As cyber threats grow, innovations in cybersecurity, semiconductors, national security, and IoT are critical to protecting infrastructure, data, and public safety.
Florida Institute for Cybersecurity
UF cybersecurity professor Kevin Butler, Ph.D., developed the framework that helps countries prevent fraud and abuse on mobile cash apps. Cash apps are the prominent form of banking in Africa, South America and Southeast Asia, and it can leave people vulnerable to losing their life savings.
As mobile-money services were growing at a rapid clip in the developing world 10 years ago, UF computer scientists and cybersecurity experts Butler and Patrick Traynor, Ph.D., were early sentinels, raising concerns about the lack of security that could lead to real problems for the user.
In a 2014 study, the two CISE professors uncovered security vulnerabilities of mobile cash apps, especially in the Global South, where such technologies were becoming essential in the absence of robust banking systems.
“Our early work uncovered issues of security and privacy when using finance apps,” said Butler, director of the Florida Institute for Cybersecurity Research at UF. “We showed these apps could be hacked, and the consumer has no recourse. We’re often talking about populations where they have very little money to start with, so any type of hack could wipe them out.”
Butler and his colleagues have developed a comprehensive framework for securing mobile money applications that earlier this year was ratified and endorsed by the International Telecommunications Union, a United Nations specialized agency, marking a significant step toward safer digital financial transactions worldwide. All United Nations member states voted to endorse these recommendations.
The framework includes 120 detailed recommendations and controls designed to systematically secure every facet of the financial ecosystem, ensuring comprehensive protection for users and transactions. While the recommendations are non-binding, they are widely followed by telecom providers due to their high quality and the interoperability they provide among networks.
Butler said their work focused on all stakeholders in the digital finance ecosystem, including the user with a smartphone, the phone manufacturer who is responsible for the security of the phone, the cellular networks, base stations, telecommunications providers and third-party regulators.
“We addressed each of the participants and identified what threats they face and the risks, and we provided recommendations for ensuring those risks are mitigated through the system,” Butler said.
Mobile transactions through apps (like those used in the United States, including PayPal and Zelle) are important to people who don’t have easy access to banking. In fact, mobile money transactions account for about 59% of the gross domestic product in Kenya, according to a Forbes report. A similar trend is taking place in South America, Asia and India, Butler said.
Butler and Traynor’s research revealed a variety of vulnerabilities, including a popular payment app based in India that appeared to use encryption to protect user data but failed to do so securely. They found the app transmitted sensitive data to its server without encryption, only encrypting it afterward. This lapse in protection could expose users’ personal information to potential theft during the unprotected transmission step.
Another app used encryption but relied on a weak key — a fixed series of eight characters followed by the user’s phone and account numbers — making it easy for attackers to decode.
“We looked at this from many angles and created the list of recommended controls to thoroughly safeguard all parts of the digital finance network,” Butler said.
With the digital finance security framework complete, Butler is working to help deploy the recommendations, meeting with stakeholders in several countries. He recently presented best practices for secure mobile banking systems in Jakarta. He also co-chaired the Security, Infrastructure, and Trust Working Group under the Financial Inclusion Global Initiative, a collaboration involving the United Nations, World Bank, and Bank for International Settlements.
Additionally, the International Telecommunications Union is conducting security clinics across Sub-Saharan Africa that incorporate many of the document’s recommendations. Clinics have already been held in Uganda, Zambia, Zimbabwe, and Tanzania, aimed at empowering local stakeholders with the knowledge and tools necessary to enhance the security of mobile money applications.
“By fostering collaboration and providing targeted training, the International Telecommunications Union is helping to bolster the resilience of the financial ecosystem in these regions,” Butler said.
Florida Institute for National Security
When Engineering graduates attain jobs with the government, defense contractors, or any company that requires authorizations to work, they usually do not hit the ground running on Day 1. Or Day 2. Or Month 12.
The authorization process for new employees can take up to a year, which causes considerable problems for employers eager to integrate newly acquired talent and for graduates eager to put their degrees to work.
