Agile methods and safety critical software - Peter GardnerAdaCore
This talk surveys Agile methods and formulates a list of features that occur in these methods, then considers whether each of the features can be applied in the field of safety-critical software development. The talk concludes that almost all of the features of Agile methods are applicable to safety-critical software but that existing standards are a problem for Agiles de-emphasis of design and documentation. The talk will also look for quantitative evidence in the published literature for the benefits of Agile methods in software development in general, and surveys various published opinions on Agiles application to safety-critical software development.
Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...Editor IJCATR
Lately, agile methods have widely been used in large organizations. This contrasts to previous practice, where they were mainly
used for small projects. However, developers of safety critical systems have shied away from using these methods for the right and wrong
reasons. Adoption of agile methods for safety critical system development is low and there is need to find out why this is so especially
since agile methods allow a more relaxed approach towards documentation, flexible development lifecycle based on short iterations and
accommodates changing requirements. This paper presents a report of a detailed analysis of literature and aims to shed light on the
suitability of agile methods for developing safety critical systems .The findings indicate that many organizations are relying on traditional
methods to develop safety critical systems because they are familiar with them and have been thoroughly tested over time. However with
the advent of agile methods there is a paradigm shift by non safety critical system developers, nevertheless this is not happening with the
safety critical system developers and there is need to find out why.
List of Software Development Model and MethodsRiant Soft
RiantSoft a Software Development Company derived the most useful and different types of Software Development Model for the users who want to know the development process. RiantSoft is specialized in custom software development with latest cutting edge technologies.
Agile methods and safety critical software - Peter GardnerAdaCore
This talk surveys Agile methods and formulates a list of features that occur in these methods, then considers whether each of the features can be applied in the field of safety-critical software development. The talk concludes that almost all of the features of Agile methods are applicable to safety-critical software but that existing standards are a problem for Agiles de-emphasis of design and documentation. The talk will also look for quantitative evidence in the published literature for the benefits of Agile methods in software development in general, and surveys various published opinions on Agiles application to safety-critical software development.
Suitability of Agile Methods for Safety-Critical Systems Development: A Surve...Editor IJCATR
Lately, agile methods have widely been used in large organizations. This contrasts to previous practice, where they were mainly
used for small projects. However, developers of safety critical systems have shied away from using these methods for the right and wrong
reasons. Adoption of agile methods for safety critical system development is low and there is need to find out why this is so especially
since agile methods allow a more relaxed approach towards documentation, flexible development lifecycle based on short iterations and
accommodates changing requirements. This paper presents a report of a detailed analysis of literature and aims to shed light on the
suitability of agile methods for developing safety critical systems .The findings indicate that many organizations are relying on traditional
methods to develop safety critical systems because they are familiar with them and have been thoroughly tested over time. However with
the advent of agile methods there is a paradigm shift by non safety critical system developers, nevertheless this is not happening with the
safety critical system developers and there is need to find out why.
List of Software Development Model and MethodsRiant Soft
RiantSoft a Software Development Company derived the most useful and different types of Software Development Model for the users who want to know the development process. RiantSoft is specialized in custom software development with latest cutting edge technologies.
Since the system had been began to gain importance in the place of the software, intended to help better the work done. Waterfall method of software development methods, agile methods are constantly changing and evolving process is hardly surprising given that the development becomes clear. Practices applied in the software development work is most basically the same, however, has changed the practices described in the application form is shown in various sources. Basic software development cycle to determine the requirements, design, modified, implementation, testing and deployment phases is composed.
Agile methods are almost the beginning of the end of the loop with the development of test event, be considered as almost the first, has progressed to a place of importance given to the prediction, the progress continues. In this study,one of agile development practice e of the Test-Driven Development is applied by considering the exchange tried to test effectiveness.
This presentation is about a lecture I gave within the "Software systems and services" immigration course at the Gran Sasso Science Institute, L'Aquila (Italy): http://cs.gssi.infn.it/.
http://www.ivanomalavolta.com
This presentation provides useful and beneficial information related to software development companies. It defines Software development methodology and elaborates various methodologies adopted by software application development companies, web application development companies, custom software development services in India.
