SecAppDev 2020 Lecture Details
Automated software testing and verification
Thursday March 12, 16:00 - 17:30
Discover a technology stack that allows us to construct distributed software systems with well-defined security guarantees. We will address testing, formal verification, and runtime isolation.
Software vulnerabilities occur when a system can be abused in ways not anticipated by the designers, developers, or testers. The conventional approach to finding vulnerabilities resembles the search for a needle in a haystack and testers may miss critical issues. This talk focuses on approaches to automated testing and software analysis. Many tools in this field integrate efficiently with current approaches to secure software development and security testing. We also explore how to integrate a verified component in untrusted computing infrastructure.
Understand the interplay of testing, verification, and runtime support to secure software systems.
Architects, developers, testers, software security and verification engineers
Development and testing experience.
Jan Tobias Muehlberg
Research Manager, imec-DistriNet, KU Leuven
Jan Tobias Muehlberg works as a research manager at imec-DistriNet, KU Leuven (BE). He is active in the fields of software security, formal verification and validation of software systems, specifically for embedded systems and low-level operating system components. Tobias is particularly interested in security architectures for safety-critical embedded systems and for the Internet of Things.
Related security activities sessions
Story-driven threat modeling for the Agile-DevOps age
Lecture by Abhay Bhargav
Find that your Threat Modeling is outmoded, outdated and out of touch with your rapid-release app? Learn how you can change that with "story driven threat models" where you are threat modeling with your Agile Sprint and iterative SDLC
Security activities Thursday March 12, 14:00 - 15:30
Application security seen from an enterprise level
Lecture by Stefaan Van Daele
Developing secure code is a good start, what more could you do to improve security posture? The session puts secure application development in the context of an Enterprise Security Architecture model and how these two relate to each other.
Security activities Thursday March 12, 16:00 - 17:30