Below are the Keynote Speakers confirmed for the SBESC & LADC 2019:
Advances on the Detection of Software Vulnerabilities
Speaker: Dr. Marco Vieira – University of Coimbra, Portugal
Nov 19, 9h30-10h30 Abstract: Field studies and practical experience show that software is frequently deployed with security vulnerabilities that sooner or later are maliciously exploited. In fact, although there are diverse approaches to support secure software development, including best coding practices and vulnerability detection tools and techniques, software faults (i.e., program defects or bugs) are still recognized as the major source of intrusions in computer systems. In this talk, we will introduce and motivate the problem of detecting vulnerabilities in software systems and applications. We will discuss recent research and state of practice advances on different techniques to detect software vulnerabilities, including penetration testing, static analysis, and the use of software metrics and other types of evidences to identify potentially vulnerable code elements. Concrete examples will be presented to demonstrate the current situation and the effectiveness of existing approaches. Research opportunities will be identified and discussed. Bio: Dr. Marco Vieira is a Full Professor at the University of Coimbra (UC), member of the Software and Systems Engineering research group (SSE) of the Centre for Informatics and Systems of the University of Coimbra (CISUC). Marco is the European Coordinator of the EUBrasilCloudFORUM and his research focuses mainly in the area of dependable and secure computing, namely in benchmarking and experimental assessment of security and dependability attributes. His research interests also include Dependability and Security Assessment and Benchmarking, Fault Injection and Vulnerability & Attack Injection, Robustness and Security Testing, Software Verification & Validation, Online Failure Prediction, and Resilience Benchmarking.
Timing Analysis of Software Executing on Undocumented Multicore Processors - (slides keynote2)
Speaker: Dr. Bjorn Andersson – Software Engineering Institute at Carnegie Mellon University, USA
Nov 19, 16h30-17h30 Abstract: Multicore processors are widely used today in most areas of computing, for example cloud computing, desktop computing, and smartphones. There is an increasing interest in using multicore processors in safety-critical (embedded) systems because (i) multicore processors have the potential to decrease Size-Weight-and-Power (SWaP) and (ii) it is becoming harder to find vendors that still sell single-core processors (obsolescence). Software in safety-critical systems typically must satisfy hard real-time requirements. Unfortunately, satisfying real-time requirements of software executing on a multicore processor is challenging because in such a computer platform, there are shared hardware resources in the memory system (for example cache) and the sharing of these resources impacts timing of software. Although there are methods for managing and analyzing the contention for resources in the memory system and thereby satisfying hard real-time requirements of software, these methods rely on a model of the shared resources. Creating such a model depends on documentation of the hardware which is typically not available for all resources.
Bio: Dr. Andersson is Principal Researcher at the Software Engineering Institute at Carnegie Mellon University. He earned his MSc and PhD from Chalmers University in Sweden in 1999 and 2003 respectively. He is a Senior Member of the IEEE. He is the recipient of 4 Best Paper awards, and his publications have received more than 3000 citations. His research interests and activities are in real-time systems; his contributions include: transferring the well-known Liu-and-Layland utilization bound (69%) from a single processor to multiprocessors, inventing the wireless CAN bus, and inventing the general approach of scheduling of hard real-time tasks on a multiprocessor where some tasks may be split between processors (today typically called semi-partitioning).
Advances In System Isolation For Cyber Attack Mitigation - (slides keynote3)
Speaker: Dr. Christophe Bobda – Fayetteville, AR, United States
Nov 20, 11h-12h
Abstract: The increasing global availability of broadband access to the Internet has led to the creation and distribution of malicious software and financially-oriented underground economies of criminals. Annual economic loss attributed to malicious software activities is estimated at more than US $10 Billion. Malicious activities are no more limited to single hackers and DDoS attacks, but range from hardware Trojans to more complex insider and outsider attacks in cloud computing systems. These attacks can take down critical infrastructures such as the power grid, financial trading platform or large data centers. Isolation has been one of the most effective solutions in connected SCADA-based systems. However, the practicability of early solutions as well as the need for high-speed communication have prevented a wider adoption of isolation as a means to tackle security. Recently, there has been a resurgence in isolation as a means to mitigate cyber attacks.
In this talk, we introduce and motivate the principle of isolation and it's application to cyber security. Thereafter recent advances in the field will be discussed including efforts currently on the way in academia and industry. The talk will discuss current work at the University of Arkansas, particularly the Isolation and Protection Module (IPM) and the Hardware Sandboxing paradigm. While the IPM provide a system on chip (SoC) solution to enforce isolation in networked systems, hardware sandbox are used in SoC to contain effects of non-trusted IPs.