Courtesy: Shreyans Agrawal (ifour.shreyans.agrawal@gmail.com)
http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
How the DevOps company-wide initiative affected the development team in the Bakson, Serbia (a part of Ticketmaster's engineering team). And what tooling were used to automate QA processes.
Presentation was created for DevOps meetup in Belgrade, on 11th October 2016. https://www.facebook.com/SevenBridgesGenomics/photos/?tab=album&album_id=1338738752836488
SCM Transformation Challenges and How to Overcome ThemCompuware
If your enterprise is focused on continuously improving quality, velocity and efficiency, you’re going to win against those that aren’t. Driving improvements on the mainframe, and in turn throughout the business, requires the transformation of three things: culture, processes and tools. In other words, changing mindsets, implementing modern practices (Agile, DevOps, CI/CD) and replacing outdated technology.
Mainframe source code management is currently a critical area in need of modernization and should be one of the initial tooling changes organizations make when setting out to improve mainframe systems delivery.
During this session, Compuware specialist Lars-Erik Berglund shares the challenges organizations face with mainframe source code management and what you can do to overcome those.
Since the system had been began to gain importance in the place of the software, intended to help better the work done. Waterfall method of software development methods, agile methods are constantly changing and evolving process is hardly surprising given that the development becomes clear. Practices applied in the software development work is most basically the same, however, has changed the practices described in the application form is shown in various sources. Basic software development cycle to determine the requirements, design, modified, implementation, testing and deployment phases is composed.
Agile methods are almost the beginning of the end of the loop with the development of test event, be considered as almost the first, has progressed to a place of importance given to the prediction, the progress continues. In this study,one of agile development practice e of the Test-Driven Development is applied by considering the exchange tried to test effectiveness.
This presentation is about a lecture I gave within the "Software systems and services" immigration course at the Gran Sasso Science Institute, L'Aquila (Italy): http://cs.gssi.infn.it/.
http://www.ivanomalavolta.com
This presentation provides useful and beneficial information related to software development companies. It defines Software development methodology and elaborates various methodologies adopted by software application development companies, web application development companies, custom software development services in India.
Courtesy: Shreyans Agrawal (ifour.shreyans.agrawal@gmail.com)
http://www.ifour-consultancy.com
http://www.ifourtechnolab.com
How the DevOps company-wide initiative affected the development team in the Bakson, Serbia (a part of Ticketmaster's engineering team). And what tooling were used to automate QA processes.
Presentation was created for DevOps meetup in Belgrade, on 11th October 2016. https://www.facebook.com/SevenBridgesGenomics/photos/?tab=album&album_id=1338738752836488
SCM Transformation Challenges and How to Overcome ThemCompuware
If your enterprise is focused on continuously improving quality, velocity and efficiency, you’re going to win against those that aren’t. Driving improvements on the mainframe, and in turn throughout the business, requires the transformation of three things: culture, processes and tools. In other words, changing mindsets, implementing modern practices (Agile, DevOps, CI/CD) and replacing outdated technology.
Mainframe source code management is currently a critical area in need of modernization and should be one of the initial tooling changes organizations make when setting out to improve mainframe systems delivery.
During this session, Compuware specialist Lars-Erik Berglund shares the challenges organizations face with mainframe source code management and what you can do to overcome those.
Luiz Fernando Testa Contador - Aplicando DevOps em grandes corporaçõesAgile Trends
Assunto que será abordado:
Por onde e como começar aplicar DevOps em grandes corporações?
