Jogging While Driving, and Other Software Engineering Research Problems (invi...David Rosenblum
invited talk presented for the Distinguished Lecturer Series of the Department of Computer Science at the University of Illinois at Chicago, 10 April 2014
invited talk presented for the Distinguished Speaker Series of the Institute for Software Research (ISR) at the University of California, Irvine, 5 April 2013
Jogging While Driving, and Other Software Engineering Research Problems (invi...David Rosenblum
invited talk presented for the Distinguished Lecturer Series of the Department of Computer Science at the University of Illinois at Chicago, 10 April 2014
invited talk presented for the Distinguished Speaker Series of the Institute for Software Research (ISR) at the University of California, Irvine, 5 April 2013
To View this webinar replay:
http://ecast.opensystemsmedia.com/316
As Operational Technologies (OT) like embedded devices, control and monitoring systems are increasingly integrated with Information Technology (IT) systems running in the back office, interaction patterns between systems are becoming more complex and diverse. Publish-Subscribe is the most commonly used messaging pattern for OT systems. It provides the real-time information access, scalability, and loose coupling required for integration of these types of systems. IT and OT integration, however, commonly requires messaging patterns that provide stronger end-to-end properties, such as Guaranteed Delivery, Request-Reply, and (load-balancing) Queues. RTI is greatly enhancing its infrastructure software with new messaging patterns that combine the performance, scalability, and reliability needed by OT systems with the integration and flexible messaging capabilities of IT systems.
Overview of SaaS and online services and the business reasons why organisations should be considering these. Delivered by Ben Kepes at Intergen's ON seminar series in May 2010.
batbern43 Events - Lessons learnt building an Enterprise Data BusBATbern
Swissport ist weltweit der führende Dienstleister im Groundhandling und bei Cargo. Über 300 Flughäfen in 50 Ländern werden bedient. Dabei spielen Daten eine führende Rolle: wann und wo hebt ein Flugzeug ab, wie lange dauerte die Betankung, welche Gepäcktücke sind auszuladen? Aufgrund von Wachstum durch Übernahmen ist die IT Landschaft durch eine Vielzahl von Silos charakterisiert - was übergreifende Analytik und die Nutzung von Daten in neuen Kontexten erschwert. Gleichzeitig werden weltweit verschiedene IT Governance Modelle verfolgt, was zu Inkonsistenzen in Prozessen, Datenzugriffen und Datenqualitätsverlusten führt. Diese Situation wird adressiert durch eine Vision für eine Eventgetriebene Architektur und deren Verankerung im Management Prozessen und Prinzipien zur Realisierung der Vision - sowie deren Umsetzung den Aufbau eines Enterprise Datenmodells, Governance für den Zugriff und die Dokumentation von Daten. Erfahrungen aus diesen Schritten werden in der Präsentation reflektiert. Dabei ist zu beachten, dass der Aufbau der zugrundeliegenden Plattform unter strikter Kostenkontrolle stand und lediglich 10 zweiwöchentliche Sprints für die erste Produktivsetzung genutzt werden konnten.
https://labs.ericsson.com/apis?api_category=199
Ericsson Labs' presentation at Over the Air 2011.
Examples of how to establish a trusted identity, how to do mash-ups of multiple data feeds and how to secure peer-to-peer communication.
Microservices: Where do they fit within a rapidly evolving integration archit...Kim Clark
Do microservices force us to look differently at the way we lay down and evolve our integration architecture, or are they purely about how we build applications? Are microservices a new concept, or an evolution of the many ideas that came before them? What is the relationship between microservices and other key initiatives such as APIs, SOA, and Agile. In this session, we will unpick what microservices really are, and indeed what they are not. We will consider whether there is something unique about this particular point time in technology that has enables microservice concepts to take hold. Finally, we will look at if, when, where and how an enterprise can take on the benefits of microservices, and what products and technologies are applicable for that journey.
Known Unknowns: Testing in the Presence of Uncertainty (talk at ACM SIGSOFT F...David Rosenblum
talk presented in the Visions & Challenges Track of the ACM SIGSOFT 22nd International Symposium on the Foundations of Software Engineering (FSE 2014), Hong Kong, 20 November 2014; the paper won 2nd Prize in the track
To View this webinar replay:
http://ecast.opensystemsmedia.com/316
As Operational Technologies (OT) like embedded devices, control and monitoring systems are increasingly integrated with Information Technology (IT) systems running in the back office, interaction patterns between systems are becoming more complex and diverse. Publish-Subscribe is the most commonly used messaging pattern for OT systems. It provides the real-time information access, scalability, and loose coupling required for integration of these types of systems. IT and OT integration, however, commonly requires messaging patterns that provide stronger end-to-end properties, such as Guaranteed Delivery, Request-Reply, and (load-balancing) Queues. RTI is greatly enhancing its infrastructure software with new messaging patterns that combine the performance, scalability, and reliability needed by OT systems with the integration and flexible messaging capabilities of IT systems.
