Rich Pethia


Richard Pethia is the manager of the Networked Systems Survivability Program at the Software Engineering Institute (SEI). The CERT® Coordination Center is also a part of this program.

Pethia has managed the NSS Program since 1995. The NSS program improves both practices and understanding of security and survivability issues relating to critical information infrastructures. The NSS program draws heavily on the security incident and vulnerability data gained from its CERT® Coordination Center (CERT/CC) to further applied research and development efforts. The SEI has operated the CERT/CC since 1988, and has provided a central response and coordination facility for global information security incident response and countermeasures for threats and vulnerabilities.

Prior to joining the SEI, Pethia was director of engineering at Decision Data Computer Company, a computer system manufacturer in Philadelphia, Pennsylvania. There he was responsible for engineering functions and resource management in support of new product development.

Pethia also was manager of operating systems development for Modular Computer Corporation in Fort Lauderdale, Florida. While there he lead development efforts focused on real-time operating systems, networks, and other system software in the application areas of industrial automation, process control, data acquisition, and telecommunications.

The various testimonies that Pethia has given include testimony to the U.S. House Committee on Science, Subcommittee on Technology hearing, The Melissa Virus: Inoculating Our Information Technology From Emerging Threats, about the effects of the Melissa computer virus and possible actions to prevent future viruses from impacting networks (April 1999). He also reported to the U.S. Senate Committee on Governmental Affairs, Permanent Subcommittee on Investigations about trends in computer security, incidents on the Internet and near-term steps to address problems (June 1996).

Presentations that Pethia has given include one entitled Computer Security Incident Trends and Predictions for the Interpol/Federal Bureau of Investigation Conference (February 1999). Others are Security Incident Data Sharing and Analysis for the Information Sharing Conference held by the Critical Infrastructure Assurance Office at the White House Conference Center (January 1999) and Computer Crime Update: Trends in Criminal Tradecraft for the U.S. Department of Justice Computer Telecommunications Coordinators Conference (February 1998). Pethia also gave a report titled Report to the President's Commission on Critical Infrastructure Protection (co-author), CERT® Coordination Center, Software Engineering Institute, Carnegie Mellon University (January 1997)