on. “Lead" here means to help identify funding opportunities and coordinate groups of ITI faculty to respond to those opportunities.
Q: What do you enjoy most about teaching?
A: Helping students understand what is for them, at first, difficult concepts. The best times are in office hours when a student who hasn’t been “getting it" suddenly does. It is fun to see the light bulb go on.
Q: What role do students play in your research?
A: Early in my career I did most of my research work. I solved the problems; I developed the algorithms; I proved the proofs. Students helped some with programming. After moving to Dartmouth, the pool of talented graduate students was larger. I had a really good team of graduate students and undergraduates who developed systems to their designs rather than mine, but with guidance from me on what those designs needed to accomplish. I continued to develop algorithms, models, and proofs. Since coming to Illinois, I’ve worked with students who have better analytic skills than was typical with my previous universities, and so, in these cases, offer guidance on approaches to take or the kinds of results I think are possible and spend more time debugging their analysis than I do developing my own. It is still the case though that I’ll work with a student who has an idea and can build software that demonstrates and validates the idea, while I’ll develop some analysis about the approach. Just this spring I wrote a paper with Nabil Shear that looked at an idea of his, to protect the privacy of an Internet communication by embedding it in a different one that has different characteristics. He developed a system that does this and analyzed it using simulation. I developed a mathematical model of what was going on, validated it against results predicted by the simulation, and developed some proofs about how efficient it was. That paper won the best paper award last month at the annual conference on Principles of Advanced and Distributed Simulation. I’m convinced that it was the combination of real system, simulated system, and validated analytic model that made the paper attractive to the award committee.
Q: Over the years, you have received several service awards. Which one is most meaningful to you? Why?
A: We academics do all sorts of things. We teach, we do research, we write textbooks, and we serve on university and professional committees. Last year, I was the inaugural winner of the ACM Special Interest Group on Simulation’s Distinguished Contributions Award. This was set up to recognize those who have made significant contributions in research, teaching, and service in the area of discrete-event simulation. It is special to me because it comes from peers whose work I know and highly respect and it recognizes contributions in all that I do. It is also special because I will always be the first one to have received this award.
Q: What are you focused on today?
A: Computer security is notoriously hard to quantify. One would like to be able to analyze two systems and be able to quantify by how much one is more secure than another. Without some means of quantifying differences in security, we can’t hope to put the design of secure systems on a firm engineering basis. If we’re to make informed decisions about system design, we have to be able to compare gains in security with increases in cost or changes in functionality and/or availability.
Q: What does the future hold?
A: What we’re starting to be able to do in modeling critical infrastructures and assessing their security is new stuff, with enough open problems to keep me busy for at least the next five years. I can’t see beyond that. I had no idea 10 years ago that today I would be deep in the midst of computer security research. None. I’m doing this now because of a sequence of historical accidents. Who knows what other historical accidents might be waiting to happen?
Q: What technology that’s currently under development are you most anxious or excited to see completed?
[ECE Professor] Bill Sanders [who is also affiliate with CS], CS graduate research assistant Sankalp Singh, CSL research programmer Mouna Seri, and I have, for the last three years, been developing a software tool that helps operators of complex networked systems understand whether what their system is doing, with respect to protecting network traffic, is what they want it to do. It is a project developed most immediately for deployment in process control systems, like those controlling the electrical power grid. But it has application in more general enterprise systems. We are at a point now where we are working with a significant power company and a significant pipeline company to install and augment our system to meet their needs. It’s a great project in that what we do under the covers involves some sophisticated mathematical modeling and exploitation of what that modeling predicts. It solves a real problem, and our industrial partners are eager for its completion and implementation.