Models are an important way of understanding software systems. If they do not
already exist, then we need to infer them from system behaviour. Most current
approaches infer classical FSM models that do not consider data, thus limiting
applicability. EFSMs provide a way to concisely model systems with an internal
state but existing inference techniques either do not infer models which allow
outputs to be computed from inputs, or rely heavily on comprehensive white-box
traces that reveal the internal program state, which are often unavailable.
Today, Software is rarely developed “on the green field”: software developers
are “composers” that build new system by combining existing solutions. Custom
code is, in many development projects, a curiosity.
More and more devices of our daily life are ``smart:’’ ranging from smart light
bulbs to smart TVs to smart fridges – everything can, and most likely will be,
in the future connected to the Internet. More and more people are already used
to remotely controlling their heating at home using their smartphone.
We are proud to announce the first public release of
Isabelle/DOF.
Isabelle/DOF is a
Document Ontology Framework (DOF) allowing annotating text elements in formal
developments with structured, typed meta-information. Developers can define this
meta-information according to their needs, e.g., to enable semantic queries (in
the sense of semantic web), tool interaction, or document generation.
After three and a half years in Sheffield, it is, again, time for new
challenges. After starting the security group in Sheffield by both making the
business case for a security group and being its first member, I am doing it
again: I am building a new Cybersecurity Group in Exeter: This time as Professor
and Head of Group.
As every year, the submission deadline for the International Workshop on OCL
and Textual Modeling is approaching fast. Get
ready now and prepare your paper(s): the Call for
Paper is already published.
Software vendors that consume thousands of Free and Open Source Software (FOSS)
components and offer more than a decade of support and security fixes are
expected to react quickly on disclosed vulnerabilities—in some case such as
Heartbleed, within hours.
This seems to be infeasible, in particular given that software vendors need to
know rather precisely, if their product is affected by a vulnerability in a
third party component or not: if they are not affected, they want to be able to
re-assure their customers that they are not affected as well. If they are
affected, they want to be able to fix the security vulnerability quickly and
with the least possible impact on existing functionality (and the least effort
for both the software vendor and its customers). So, how can we solve
this problem?
Do you want to join a world-class computer science department and help us to
establishment of an information and computer security research group? Then now
is the right time to
apply.
