Resilience
Growing Up Software Development
From Hacker Culture to the Software of the Future
Hacker culture overcomes limitations in computer systems through
creativity and tinkering. At the same time, hacker culture has shaped
the practice of software development to this day. This is
problematic - techniques effective for breaking (into) a computer
systems are not necessarily suitable for developing resilient and
secure systems. It does not have to be this way: We can approach
software development as a methodical, systematic activity rather than
tinkering, and teach it accordingly. I'll review my experience
teaching these methods for the past 18 years and give some suggestions
on what *you* may do.
Hacker culture, which originated CCC (or vice versa?), overcomes
limitations in computer systems through creativity and tinkering.
Many activities of the hacker community have focussed on discovering
weaknesses of IT systems, and creativity and tinkering have been
enormously successful at this endeavour. At the same time, hacker
culture has shaped the practice of software development to this day.
This is problematic - techniques effective for breaking (into) a
computer systems are not necessarily suitable for developing resilient
and secure systems. The long, long list of vulnerabilities with
always the same root causes bears testament to this. Thus,
ironically, the very techniques hackers have used to discover and
fight vulnerabilities are responsible for them in the first place.
It does not have to be this way: It is possible to construct resilient
software systematically, greatly reducing the risk of failure.
However, this requires significant changes in culture, methodology,
and the tools we use to develop software. We need to approach
software development as a methodical, systematic activity rather than
tinkering, and teach it accordingly. This will lead to a set of
systematic, proven methods that lead to robust and correct software.
This talk will introduce available methods, tools, and languages
supporting such methodologies: program by design, type-based
modelling, mathematics, and functional programming. I'll review my
experience teaching these methods for the past 18 years and give some
suggestions on what *you* may do.
Additional information
| Type | lecture |
|---|---|
| Language | English |
More sessions
| 12/27/17 |
Gesundheit als entscheidender Teil von Glück und Zufriedenheit ist bis in ihre kleinsten Teilbereiche „durchkapitalisiert“. Und dieser Prozess macht auch vor humanitärer Hilfe und Krisenintervention nicht halt. In diesem Talk gehen wir auf verschiedene Beispiele ein und erklären, wie CADUS mit seinem Makerspace versucht, dieses Problem auf vielen Ebenen zu hacken.
|
| 12/27/17 |
Formal hardware verification (hardware model checking) can prove that a design has a specified property. Historically only very simple properties in simple designs have been provable this way, but improvements in model checkers over the last decade enable us to prove very complex design properties nowadays. riscv-formal is a framework for formally verifying RISC-V processors directly against a formal ISA specification. In this presentation I will discuss how the complex task of verifying a ...
|
| 12/27/17 |
Formal verification of software has finally started to become viable: we have examples of formally verified microkernels, realistic compilers, hypervisors etc. These are huge achievements and we can expect to see even more impressive results in the future but the correctness proofs depend on a number of assumptions about the Trusted Computing Base that the software depends on. Two key questions to ask are: Are the specifications of the Trusted Computing Base correct? And do the implementations ...
|
| 12/27/17 |
We shall explain the renewed interest in mix networks. Like Tor, mix networks protect metadata by using layered encryption and routing packets between a series of independent nodes. Mix networks resist vastly more powerful adversary models than Tor though, including global passive adversaries. In so doing, mix networks add both latency and cover traffic. We shall outline the basic components of a mix network, touch on their roles in resisting active and passive attacks, and discuss how the ...
|
| 12/28/17 |
In the past decade, machine learning researchers and theorists have created deep learning architectures which seem to learn complex topics with little intervention. Newer research in adversarial learning questions just how much “learning" these networks are doing. Several theories have arisen regarding neural network “blind spots” which can be exploited to fool the network. For example, by changing a series of pixels which are imperceptible to the human eye, you can render an image ...
|
| 12/28/17 |
Systems are getting increasingly complex and it's getting harder to understand what they are actually doing. Even though they are built by human individuals they often surprise us with seemingly bizarre behavior. DTrace lights a candle in the darkness that is a running production system giving us unprecedented insight into the system helping us to understand what is actually going on. We are going implement `strace`-like functionality, trace every function call in the kernel, watch the scheduler ...
|
| 12/29/17 |
The NERF and Heads projects bring Linux back to the cloud servers' boot ROMs by replacing nearly all of the vendor firmware with a reproducible built Linux runtime that acts as a fast, flexible, and measured boot loader. It has been years since any modern servers have supported Free Firmware options like LinuxBIOS or coreboot, and as a result server and cloud security has been dependent on unreviewable, closed source, proprietary vendor firmware of questionable quality. With Heads on NERF, we ...
|
