Ben Ransford, Ph.D.
Publications | Software

I'm an engineer at Stripe.

Before that, I co-founded the first medical device security company, Virta Laboratories, Inc., to make security less painful for healthcare providers. We built completely novel hardware to passively detect anomalous device behavior, then pivoted into asset management and device discovery (which we open-sourced). I led product & engineering, then the entire company.

Before that, I was a postdoc at the University of Washington, working on energy-harvesting computers and approximate computing with Luis Ceze, Josh Smith, Shyam Gollakota, Brandon Lucia, Adrian Sampson, and many amazing students. My projects at UW included revisiting integrity checking throughout the Linux networking stack, safely powering embedded devices using only Wi-Fi radio waves, and an open-source library for RFID reader control.

Before that, I was a Ph.D. student in computer science at UMass Amherst and a member of Kevin Fu's SPQR lab. We published the first study of medical device security in 2008, which later won a Test of Time award from the IEEE Symposium on Security & Privacy (“Oakland”). I designed & built the first general-purpose software stack for energy-harvesting computers; it worked well enough to inspire much better work by others later on. I am forever grateful to the National Science Foundation for appointing me a Graduate Research Fellow.

In the interstices, I've consulted on threat modeling, cryptographic protocols, regulatory compliance, ultra wideband communications, and RFID.

I've also had many papers rejected, come up with terrible ideas that didn't work out, and grappled with impostor syndrome. Like most people!

I'm the proud adoptive parent of ſ, the Unicode character U+017F Latin small letter long s.


Generated from my BibTeX file with bibble; most recent first. Also see my Google Scholar profile.

