Principal Security Researcher | GRIMM
Matthew Carpenter is a Principal Security Researcher with GRIMM (SMFS, Inc.) in charge of their Critical Infrastructure team, performing deep security research on traditional computing systems, embedded devices, Internet of Things, and Control Systems of all flavors.
Matthew’s primary expertise is in reverse-engineering, vulnerability research, exploit weaponization, overall hacker techniques, developing training courseware, and teaching. He has enjoyed exploitation of hardware, software/firmware, radio and communications protocols, and today specializes primarily in the safety sectors such as automotive, aviation, ICS/SCADA, and Advanced Metering Infrastructure, as well as telecom, and traditional computing. Applying these skills to non-exploitation areas has uniquely positioned Matthew to provide insight and impact in risk analysis/mitigation, forensics engineering, malware analysis, and penetration testing at all levels (hw/sw/net/web/physical).
Matthew is former vice-chair of UCAIUG AMI-SEC Task Force and SG Security, and lead the Vulnerabilities team for NIST Cyber Security Coordination Task Force developing NISTIR-7628 and Cyber Physical Systems (CPS). He is a former member of the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), and was the Red-team lead for Advanced Security Acceleration Project (AMI-SEC/ASAP). Additionally, he has ongoing involvement with security organizations in the Michigan area, including the Michigan Cyber Range, the Michigan State Police, and the West-Michigan Cybersecurity Consortium (WMCSC) where he has served as a Red Team Captain for their annual Red/Blue events for the past three years, and is a member of the Information Systems Security Association (ISSA) and InfraGard.