Dr. Sean Peisert is jointly appointed as a staff scientist at Lawrence Berkeley National Laboratory; chief cybersecurity strategist at CENIC, and director of the CENIC/ESnet joint cybersecurity initiative; and associate adjunct professor of Computer Science and faculty member in the Graduate Groups in Computer Science, Forensic Science, and Health Informatics at the University of California, Davis. His research interests cover a broad cross-section of computer and network security. Some of the recent projects and interests that Dr. Peisert has worked on include intrusion detection for control systems in smart/power grids, techniques for insider threat identification and mitigation, and security in high-performance computing and networking environments. Previously, he was an I3P Research Fellow and was a computer security researcher at the San Diego Supercomputer Center (SDSC). He received his Ph.D., Masters, and Bachelors degrees in Computer Science from UC San Diego.
Professor Peisert is vice chair of the IEEE Computer Society Technical Committee on Security & Privacy; an editorial board member of IEEE Security & Privacy; a steering committee member and past general chair of the New Security Paradigms Workshop (NSPW); steering committee member and past program co-chair of the Workshop on Cyber Security Experimentation and Test (CSET); and past general chair for the IEEE Symposium on Security and Privacy, the flagship conference for security research. He is the lead of the iJC3 Cyber R&D Enterprise Cyber Capability (ECC), composed of 10 DOE National Labs, and also serves as the representative of the Berkeley Lab to the Institute for Information Infrastructure Protection (I3P).
Additional detail is available on recent DOE ASCR-funded projects on security for HPC and high-bandwidth networks; numerous DOE CEDS-funded projects on cybersecurity for energy delivery systems; an NSF ACI-funded project on international network performance monitoring; the Open Science Cyber Risk Profile (OSCRP) effort; and a number of other computer security research projects. He also works closely with ESnet.
Some recent news:
Building a CENIC Security Strategy — Jan. 11, 2017
On the Value of Failed Experiments in Cybersecurity [TABL]— Sept. 8, 2016
Detecting Cybersecurity Threats by Taking the Grid's Pulse [TABL]— Jul. 12, 2016
CENIC and ESnet Announce Joint Cybersecurity Initiative - Jan. 12, 2016
Securing Scientific Computing Integrity — Mar. 20, 2015
COSMOS Students Visit NERSC, ALS, and Cybersecurity Group – Aug. 6, 2012
» Some recent publications are listed below. For a full list of publications and other information, plase visit Sean Peisert's personal web page.
Leon J. Osterweil, Matt Bishop, Heather M. Conboy, Huong Phan, Borislava I. Simidchieva, George S. Avrunin, Lori A. Clarke, Sean Peisert, "A Comprehensive Framework for Using Iterative Analysis to Improve Human-Intensive Process Security: An Election Example", ACM Transactions on Privacy and Security (TOPS), 2017,
Mahdi Jamei, Emma Stewart, Sean Peisert, Anna Scaglione, Chuck McParland, Ciaran Roberts, Alex McEachern, "Micro Synchrophasor-Based Intrusion Detection in Automated Distribution Systems: Towards Critical Infrastructure Security", IEEE Internet Computing, September 2016, 20(5):18-27, doi: 10.1109/MIC.2016.102
Chuck McParland, Sean Peisert, Anna Scaglione, "Monitoring Security of Networked Control Systems: It's the Physics", IEEE Security and Privacy, November 2014, 12(6):32-39, doi: 10.1109/MSP.2014.122
Peter G. Neumann, Sean Peisert, Marvin Schaefer, "The IEEE Symposium on Security and Privacy, in Retrospect", IEEE Security and Privacy, May 2014, 12(3):15-17, doi: 10.1109/MSP.2014.59