Diferenças entre DevOps para Start-Ups vs Grandes Corporações
Principais barreiras a serem quebradas
Mudança de MindSet Corporativo
Principais ganhos para a corporação
You are already the Duke of DevOps: you have a master in CI/CD, some feature teams including ops skills, your TTM rocks ! But you have some difficulties to scale it. You have some quality issues, Qos at risk. You are quick to adopt practices that: increase flexibility of development and velocity of deployment. An urgent question follows on the heels of these benefits: how much confidence we can have in the complex systems that we put into production? Let’s talk about the next hype of DevOps: SRE, error budget, continuous quality, observability, Chaos Engineering.
Dances with bits - industrial data analytics made easy!Julian Feinauer
Vortrag from the Building IoT 2020 (https://www.buildingiot.de/lecture.php?id=10644&source=). Short presentation of the framework CRUNCH (https://github.com/pragmaticminds/crunch) and its upcoming integration in the PLC4X project (plc4x.apache.org).
ALM describes automated project management.
It includes
* Scrum based task management with issue tracking system.
* Contiguous Build
* Regression Test
* V-Model based Test process
* Defect management process
DevOps provides the ability to increase time to market to an new level. The question is no longer if we need to speed up our delivery. The challenge is to find the right „pace“ for your product. Not every organization and every product needs to run at the speed of Netflix and Spotify, even if we’d like it to be like this. We need to adjust the organization, processes and tools appropriatly and to identify the real bottlenecks in the delivery pipeline continuously. And by the way, we need to justify our investment in the DevOps mission. Are we just automating the current processes or can we use this DevOps thing to really support our business? In this talk, I’d like to discuss with you how to find the right design for your delivery process and your organization to behave as a business enabler and how you can scale DevOps within your organization without loosing agility. Let’s explore how we can listen carefully to the unknown customer out there and to build software they really like in the speed of your business.
Another day, another buzzword in the world of software development! ‘Microservices’ is a new approach to structuring server-side software. But is it really new? In this talk I’ll walk you through the birth and ‘raison d’etre’ of microservices and tell about pro’s and con’s of the approach.
Having laid the foundation, we will take a look at best-practices and patterns for building micro service architectures and combine this with a tour of current technologies and development tools.
Finally, I will take a quick look at the future and discuss some of the remaining challenges. All parts of the presentation will be accompanied by structural examples based on a real ecommerse system.
Critical Capabilities to Shifting Left the Right WaySmartBear
The concept of testing earlier in the SDLC isn't new, but the term "shift left" has reignited its importance. See how shifting left can help you, and how to do it right.
FME World Tour 2015 - FME & Data Migration Simon McCabeIMGS
Data migration best practice s and procedures with
examples\scenarios from large migrations of utility data
(Water and Electric Data) including:
Designing the migration process
Tools to use in the process
Reporting\Reconciliation processes
Data cleansing
Cutover\Deployment consideration s
RCA OCORA: Safe Computing Platform using open standardsAdaCore
The railway sector is facing a major transition as it moves towards more fully automated systems on both the train and infrastructure side. This in turn, requires the development of appropriate, future-proof connectivity and IT platforms.
The Reference Control Command and Signalling Architecture (RCA) and Open Control Command and Signalling Onboard Reference Architecture (OCORA) have developed a functional architecture for future trackside and onboard functions. The RCA OCORA open Control Command Signalling (CCS) on-board reference architecture introduces a standardized separation of safety-relevant and non-safety-relevant railway applications and the underlying IT platforms. This allows rail operators to decouple the very distinct life cycles of the domains and aggregate multiple railway applications on common IT platforms.
Based on a Safe Computing Platform (SCP), the architecture accommodates a Platform Independent Application Programming Interface (PI API) between safety-relevant railway applications and IT platforms. This approach supports the portability of railway applications among IT platform realisations from different vendors.
Two of its authors will discuss the RCA OCORA architecture with emphasis on its safe computing framework. The talk will review the required operating system standards and the discuss the newly-released DDS Reference Implementation for Safe Computing Platform Messaging. While designed for rail, this architecture will have elements of interest for other industries.
