Santiago Arias is an Assistant Professor of ECE at Purdue University with 13 years of experience at the intersection of software supply chain security, applied cryptography, and systems security. He combines academic rigor (NYU MS, PhD work in computer science) with deep hands-on engineering, contributing to high-profile open-source projects like in-toto, Git, and python-tuf to harden package and update integrity. His work spans full-stack development, back-end systems, and test automation—ranging from implementing validator and metadata formats in in-toto to adding tag-inspection features and tests in Git. Based in New York, he brings practical industry experience from consulting and teaching, and a knack for turning formal security concepts into usable tooling that improves real-world software distribution.
13 years of coding experience
Master’s Degree, Computer Science, 3.95, Master’s Degree, Computer Science, 3.95 at New York University
Bachelor of Science (BS), Electrical, Electronics and Communications Engineering, Bachelor of Science (BS), Electrical, Electronics and Communications Engineering at Universidad Iberoamericana, Ciudad de México
in-toto is a framework to protect supply chain integrity.
Role in this project:
Full-stack Developer
Contributions:7 releases, 14 reviews, 283 commits in 6 years 7 months
Contributions summary:Santiago's commits primarily focus on the development of the "Toto" framework, a series of scripts designed to secure software supply chains. They implemented the foundational modules and test scripts and set up the initial setup.py file for installation. Furthermore, they implemented a validator to handle the match rules, and added a new metadata format.
Python reference implementation of The Update Framework (TUF)
Role in this project:
Back-end & Security Engineer
Contributions:1 release, 71 commits, 6 PRs in 6 years 6 months
Contributions summary:Santiago primarily worked on the 'python-tuf' repository, which is a Python implementation of The Update Framework (TUF). Their commits involve merging branches and modifying the core updater functionality. These changes include modifications to the updater, delegation implementation and handling of project configuration. This suggests a focus on enhancing the security and functionality of the TUF framework.
pythonsecuritycompromiserevocationupdate
Find and Hire Top DevelopersWe’ve analyzed the programming source code of over 60 million software developers on GitHub and scored them by 50,000 skills. Sign-up on Prog,AI to search for software developers.
Request Free Trial
Santiago Arias - Assistant Professor at Purdue University