Robin A. Gandhi | College of Information Science & Technology

Robin Gandhi, Ph.D.

he/him/his
Associate Dean for Research, Technology, and Facilities
Charles W. and Margre H. Durham Distinguished Professor
Professor, School of Interdisciplinary Informatics
College of Information Science & Technology

email:

rgandhi@unomaha.edu

office:

PKI 172B

office phone:

402.554.3363

department phone:

402.554.2380

office hours:

W 12:30pm to 1:30pm , By Appointment

Google Scholar:

https://scholar.google.com/citations?hl=en&user=o69yp-8AAAAJ

personal website:

https://robinagandhi.github.io

digital commons:

https://digitalcommons.unomaha.edu/do/search/?q=author_lname%3A%22Gandhi%22%20AND%20author_fname%3A%22Robin

note:

This profile is pulling in data from Digital Measures. Postings on personal websites or social media do not indicate that the individual is speaking on behalf of UNO.

General Information

Biography

Dr. Gandhi is a Charles W. and Margre H. Durham Distinguished Professor of Cybersecurity at the College of Information Science and Technology, University of Nebraska at Omaha. He serves as the Associate Dean for Research, Technology and Facilities in the college since Fall 2023. He previously served as the Director of the School of Interdisciplinary Informatics from Fall 2020 to Spring 2023. He received his Ph.D. in Information Technology from The University of North Carolina at Charlotte in 2008. His research interests are in the areas of software security engineering, requirements modeling and analysis, data preservation for scientific workflows, and system certification and accreditation. Since the security of systems is a design problem, his work focuses on developing and assessing models that promote problem-solving in security engineering activities. He has designed courses and training materials that promote a culture of software security engineering in the development processes. His efforts have brought software security engineering, as part of a larger systems certification perspective, to the forefront of the US federal assessment and authorization processes for IT systems. He also serves as a member of the Common Weakness Enumeration (CWE) board, and is the Associate Editor for the National Cyber Watch Cybersecurity Skills Journal (CSJ). In his spare time, he loves to go on bike rides with his kids and explore new trails.

Teaching Interests

Teaching as a profession fascinates me for its role in the continuous advancement of knowledge for myself and the society around me. In my opinion, learning takes place when students can pursue the relevance of the knowledge or skills acquired in class in the context of real-world case studies. Cognitive and tactical engagement with class materials is important for retention. Multimodal learning through personal elaboration, peer instruction, exploration, repetition, practice, and discussion is necessary for creative thinking and emphasizing different aspects of the knowledge gained. These theories continuously influence my teaching style in adapting to different learning abilities, goals and desires of students. My teaching related research pursuits have lead to the development of novel theories and implementation of concept inventories in cybersecurity education. While most learning-related assessments in academia and industry focus on understanding population or group performance, my research in teaching is attempting to explain and diagnose issues with learning at an individual level.

Research Interests

My other research interests are in the areas of information and software assurance, requirements engineering, knowledge-intensive software systems, Certification and Accreditation (C&A), software metrics and measures, and risk assessment.The government, defense, and private sectors spend billions of dollars every year to gain assurance in software systems that support their critical missions/businesses. A large portion of this money is also allocated for C&A activities because of the growing number of regulatory requirements (e.g. FISMA, HIPPA, SOX) and the dire consequences of not complying with them. If done properly, the utility of regulatory and standards compliance towards analyzing and measuring security risk as well as guiding engineering decisions is high. However, the complexity of software systems, numerous regulatory requirements, and the diversity of socio-technical environments, significantly challenge current approaches to understand and assess software dependability. The goal of my research is to develop theories and tools to address these issues in software security engineering. My research builds a foundational theory for understanding dependability requirements and associated operational risks. My work contributes to a multi-dimensional understanding of dependability requirements by taking into account the nexus of constraints, and causal chains in a socio-technical environment where a software system is expected to operate. From the early stages of software development, such understanding produces a reasoned, audit-able argument for software assurance supported by meaningful evidence from the C&A and risk assessment processes.Large amounts of data are now available from sensing platforms. The problem is how to use it to use it in support of decision-making. As we move toward autonomous operations, data trustworthiness in a distributed processing environment is a challenging design problem. For example, Artificial Intelligence (AI) and Machine Learning (ML) at the edge with Internet of Things (IoT) devices challenge the traditional endpoint security or server-based architectures. System boundaries and membership criteria are necessary to enforce security policies for digital objects in a distributed computing environment. My current research focuses on identifying data representation formats that are necessary and sufficient for the expression of multi-level confidentiality and integrity of data in a smart-data pipeline. In particular, such representation formats would need to support the negotiation of security and privacy requirements during missing planning with a third-party organization or allies in a hostile environment.

