Verified trustworthy software systems . The context is that I landed at Facebook in September of 2.
Infer static analyser with us from the verification startup Monoidics. Infer is based on recent research in program analysis, which applied a relatively recent development in logics of programs, separation logic. Infer is deployed internally, running continuously to verify select properties of every code modification in Facebook’s mobile apps; these include the main Facebook apps for Android and i.
OS, Facebook Messenger, Instagram, and other apps which are used by over a billion people in total. This talk describes our experience deploying verification technology inside Facebook, some the challenges we faced, lessons learned, and speculates on prospects for broader impact of verification technology. Show speakers. Professor Peter O'Hearn, Facebook and University College London, UKProfessor Peter O'Hearn, Facebook and University College London, UKPeter O’Hearn works as an Engineering Manager at Facebook with the Static Analysis Tools team, and as a Professor of Computer Science at University College London. Peter held academic positions at Syracuse and Queen Mary before UCL, and is the past recipient of a Royal Society Wolfson Research Merit Award, a Most Influential POPL Paper Award, and a Royal Academy of Engineering/Microsoft Research Chair.
His research has been in the broad areas of programming languages and logic, ranging from new logics and mathematical models to industrial applications of program proof. With John Reynolds he developed separation logic, a theory which opened up new practical possibilities for program proof.
In 2. 00. 9 he cofounded a software verification start- up company, Monoidics Ltd, which was acquired by Facebook in 2. The Facebook Infer program analyser, recently open- sourced, runs on every modification to the code of Facebook’s mobile apps, in a typical month issuing millions of calls to a custom separation logic theorem prover and resulting in hundreds of bugs being fixed before they reach production.
Understanding and verifying Java. Script programs. Professor Philippa Gardner, Imperial College London, UKAbstract. Java. Script is the most widely used language for client- side web applications. The dynamic nature of Java. Script, together with its complicated semantics, makes the understanding and development of Java.
Script code notoriously difficult. Because of this, Java. Script programmers still have very little tool support for catching errors early in development, compared with the abundance of tools (such as IDEs and specialised static analysis tools) that are available for more traditional languages such as C and Java. The development of such analysis tools for Java. Script web applications is known to be a challenging task. In this talk, I will describe: -- JSCert, a Coq mechanised specification of Java.
Tool Management Systems. Guhring Tool Management vending machines are available in drawer and scroll designs that work with barcode scanning software for maximum efficiency and. Management training courses are provided across the UK from IQMS. Enquire online about our audit training courses and IEMA training courses available at IQMS.
Script which is line- by- line close to the English standard. In future, we will develop JSIL front- ends for verification tools based on symbolic execution, such as CBMC used by Amazon, Infer developed at Facebook and Rosette.- -JSVerify, a fledgling symbolic execution tool which has currently been used to verify JSIL implementations of the internal and built- in functions of Java. Script. In future, we will develop a substantial Java. Script verification tool, requiring a formal link between the Java.
Script and JSIL program logics, a large engineering effort to make the verification tractable, and the verification of substantial program examples such as those from Google’s V8 array library. Our ultimate goal is to develop a trusted service for understanding and verifying Java. Script programs. Show speakers.
Professor Philippa Gardner, Imperial College London, UKProfessor Philippa Gardner, Imperial College London, UKPhilippa Gardner is a professor in the Department of Computing at Imperial. Her current research focusses on program verification: in particular, reasoning about web programs (Java. Script and DOM) and reasoning about concurrent programs.
She completed her Ph. D thesis, supervised by Professor Gordon Plotkin FRS at Edinburgh, in 1. She moved to Cambridge in 1. EPSRC Advanced Fellowship, hosted by Professor Robin Milner FRS. She obtained a lectureship at Imperial in 2. She held a Microsoft Research Cambridge/Royal Academy of Engineering Senior Fellowship from 2. Imperial. She is the Director of the Research Institute in Automated Program Analysis and Verification, funded by GCHQ in association with EPSRC.
Avoiding fatal flaws with formal methods. Professor Fred B.
Schneider, Cornell University, USAAbstract. Formal methods are once again in vogue as a tool for building software systems that can resist attacks.
