Dr. Kevin Fu, Ph.D., is Associate Professor of Electrical Engineering and Computer Science at the University of Michigan and CEO and co-founder of healthcare cybersecurity startup Virta Laboratories, Inc. His research investigates how to achieve trustworthy computing on embedded devices with application to health care, commerce, and communication. He teaches computer science courses in security and privacy. Virta Labs provides hospitals a
managed cybersecurity service called BlueFlow to assure continuity of clinical operations despite medical device security risks.
Fu received his Ph.D. in EECS from MIT where his research pertained to secure storage and how web authentication fails. His participation in the provocative 2008 IEEE research paper analyzing the security of a pacemaker/defibrillator led to a wake-up call for cybersecurity in medical device manufacturing.
Fu has given nearly 100 invited talks on medical device security to industry, government, and academia—including U.S. Senate and House hearings, the Institute of Medicine, and National Academy of Engineering events. He directs the Archimedes Center for Medical Device Security at the University of Michigan. He co-chaired the AAMI Working Group on Medical Device Security, which led to the AAMI TIR57 document that advises medical device manufacturers on how to incorporate security engineering into medical device product development. Fu co-authored the U.S. National Institute of Standards and Technology (NIST) Information Security and Privacy Advisory Board recommendations to U.S. HHS on how the federal government must adapt to risks of medical device security. His medical device security efforts were recognized with a Fed100 Award, Sloan Research Fellowship, NSF CAREER Award, MIT TR35 Innovator of the Year award, and best paper awards on medical device security by organizations such as IEEE and ACM.
Fu served as a visiting scientist on cybersecurity research at the U.S. Food & Drug Administration, the Beth Israel Deaconess Medical Center of Harvard Medical School, Microsoft Research, and MIT CSAIL. He was a member the NIST Information Security and Privacy Advisory Board. ISPAB is a Federal Advisory Committee that identifies emerging managerial, technical, administrative, and physical safeguard issues relative to information security and privacy in Federal Government information systems.