But a University of Florida program piloted by the Florida Institute for National Security (FINS) is eliminating these background delays for participating undergraduates of the Herbert Wertheim College of Engineering. Now in its second semester, the FINS Talent Pipeline (FTP) not only pre-screens students for national defense jobs but also provides mentors and connects students to prospective employers early in their undergraduate studies.
The goal: By the time they graduate, undergraduate students will have jobs they can start immediately.
“The problem is when you have graduates coming out of college and getting jobs with, say, the federal government or defense contractors in positions that require authorization. But the process takes a significant amount of time,” said UF professor Damon Woodard, Ph.D., director of the Florida Institute for National Security and FTP lead.
“Background screening can take upwards of a year,” he added. “They can’t start working until that process is completed, causing productivity issues. In some cases, the employer might lose the new employee because they are waiting and waiting. Graduates will say, ‘Well, maybe I can just go get another job.’”
FTP is funded by a strategic grant from the UF president’s office and is designed to increase UF’s profile in national security.
The program is anchored by sessions that focus on navigating the employment landscape, zeroing in on specific employer needs, and working closely with companies – including local – who rely on top-quality UF Engineering graduates, particularly Lockheed Martin, Leidos, and L3 Harris Technologies.
“First and foremost, the FINS FTP program addresses talent shortages in areas of national need, specifically artificial intelligence and security,” noted UF professor Domenic Forte, Ph.D., associate director of FINS and a key player in the FTP initiative.
There are more than 457,000 cybersecurity job openings in the United States, according to cyberseek.org. The growing need for increased cybersecurity protection is driving much of the demand for qualified Engineering graduates. The global cybersecurity workforce grew by 12.6% between 2022 and 2023, but a significant talent shortage remains. The cybersecurity industry needs 4 million workers worldwide, according to the World Economic Forum.
“Delays in filling critical roles or hiring unsuitable candidates can be costly for companies, particularly when authorized personnel are essential. The FINS Talent Pipeline program reduces the financial burden of long authorization processing times or employee turnover, leading to cost savings for public and private sector organizations,” added Forte.
“The program involves partnerships between industry and UF, helping to align educational curricula with the specific needs of the security industry.”
In the FTP sessions, students are trained on UF’s supercomputer, HiPerGator, and delve into undergraduate research, specifically AI and its relationship with national security.
“We are very focused on artificial intelligence for national security, which makes these students very attractive to various employers,” Woodard said.
FTP students are trained in technical writing, oral communication, and pitching ideas.
“This is as important as their technical ability,” Woodard said. “I tell the students you may be in an elevator with a CEO one day, and you have two minutes to tell them what you are working on.”
Another critical element is early networking with potential employers.
There were 15 students in the program during the 2024 fall semester, and Woodard hopes to double that as the program evolves. Plus, Woodard noted, companies have been inquiring about instituting an FTP program at the graduate-school level.
For now, FTP accepts applications from domestic students from all engineering majors in their second or third year.
“Throughout the program, I have had the opportunity to meet so many incredible faculty and professionals who possess extensive experience working in government, industry, and entrepreneurship,” said FTP student Paige Anderson, a senior computer science major from Ohio who plans to go to graduate school.
With a background in national security, Woodard contends the initiative will continue to make UF graduates more attractive to companies with big stakes and high salaries.
“I guess this is a little bit of an obsession for me,” he said. “Working with these organizations over the years, I have a pretty good idea of what’s needed, and we need as many people as possible. National security affects everyone, so I think this is a golden opportunity for UF.”
Florida Semiconductor Institute
The Florida Semiconductor Institute (FSI), headquartered at the University of Florida, is leading a transformative movement in semiconductor technology. Serving as the statewide hub for research, development, and workforce initiatives, FSI is driving Florida toward global leadership in specialty electronics.
As technology evolves, so too does the need for cutting-edge solutions in fields ranging from healthcare to cybersecurity. With its wealth of expertise in emerging materials, chip design, process development, microsystems, heterogeneous integration, advanced packaging, and cybersecurity, FSI is pioneering research that will have far-reaching impacts across industries.