  Cybersecurity and medical devices: A Practical guide for cardiac electrophysiologists.
Benjamin Ransford, Daniel B. Kramer, Denis Foo Kune, Julio Medeiros, Chen Yan, Wenyuan Xu, Thomas Crawford, and Kevin Fu.
Pacing and Clinical Electrophysiology.
March   Powering the Next Billion Devices with Wi-Fi.
Vamsi Talla, Bryce Kellogg, Benjamin Ransford, Saman Naderiparizi, Joshua R. Smith, and Shyamnath Gollakota.
Communications of the ACM 60(3).
  Powering the Next Billion Devices with Wi-Fi.
Vamsi Talla, Bryce Kellogg, Benjamin Ransford, Saman Naderiparizi, Shyamnath Gollakota, and Joshua R. Smith.
ACM CoNEXT. Best Paper nominee; Popular Science Best of What's New 2015 Winner.
conference bbc popsci techreview wired
October   SAP: an Architecture for Selectively Approximate Wireless Communication.
Benjamin Ransford and Luis Ceze.
arXiv:1510.03955 [cs.NI].
June   A Simpler, Safer Programming and Execution Model for Intermittent Systems.
Brandon Lucia and Benjamin Ransford.
36th annual ACM SIGPLAN conference on Programming Language Design and Implementation (PLDI).
May   Powering the Next Billion Devices with Wi-Fi.
Vamsi Talla, Bryce Kellogg, Benjamin Ransford, Saman Naderiparizi, Shyamnath Gollakota, and Joshua R. Smith.
arXiv:1505.06815 [cs.NI].
April   WISPCam: A Battery-Free RFID Camera.
Saman Naderiparizi, Aaron N. Parks, Zerina Kapetanovic, Benjamin Ransford, and Joshua R. Smith.
IEEE RFID. Best Paper nominee.
January   ACCEPT: A Programmer-Guided Compiler Framework for Practical Approximate Computing.
Adrian Sampson, Andre Baixo, Benjamin Ransford, Thierry Moreau, Joshua Yip, Luis Ceze, and Mark Oskin.
Technical Report UW-CSE-15-01-01, Computer Science and Engineering, University of Washington.
  Nonvolatile Memory is a Broken Time Machine.
Benjamin Ransford and Brandon Lucia.
ACM SIGPLAN Workshop on Memory Systems Performance and Correctness.
March   Approximate Semantics for Networked Applications.
Benjamin Ransford, Adrian Sampson, and Luis Ceze.
Workshop on Approximate Computing Across the System Stack.
  Current Events: Identifying Webpages by Tapping the Electrical Outlet.
Shane S. Clark, Hossen Mustafa, Benjamin Ransford, Jacob Sorber, Kevin Fu, and Wenyuan Xu.
Proceedings of the 18th European Symposium on Research in Computer Security (ESORICS).
conference abstract...
Computers plugged into power outlets leak identifiable information by drawing variable amounts of power when performing different tasks. This work examines the extent to which this side channel leaks private information about web browsing to an observer taking measurements at the power outlet. Using direct measurements of AC power consumption with an instrumented outlet, we construct a classifier that correctly identifies unlabeled power traces of webpage activity from a set of 51 candidates with 99% precision and 99% recall. The classifier rejects samples of $441$ pages outside the corpus with a false-positive rate of less than 2%. It is also robust to a number of variations in webpage loading conditions, including encryption. When trained on power traces from two computers loading the same webpage, the classifier correctly labels further traces of that webpage from either computer. We identify several reasons for this consistently recognizable power consumption, including system calls, and propose countermeasures to limit the leakage of private information. Characterizing the AC power side channel may help lead to practical countermeasures that protect user privacy from an untrustworthy power infrastructure.
August   WattsUpDoc: Power Side Channels to Nonintrusively Discover Untargeted Malware on Embedded Medical Devices.
Shane S. Clark, Benjamin Ransford, Amir Rahmati, Shane Guineau, Jacob Sorber, Wenyuan Xu, and Kevin Fu.
USENIX Workshop on Health Information Technologies.
workshop abstract...
Embedded systems are ubiquitous, connect to networks, and increasingly use off-the-shelf operating systems vulnerable to malware. Yet, strict validation processes make it difficult or too costly to use anti-virus software or automated operating system updates in embedded systems such as medical devices. Our WattsUpDoc system uses a traditionally undesirable side channel of power consumption to enable run-time malware detection. Our measurements show that WattsUpDoc can detect previously known malware with at least 94% accuracy and previously unknown malware with at least 85% accuracy on the devices we tested. While the detection rates are similar to that of conventional malware-detection systems, WattsUpDoc requires no hardware or software modification or network communication.
January   Transiently Powered Computers.
Benjamin Ransford.
Ph.D. thesis, University of Massachusetts Amherst .
  BAT: Backscatter Anything-to-Tag Communication.
Andres Molina-Markham, Shane S. Clark, Benjamin Ransford, and Kevin Fu.
Chapter in Wirelessly Powered Sensor Networks and Computational RFID.
book abstract...
Computational RFID prototypes are limited by networking abstractions that impose narrow preconceptions about topologies and applications. These prototypes support programmability and integrate a wide array of sensors, which open the door to more varied applications. Implementing these on constrained platforms will need primitives that seamlessly support communication among tags and also with other devices. While overlays on top of existing protocols are possible, they introduce inefficiency because of packet formats designed explicitly for the tag inventory paradigm. This paper presents BAT, a networked system designed from the ground up to enable non-supply-chain RFID applications while carefully considering the unique constraints under which these platforms operate.
  Design Challenges for Secure Implantable Medical Devices.
Benjamin Ransford, Shane S. Clark, Denis Foo Kune, Kevin Fu, and Wayne P. Burleson.
Chapter in Security and Privacy for Implantable Medical Devices.
  Potentia est Scientia: Security and Privacy Implications of Energy-Proportional Computing.
Shane S. Clark, Benjamin Ransford, and Kevin Fu.
Proceedings of the 7th USENIX Workshop on Hot Topics in Security (HotSec '12).
workshop abstract...
The trend toward energy-proportional computing, in which power consumption scales closely with workload, is making computers increasingly vulnerable to information leakage via whole-system power analysis. Saving energy is an unqualified boon for computer operators, but this trend has produced an unintentional side effect: it is becoming easier to identify computing activities in power traces because idle-power reduction has lowered the effective noise floor. This paper offers preliminary evidence that the analysis of AC power traces can be both harmful to privacy and beneficial for malware detection, the latter of which may benefit embedded (e.g., medical) devices.
