Solving Software Security Challenges with Artificial Intelligence
Abstract: Software security lies at the intersection of software engineering and cybersecurity – building security into a product. Software security techniques focus on preventing the injection of vulnerabilities and detecting the vulnerabilities that make their way into a product or the deployment pipeline before the product is released. Increasingly, artificial intelligence is being used to power software security techniques to aid organizations in deploying secure products. This talk will present a landscape of research and practice at the intersection of software engineering, cybersecurity, and artificial intelligence to solve cybersecurity challenges. The talk will also present research projects conducted by the speaker’s own research group.
Biography: Laurie Williams is a Distinguished University Professor in the Computer Science Department of the College of Engineering at North Carolina State University (NCSU). Laurie is a co-director of the NCSU Science of Security Lablet sponsored by the National Security Agency, the NCSU Secure Computing Institute, and is the Principal Cybersecurity Technologist of the SecureAmerica Institute. Laurie's research focuses on software security; agile software development practices and processes, particularly continuous deployment; and software reliability, software testing and analysis. Laurie is an ACM and an IEEE Fellow.
Illustrated Code: Building Software in a Literate Way
Abstract: Notebooks – rich, interactive documents that join together code, documentation, and outputs – are all the rage with data scientists. But can they be used for actual software development? In this talk, I share experiences from authoring two interactive textbooks – fuzzingbook.org and debuggingbook.org – and show how notebooks not only serve for exploring and explaining code and data, but also how they can be used as software modules, integrating self-checking documentation, tests, and tutorials all in one place. The resulting software focuses on the essential, is well-documented, highly maintainable, easily extensible, and has a much higher shelf life than the "duct tape and wire” prototypes frequently found in research and beyond.
Biography: Andreas Zeller is faculty at the CISPA Helmholtz Center for Information Security and professor for Software Engineering at Saarland University, both in Saarbrücken, Germany. His research on automated debugging, mining software archives, specification mining, and security testing has won several awards for its impact in academia and industry. Zeller is an ACM Fellow, an IFIP Fellow, an ERC Advanced Grant Awardee, and holds an ACM SIGSOFT Outstanding Research Award.
The challenges and trends in engineering excellence with automation
Abstract: There are many complex engineering challenges for an IT organisation to deliver world-class products: the cognitive load and productivity of engineers, the development at scale, the quality, uniformity and compliance of the delivered products, the sustainable continuous delivery with high caliber velocity and stability, just to name a few. This talk will elaborate the trended endeavours attempted in industry, with an emphasis on how automation has been put forward to help achieve engineering excellence.
Biography: Karen Li is a Product Architect at Xero, previously a Lead Engineer. As an Engineer Karen focused on applying sustainably excellent engineering practice and delivering capabilities to Xero customers and internal employees. As an Architect, Karen focuses on providing context and connecting work with the wider strategies of the organisation. Karen has been with industry for 10+ years, she’s excited to bridge between academic science and industry practice. Prior to industry, Karen had an academic career (PhD in Computer Science, University of Auckland, New Zealand). Her research area was domain-specific visual languages led software automation.
Doctoral Symposium Keynote - Advice on your Adviser
Biography: Marsha Chechik is Professor in the Department of Computer Science at the University of Toronto. She received her Ph.D. from the University of Maryland in 1996. Prof. Chechik’s research interests are in the application of formal methods to improve the quality of software. She has authored numerous papers in formal methods, software specification and verification, computer safety and security and requirements engineering. In 2002-2003, Prof. Chechik was a visiting scientist at Lucent Technologies in Murray Hill, NY and at Imperial College, London UK, and in 2013 – at Stonybrook University. She is a member of IFIP WG 2.9 on Requirements Engineering and an Associate Editor in Chief of Journal on Software and Systems Modeling. She is has been an associate editor of IEEE Transactions on Software Engineering 2003-2007, 2010-2013. She regularly serves on program committees of international conferences in the areas of software engineering and automated verification. Marsha Chechik has been Program Committee Co-Chair of the 2018 International Conference in Software Engineering (ICSE18), 2016 International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS’16), the 2016 Working Conference on Verified Software: Theories, Tools, and Experiments (VSTTE16), the 2014 International Conference on Automated Software Engineering (ASE’14), the 2008 International Conference on Concurrency Theory (CONCUR’08), the 2008 International Conference on Computer Science and Software Engineering (CASCON’08), and the 2009 International Conference on Formal Aspects of Software Engineering (FASE’09). She will be PC Co-Chair of ESEC/FSE’2021. She is a Member of ACM SIGSOFT and the IEEE Computer Society.