Sisi Duan, Sean Peisert, and Karl Levitt, "hBFT: Speculative Byzantine Fault Tolerance With Minimum Cost", IEEE Transactions on Dependable and Secure Computing (TDSC), March 19, 2014, 12(1):58-70, doi: 10.1109/TDSC.2014.2312331
Sean Whalen, Sean Peisert, Matt Bishop, "Multiclass Classification of Distributed Memory Parallel Computations", Pattern Recognition Letters (PRL), February 2013, 34(3):322-329, doi: 10.1016/j.patrec.2012.10.007
Sean Whalen, Sophie Engle, Sean Peisert, Matt Bishop, "Network-Theoretic Classification of Parallel Computation Patterns", International Journal of High Performance Computing Applications (IJHPCA), May 2012, 26(2):159-169, doi: 10.1177/1094342012436618
Sean Peisert, Matt Bishop, Sidney Karin, Keith Marzullo,, "Analysis of Computer Intrusions Using Sequences of Function Calls", IEEE Transactions on Dependable and Secure Computing (TDSC), April 2007, 4(2):137-150, doi: 10.1109/TDSC.2007.1003
Sean Peisert, "Forensics for System Administrators", ;login:, August 2005, 30(4):34-42,
Mahdi Jamei, Anna Scaglione, Ciaran Roberts, Emma Stewart, Sean Peisert, Chuck McParland, Alex McEachern, "Automated Anomaly Detection in Distribution Grids Using µPMU Measurements", Proceedings of the 50th Hawaii International Conference on System Sciences (HICSS), Electric Energy Systems Track, Resilient Networks Minitrack, IEEE, January 2017,
Alberto Gonzalez, Jason Leigh, Sean Peisert, Brian Tierney, Andrew Lee, Jennifer M. Schopf, "NetSage: Open Privacy-Aware Network Measurement, Analysis, And Visualization Service", Proceedings of TNC16 Networking Conference, Prague, Czech Republic, June 2016,
Georgia Koutsandria, Reinhard Gentz, Mahdi Jamei, Anna Scaglione, Sean Peisert, and Chuck McParland, "A Real-Time Testbed Environment for Cyber-Physical Security on the Power Grid", Proceedings of the First ACM Workshop on Cyber-Physical Systems Security & Privacy (CPS-SPC), Denver, CO, ACM, October 16, 2015, doi: 10.1145/2808705.2808707
Adrian Chavez, William M.S. Stout, and Sean Peisert, "Techniques for the Dynamic Randomization of Network Attributes", Proceedings of the 49th Annual International Carnahan Conference on Security Technology, Taipei, Taiwan, Republic of China, IEEE Press, September 2015, doi: 10.1109/CCST.2015.7389661
Sisi Duan, Jingtao Sun, Sean Peisert, "Towards a Self-Adaptive Middleware for Building Reliable Publish/Subscribe Systems", Proceedings of the 8th International Conference on Internet and Distributed Computing Systems (IDCS), Berkshire, United Kingdom, Springer, September 2015, 157-168, doi: 10.1007/978-3-319-23237-9_14
Sisi Duan, Hein Meling, Sean Peisert, Haibin Zhang,, "BChain: Byzantine Replication with High Throughput and Embedded Reconfiguration", Proceedings of the 18th International Conference on Principles of Distributed Systems (OPODIS), Cortina, Italy, Springer, December 2014, 91-106, doi: 10.1007/978-3-319-14472-6_7
Georgia Koutsandria, Vishak Muthukumar, Masood Parvania, Sean Peisert, Chuck McParland, Anna Scaglione, "A Hybrid Network IDS for Protective Digital Relays in the Power Transmission Grid", Proceedings of the 5th IEEE International Conference on Smart Grid Communications (SmartGridComm), Venice, Italy, IEEE, November 2014, 908-913, doi: 10.1109/SmartGridComm.2014.7007764
Sisi Duan, Karl Levitt, Hein Meling, Sean Peisert, Haibin Zhang, "Byzantine Fault Tolerance from Intrusion Detection", Proceedings of the 33rd IEEE International Symposium on Reliable Distributed Systems (SRDS), Nara, Japan, October 2014, 253-264, doi: 10.1109/SRDS.2014.28
