German Federal Office
Thomas Schmidt works in the 'Industrial Automation and Control Systems' section of the German Federal Office for Information Security (BSI). His focus is the automation of advisories at both sides: vendors/CERTs and asset owners. Schmidt has been a leader in the OASIS Open CSAF technical committee, and key in bridging this work with the CISA SBOM work. Prior to this, Schmidt was BSI's lead analyst for TRITION/TRISIS/HatMan and developed, together with partners, a rule set for Recognizing Anomalies in Protocols of Safety Networks: Schneider Electric's TriStation (RAPSN SETS). To increase security of ICS and the broader ecosystem, BSI responsibilities cover many areas including establishing trust and good relations with vendors and asset owners. Mr. Schmidt completed his masters in IT-Security at Ruhr-University Bochum (Germany) which included a period of research at the SCADA Security Laboratory of Queensland University of Technology (Brisbane, Australia).