The document describes the DynaMine tool which mines software revision histories to find common error patterns. It does this by analyzing co-changed and co-added method calls in revision histories to identify patterns related to usage, errors, or unlikely event patterns. DynaMine then ranks these patterns based on support and confidence metrics to prioritize likely error patterns for further analysis. It was tested on the JEdit and Eclipse projects.
An overview how to realize code generation of languages on the JVM that implement other class layouts than the Java programming languages. As an example, the inline-mock-maker for Mockito is discussed which supports languages like Kotlin that make any property final by default.
This is a short introduction to one of the newest and noisiest additions to the functional family. Chances are you have heard about Elixir before: created six years ago by José Valim, it has emerged rapidly in the Erlang ecosystem, attracting lots of attention. But what's so special about it? What's all the fuzz about? This talk will offer you a few selected sips for you to get a taste... but beware! You may want to drink all the bottle: if so, you may end up following the white rabbit down the hole and wake up in the Erlang wonderland.
While software engineers can disagree on almost any concept of programming best-practice, the necessity of writing unit tests remains undisputed. With the advent of concurrent applications and the ongoing deprecation of the one-thread-per-request model, unit tests do however miss an increasing fraction of programming errors such as race conditions or dead-locking code. But is it even possible to write tests that revise such errors? In the end, a good unit test is characterized by a determined execution path what effectively prevents the use of concurrency within a single test. However, there are tools and programming principles that allow for unit tests of concurrent code. This talk reviews typical mistakes made when concurrent code is tested and introduces Thread Weaver, a test suite for writing valid unit tests that uncover concurrency-related programming errors.
An overview how to realize code generation of languages on the JVM that implement other class layouts than the Java programming languages. As an example, the inline-mock-maker for Mockito is discussed which supports languages like Kotlin that make any property final by default.
This is a short introduction to one of the newest and noisiest additions to the functional family. Chances are you have heard about Elixir before: created six years ago by José Valim, it has emerged rapidly in the Erlang ecosystem, attracting lots of attention. But what's so special about it? What's all the fuzz about? This talk will offer you a few selected sips for you to get a taste... but beware! You may want to drink all the bottle: if so, you may end up following the white rabbit down the hole and wake up in the Erlang wonderland.
While software engineers can disagree on almost any concept of programming best-practice, the necessity of writing unit tests remains undisputed. With the advent of concurrent applications and the ongoing deprecation of the one-thread-per-request model, unit tests do however miss an increasing fraction of programming errors such as race conditions or dead-locking code. But is it even possible to write tests that revise such errors? In the end, a good unit test is characterized by a determined execution path what effectively prevents the use of concurrency within a single test. However, there are tools and programming principles that allow for unit tests of concurrent code. This talk reviews typical mistakes made when concurrent code is tested and introduces Thread Weaver, a test suite for writing valid unit tests that uncover concurrency-related programming errors.
Java agents and their instrumentation API offer developers the most powerful toolset to interact with a Java application. Using this API, it becomes possible to alter the code of running applications, for example to add monitoring or to inject security checks as it is done by many enterprise products for the Java ecosystem.
In this session, developers will learn how to program Java agents of their own that make use of the instrumentation API. Doing so, developers learn how the majority of tooling for the JVM is implemented and will learn about Byte Buddy, a high level code generation library that does not require any knowledge of Java byte code that is normally required for writing agents. In the process, developers will see how Java classes can be used as templates for implementing highly performant code changes that avoid the boilerplate of alternative solutions such as AspectJ or Javassist while still performing better than agents implemented in low-level libraries such as ASM.
JEEConf 2017 - Having fun with JavassistAnton Arhipov
Javassist makes Java bytecode manipulation simple. At ZeroTurnaround we use Javassist a lot to implement the integrations for our tools.
In this talk we will go through the examples of how Javassist can be applied to alter the applications behavior and do all kind of fun stuff with it.
Why is it interesting? Because while trying to do unusual things in Java, you learn much more about the language and the platform itself and learning about Javassist will actually make you a better Java developer!
Making Java more dynamic: runtime code generation for the JVMRafael Winterhalter
While Java’s strict type system is a great help for avoiding programming errors, it also takes away some of the flexibility that developers appreciate when using dynamic languages. By using runtime code generation, it is possible to bring some of this flexibility back to the Java virtual machine. For this reason, runtime code generation is widely used by many state-of-the-art Java frameworks for implementing POJO-centric APIs but it also opens the door to assembling more modular applications. This presentation offers an introduction to the complex of runtime code generation and its use on the Java platform. Furthermore, it discusses the up- and downsides of several code generation libraries such as ASM, Javassist, cglib and Byte Buddy.
