Principal Researcher, Microsoft Research
It’s the End of the World as We Know It (And I Feel Fine)
The end of Dennard scaling and the imminent end of semiconductor feature scaling means that software systems and applications will no longer benefit from 40% per annum performance increases, a continually rising tide that lifted all boats. Future software developers will work harder to find the capability to support productive, high-level programming languages; richer, more natural models of human-computer interactions; and new, compute-intensive applications.
This talk focuses on what software can do to find the performance headroom that we need. The solutions to this problem are more diverse and challenging than our previous path, and do not offer 40 years of uninterrupted progress. Some of these improvements are the performance engineering discipline that has only been necessary in cutting-edge systems, while others are opportunities to change the way in which software is developed. The new emphasis on performance, monitoring, adaptation and new ways of developing software should also lead the hardware and architecture communities to revisit the long-standing debate on the hardware-software interface.
Professor, Department of Computer Science, UCSB
Malware Riding Badware: Challenges in Analyzing (Malicious/Benign) Web Applications
The Web has become a dangerous place, where simple rules of behavior no longer keep a user out of trouble. Sophisticated drive-by download attacks, delivered through compromised web sites are reaching users through seemingly innocuous search engine queries. Malicious web pages are turning helpless victims into armies of bots that participate in a historically unprecedented transfer of wealth in the form of intellectual property, trade secrets, and classified information.
This talk describes how this problem can be tackled from two different points of view: The identification of the web application vulnerabilities that allow for site compromise and the detection of web-based malware that attacks the users’ browsers. This two issues go hand-in-hand, and require automated approaches in order to keep up with the pace at which cybercriminals devise new ways to exploit and hijack web applications and browsers.
Professor, Department of Electrical Engineering and Computer Science, MIT
Runtime verification monitors the execution of program to determine if it satisfies (typically specified) correctness properties. But what happens when the program violates the correctness properties? The standard view is that continued execution may be unsafe, so the execution must be terminated.
We present a variety of intervention techniques that enable software systems to exhibit remarkable flexibility and resilience in the face of errors and faults. These techniques can deliver safe continued execution that offers significant benefits over termination. We also present techniques that build on this malleability to purposefully modify the computation to adapt to changing needs, delivering benefits such as improved performance and reduced power consumption.
These results place the advantages of runtime intervention and adaptation clearly on display. They also point the way to a future in which developers produce not the final version of the program which the system blindly executes, but instead a starting point for further modification and evolution as the system adapts to dynamically observed events and conditions.