Long-lived software is a challenge. This was seen very clearly a couple of years ago in the “US COBOL crisis”, but the reasons are less clearly understood, and are worth exploring. The speaker works in Computer Algebra, where “younger” systems are 30-40 years old, and the algorithmic kernel of SageMath, the newest major system, is actually 55 years old, and the people who can debug it are in single figures. More recently, very substantial retooling was required to enable Line 14, the driverless line, of the Paris Métro to be extended. Having reviewed these cases, the speaker will make some tentative suggestions for the management of long-lived software.
Rust and the coming age of high integrity languagesAdaCore
Rust is undeniably successful. In just over 7 year, it moved from a newly released language to one that is considered as a language for high integrity systems. This success did not happen in isolation - Rusts success is deeply rooted in a number of contributing environmental factors.
In this talk, I’d like to make the case why Rust success is due to a general ground shift in software development. What we are seeing is a resurging interest in software practices that were usually part of safety-critical environments being applied to non-safety related, mission-critical environments. On the other side, we are seeing the worlds of safety and security merging.
I’d like to take a step back and talk about coming opportunities, changes and chances not only for Rust, but also for other languages and products.
SPARKNaCl: A verified, fast cryptographic libraryAdaCore
SPARKNaCl https://github.com/rod-chapman/SPARKNaCl is a new, freely-available, verified and fast reference implementation of the NaCl cryptographic API, based on the TweetNaCl distribution. It has a fully automated, complete and sound proof of type-safety and several key correctness properties. In addition, the code is surprisingly fast - out-performing TweetNaCl's C implementation on an Ed25519 Sign operation by a factor of 3 at all optimisation levels on a 32-bit RISC-V bare-metal machine. This talk will concentrate on how "Proof Driven Optimisation" can result in code that is both correct and fast.
Developing Future High Integrity Processing SolutionsAdaCore
Rolls-Royce has been developing high integrity digital processing solutions for its safety critical aerospace engine controllers since the 1980s. By the turn of the century, the electronics industry experienced an inflection point. This resulted in a shift to a consumer driven market and a much-reduced focus on the harsh environment electronics and the extended life cycles required by the aerospace industry. As a result, Rolls-Royce took the decision to design its own microprocessor, and for the last 25 years, has been successfully developing harsh environment safety critical processing solutions for all its aerospace engines.
Alongside the ever-increasing performance expectations, the past few years have seen cyber-security become a major driver in new processor developments. This presents new and interesting development challenges that will need to be addressed.
Taming event-driven software via formal verificationAdaCore
Event-driven software can be found everywhere, from low-level drivers, to software that controls and coordinates complex subcomponents, and even in GUIs. Typically, event-driven software is characterised as consisting of a number of stateful components that communicate by sending messages to each other. Event-driven software is notoriously difficult to test. There are often many different sequences of events, and because the exact order of the events will affect the state of the system, it can be easy for bugs to lurk in obscure un-tested sequences of events. Even worse, reproducing these bugs can be difficult due to the need to reproduce the exact sequence of events that led to the issue.
Formal verification is one method of solving this: rather than writing tests to check each of the different possible sequences of events, automated formal verification could be used to verify that the software is correct no matter what sequence of events is observed. In this talk, we will look at what capabilities are required to ensure that this will be successful, including what it means for event-driven software to be correct, and how to ensure that the verification can scale to industrial-sized software projects.
Pushing the Boundary of Mostly Automatic Program ProofAdaCore
With the large-scale verification of complex programs like compilers and microkernels, program proof has realised the grand challenge of creating a “verifying compiler” proposed by Sir Tony Hoare in 2003. Still, the effort and expertise required for developing the program and its proof to feed to the “verifying compiler” will exceed the V&V budget of most projects. Another approach gaining traction is to automate the proof as much as possible. More specifically, by tailoring the proof tool to the strengths of a target programming language, leveraging an array of automatic provers, and limiting the ambition of proof to those properties for which proof can be mostly automated. This is the approach we are following in SPARK. In this talk, we will survey what properties can be “mostly” proved automatically, and what this means in terms of effort and expertise.
