Chinenye Okafor

Chinenye Okafor, a PhD candidate in Purdue University’s Elmore Family School of Electrical and Computer Engineering, has been named a recipient of the Rolls-Royce Graduate Fellowship.

The fellowship, established in 2024, supports outstanding doctoral students in Purdue’s College of Engineering who are preparing for high-impact careers beyond academia. Okafor is one of five graduate students selected for the latest cohort.

The highly competitive fellowship provides recipients with industry experience, professional development and mentoring opportunities while strengthening Purdue’s longstanding collaboration with Rolls-Royce. Fellows also have opportunities to connect with Rolls-Royce employees and be considered for internship opportunities with the company.

Okafor’s research focuses on making software systems more trustworthy, particularly in industries where a cyberattack could have serious real-world consequences. Her project, “Hardening Software Signing Against Identity and Tool Compromise,” addresses a growing challenge in modern software development: how to confirm that software was signed by the right party, using the right tools, under the right conditions. Recent high-profile attacks on software supply chains in which malicious code was inserted and delivered through trusted paths have highlighted the limits of existing signing approaches. These risks are especially important as critical systems increasingly depend on complex software pipelines, third-party components, and artificial intelligence-enabled development workflows.

Okafor is developing a system called DiVerify, which is designed to strengthen software signing, a process used to verify where software came from and whether it can be trusted. Unlike current approaches that may rely on one identity check, DiVerify uses multiple forms of verification, such as identity, device information and hardware-based security checks. The goal is to make it much harder for an attacker to impersonate a trusted developer or use a compromised tool to approve unsafe software.

For safety-critical industries such as aerospace and propulsion, that level of assurance is especially important as more systems rely on software-driven design and artificial intelligence pipelines.

“Trust in software should not depend only on valid software signatures, it should also be based on verifiable evidence about the context in which the software was signed", Okafor said.  “This work focuses on making that kind of assurance practical and deployable for modern software signing systems. Working with Rolls-Royce will help keep the research grounded in practicality, usability, and real-world security expectations.”

Okafor’s research is supervised by Santiago Torres-Arias, assistant professor of electrical and computer engineering. Her fellowship appointment runs from August 2026 through August 2028.