Bertrand Meyer, ETH, Zurich, and ISE Santa Barbara, USA.
Slides from this talk are available here.
Tuesday, May 6, 9:00AM
Component-based development, one of the most promising paths of progress for the world of software engineering, is fraught with risks if it isn't accompanied by a constant concern for quality. Components of demonstrably high quality may, on the other hand, bring a critical contribution to the improvement of both software products and the software process. This lecture will address the challenge of building "trusted components" whose quality can be guaranteed. It will discuss both the "low road" of certifying components built with current technologies and the "high road" of proving component properties.
Bertrand Meyer is Professor of Software Engineering at the ETH (Swiss Federal Institute of Technology) and Scientific Advisor of ISE, the company he co-founded in 1985. He is the author of a number of books including "Object-Oriented Software Construction, 2nd edition", "Eiffel: The Language" and "Reusable Software". He has been involved in the design of numerous libraries and tools applying the principles of "Design by Contract" and object technology.
Joanne McGrath Cohoon, Department of Leadership, Foundations and Policy,
University of Virginia, USA.
Email: joanne_cohoon@virginia.edu.
Slides from this talk are available here.
Wednesday, May 7, 9:00AM
Women's participation in undergraduate computing is low and likely to continue declining. However, this situation is not due to intractable gender differences. Academic computing departments can effectively recruit and retain female students. Dr. Cohoon will describe the current state of affairs and discuss how and why departments can act to reverse this trend.
Joanne McGrath Cohoon is a sociologist who studies higher education, gender, and technology. She earned her BA in Philosophy from Ramapo College of New Jersey; her MA in Student Personnel Administration from Teacher's College, Columbia University; and her Ph.D. in Sociology from the University of Virginia in 2000. Dr. Cohoon has held professional positions in higher education as a researcher, administrator, and instructor at a women's college, a survey research center, a center for public service, and a continuing education program. She is currently a Research Assistant Professor in the Curry School of Education at the University of Virginia. Her research has been funded by the Alfred P. Sloan Foundation and the National Science Foundation. She is a member of the ACM, SIGCSE, and sociological and higher education professional organizations.
Eugene Spafford, Purdue University, USA.
Slides from this talk are available here.
Thursday, May 8, 9:00AM
There are many connections between software engineering and information security. Some are obvious, such as the process of detecting software faults, and some are more subtle, such as definition and capture of privacy requirements. In both infosec and SE there are complex challenges of how best to balance cost, design, technology, and time to market: Too often, good practices are skipped because of cost or time. Meanwhile, failures in both areas can lead to everything from minor inconvenience to catastrophic failures and compromises.
In this talk, I intend to explain some of the connections I see between software engineering and information security. In particular, I hope to illustrate how some of the challenges -- and advances -- in infosec have a basis in software engineering. Some of these suggest high-leverage areas of research, while others provide insight about why we will continue to experience security problems in widely-deployed software. For instance, is there truth to the contention that open source software is more secure than proprietary source? Along the way, I will connect Las Vegas, the PDP-11, Roman chariots, and a common security flaw as one illustration of how unintended consequences shape both security and software development.
Eugene H. Spafford is a professor of Computer Sciences at Purdue University, a professor of Philosophy (courtesy appointment), and is Director of the Center for Education and Research in Information Assurance and Security (CERIAS). Spaf 's research career has included work in information security, software engineering, distributed systems, and professional ethics.
Dr. Spafford is a Fellow of the ACM, Fellow of the AAAS, Fellow of the IEEE, and is a charter recipient of the Computer Society's Golden Core award. He was the year 2000 recipient of the NIST/NCSC National Computer Systems Security Award, generally regarded as the field's most significant honor in information security research. In 2001, he was elected to the ISSA Hall of Fame, and he was awarded the William Hugh Murray medal of the NCISSE for his contributions to research and education in infosec.
Among his many activities, Spaf is co-chair of the ACM's U.S. Public Policy Committee and of its Advisory Committee on Computer Security and Privacy, is a member of the Board of Directors of the Computing Research Association, and is a member of the US Air Force Scientific Advisory Board.