RCA OCORA: Safe Computing Platform using open standardsAdaCore
The railway sector is facing a major transition as it moves towards more fully automated systems on both the train and infrastructure side. This in turn, requires the development of appropriate, future-proof connectivity and IT platforms.
The Reference Control Command and Signalling Architecture (RCA) and Open Control Command and Signalling Onboard Reference Architecture (OCORA) have developed a functional architecture for future trackside and onboard functions. The RCA OCORA open Control Command Signalling (CCS) on-board reference architecture introduces a standardized separation of safety-relevant and non-safety-relevant railway applications and the underlying IT platforms. This allows rail operators to decouple the very distinct life cycles of the domains and aggregate multiple railway applications on common IT platforms.
Based on a Safe Computing Platform (SCP), the architecture accommodates a Platform Independent Application Programming Interface (PI API) between safety-relevant railway applications and IT platforms. This approach supports the portability of railway applications among IT platform realisations from different vendors.
Two of its authors will discuss the RCA OCORA architecture with emphasis on its safe computing framework. The talk will review the required operating system standards and the discuss the newly-released DDS Reference Implementation for Safe Computing Platform Messaging. While designed for rail, this architecture will have elements of interest for other industries.
Product Lines and Ecosystems: from customization to configurationAdaCore
Digitalization is concerned with a fundamental shift in value delivery to customers from transactional to continuous. For R&D this requires adopting processes such as DevOps and continuous deployment. Systems engineering companies using platforms need to adjust their ways of working and be cognisant of the role of the ecosystem surrounding them to capitalize on this transformation. The keynote talk will discuss these developments and provide industrial examples from Software Center, a collaboration between 17 large, international companies and five universities with the intent of accelerating the digital transformation of the European software intensive industry.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Essentials of Automations: The Art of Triggers and Actions in FMESafe Software
In this second installment of our Essentials of Automations webinar series, we’ll explore the landscape of triggers and actions, guiding you through the nuances of authoring and adapting workspaces for seamless automations. Gain an understanding of the full spectrum of triggers and actions available in FME, empowering you to enhance your workspaces for efficient automation.
We’ll kick things off by showcasing the most commonly used event-based triggers, introducing you to various automation workflows like manual triggers, schedules, directory watchers, and more. Plus, see how these elements play out in real scenarios.
Whether you’re tweaking your current setup or building from the ground up, this session will arm you with the tools and insights needed to transform your FME usage into a powerhouse of productivity. Join us to discover effective strategies that simplify complex processes, enhancing your productivity and transforming your data management practices with FME. Let’s turn complexity into clarity and make your workspaces work wonders!
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
4. The Big Freeze problem
Is Tool Qualification equivalent to Baselining?
Verify a slightly different coding standard
Change the code generation strategy
Regenerate a source-to-obj traceability study
5. The Big Freeze problem (II)
A new bug is found!
Please, do NOT fix it!
Really cheaper/safer to invent workarounds?
6. The Big Freeze problem (III)
So, what is our goal?
AdaCore engineers improve our tech every day
Constraining engineers’ creativity cannot work
…still, we target the high-integrity domain
QUALIFICATION
7. How to Avoid the Big Freeze Problem (I)
Continuous Qualification
Mirrors the “Continuous Integration” concept
Qualification artifacts evolve along source code
A tool shall always be in a “semi-qualifiable” state
Maximize automation of qualification-oriented activities
8. How to Avoid the Big Freeze Problem (II)
Delta Qualification
What is the minimum effort to re-achieve qualifiability?
Which artifact shall be (re-)produced
Which activities shall be (re-)performed
9. An example of Continuous Certification
Requirement R1
Test Case TC1
Source File SF1
Test Case TC2
Test Case TC3
Test Procedure TP1
Test Procedure TP2
Test Procedure TP3
Structural Coverage
Report SCR1
Coding Standard CS1
Coding Standard
Compliance Report CSC1
Modified
Re-generated
Re-generated
A modification of an artifact triggers
the qualification infrastructure to
execute a set of activities
(possibly overnightly)
10. Continuous Certification + Delta Certification
Sounds nice eh?