Bio: Dr. Bobda is Professor of Computer Engineering at the University of Arkansas, in Fayetteville, AR. Dr. Bobda received the Licence in mathematics from the University of Yaounde, Cameroon, in 1992, the diploma of computer science and the Ph.D. degree (Summa Cum Laude) in computer science from the University of Paderborn in Germany in 1999 and 2003 respectively. In June 2003 he joined the department of computer science at the University of Erlangen-Nuremberg in Germany as Post doc. In 2005 Dr. Bobda was appointed Assistant Professor at the University of Kaiserslautern, Germany where set the research lab for self-organizing embedded systems that he led until October 2007 before being promoted to Professor at University of Potsdam in 2007. Dr. Bobda led the working Group Computer Engineering at the University of Potsdam until 2010 when he accepted a faculty position as associate professor at the University of Arkansas where he founded the smart embedded systems lab. Dr. Bobda was tenured and promoted to the rank of full professor at the University of Arkansas in 2016. Dr. Bobda has published more than 150 papers in leading journals and conferences, has a citation count and his work has been downloaded more than 9000 times. Dr. Bobda research interests include embedded systems, system on chip and system on FPGA, computer architecture, with application in embedded imaging, high-performance computing and cyber security. Dr. Bobda’s research has been sponsored by multiple national and international organizations including the National Science Foundation (NSF), the Air Force Research Lab, the Navy, the German Research Association (DFG) and the German French University.
Earliest Systems Engineering Activities considering Software Architects – EMBRAER Systems Engineering Process
Speaker: Ricardo Moraes – EMBRAER S/A, Brazil
Nov 20, 17h30-18h30
Abstract: Today's major systems rely heavily on software-enabled capabilities. However, many programs acquiring new systems first determine the physical items to develop, assuming the contractors for those items will provide all needed software for the capability. However, software by its nature spans physical items: it provides the inter-system communications that have a direct influence on most capabilities, and thus must be architected intelligently, especially when different contractors build pieces. If architecture step is not done properly, a software-reliant project can be set up to fail from the first architectural decision.
In this talk, we present why is important to consider Software on the early Systems Engineering Activities. The talk will discuss current work and effort at the Embraer Systems Engineering process, particularly the software architects and Systems Architect relation in the early activities with a practical and motivation view to the public considering Safety, Security and CyberSecurity emergent proprieties on the Systems Concept phases.
Bio: Ricardo Moraes is Senior Systems Engineer - Chief Engineer Office at EMBRAER S/A, Brazil. At the beginning of his career, his work was focused on systems integration aimed at commercial aviation in order to understand aspects of safety and its nuances in development. During the course of his career, with the results of seven years focused on commercial aviation, he dedicated to systems theory, systems engineering and systems approach, as well as corporate architecture. In this period and up to the present day, his attributions and contributions not only for EMBRAER but for INCOSE in Brazil, are related to the themes: Systems Science, Systems Approach, Systems Theory, STAMP - Systems Approach to Safety, Complexy Systems (Management Complexity), CyberSecurity and Securty, Systems Architecture, and Enterprise architecture..
Rapid Prototyping of Embedded Controllers Relying on Model-Based Development - (slides keynote5)
Speaker: Luis Gomes – University NOVA Lisbon, Portugal
Nov 21, 11h00-12h00
Abstract: Model-based development of embedded controllers and cyber-physical systems relying on a set of design automation tools and considering reconfigurable computing platforms can effectively support their rapid prototyping. Petri nets were selected as the reference modeling formalism supporting a comprehensive specification and documentation of the system, integrating graphical expressiveness with formal verification capabilities. A web-based tools framework (the IOPT-Tools tool chain) using a specific class of Petri nets (IOPT-nets, the Input-Output Place-Transition Petri nets) will be presented illustrating the whole development process from specification to implementation, including specific web-tools for model’s edition and properties verification, including simulation and debugging capabilities. Automatic code generators (of VHDL for hardware-based implementation and C for software-oriented implementation) can be used allowing direct deployment into specific implementation platforms, taking advantage of hardware-software co-design techniques. Globally Asynchronous Locally Synchronous paradigm is also supported by IOPT-nets, through the addition of the concepts of time domains and communication channels, allowing the partitioning of the model into several components and their distributed execution.
Bio: Luis Gomes received his Electrotech. Eng. Degree from Technical University of Lisbon, Portugal, in 1981, and a PhD degree in Digital Systems from University NOVA Lisbon, Portugal, in 1997. He is as Associate Professor with Habilitation at the Electrical and Computer Engineering Department, Faculty of Sciences and Technology of University NOVA Lisbon, Portugal and a researcher at UNINOVA Institute, Portugal. From 1984 to 1987, he was with EID, a Portuguese medium enterprise, in the area of electronic system design, in the R&D engineering department. His main interests include the usage of Petri nets and other models of concurrency, applied to reconfigurable and embedded systems co-design and cyber-physical systems. He was made Honorary Professor of Transilvania University of Brasov, Brasov, Romania, in 2007, as well as Honorary Professor of Óbuda University, Budapest, Hungary, in 2014. He received the IEEE Industrial Electronics Society Anthony J Hornfeck Service Award in 2016. Dr. Gomes is author/co-author of more than 300 papers and chapters published in journals, books and conference proceedings, as well as co/author of one book and co-editor for three books.