Microsoft CloudMine: Data Mining for the Executive Order on Improving the Nation’s Cybersecurity (MSR 2022 - Industry Track)

Who

Kim Herzig, Luke Gostling, Maximilian Grothusmann, Nora Huang, Sascha Just, Alan Klimowski, Yashasvini Ramkumar, Myles McLeroy, Kıvanç Muşlu, Hitesh Sajnani, Varsha Vadaga

Track

MSR 2022 Industry Track

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

By setting a time band, the program will dim events that are outside this time window. This is useful for (virtual) conferences with a continuous program (with repeated sessions).
The time band will also limit the events that are included in the personal iCalendar subscription service.

Display full programSpecify a time band

Save

When

Thu 19 May 2022 21:25 - 21:32 at MSR Main room - odd hours - Session 13: Security & Quality Chair(s): Gias Uddin

Abstract

As any other US software maker, Microsoft is bound by the “Executive Order on Improving the Nation’s Cybersecurity” which dictates a clear mandate to “enhance the software supply chain security” and to generally improve the cyber security practices. To fulfill the executive order, software companies need to enforce new policies and practices on many projects and engineering teams within relatively short periods of time. One challenge is to build up comprehensive inventories of software artifacts which can be tedious and fragile as software eco-systems change rapidly. Required is a system that will constantly monitor and update the inventory of software artifacts and contributors so that at any given point of time. The front line of this security battle includes the product team around the data mining platform CloudMine1 providing the security and compliance teams with engineering artifacts and insights into artifact dependencies and engineering practices of the corresponding engineering teams.

Kim Herzig

Tools for Software Engineers, Microsoft

Luke Gostling

Microsoft Corporation

Maximilian Grothusmann

Microsoft Corporation

Nora Huang

Microsoft Corporation

Sascha Just

Microsoft

n.n.

Alan Klimowski

Microsoft Corporation

Yashasvini Ramkumar

Microsoft Corporation

Myles McLeroy

Microsoft Corporation

Kıvanç Muşlu

Microsoft

Hitesh Sajnani

Microsoft

Varsha Vadaga

Microsoft Corporation

Time Zone

The program is currently displayed in (GMT-04:00) Eastern Time (US & Canada).

Use conference time zone: (GMT-04:00) Eastern Time (US & Canada)Select other time zone

The GMT offsets shown reflect the offsets at the moment of the conference.

Time Band

Display full programSpecify a time band

Save

Session Program

Thu 19 May
Displayed time zone: Eastern Time (US & Canada) change

21:00 - 21:50	Session 13: Security & QualityTechnical Papers / Data and Tool Showcase Track / Registered Reports / Industry Track at MSR Main room - odd hours Chair(s): Gias Uddin University of Calgary, Canada

21:00 7m Talk		On the Use of Fine-grained Vulnerable Code Statements for Software Vulnerability Assessment Models Technical Papers Triet Le The University of Adelaide, Muhammad Ali Babar University of Adelaide Pre-print
21:07 7m Talk		LineVD: Statement-level Vulnerability Detection using Graph Neural Networks Technical Papers David Hin The University of Adelaide, Andrey Kan The University of Adelaide, Huaming Chen The University of Adelaide, Muhammad Ali Babar University of Adelaide
21:14 7m Talk		LineVul: A Transformer-based Line-Level Vulnerability Prediction Technical Papers Michael Fu Monash University, Kla Tantithamthavorn Monash University Pre-print
21:21 4m Talk		ECench: An Energy Bug Benchmark of Ethereum Client Software Data and Tool Showcase Track Jinyoung Kim Sungkyunkwan University, Misoo Kim Sungkyunkwan University, Eunseok Lee Sungkyunkwan University
21:25 7m Talk		Microsoft CloudMine: Data Mining for the Executive Order on Improving the Nation’s Cybersecurity Industry Track Kim Herzig Tools for Software Engineers, Microsoft, Luke Gostling Microsoft Corporation, Maximilian Grothusmann Microsoft Corporation, Nora Huang Microsoft Corporation, Sascha Just Microsoft, Alan Klimowski Microsoft Corporation, Yashasvini Ramkumar Microsoft Corporation, Myles McLeroy Microsoft Corporation, Kıvanç Muşlu Microsoft, Hitesh Sajnani Microsoft , Varsha Vadaga Microsoft Corporation
21:32 4m Talk		Evaluating few shot and Contrastive learning Methods for Code Clone Detection Registered Reports Mohamad Khajezade University of British Columbia, Fatemeh Hendijani Fard University of British Columbia, Mohamed S Shehata University of British Columbia Pre-print
21:36 14m Live Q&A		Discussions and Q&A Technical Papers

Information for Participants

Info for room MSR Main room - odd hours:

Click here to go to the room on Midspace