Stacey Son

(Currently) Semi-retired.

stacey.jpg

3725 Turtlecreek Blvd

Apt D


Dallas, TX 75225

I am a former Senior Security Engineer for Apple, a FreeBSD and TrustedBSD contributer, and a co-founder of a successful cloud/hosting computing company. I like to void warranties.

I studied at Brigham Young University and received my Bachelor’s degree in Electrical Engineering in 1992. I continued on to work on my PhD while working fulltime as the manager of the College of Engineering’s computer labs (CAEDM). While completing my graduate coursework I created a lightweight virtualization environment in the BSD operating system (BSD/OS) that would group and isolate a set of processes and resources (memory, CPU, disk, etc.) into a seperate secure compartment. In short, I had created an early form of OS-level virtualization which became the foundation technology for the company iServer.com. I left my PhD program to persue the startup full time. iServer merged with the internet backbone provider Verio to become its internet server division. Verio went public on NASDAQ, trading under the symbol VRIO, with a market value exceeding $1 billion. Shortly after going public Verio was sold to Nippon Telegraph and Telephone Corpation (NTT) in a cash tender offer of $73/share or more than $5 billion, making it one of the highest grossing deals of the dotcom era.

After NTT/Verio I went into consulting. I did some consulting contracts with Apple working on getting its products certified for governement use by adding Mandatory access control (MAC) and secure event auditing in Mac OS. I also implemented a kernel module containing all Apple’s Corecrypto code as part of FIPS 140-2. This allowed Apple to achieve Common Criteria certification for their products so they could be sold to government agencies that required that level of certification.

After consulting for Apple I started consulting for SRI International and Cambridge University, working on the DARPA Clean-slate design of Resilient, Adaptive, Secure, Hosts or CRASH funded Capability Hardware Enhanced RISC Instructions or CHERI project. After the CRASH funding ended in 2015. I returned to Apple but as a fulltime employee to continue working on CHERI and other hardware and software security projects. I left Apple at the end of 2020 and I am currently semi retired.

latest posts

selected publications

  1. CHERI: A Hybrid Capability-System Architecture for Scalable Software Compartmentalization
    Robert N.M. Watson , Jonathan Woodruff , Peter G. Neumann , and 12 more authors
    In 2015 IEEE Symposium on Security and Privacy , 2015