Masood Parvania, Georgia Koutsandria, Vishak Muthukumar, Sean Peisert, Chuck McParland, Anna Scaglione, "Hybrid Control Network Intrusion Detection Systems for Automated Power Distribution Systems", Proceedings of the 1st International Workshop on Trustworthiness of Smart Grids (ToSG), Atlanta, GA, IEEE Computer Society, June 23, 2014, 774-779, doi: 10.1109/DSN.2014.81
Tiancheng Chang, Sisi Duan, Hein Meling, Sean Peisert, Haibin Zhang, "P2S: A Fault-Tolerant Publish/Subscribe Infrastructure", Proceedings of the 8th ACM International Conference on Distributed Event Based Systems (DEBS), Mumbai, India, ACM Press, May 2014, 189-197, doi: 10.1145/2611286.2611305
Matt Bishop, Heather Conboy, Huong Phan, Borislava I. Simidchieva, George Avrunin, Lori Clarke, Lee Osterweil, Sean Peisert,, "Insider Detection by Process Analysis", Proceedings of the 2014 Workshop on Research for Insider Threat (WRIT), IEEE Computer Society Security and Privacy Workshops, San Jose, CA, IEEE Computer Society, May 18, 2014, doi: 10.1109/SPW.2014.40
Xiao Li, Zhifang Wang, Vishak Muthukumar, Anna Scaglione, Chuck McParland, Sean Peisert, "Networked Loads in the Distribution Grid", Proceedings of the 2012 APSIPA Annual Summit and Conference, Hollywood, CA, December 3, 2012,
Sean Peisert, Ed Talbot, Matt Bishop, "Turtles All the Way Down: A Clean-Slate, Ground-Up, First-Principles Approach to Secure Systems", Proceedings of the 2012 New Security Paradigms Workshop (NSPW), ACM, September 2012, doi: 10.1145/2413296.2413299
Matt Bishop, Justin Cummins, Sean Peisert, Bhume Bhumitarana, Anhad Singh, Deborah Agarwal, Deborah Frincke, Michael Hogarth, "Relationships and Data Sanitization: A Study in Scarlet", Proceedings of the 2010 New Security Paradigms Workshop (NSPW), Concord, MA, ACM, September 2011, 151-164, doi: 10.1145/1900546.1900567
Sean Whalen, Sean Peisert, Matt Bishop, "Network-Theoretic Classification of Parallel Computation Patterns", Proceedings of the First International Workshop on Characterizing Applications for Heterogeneous Exascale Systems (CACHES), Tucson, AZ, IEEE Computer Society, June 4, 2011,
Borislava I. Simidchieva, Sophie J. Engle, Michael Clifford, Alicia Clay Jones, Sean Peisert, Matt Bishop, Lori A. Clarke, Leon J. Osterweil,, "Modeling Faults to Improve Election Process Robustness", Proceedings of the 2010 Electronic Voting Technology Workshop/ Workshop on Trustworthy Elections (EVT/WOTE), Washinton, D.C., USENIX, August 2010,
Peter G. Neumann, Matt Bishop, Sean Peisert, Marv Schaefer, "Reflections on the 30th Anniversary of the IEEE Symposium on Security and Privacy", Proceedings of the 31st IEEE Symposium on Security and Privacy, Oakland/Berkeley, CA, IEEE Computer Society, May 2010, 3-13, doi: 10.1109/SP.2010.43
Sean Peisert, Matt Bishop, Laura Corriss, Steven J. Greenwald, "Quis Custodiet ipsos Custodes? A New Paradigm for Analyzing Security Paradigms", Proceedings of the 2009 New Security Paradigms Workshop (NSPW), The Queen's College, Oxford, United Kingdom, ACM, September 2009, 133-144, doi: 10.1145/1719030.1719041
Matt Bishop, Sean Peisert, Candice Hoke, Mark Graff, David Jefferson, "E-Voting and Forensics: Prying Open the Black Box", Proceedings of the 2009 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE), Montreal, Canada, USENIX, August 2009,
Matt Bishop, Sophie Engle, Deborah A. Frincke, Carrie Gates, Frank L. Greitzer, Sean Peisert, Sean Whalen, "A Risk Management Approach to the "Insider Threat"", Insider Threats in Cyber Security, "Advances in Information Security" Series, edited by Christian W. Probst, Jeffrey Hunker, Matt Bishop, (Springer: September 2010) Pages: 115-138 doi: 10.1007/978-1-4419-7133-3_6