Concurrent Programming in Java provides a brief overview of the following topics:
• Java language support for concurrency
• Concurrency utilities (java.util.concurrent package)
• Java collections for multithreading (java.util package)
• Parallel streams in Java 8.
Try out the examples. Source code here: https://github.com/CodeOpsTech/ConcurrentJava
At first glance, Java byte code can appear to be some low level magic that is both hard to understand and effectively irrelevant to application developers. However, neither is true. With only little practice, Java byte code becomes easy to read and can give true insights into the functioning of a Java program. In this talk, we will cast light on compiled Java code and its interplay with the Java virtual machine. In the process, we will look into the evolution of byte code over the recent major releases with features such as dynamic method invocation which is the basis to Java 8 lambda expressions. Finally, we will learn about tools for the run time generation of Java classes and how these tools are used to build modern frameworks and libraries. Among those tools, I present Byte Buddy, an open source tool of my own efforts and an attempt to considerably simplify run time code generation in Java.
OCJP Samples Questions: Exceptions and assertionsHari kiran G
Are you a Java enthusiast and preparing for Java 8 certification exam (OCP Java SE 8)? Try out this Quiz on Exceptions and Assertions
This quiz has answers with detailed explanation.
Java agents and their instrumentation API offer developers the most powerful toolset to interact with a Java application. Using this API, it becomes possible to alter the code of running applications, for example to add monitoring or to inject security checks as it is done by many enterprise products for the Java ecosystem.
In this session, developers will learn how to program Java agents of their own that make use of the instrumentation API. Doing so, developers learn how the majority of tooling for the JVM is implemented and will learn about Byte Buddy, a high level code generation library that does not require any knowledge of Java byte code that is normally required for writing agents. In the process, developers will see how Java classes can be used as templates for implementing highly performant code changes that avoid the boilerplate of alternative solutions such as AspectJ or Javassist while still performing better than agents implemented in low-level libraries such as ASM.
JEEConf 2017 - Having fun with JavassistAnton Arhipov
Javassist makes Java bytecode manipulation simple. At ZeroTurnaround we use Javassist a lot to implement the integrations for our tools.
In this talk we will go through the examples of how Javassist can be applied to alter the applications behavior and do all kind of fun stuff with it.
Why is it interesting? Because while trying to do unusual things in Java, you learn much more about the language and the platform itself and learning about Javassist will actually make you a better Java developer!
Making Java more dynamic: runtime code generation for the JVMRafael Winterhalter
While Java’s strict type system is a great help for avoiding programming errors, it also takes away some of the flexibility that developers appreciate when using dynamic languages. By using runtime code generation, it is possible to bring some of this flexibility back to the Java virtual machine. For this reason, runtime code generation is widely used by many state-of-the-art Java frameworks for implementing POJO-centric APIs but it also opens the door to assembling more modular applications. This presentation offers an introduction to the complex of runtime code generation and its use on the Java platform. Furthermore, it discusses the up- and downsides of several code generation libraries such as ASM, Javassist, cglib and Byte Buddy.
Concurrent Programming in Java provides a brief overview of the following topics:
• Java language support for concurrency
• Concurrency utilities (java.util.concurrent package)
• Java collections for multithreading (java.util package)
• Parallel streams in Java 8.
Try out the examples. Source code here: https://github.com/CodeOpsTech/ConcurrentJava
At first glance, Java byte code can appear to be some low level magic that is both hard to understand and effectively irrelevant to application developers. However, neither is true. With only little practice, Java byte code becomes easy to read and can give true insights into the functioning of a Java program. In this talk, we will cast light on compiled Java code and its interplay with the Java virtual machine. In the process, we will look into the evolution of byte code over the recent major releases with features such as dynamic method invocation which is the basis to Java 8 lambda expressions. Finally, we will learn about tools for the run time generation of Java classes and how these tools are used to build modern frameworks and libraries. Among those tools, I present Byte Buddy, an open source tool of my own efforts and an attempt to considerably simplify run time code generation in Java.