In collaboration with UF faculty, FSI is tackling critical global issues, such as counterfeit chip detection and advanced medical technologies aimed at treating neurodegenerative diseases, pain, and mental health disorders.
Counterfeit chip detection and prevention — a crucial issue in national security – Navid Asadi, Ph.D., associate professor in the Department of Electrical and Computer Engineering (ECE), director of the SCAN Lab, associate director of the Micro-Electronics Security Training (MEST) Center, and R&D deputy director of FSI. His team works on developing advanced detection methods for counterfeit chips, including physical examination, reverse engineering, and vulnerability analysis. They examine the IC package exterior, interior, and range via visual inspection and high-tech imaging solutions that require X-ray microscopy, Infrared imaging, transmission electron microscopy (TEMs), focused ion beams (FIBs), THz imaging, Electron Dispersive Spectroscopy (EDS), and more.
FSI’s collaboration with the UF Nanoscience Institute for Medical and Engineering Technology (NIMET) is pushing boundaries of medical technology. Researchers, including Jack Judy, Ph.D., director of NIMET and FSI’s deputy director for workforce development, are developing advanced bioelectronic interfaces to interact with the human nervous system. These interfaces were originally designed for the semiconductor industry but are now being adapted to treat conditions like neurodegenerative diseases, chronic pain, and addiction.
Adam Khalifa, Ph.D. ECE assistant professor and FSI faculty member, is working on a project funded by the National Institutes of Health to develop medical procedures more precise and less invasive with wireless microdevices that can be injected rather than surgically implanted. These devices use electrical stimulation to treat diseases like Parkinson’s, epilepsy, and mental health disorders.
Khalifa was awarded a $1.5 million New Innovator Award last fall. This award supports creative early career investigators to pursue innovative, high-impact projects.
At the heart of these three innovations is advanced semiconductor packaging, which enables devices to be smaller, more efficient, and more reliable. With bioelectronics, microdevices, and imaging technologies, semiconductor packaging is crucial for making these advancements applicable in real-world settings to address global health and safety needs.
As the world moves toward an increasingly digital future, FSI is driving research and development in healthcare, cybersecurity, and energy. It is shaping the future of the semiconductor industry and ensuring that Florida remains a global hub for high-tech solutions.
FSI is not only advancing semiconductor technology but is also helping define a healthier, safer, and more connected world.
National Security Foundation
Center for Privacy and Security of Marginalized and Vulnerable Populations
Computing systems and services have become ubiquitous in modern society and are deeply embedded in people’s daily lives. However, as practices and technologies for computing security and privacy emerge in this rapidly changing technological landscape, the needs of marginalized and vulnerable populations have been largely unaddressed, as have the consequences of their exclusion.
Only recently have we seen initial work to characterize the security and privacy needs of users in marginalized and vulnerable communities and to understand the unique threats and risks they face. These independent investigations that tailor analysis toward individual populations are necessary, but they do not provide a holistic means to comprehensively systematize the similarities and differences in the security and privacy needs of marginalized communities. This limits our ability to design security interventions to protect the most marginalized of users.
The Center for Privacy and Security of Marginalized and Vulnerable Populations funded by the National Science Foundation focuses on examining three major themes: assessing the security and privacy needs of marginalized and vulnerable populations, informing and co-creating solutions that intersect with current and emerging technologies, and systematizing and applying foundational design principles.
The first area involves quantitative and qualitative human-centered research methods and direct community input to address the unique challenges and needs of different populations. The second area involves identifying how technology can be leveraged or reimagined to address these needs through methodologies that consider security and privacy goals for systems and data. The final area involves iteratively synthesizing lessons and experiences from the previous two areas to support integrating security, privacy, and safety needs of marginalized and vulnerable populations into future technology design and researcher efforts.
The project creates a multi-institution, multi-disciplinary effort to develop a holistic approach to security and privacy for marginalized and vulnerable populations. Ambitious goals include creating security and privacy design principles that can mitigate harm and improve the benefit of technology for those populations. These principles are based on strong technical foundations, social science theory, and direct collaboration with the communities; they are synthesized through sustained investigation of different marginalized populations and their needs and the existing and emerging technologies with which they interact.