Sean Peisert, Emma Stewart, Alex McEachern, Supporting Cyber Security of Power Distribution Systems by Detecting Differences Between Real-time Micro-synchrophasor Measurements and Cyber-Reported SCADA, 2016 DOE CEDS Peer Review, December 8, 2016,
Sean Peisert (moderator), Jill Gemmill, Michael Sinatra, Von Welch, National Cybersecurity Panel, NSF Campus Cyberinfrastructure/ESCC/The Quilt Colocated Meeting, October 20, 2016,
Lee Beausoleil, David Lombard, Angelos Keromytis, Sean Peisert, Panel: HPC Monitoring, NSCI: High-Performance Computing Security Workshop, September 30, 2016,
Sean Peisert, Security Expert on Why HPC Matters - Cybersecurity for HPC Systems: Challenges and Opportunities, NSCI: High-Performance Computing Security Workshop, September 29, 2016,
Sean Peisert, CENIC 2016 Conference Panel: Security in R&E Networks and Campus Environments, 2016 CENIC Annual Conference, March 22, 2016,
Sean Peisert, Computer Security & the Electric Power Grid, 15th Annual ON*VECTOR Photonics Workshop, March 1, 2016,
Sean Peisert, Security Research Using Cyber-Physical Systems, IT Security Symposium, June 16, 2015,
Sean Peisert, Models of Secure and Private Information Sharing, University of California, San Diego School of Medicine, Division of Biomedical Informatics Seminar Series, April 10, 2015,
Sean Peisert, Security for Computational Infrastructure for Financial Technology, DataLead 2014: Leading the Way in Big Data, Haas School of Business, UC Berkeley, September 30, 2014,
Sean Peisert, Challenges in Insider Threat Research, Workshop on Research for Insider Threat (WRIT), IEEE Security and Privacy Workshops (SPW), May 18, 2014,
Sean Peisert, Cyber Resilience Metrics, First International Symposium on Resilient Cyber Systems, Resilience Week 2013, August 13, 2013,
Sean Peisert, Health Informatics Minute: Aligning Organizational and Employee Computer Security Goals for Health Informatics, Seventh Annual Health Informatics Graduate Program Conference, March 22, 2013,
Sean Peisert, Institute for Information Infrastructure Protection (I3P), 10th Anniversary Event, The National Press Club, October 10, 2012,
Sean Peisert, Keynote Address: Computer Forensics In Forensis, Third International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering (IEEE/SADFE-2008) (held in conjunction with the 2008 IEEE Symposium on Security and Privacy), May 22, 2008,
Jonathan Ganz, Matt Bishop, and Sean Peisert, "Security Analysis of Scantegrity, an Electronic Voting System", University of California, Davis, Department of Computer Science Technical Report, June 2016,
Daniel Chung, Matt Bishop, and Sean Peisert, "Distributed Helios - Mitigating Denial of Service Attacks in Online Voting", University of California, Davis, Department of Computer Science Technical Report, October 16, 2015,
Sean Peisert, et al., "ASCR Cybersecurity for Scientific Computing Integrity - Research Pathways and Ideas", U.S. Department of Energy Office of Science report, September 2015, LBNL 191105, doi: 10.2172/1236181
Sean Peisert, et al., "ASCR Cybersecurity for Scientific Computing Integrity", U.S. Department of Energy Office of Science report, February 27, 2015, LBNL 6953E, doi: 10.2172/1223021
Sean Peisert and Steven Templeton, "The Hive Mind: Applying a Distributed Security Sensor Network to GENI- GENI Spiral 2 Final Project Report", UC Davis Technical Report, September 4, 2013,
Sean Peisert, Matt Bishop, "Dynamic, Flexible, and Optimistic Access Control", UC Davis CS Technical Report CSE-2013-76, July 2013,
Sean Peisert, "Fingerprinting Communication and Computation on HPC Machines", Lawrence Berkeley National Laboratory Technical Report, June 2010, LBNL LBNL-3483E,