The approach, however, has disappointed before. What might the future hold? We discuss the reasons for those past failures, and we explore what has changed (as well as what hasn't). Show speakers. Professor Fred B. Schneider, Cornell University, USAProfessor Fred B. Schneider, Cornell University, USAFred B.
Schneider is Samuel B. Eckert Professor of Computer Science at Cornell University and chair of the department. Schneider's research has focused on various aspects of trustworthy systems - systems that will perform as expected, despite failures and attacks. Schneider was named Professor- at- Large at the University of Tromso (Norway) in 1.
Doctor of Science honoris causa by the University of Newcastle- upon- Tyne in 2. He received the 2. IEEE Emanuel R. National Academy of Engineering elected Schneider to membership in 2. Norges Tekniske Vitenskapsakademi (Norwegian Academy of Technological Sciences) named him a foreign member in 2. A rigorous approach to consistency in cloud databases. Dr Alexey Gotsman, IMDEA Software Institute, Spain. Abstract. Modern databases underlying large- scale cloud services guarantee immediate availability and tolerate network failures at the expense of providing only weak data consistency guarantees.
Unfortunately, we currently lack sophisticated theory and tools that would help programmers in using such databases correctly despite the effects of weak consistency. I will present our ongoing work that uses formal techniques to study how weak consistency in cloud databases affects the correctness of applications using them. Building on it, we aim to improve the programmability and performance of cloud databases. Show speakers. Dr Alexey Gotsman, IMDEA Software Institute, Spain. Dr Alexey Gotsman, IMDEA Software Institute, Spain.
Alexey Gotsman is an Assistant Research Professor at the IMDEA Software Institute in Madrid, Spain. Before joining IMDEA, he was a postdoctoral fellow at the University of Cambridge, where he also got his Ph. D. Alexey's research interests are in programming models and verification techniques for concurrent and distributed software.
Royal Australian Navy Case Study: Siemens PLM Software. A tragic beginning. With billions of dollars in assets and a critical role in national defense, the Navy needed effective and reliable logistics information systems management.
On May 5, 1. 99. 8, a fire aboard the Royal Australian Navy fuel tanker HMAS Westralia claimed the lives of four of its crew. A commissioned study into the tragedy identified numerous areas in which improvement was necessary in the way the Navy approached product lifecycle management. This included acquiring a dedicated Navy- wide configuration management tool that would provide the impetus to rectify the deficiencies in the change management process that contributed to the Westralia incident. Improving safety and performance. Since the time of the incident, the Navy has put enormous effort into overhauling and updating its configuration management framework and supporting information systems, an effort now being enhanced by the addition of Teamcenter. Teamcenter is a digital lifecycle management solution. Managing the entire logistics system.
The Logistics Information Management Group, a part of the Maritime Systems Division of the Defense Material Organization, is responsible for Navy logistics. Procuring Teamcenter was the last piece of the puzzle. The program and the configuration management tool allow us to manage that definition through the entire life of the asset, so that at all times the people on the ship understand what their ship looks like and how they should repair, operate and maintain that ship to sustain its maximum operational capability. They raise a problem report to the shore support organization, and that problem report goes through the workflows that we implemented in the Teamcenter product. There were systemic failures in that business process, which placed at risk our people on the ships we support. The evaluation was a competitive tender with the contract awarded to Siemens PLM Software as the technology provider and to Product Lifecycle Management Australasia (plm) for implementation and support.
Note: plm is the master distributor for Siemens PLM Software throughout Australia and New Zealand. So it was only eight weeks from the time that the tenders were presented to when we presented a report. Further evaluation of how many seats will actually be needed will be performed at the time of implementation. Our System Program Office (SPO) sites are the end users of Teamcenter and they are located Australia- wide. For the implementation of the first project, the principal customer was in Perth; for our next project the principal customer is in Sydney; and then for the third project the principal customer is in Canberra.
And there are others to come in Cairns,Wollongong and Darwin. The integration capabilities of Teamcenter have proven invaluable in bringing together these numerous legacy data systems under the one Teamcenter data architecture.
We may be able to buy or procure the best piece of software, but the support of this software is also very important. Here we have a mature and sound piece of software and a very sound company to support that.