PRISM is led by Kevin Butler, Ph.D., along with UF investigators Eakta Jain, Ph.D., an associate professor in the Department of Computer and Information Science and Engineering (CISE), and Patrick Traynor, Ph.D., a professor in CISE. Current research at the center includes projects by several Ph.D. students: Ana Crowder studies censorship measurement and user experience with deepfake audio under the guidance of Butler; Magdalena Pasternak, also advised by Butler, is focusing on cybersecurity; and Ethan Wilson, advised by Jain, is exploring computer graphics, computer vision, and machine learning.
Warren B. Nelms Institute for the Connected World
In recent years, there has been a significant push toward greater connectivity, increased automation, and the smarter utilization of technology to revolutionize industries, particularly through the Internet of Things (IoT).
But how do we know connected devices are safe, secure, and efficient? How can we create smarter and connected communities while reducing hazards, mitigating cybersecurity threats, and improving global well-being? The Warren B. Nelms Institute for the Connected World is working to address these concerns.
The institute is advancing research, education, and outreach in core aspects of IoT technology and its convergence with artificial intelligence, known as Artificial Intelligence of Things or AIoT. The institute’s mission centers around developing groundbreaking AIoT solutions and their innovative applications to address global challenges.
“Most of what we do at the Nelms Institute is focused around developing better, safer, more efficient connected devices and networks in the sphere of AIoT,” said Swarup Bhunia, Ph.D., director of the Nelms Institute. “And when we take those technologies and apply them in novel and exciting ways, we can make a really big global impact.”
Nelms research spans a wide range of topics with applications in public health, construction, energy, agriculture, manufacturing, and workforce development.
NQR technology for medicine and food safety
Nuclear Quadrupole Resonance (NQR) technology is revolutionizing global health and safety by providing innovative solutions to critical challenges. This advanced spectroscopy technique allows for non-invasive, on-site detection of illegal substances and authentication of pharmaceutical substances. It serves as a powerful tool to combat illegal distribution of controlled substances as well as counterfeit and tampered medications, packaged foods, and supplements in modern supply chains.
“NQR offers a transformative solution for low-cost chemical analysis that ensures safety and authenticity,” said Kelsey Horace-Herron, a Ph.D. student in the Nelms Institute. “Its potential to impact our medicine, food, and supplement sectors on a global scale is unmatched.”
NQR’s applications also address broader safety concerns. Current research is exploring its use in agricultural and food safety, including the development of a hand-held, NQR-based scanner for detecting harmful additives in fruits and vegetables. This scanner would provide a unique, reliable method to verify produce quality, promoting trust and transparency across global markets.
Enhancing security in autonomous vehicles
As today’s vehicles are embedded with more electronic components and software to support autonomous features, they become more like connected computers on wheels than traditional cars. This means they face cybersecurity threats. Hackers can gain access to the computer-driven features in a vehicle or even send misleading communications to “confuse” its communication or sensor systems. UF’s Sandip Ray, Ph.D., is pursuing ways to enhance security in autonomous vehicles using virtual environments, like an automotive simulator system.
“We are trying to do two things. One is to figure out how modern vehicles can be made safer, and the other is to figure out how to make people aware of the safety issues,” Ray said. “If a car breaks down, you don’t really think it’s been hacked, but it can be. Often, it’s easier to hack your car than your computer.”
Wearable sensors for post-surgery patient safety
Bhunia is collaborating with R. James Toussaint, M.D., chief of UF’s foot and ankle division in the department of Orthopedic Surgery and Sports Medicine, to develop a system of wearable sensors to help with post-surgery care and remote monitoring for foot and ankle patients.
The sensors, which can be inserted into the sole of a shoe or pasted on a limb, can measure things like pressure, temperature, and force, ensuring patients are following post-surgery care instructions. With real-time alerts, doctors and patients would be able to correct any missteps to facilitate better healing. This unique sensor system could even be applied to a wide range of other uses, such as performance measurements in sports and real-time feedback in fitness training.