Overview of SaaS and online services and the business reasons why organisations should be considering these. Delivered by Ben Kepes at Intergen's ON seminar series in May 2010.
batbern43 Events - Lessons learnt building an Enterprise Data BusBATbern
Swissport ist weltweit der führende Dienstleister im Groundhandling und bei Cargo. Über 300 Flughäfen in 50 Ländern werden bedient. Dabei spielen Daten eine führende Rolle: wann und wo hebt ein Flugzeug ab, wie lange dauerte die Betankung, welche Gepäcktücke sind auszuladen? Aufgrund von Wachstum durch Übernahmen ist die IT Landschaft durch eine Vielzahl von Silos charakterisiert - was übergreifende Analytik und die Nutzung von Daten in neuen Kontexten erschwert. Gleichzeitig werden weltweit verschiedene IT Governance Modelle verfolgt, was zu Inkonsistenzen in Prozessen, Datenzugriffen und Datenqualitätsverlusten führt. Diese Situation wird adressiert durch eine Vision für eine Eventgetriebene Architektur und deren Verankerung im Management Prozessen und Prinzipien zur Realisierung der Vision - sowie deren Umsetzung den Aufbau eines Enterprise Datenmodells, Governance für den Zugriff und die Dokumentation von Daten. Erfahrungen aus diesen Schritten werden in der Präsentation reflektiert. Dabei ist zu beachten, dass der Aufbau der zugrundeliegenden Plattform unter strikter Kostenkontrolle stand und lediglich 10 zweiwöchentliche Sprints für die erste Produktivsetzung genutzt werden konnten.
https://labs.ericsson.com/apis?api_category=199
Ericsson Labs' presentation at Over the Air 2011.
Examples of how to establish a trusted identity, how to do mash-ups of multiple data feeds and how to secure peer-to-peer communication.
Microservices: Where do they fit within a rapidly evolving integration archit...Kim Clark
Do microservices force us to look differently at the way we lay down and evolve our integration architecture, or are they purely about how we build applications? Are microservices a new concept, or an evolution of the many ideas that came before them? What is the relationship between microservices and other key initiatives such as APIs, SOA, and Agile. In this session, we will unpick what microservices really are, and indeed what they are not. We will consider whether there is something unique about this particular point time in technology that has enables microservice concepts to take hold. Finally, we will look at if, when, where and how an enterprise can take on the benefits of microservices, and what products and technologies are applicable for that journey.
Known Unknowns: Testing in the Presence of Uncertainty (talk at ACM SIGSOFT F...David Rosenblum
talk presented in the Visions & Challenges Track of the ACM SIGSOFT 22nd International Symposium on the Foundations of Software Engineering (FSE 2014), Hong Kong, 20 November 2014; the paper won 2nd Prize in the track
SIGSOFT Impact Award: Reflections and Prospects (invited talk at SIGSOFT FSE ...David Rosenblum
Invited talk with Alexander L. Wolf upon receiving the first ACM SIGSOFT Impact Paper Award, at the 16th ACM SIGSOFT International Symposium on the Foundations of Software Engineering (ACM SIGSOFT FSE), 13 November 2008.
Assertions a Decade Later (invited talk at ICSE 2002)David Rosenblum
Invited talk upon receiving the 2002 ICSE Most Influential Paper Award for ICSE 1992, at the 24th International Conference on Software Engineering (ICSE 2002), 22 May 2002.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Essentials of Automations: Optimizing FME Workflows with Parameters
Applications and Abstractions: A Cautionary Tale (invited talk at a DIMACS Working Group)
1. Applications and
Abstractions
A Cautionary Tale
David S. Rosenblum
Felicitous Computing Institute
School of Computing
National University of Singapore
2. My Net Cred
• SIENA Internet-scale publish/subscribe system
Collaboration with Alex Wolf & Antonio Carzaniga
• Formerly Principal Architect and CTO of
• Confidentiality in Internet-scale publish/subscribe
• ROAR: Rendezvous on a Ring
PhD of Costin Raiciu, collaboration with Mark Handley
• Some papers in ACM TOCS, PODC, SIGCOMM, ICNP
• Ten patents for work at
3. Question 0
What is (an) abstraction?
“the process of considering something
independently of its associations, attributes,
or concrete accompaniments”
[Oxford American Dictionary]
• Implementation independence
• Widespread applicability and reusability
4. Question 1
Why are abstractions needed?
• for understanding and reasoning
• for designing and implementing
5. Question 1
Why are abstractions needed?
• for understanding and reasoning
• for designing and implementing
My focus in this talk is on
abstractions for building applications that
are to be deployed on the Internet
6. Question 2
What abstractions are needed?
• Communication paradigms
• Storage paradigms
• Structuring and coordination paradigms
• Formal logical models of these
• Formal quantitative models of these
7. Question 2
What abstractions are needed?
