Dr. Owen Redwood

Chief Research Officer

Dr. Owen Redwood is the Chief Research Officer and Interim Executive Director at the Nebraska Applied Research Institute (NARI). Dr. Redwood earned his M.S. and Ph.D. degrees in Computer Science from Florida State University, focusing on vulnerability research and virtualization research of cyber physical systems. Dr. Redwood earned his B.S. in Computer Science from the Georgia Institute of Technology. His research background spans information technology (IT) and operational technology (OT) vulnerability research, reverse engineering, cyber physical systems virtualization research, hybrid approaches for static/dynamic/symbolic analysis, physical-impact payload development, and automated exploitation and mitigation. Dr. Redwood also created and maintains the “Offensive Computer Security” online open-courseware, which has been adopted by faculty members at over 20 universities and is the world’s top open-courseware on vulnerability research and exploitation. Formerly, Dr. Redwood was a member of the Raytheon Deep Red team for the DARPA Cyber Grand Challenge, where he focused on automating vulnerability discovery, vulnerability mitigation, and exploitation. He also previously worked for Sandia National Labs and another government cybersecurity research and development organization focusing on securing critical infrastructure. Dr. Redwood’s past cyber physical system vulnerability research has covered devices in energy critical infrastructure, oil/gas critical infrastructure, maritime systems, vehicular systems, building automation systems, and more. Dr. Redwood has Global Industrial Cyber Security Professional (GICSP) and Certified Information Systems Security Professional (CISSP) certifications.

My Sessions

Prairie Storm: A 3-Day ICS Incident Exercise

Main Stage

In April of 2019, the Nebraska Applied Research Institute (NARI) built and hosted the 3-day live Prairie Storm exercise for a Midwest Power company, their local first responders (their state’s air national guard cyber protection teams) with support and observers from US Cyber Command, and other guard units. Prairie Storm had real control systems, configured […]

Detection & Response