Sean Peisert, Matt Bishop, Keith Marzullo, "What Do Firewalls Protect? An Empirical Study of Firewalls, Vulnerabilities, and Attacks", UC Davis CS Technical Report CSE-2010-8, March 2010,
Matt Bishop, Sean Peisert, "Your Security Policy is What???", UC Davis CS Technical Report CSE-2006-20, March 2006,
A Model of Forensic Analysis Using Goal-Oriented Logging, Sean P. Peisert, Ph.D. Dissertation, Dept. of Computer Science and Engineering, University of California, San Diego, March 2007,
"4th Workshop on Cyber Security Experimentation and Test (CSET ’11) Conference Report Summary", Sean Peisert, USENIX ;login:, November 2011,
"The Hive Mind Project - Digital Ants for Intrusion Detection", Sean Peisert, DETERlab Testbed Quarterly Newsletter, 2011,
Jason Adams, Monica Lieng, Brooks Kuhn, Edward Guo, Edik Simonian, Sean Peisert, JP Delplanque, Nick Anderson, "Automated Mechanical Ventilator Waveform Analysis of Patient-Ventilator Asynchrony", CHEST Journal, Pages: 175A October 2015, doi: 10.1378/chest.2281731
PURPOSE: Mechanical ventilation is a life-saving intervention but is associated with adverse effects including ventilator-induced lung injury (VILI). Patient-ventilator asynchrony (PVA) is thought to contribute to VILI, but the study of PVA has been hampered by limited access to the high frequency, large volume data streams produced by modern ventilators and a lack of robust analytics. To address these limitations, we developed an automated pipeline for breath-by-breath analysis of ventilator waveform data.
METHODS: Simulated pressure and flow time series data representing normal breaths and common forms of PVA were generated on PB840 ventilators, collected unobtrusively using small, customized wireless peripheral devices, and transmitted to a networked server for storage and analysis. Two critical care physicians reviewed all waveforms to generate gold standards. Rule-based algorithms were developed to quantify inspiratory and expiratory tidal volumes (TV) and identify PVA subtypes including double trigger and delayed termination asynchrony. Data were split randomly into derivation and validation sets. Algorithm performance was compared to ventilator reported values and clinician annotation.
RESULTS: The mean difference between algorithm-determined and ventilator-reported TVs was 3.1% (99% CI ± 1.36%). Algorithm agreement with clinician annotation was excellent for double trigger PVA and moderate for delayed termination PVA, with Kappa statistics of 0.85 and 0.58, respectively. In the validation data set (n = 492 breaths), double trigger asynchrony was detected with an overall accuracy of 94.1%, sensitivity of 100%, and specificity of 92.8%.
CONCLUSIONS: A pipeline combining wireless ventilator data acquisition and rule-based analytic algorithms informed by the principles of bedside ventilator waveform analysis allows for automated, quantitative breath-by-breath analysis of patient-ventilator interactions.
CLINICAL IMPLICATIONS: We have recently deployed this system in the medical intensive care unit of the UC Davis Medical Center, which will enable further development of mechanical ventilation analytics. We have begun to explore the use of supervised machine learning and dynamic time series modeling to improve the classification of other common types of PVA and of clinical phenotypes associated with respiratory failure. This system will help to better define the epidemiology and clinical impact of PVA and other forms of off-target mechanical ventilation, and may lead to improved decision support and patient outcomes.