• Communication paradigms
• Storage paradigms
• Structuring and coordination paradigms
• Formal logical models of these
• Formal quantitative models of these
My own interests are in communication
paradigms and probabilistic models
8. The Thesis of This Talk
General-purpose abstractions for building
applications can lose their generality and/or
abstractness once realized at
Internet scale.
9. The Thesis of This Talk
General-purpose abstractions for building
applications can lose their generality and/or
abstractness once realized at
Internet scale.
There may be many approaches for realizing an abstraction, but
each one employs its own assumptions, algorithms, protocols,
optimizations and heuristics.
10. The Thesis of This Talk
General-purpose abstractions for building
applications can lose their generality and/or
abstractness once realized at
Internet scale.
There may be many approaches for realizing an abstraction, but
each one employs its own assumptions, algorithms, protocols,
optimizations and heuristics.
Those choices can strongly constrain the set of applications able
to use the realization naturally, effectively and efficiently.
11. Motivating Example
Publish/Subscribe
• Natural abstraction for multi-way,
asynchronous dissemination of data
notifications,
Applications alerts, updates • At application level, middleware or
brokers provide decoupling,
Components events
anonymity, matching, caching,
authentication, and many other
Objects events
services
signals,
OS interrupts • Many conceivable applications at
Internet scale
12. Motivating Example
Publish/Subscribe
subscribe
• Natural abstraction for multi-way,
asynchronous dissemination of data
notifications,
Applications alerts, updates • At application level, middleware or
brokers provide decoupling,
Components events
anonymity, matching, caching,
authentication, and many other
Objects events
services
signals,
OS interrupts • Many conceivable applications at
Internet scale
13. Motivating Example
Publish/Subscribe
subscribe
publish
• Natural abstraction for multi-way,
asynchronous dissemination of data
notifications,
Applications alerts, updates • At application level, middleware or
brokers provide decoupling,
Components events
anonymity, matching, caching,
authentication, and many other
Objects events
services
signals,
OS interrupts • Many conceivable applications at
Internet scale
15. Internet-Scale Pub/Sub
Applications
symbol = “AAPL” and price > 700.00
symbol = “AAPL”, price = 701.23, shares = 5000, [etc.]
Stock Quotes
16. Internet-Scale Pub/Sub
Applications
Location-Dependent Travel Alerts
bus arrivals, taxi dispatching, traffic incidents, etc.
17. Internet-Scale Pub/Sub
Applications
bus = (10 or 30 or 51 or 143 or 188) and nextnextstop = 16069
bus = 143, capacity = 0.9, stop = 16089, nextstop = 16079, nextnextstop=16069
Location-Dependent Travel Alerts
bus arrivals, taxi dispatching, traffic incidents, etc.
19. SIENA
• General-purpose realization of publish/
subscribe at Internet scale
• Designed as a decentralized overlay of brokers
• Full content-based matching of notifications to
subscriptions with best-effort delivery
• Self-describing notifications―no notification
types, predefined topic hierarchies, etc.
31. SIENA
Implied Ideal Application Characteristics
• Many publishers and many subscribers
To justify decentralized implementation
• Notifications much more frequent than subscriptions
To justify subscription forwarding
• Low subscription churn
To justify subscription forwarding and merging
• High subscription selectivity
To justify content-based matching in brokers
• Subscription similarity correlated with network locality
To justify subscription merging
32. SIENA
Implied Ideal Application Characteristics
• Many publishers and many subscribers
not Stock Quotes
• Notifications much more frequent than subscriptions
not Software Updates
• Low subscription churn
not location-dependent applications
• High subscription selectivity
not Software Updates
• Subscription similarity correlated with network locality
not Stock Quotes, Software Updates, MMOGs, etc.
33. SIENA
Implied Ideal Application Characteristics
☞ Few applications have all these characteristics
Traffic alerts
Social interaction alerts
others?
34. Internet-Scale Pub/Sub
Other Approaches
☞ Other approaches induce similar limitations
• Gryphon
• Subscription flooding over tree of clusters
• Applicable if subscriptions are few and stable
• Hermes
• Rendezvous nodes allocated to content types
• Applicable if load is spread evenly by type
• PreCache
• Trie- and kd-tree-based subscription storage
• Applicable if subscription churn is very low
35. Conclusion
• Conceptually, publish/subscribe is a very general
abstraction
• But it loses generality once realized at Internet
scale
• And it does so for reasons that have little to do
with the peculiarities of the Internet
• Adaptability as a compromise
ROAR’s partitioning/replication tradeoff
Alex and Antonio’s content-based networking (CBN)
36. Question 3
How can research ... be fostered ... ?
• With respect to abstractions for building ...
I would like to have better formal logical
and probabilistic models ...
... for exploration of and reasoning
about ...
... the design space induced by a network
abstraction like publish/subscribe.