Sam Weber obtained his Ph.D. in Computer Science at Cornell University, with a thesis on specification and verification. After graduating, he was a faculty member at both Cornell and the University of Pennsylvania, and then spent more than 11 years as a researcher at IBM’s T.J. Watson Research Center. For almost four years he was program director of the National Science Foundation’s Secure and Trustworthy Cyberspace and Trustworthy Computing programs. In the past, Weber was also a member of the computer science grant committee for Canada’s National Sciences and Engineering Research Council (the Canadian NSF-equivalent).

Weber has experience in both academic research and more immediately practical endeavors. The latter includes multiple on-site IBM customer engagements, where he was deployed to solve reliability or security issues in customer applications that regular IBM support was unable to solve. He also found security issues in various commercial products, allowing them to be fixed before they were exploited.

Weber’s recent research focus has been on software engineering for secure and reliable systems. As part of this, he investigated meeting high-level security evaluation criteria by using feedback-directed automated testing tools and designed and implemented a security evaluation tool for service-oriented architecture devices. Related work led to his discovery of a security flaw in Java’s Remote Method Invocation mechanism that allowed remote attackers to crash Java servers. Previously, Weber’s work has included formally specifying and verifying the information confinement mechanism of an operating system.


1995 Ph.D., Computer Science, Cornell University

1989 MSc, Computer Science, University of Toronto

1987 BSc, Mathematics, Computer Science, University of Toronto