Keynotes speakers

 

The conference program will include 3 talks from distinguished speakers on hot topics for the software engineering community.

 

 

ISO JTC 1/SC 22/WG 23 Work on  Programming Language Vulnerabilities

 

 

John Benito,  Blue Pilot Consulting, USA (Tuesday 9, 9:00 - 10:00)

Any programming language has constructs that are imperfectly defined, undefined, implementation-dependent, or difficult to use correctly. As a result, software programs can execute in a manner that is different than intended by the developer. In some cases, the unintended functionality can be exploited by hostile parties or can lead to failure when used in unforeseen circumstances. The result can be a compromise of safety, security, privacy, dependability or some other critical property. Security vulnerabilities are a particular concern because an adaptive adversary can use a compromise in any executing program —even a non-critical vulnerability— as a springboard to make additional attacks on other programs. This presentation describes an effort to develop an authoritative account of the known weaknesses in programming languages and how developers might avoid those weaknesses.

 

Presenter

John is an independent consultant providing software development, project management, and software testing. He is the current Convener of ISO/IEC JTC 1/SC 22/WG14(C), the Convener of ISO/IEC JTC 1/SC 22 WG 23 (was OWG Vulnerabilities), the project editor for the Technical Report 24772 (Guidance to avoiding vulnerabilities in programming language through language selection and use for registration), the Vice chairman of INCITS PL22 and a member of the INCITS PL22.11 (ANSI C) technical committee. He previously was a member of INCITS PL22.16 (ANSIC++) and the ISO Java Study group. He has been in software development, project management, and testing for over 30 years. John has been participating in International Standard development for the past 19 years.

 

 

 

 

Fault Tolerance in Large Scale Distributed Systems

 

Pierre Sens, Université P. et M Curie, Paris, France (Wednesday 10, 8:30 - 9:30)

 

Scaling to large configurations is one of the major challenges addressed by the distributed system community lately. As the number of hosts increases, the probability of a host failure converges to one. Compared to classical distributed systems, failures are more common and have to be efficiently processed.

In this talk, we address the problem of fault tolerance in large configuration like Grid or peer-to-peer systems. We focus on two fundamental issues: the failure detection and reliable data storage. We introduce the problem of failure detection in large asynchronous network where the transmission delay is not known and present recent studies on failure detection in grid configuration. Then, we present DHT-based P2P systems provide a fault-tolerant and scalable mean to store data blocks in a fully distributed way. Unfortunately, recent studies have shown that if connection/disconnection frequency is too high in the system (churn), data blocks may be lost. This is true for most current DHT-based system’s implementations.  To avoid this problem, it is necessary to build really efficient replication and maintenance mechanisms. In this talk, we study the effect of churn on an existing DHT-based P2P system namely   Past/Pastry.

 

 

Presenter

Pierre SENS received his Ph.D. in Computer Science in 1994, and the ”Habilitation à diriger des recherches” in 2000 from the Université Pierre et Marie Curie - Paris 6, France. Currently, he is a Full Professor at Université Pierre et Marie Curie and co-director of the LIP6 - Computer Science Laboratory of University Paris 6. His research interests include distributed systems, peer-to-peer file systems, fault tolerance and resource management in grid configurations. Pierre Sens is heading the Regal group which is a joint research team between LIP6 and INRIA.

 

 

 

 

Validation of Safety-Critical Systems with AADL

 

Peter Feiler, CMU/SEI, USA Thursday 11, 8:30 – 9:30)

As safety-critical systems have become increasingly software intensive the embedded software system has become an increasing risk factor. The SAE Architecture Analysis & Design Language (AADL) international standard has been developed to support model-based engineering of embedded and real-time software intensive systems.

In this presentation we examine how AADL contributes to model-based validation of systems, to consistency between different analytical models of the same system, and validation of the implementation against the validated models. We will illustrate model-based analysis throughout the life cycle of different degrees of fidelity and formality with examples in terms of security, latency, and model checking of redundancy logic. The presentation concludes with an illustration of challenges in an implementation against the model.

 

Presenter

Dr. Peter Feiler is a 24 year veteran at the Software Engineering Institute (SEI). He is a senior member of the Research, Technology, and Systems Solutions (RTSS) program of the SEI. His interests include dependable real-time systems, architecture languages for embedded systems, and predictable system engineering. He has been the technical lead and author of the Society of Automotive Engineers (SAE) Architecture Analysis & Design Language (AADL) standard, which was originally published in November 2004 with a revision in January 2009, and AADL Annex standards published in July 2006. Dr. Feiler recently received the Carnegie Science Award for Information Technology. Prior he was employed by Siemens Corp. in Princeton, NJ, in research and advanced product development. Dr. Feiler has a Ph.D. in Computer Science from Carnegie Mellon.