C, C++, Python, Lua, ASM, Bash, SystemVerilog
GNU toolchain, Git, Travis, Jenkins, CMake, Lauterbach Trace32, GoogleTest and GoogleMock, OpenEmbedded, Puppet, MySQL, vim, Puppet, Ansible, Docker, KiCad
x86, low-level ARM (including TrustZone), custom architectures including DSP
GNU/Linux (rpm/deb/embedded), Linux kernel, bare metal
Intel FPGA tools, Icarus Verilog, Verilator, Logic Analyzers, Oscilloscopes, JTAG, Kicad PCB design, PCB assembly
Software engineer and leader with over 13 years proven commercial experience with a focus on low-level and systems software including security, hardware bringup, kernel development, libraries and development tools. I have extensive experience in all aspects of the software life-cycle and use best practices including Test Driven Development and Agile methods to produce clean code. I have experience in leading and growing international, distributed teams of software engineers.
My specialities include software security, technical leadership, test driven development, Linux OS development (kernel + userspace), network processing, low level interface design/architecture, C, C++, Python.
Software Development Director
January 2012 - present
Head of engineering for the Ksplice team, providing rebootless updates for Linux operating systems, reporting to the VP of Linux and Virtualisation. I joined the team in January 2012 as a Senior Developer before leading the team responsible for releasing over 200,000 rebootless updates per year for security fixes to customers with critical systems.
- Leading a global, remote team of 18 engineers, including hiring.
- Development of the Ksplice core technology in both the C/C++ tools and kernel modules including support for new kernel versions, compatibility with DTrace for Linux, enhanced debugging and new patching features.
- Developed proof-of-concept reproducers for CPU side-channel vulnerabilities including Meltdown+L1 Terminal Fault and made recommendations for Oracle's OS mitigation response.
- Analysis of kernel security vulnerabilities, developing reproducers and live patches to fix the vulnerability.
- Led the engineering of Ksplice for user-space processes on Oracle Linux from proof-of-concept to production. Implemented the Ksplice core to analyze ELF object files and running processes on Linux using C++, Boost, Python, ptrace, GoogleTest+GoogleMock. This work enabled Oracle Linux to be the only Linux distribution capable of live-patching user-space for high profile vulnerabilities such as DROWN, and glibc CVE-2015-7547 (DNS stack buffer overflow).
- Developed a Python based regression test suite for the Ksplice tools and new Python based tools for Ksplice update production and analysis.
- Migrated the software stack to Oracle technologies based on Oracle Linux 6.
- Championing modern software development techniques including Test Driven Development throughout the team.
Embedded Software Engineer
October 2011 - January 2012
Development of security testing framework including secure communications and embedded Linux hardening guidelines.
Principal Software Engineer
June 2006 - September 2011
- Ported Linux to three ARM1176JZ-S based SoC devices (picoxcell) with drivers for cryptographic offload, the picoArray DSP, One Time Programmable memory, eFuses, clock gating and power management and assisted in hardware bringup and silicon validation. This included work with the Open Source Community to include Picochip code into upstream projects.
- Development of an bare-metal ARM application to enable high-throughput and low latency communications between the picoArray DSP and a remote host over a raw Ethernet link.
- Development of a secure hypervisor utilizing ARM TrustZone providing secure services to a Linux system.
- Design and implementation of Linux APIs and applications to enable communication with Picochip peripherals including an intelligent debug server.
- Replaced the proprietary BSP build system with OpenEmbedded to produce a scalable build system and reduce the porting effort for customer boards.
- Implemented an automated regression system for testing of the BSP and hardware platforms.
- Optimization of cryptographic services for femtocell stack software, decreased CPU utilization of ciphering by 30%.
- Promoted the use of Open Source Software within Picochip and the development of an Open Source Policy.
I am a Chartered Engineer, registered with the Institution of Engineering and Technology in August 2016.
University of Bristol
2002 - 2006
First Class MEng (Hons), Computer Systems Engineering
Final year project produced an application to automatically generate parameters for an audio parametric equaliser using cepstrum analysis and genetic algorithms based on a sample audio source for home studios. Units undertaken included advanced computer architecture, mobile and ubiquitous systems, information security and cryptography.
80186 Compatible CPU
May 2016 - present
I implemented a very compact microcoded Intel X86 (80186) binary compatible processor core in SystemVerilog, unit testing with Verilator and GoogleTest, an FPGA based reference design and C BIOS that runs unmodified MS-DOS, FreeDOS and others. The CPU implements the full 80186 programmers model, adding JTAG for remote debug. The System-on-chip has a VGA controller, cache, timers, interrupt controller and PS/2 controllers. I built two custom 4-layer PCBs using fine-pitch BGA+QFP components and an Intel MAX 10 as a development platform along with an Intel 8088 pin compatible FPGA module.
April 2013 - April 2015
I created the Oldland CPU, a custom, 32-bit RISC soft CPU in Verilog that runs on an FPGA. This is a full featured SoC and includes TLBs, caches, privilege modes, and a number of peripherals including an SPI controller, programmable interrupt controller, timers, GPIO and UART. I ported GNU binutils+gcc, u-boot and the RTEMS RTOS to this architecture.
Hobbies and Interests
I enjoy playing blues and rock guitar, learning hardware design with FPGAs, running, and cycling.