Requires an integrated certification infrastructure
The topic of this talk!
Focus on automation & optimization
Difficult to generalize for different teams/clients
A drastically different way of working
11. The core problem
Establishing a dependency & traceability graph
To use to trigger automated activities
To calculate the Delta Qualification effort
Low creation & maintenance effort
Understand when an artifact has changed
Propagate un-valid status
12. Presenting current results…
…as well as un-implemented ideas
A good vision of our way of thinking…
…and how we develop TQL5 kits
From now on, this is a long-term view
13. Introducing the Qualifying Machine
An intelligent repository for qualification artifacts
Integrated with build/test infrastructure
Provides hooks to invoke scripts to trigger activities
Support for change impact analysis
15. Qualifying Machine Architecture (II)
Major design decisions & challenges
What to track (artifacts, activities, …)
How to build a traceability & dependency graph
How to understand if an artifact has changed
Un-validity propagation algorithm
16. What do we track?
Everything is an artifact!
Each artifact is a (set of) file(s)
Metadata are placed in a single folder
Activities ALWAYS produce qualification artifacts
An activity not producing an artifact IS NOT WORTH IT
State of an activity = state of the artifacts it produces
Leverage as much as possible on naming conventions
17. Configuring the QM
project <NAME> is
artifact Requirement is
files: “req.txt”
activity Decompose produces
derived : Requirement [0..*] in “./Req_<name>”
activity Write_Test_Case produces
test_cases : Test_Case [1..*] in “./TC_<name>”
activity QA_Review produces
qa_report : Report [0..1] in “qa.txt”
traceability:
standard : Doc [1] in “<ROOT>/Standards/req_std.txt”
18. Building a traceability & dependency graph
My_Project
Req_SysReq1
Req_SwReq1
TC_Flying
TC_Departure
QA
Req_SysReq1
Req_SwReq1
Configuration File
project <NAME> is
artifact Requirement is
files: “req.txt”
activity Decompose produces
derived : Requirement [0..*]
in “./Req_<name>”
activity Write_Test_Case produces
test_cases : Test_Case [1..*]
in “./TC_<name>”
+ =
19. When does an artifact change?
At the heart of un-validity propagation
Timestamp, SVN diff, MD5, …
How to cope with complex artifacts (UML or Simulink models)?
How to identify changes not requiring formal re-validation?
Example: a typo
20. TC1
6.3.2bcd
Un-validity propagation algorithm (II)
LLR1
6.4.4.1
Re-validate 6.4.4.1
(test coverage of LLR),
possibly editing TC1
Re-measure
structural coverage
TP1
Source File SF1
Manual activity
Depending on the status of artifacts &
activities, the QM:
- Proposes a minimal list of manual activities
- Triggers automated activities
- Track each single action of the user
LLRs are accurate,
consistent, compatible
and verifiable
21. TORs
Un-validity propagation algorithm (I)
Known Constraints and
Open Problems
References, but does
not depends on
Tool Qualification Plan
Depends on
Verification Results
Analysis
Delivery File
Modifying the Known Constraints and Open
Problems triggers the production of a minimal
set of manual activities to be performed in order
to re-achieve qualification:
- on TORS
- on elements derived from TORs
22. How do we use the QM? (I)
Not targeting the typical DOORS users…
25. How do we fill the QM repository? (IV)
However, we understand other tools are used
Develop a set of plug-in
Import artifact metadata in the QM
The QM focuses on continuous/delta qualification
Integrate external dev. tools in the QM
26. Wrap-up
Our experience
From a semi-agile infrastructure to the QM
Qualification kit for a verification tool (TQL5): can we scale?
Lessons learnt
Fragmentation & Automation!
What about workflow modeling/tracking?
Future developments
www.forge.open-do.org/projects/qmachine
SafeCer Project (Artemis)