July   Current Events: Identifying Webpages by Tapping the Electrical Outlet.
Shane S. Clark, Benjamin Ransford, Jacob Sorber, Wenyuan Xu, Erik Learned-Miller, and Kevin Fu.
Technical Report UM-CS-2011-030, Department of Computer Science, University of Massachusetts Amherst.
July   Security and Privacy Qualities of Medical Devices: An Analysis of FDA Postmarket Surveillance.
Daniel B. Kramer, Matthew Baker, Benjamin Ransford, Andres Molina-Markham, Quinn Stewart, Kevin Fu, and Matthew R. Reynolds.
PLoS ONE 7(7).
June   Design Challenges for Secure Implantable Medical Devices.
Wayne P. Burleson, Shane S. Clark, Benjamin Ransford, and Kevin Fu.
Proceedings of the 49th Design Automation Conference (DAC '12). Invited paper.
slides conference
    They Can Hear Your Heartbeats: Non-Invasive Security for Implanted Medical Devices.
Shyamnath Gollakota, Haitham Hassanieh, Benjamin Ransford, Dina Katabi, and Kevin Fu.
Proceedings of ACM SIGCOMM. Best Paper award.
conference details
June   Moo: A Batteryless Computational RFID and Sensing Platform.
Hong Zhang, Jeremy Gummeson, Benjamin Ransford, and Kevin Fu.
Technical Report UM-CS-2011-020, Department of Computer Science, University of Massachusetts Amherst.
March   Mementos: System Support for Long-Running Computation on RFID-Scale Devices.
Benjamin Ransford, Jacob Sorber, and Kevin Fu.
Proceedings of the 16th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS '11).
conference slides abstract...
Transiently powered computing devices such as RFID tags, kinetic energy harvesters, and smart cards typically rely on programs that complete a task under tight time constraints before energy starvation leads to complete loss of volatile memory. Mementos is a software system that transforms general-purpose programs into interruptible computations that are protected from frequent power losses by automatic, energy-aware state checkpointing. Mementos comprises a collection of optimization passes for the LLVM compiler infrastructure and a linkable library that exercises hardware support for energy measurement while managing state checkpoints stored in nonvolatile memory. We evaluate Mementos against diverse test cases in a trace-driven simulator of transiently powered RFID-scale devices. Although Mementos's energy checks increase run time when energy is plentiful, they allow Mementos to safely suspend execution when energy dwindles, effectively spreading computation across zero or more power failures. This paper's contributions are: a study of the runtime environment for programs on RFID-scale devices; an energy-aware state checkpointing system for these devices that is implemented for the MSP430 family of microcontrollers; and a trace-driven simulator of transiently powered RFID-scale devices.
  Mementos: System Support for Long-Running Computation on RFID-Scale Devices (Technical Report).
Benjamin Ransford, Jacob Sorber, and Kevin Fu.
Technical Report UM-CS-2010-060, Department of Computer Science, University of Massachusetts Amherst.
April   A Rudimentary Bootloader for Computational RFIDs.
Benjamin Ransford.
Technical Report UM-CS-2010-061, Department of Computer Science, University of Massachusetts Amherst.
  Clinically Significant Magnetic Interference of Implanted Cardiac Devices by Portable Headphones.
Sinjin Lee, Kevin Fu, Tadayoshi Kohno, Benjamin Ransford, and William H. Maisel.
Heart Rhythm Journal 6(10).
abstract journal npr
August   CCCP: Secure Remote Storage for Computational RFIDs.
Mastooreh Salajegheh, Shane S. Clark, Benjamin Ransford, Kevin Fu, and Ari Juels.
Proceedings of the 18th USENIX Security Symposium.
conference new scientist abstract...
Passive RFID tags harvest their operating energy from an interrogating reader, but constant energy shortfalls severely limit their computational and storage capabilities. We propose Cryptographic Computational Continuation Passing (CCCP), a mechanism that amplifies programmable passive RFID tags' capabilities by exploiting an often overlooked, plentiful resource: low-power radio communication. While radio communication is more energy intensive than flash memory writes in many embedded devices, we show that the reverse is true for passive RFID tags. A tag can use CCCP to checkpoint its computational state to an untrusted reader using less energy than an equivalent flash write, thereby allowing it to devote a greater share of its energy to computation. Security is the major challenge in such remote checkpointing. Using scant and fleeting energy, a tag must enforce confidentiality, authenticity, integrity, and data freshness while communicating with potentially untrustworthy infrastructure. Our contribution synthesizes well-known cryptographic and low-power techniques with a novel flash memory storage strategy, resulting in a secure remote storage facility for an emerging class of devices. Our evaluation of CCCP consists of energy measurements of a prototype implementation on the batteryless, MSP430-based WISP platform. Our experiments show that---despite cryptographic overhead---remote checkpointing consumes less energy than checkpointing to flash for data sizes above roughly 64 bytes. CCCP enables secure and flexible remote storage that would otherwise outstrip batteryless RFID tags' resources.
  Getting Things Done on Computational RFIDs with Energy-Aware Checkpointing and Voltage-Aware Scheduling.
Benjamin Ransford, Shane S. Clark, Mastooreh Salajegheh, and Kevin Fu.
USENIX Workshop on Power Aware Computing and Systems (HotPower).
ieee spectrum slides workshop
November Electromagnetic Interference (EMI) of Implanted Cardiac Devices by MP3 Player Headphones.
Sinjin Lee, Benjamin Ransford, Kevin Fu, Tadayoshi Kohno, and William H. Maisel.
Circulation 118(18 Supplement). Abstract 662, 2008 American Heart Association Annual Scientific Sessions.
abstract ap medgadget reuters us news world report video
May     Pacemakers and implantable cardiac defibrillators: Software radio attacks and zero-power defenses.
Daniel Halperin, Thomas S. Heydt-Benjamin, Benjamin Ransford, Shane S. Clark, Benessa Defend, Will Morgan, Kevin Fu, Tadayoshi Kohno, and William H. Maisel.
Proceedings of the 29th Annual IEEE Symposium on Security and Privacy. Outstanding Paper award. Test of Time award (2019).
boston globe details medgadget nytimes risks schneier slashdot wsj
  • sllurp (GitHub), a Python implementation of the Low Level Reader Protocol (LLRP) for controlling RFID readers
  • Abbot, an XMPP personal assistant
  • Other useful tools on GitHub
Research Resources
Alphabet game for kiddos.