Service Summary

Dr. Gandhi is highly active in service-related activities at the university, local, national, and international levels. He has held several leadership positions within the college and the university. He has also served on several national-level committees and open communities related to cybersecurity and data standards. He also serves as the Research Associate Editor for the Cybersecurity Skills Journal and has supported special issues on critical issues such as workforce standards and diversity in cybersecurity. He is a member of the Common Weakness Enumeration (CWE) board.

Awards and Honors

Charles W. and Margre H. Durham Distinguished Chair of Information Science and Technology, Scholarship/Research - 2015

UNO Alumni Outstanding Teaching Award, Teaching - 2014

Excellence in Research Award , Scholarship/Research - 2014

USSTRATCOM Fellows Program Teamwork Award Recognition, Scholarship/Research - 2016

Education

BS, Sardar Patel University, Vidyanagar, Gujarat, India, Electronics Engineering, 2000

MS, The University of North Carolina at Charlotte, Charlotte, NC, USA, Computer Science, 2001

Ph D, The University of North Carolina at Charlotte, Charlotte, NC, USA, Information Technology, Software and Information Systems, 2008

Scholarship/Research/Creative Activity

Selected Publications

Gandhi, Robin, Khazanchi, Deepak, Linzell, Daniel, Ricks, Brian, Sim, Chungwook. 2018. The Hidden Crisis: Developing Smart Big Data pipelines to address Grand Challenges of Bridge Infrastructure health in the United States, ISCRAM 2018 Conference Proceedings – 15th International Conference on Information Systems for Crisis Response and Management, 1016-1021.

Avande, Mahugnon, Gandhi, Robin, Siy, Harvey. 2020. Understanding user engagement with multi-representational license comprehension interfaces, International Journal of Open Source Software and Processes (IJOSSP), IGI-Global, 11, 4, 27-45.

Gandhi, Robin, Lee, Seok-Won. 2010. Discovering Multi-dimensional Correlations among Regulatory Requirements to Understand Risk, Transactions of Software Engineering, ACM.

Tobey, David, Gandhi, Robin, Watkins, Alan, Casey, O'Brien. 2018. Competency is Not a Three Letter Word: A Glossary Supporting Competency-based Instructional Design in Cybersecurity, Cybersecurity Skills Journal: Practice and Research.

Gandhi, Robin, Sharma, Anup, Mahoney, William, Sousan, William, Zhu, Qiuming, Laplante, Phillip. 2011. The Social, Political, Economic, and Cultural Dimensions of Cyber Attacks, IEEE Technology and Society.

Externally Funded Research

SMART Analytics for Critical Infrastructure inside a Resilient Data Fabric (SMART-RDF), U.S. Army Corps of Engineers, Federal, 01/01/2023 - 12/31/2024

Spokes:MEDIUM:MIDWEST: SMart big data pipelines for Aging Rural bridge Transportation Infrastructure (SMARTI), National Science Foundation, Federal, 09/01/2018 - 08/31/2023

Development of a Robust, Nationally Accessible Cybersecurity Risk Management Curriculum for Technical and Managerial Cybersecurity Professionals, University of Illinois at Urbana-Champaign, Universities, 09/29/2021 - 09/28/2022

Fundamental Security Design Principles Concept Inventory, National Security Agency, Federal - present

2022 Nebraska GenCyber, National Security Agency, Federal, 07/25/2022 - 07/24/2024

Service

Administrative Assignments

Director, 08/17/2020