OCJP Samples Questions: Exceptions and assertionsHari kiran G
Are you a Java enthusiast and preparing for Java 8 certification exam (OCP Java SE 8)? Try out this Quiz on Exceptions and Assertions
This quiz has answers with detailed explanation.
A Bug Report Analysis and Search Tool (presentation for M.Sc. degree)yguarata
A M.Sc. Dissertation presented to the Federal University of Pernambuco in partial fulfillment of the requirements for the degree of M.Sc. in Computer Science.
Do you want to learn functional programming in Java using lambda expressions introduced in Java 8? Do you want to explore the foundational concepts to explore powerful stream API? This presentation provides an overview of lambda functions introduced in Java 8 through examples. Topics covered: What is functional programming, creating lambda expressions, functional interfaces, built-in functional interfaces, and method references.
Make sure you have JDK 8 installed for trying out the programs as you go through the self-contained programming examples.
On March 2014, Java 8 was released. These informal slides describe the new elements of the programming languages, focusing on those taken from the functional paradigm.
Slides for a talk at the Seattle Java User Group about building a workflow management application for a biomedical lab on top of the OSGi module system and the Eclipse Rich Client Platform.
Why is web application programming so difficult? Is it javascript fault? Is it our fault? Time to take the red pill and wake up in the real, event driven world. A world where if you can dodge the bullets of skyrocketing complexity, your programs can be made scalable, fault tolerant, extensible and just beautiful.
Why is web application programming so difficult? Is it javascript fault? Is it our fault? Time to take the red pill and wake up in the real, event driven world. A world where if you can dodge the bullets of skyrocketing complexity, your programs can be made scalable, fault tolerant, extensible and just beautiful.
Workshop slides from the Alt.Net Seattle 2011 workshop. Presented by Wes Dyer and Ryan Riley. Get the slides and the workshop code at http://rxworkshop.codeplex.com/
A preview of the MSR 2013 conference, May 18-19, 2013, in San Francisco, CA. REGISTER NOW! Early registration discounts until April 14. http://msrconf.org
Empirical Software Engineering at Microsoft ResearchThomas Zimmermann
An invited talk that I gave in Tokyo. Very special thanks to Shuji Morisaki who was my translator during the session. Many thanks to Chris Bird, Nachi Nagappan, Rahul Premraj, and Sascha Just who provided slides for this talk.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Epistemic Interaction - tuning interfaces to provide information for AI support
DynaMine: Finding Common Error Patterns by Mining Software Revision Histories
1. DynaMine
Finding Common Error Patterns by
Mining Software Revision Histories
Benjamin Livshits Thomas Zimmermann
Stanford University Saarland University
2. Error Pattern Iceberg
null dereferences,
buffer overruns, ...
The usual suspects
J2EE servlets
Application
specific
Device drivers Linux code
17. State Machines in Eclipse
Pretty-printing Usage pattern
o.redoAlignment()
o.enterAlignment() o.exitAlignment()
18. State Machines in Eclipse
Memory context manupilation
Not hit at runtime
OS.PmMemFlush()
OS.PmMemStart() OS.PmMemStop()
OS.PmMemCreateMC() OS.PmMemReleaseMC()
19. State Machines in JEdit
Compound edits (for undo/redo)
Usage pattern
o.insert()
o.remove()
o.beginCompoundEdit() o.endCompoundEdit()
23. Workspace Transactions
Usage pattern
S → O*
O → w.prepareOperation()
w.beginOperation()
U*
w.endOperation()
U → w.getWorkManager().beginUnprotected()
S
[w.getWorkManager().operationCanceled()]
w.getWorkManager().beginUnprotected()
24. Dynamic Validation
mine CVS rank and
revision
patterns
history mining histories filter
instrument relevant
method calls
run the application
dynamic
analysis
post-process
usage error unlikely
patterns patterns patterns
report report
reporting
patterns bugs
25. Pattern classification
post-process
v validations, e violations
usage error unlikely
patterns patterns patterns
ev/10 v/10=e=2v otherwise
26. Experiments
usage pattern
15
not hit
24
error pattern
8
unlikely
11
total 56 patterns
27. Future Work
Automatically generate state machines
Additional patterns by textual matching
Programmer assist tools
Programmers who inserted a call to open()
inserted a call to close()
Aspect Mining
28. Contibutions
DynaMine learns usage patterns from
large version archives.
DynaMine ranks patterns effectively,
especially for finding error patterns.
DynaMine increases trust in patterns by
dynamic analysis