Matt Bishop received his Ph.D. in computer science from Purdue University, where he specialized in computer security, in 1984. He was a research scientist at the Research Institute of Advanced Computer Science and on the faculty at Dartmouth College before joining the Department of Computer Science at the University of California at Davis in 1993.
His main research area is the analysis of vulnerabilities in computer systems, including modeling them, building tools to detect vulnerabilities, and ameliorating or eliminating them. He works in network security, resilience, attribution, data anonymization and sanitization, policy modeling, software assurance testing, and formal modeling of access control. He has worked on numerous analyses of e-voting systems including the RABA study in Maryland, and was one of the two principle investigators of the California Top-to-Bottom Review, which performed a technical review of all electronic voting systems certified in the State of California. With colleagues at the University of Massachusetts Amherst, he has applied process modeling to the election process as a whole.
He is active in the cybersecurity community. He was the founder of the USENIX UNIX Security Workshop and chaired the first one. It has since evolved into the USENIX Security Symposium, one of the premiere computer security conferences. He was a member of the California Voting Systems Technology Assessment Advisory Board. He provided technical advice to the California Assembly staff for the Electronic Recording Delivery Act of 2004 in California.
He is active in cybersecurity education. He co-led the Joint Task Force that developed the ACM/IEEE/ASIS SIGSAC/IFIP WG11.8 Cybersecurity Curricular Guidelines and the Summit on Education in Secure Software. His textbook, “Computer Security: Art and Science” is widely used in universities throughout the world; the second edition was published in November 2018 by Addison-Wesley Professional. He teaches introductory programming, operating systems, and computer security.