swiseverywhere - dipartimento di informaticapages.di.unipi.it/danelutto/lminf/sw.pdf ·...
TRANSCRIPT
Software: Programming, Principles and Technologies
SW IS EVERYWHERE
MedTech
MedTech Autonomous Car
MedTech Autonomous Car
MedTech Autonomous Car
Social Robotics (face Unipi)
MedTech Autonomous Car
Social Robotics (face Unipi)
All of these Tech-‐areas attract a high level of venture capital, and one can expect them to grow and reshape our word, e.g. medical services, transportation industries, teaching itself Underlying these technologies is, of course, SOFTWARE Not passive followers/users of technology, rather active technology developers
This raises some very fundamental questions about software technologies: -‐ Are we investing enough in safe software research? -‐ Has the research yielded solid scientific foundations and useful solutions? -‐ Has industry failed to adopt these solutions due to cost/benefit? Even more, how do we enable developers to realize the best of their abilities — and eradicate from their code the sources of crashes, bugs and unsafe behaviour
Ending Null Pointer Crashes By Bertrand Meyer Communications of the ACM, Vol. 60 No. 5, 2017
Obj.m(): the null-‐pointer-‐derefencing bugs in the Common Vulnerabilities and Exposures
vulnerability CVE-‐2016-‐9113 (http://bit.ly/2mafdkJ) states: There is a NULL pointer dereference in function imagetobmp of convertbmp.c:980 of OpenJPEG 2.1.2. image-‐>comps[0].data is not assigned a value after initialization(NULL). Impact is Denial of Service.
Google: ibmedia in mediaserver in Android 4.x before 4.4.4, 5.0.x before 5.0.2, 5.1.x before 5.1.1, and 6.x before 2016-‐08-‐01 has certain incorrect declarations, which allows remote attackers to execute arbitrary code or cause a denial of service (NULL pointer dereference or memory corruption) via a crafted media file, aka internal bug 28166152.
For the NVIDIA Quadro, NVS, and GeForce products, NVIDIA Windows GPU Display Driver R340 before 342.00 and R375 before 375.63 contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler where a NULL pointer dereference caused by invalid user input may lead to denial of service or potential escalation of privileges.
Software Innovation Facebook INFER: http://Einfer.com/
Microsoft Z3: https://z3.codeplex.com/ https://github.com/Z3Prover/z3
Apple LLVM Compiler ToolChainhttps://developer.apple.com/library/mac/documentation/CompilerTools/Conceptual/LLVMCompilerOverview/
Google error-‐prone: https://github.com/google/error-‐prone
Open source Project: Clang http://clang.llvm.org/
Mozilla JS Code Analyzer https://wiki.mozilla.org/Security/B2G/JavaScript_code_analysis
By Dino Di Stefano, 2012 Royal Society “Needham Award” winner, Laurea Pisa
Your future … Mr Wolf tells you [Pulp Fiction by Quentin Tarantino]: https://www.youtube.com/watch?v=NP4lrVIpbvo
Problem solvers with skills and strong scientific bases
design and handle models
address the design of advanced algorithms
understand and develop innovative programming languages, methods and tools
design complex cyber(-‐physical) infrastructures
reason on systems and certify their properties
nurished by hands-‐on activities in joint labs with sw companies
Job positions are typically in ICT companies (e.g. Google, IBM, Yahoo, Microsoft, etc.), public organizations, and research laboratories where advanced methods, languages and tools are required, both at the national and international level. This master course also provides a solid background for a Ph.D. program in Computer Science or an equivalent degree.
Job Career