Write a Blog >>
ASE 2021
Mon 15 - Fri 19 November 2021 Australia

Solving Software Security Challenges with Artificial Intelligence

Laurie Williams

Abstract: Software security lies at the intersection of software engineering and cybersecurity – building security into a product. Software security techniques focus on preventing the injection of vulnerabilities and detecting the vulnerabilities that make their way into a product or the deployment pipeline before the product is released. Increasingly, artificial intelligence is being used to power software security techniques to aid organizations in deploying secure products. This talk will present a landscape of research and practice at the intersection of software engineering, cybersecurity, and artificial intelligence to solve cybersecurity challenges. The talk will also present research projects conducted by the speaker’s own research group.

Biography: Laurie Williams is a Distinguished University Professor in the Computer Science Department of the College of Engineering at North Carolina State University (NCSU). Laurie is a co-director of the NCSU Science of Security Lablet sponsored by the National Security Agency, the NCSU Secure Computing Institute, and is the Principal Cybersecurity Technologist of the SecureAmerica Institute. Laurie's research focuses on software security; agile software development practices and processes, particularly continuous deployment; and software reliability, software testing and analysis. Laurie is an ACM and an IEEE Fellow.


Illustrated Code: Building Software in a Literate Way

Andreas Zeller

Abstract: Notebooks – rich, interactive documents that join together code, documentation, and outputs – are all the rage with data scientists. But can they be used for actual software development? In this talk, I share experiences from authoring two interactive textbooks – fuzzingbook.org and debuggingbook.org – and show how notebooks not only serve for exploring and explaining code and data, but also how they can be used as software modules, integrating self-checking documentation, tests, and tutorials all in one place. The resulting software focuses on the essential, is well-documented, highly maintainable, easily extensible, and has a much higher shelf life than the "duct tape and wire” prototypes frequently found in research and beyond.

Biography: Andreas Zeller is faculty at the CISPA Helmholtz Center for Information Security and professor for Software Engineering at Saarland University, both in Saarbrücken, Germany. His research on automated debugging, mining software archives, specification mining, and security testing has won several awards for its impact in academia and industry. Zeller is an ACM Fellow, an IFIP Fellow, an ERC Advanced Grant Awardee, and holds an ACM SIGSOFT Outstanding Research Award.


The challenges and trends in engineering excellence with automation

Karen Li

Abstract: There are many complex engineering challenges for an IT organisation to deliver world-class products: the cognitive load and productivity of engineers, the development at scale, the quality, uniformity and compliance of the delivered products, the sustainable continuous delivery with high caliber velocity and stability, just to name a few. This talk will elaborate the trended endeavours attempted in industry, with an emphasis on how automation has been put forward to help achieve engineering excellence.

Biography: Karen Li is a Lead Engineer at Xero. Karen’s day-to-day job involves stakeholder engagement, OKRs, design, architecting, development, DevOps, security engineering, platform engineering, incident management etc.. The work she is currently leading focuses on bringing sustainably excellent engineering practice at an organizational level through automation. Karen has been with industry for 10+ years, she’s excited to bridge between academic science and industry practice. Prior to industry, Karen had an academic career (PhD in Computer Science, University of Auckland, New Zealand). Her research area was domain-specific visual languages led software automation.