Title: A NIST Scientific Foundation Review of Digital Forensics
Abstract: Forensic science plays a vital role in the criminal justice system by providing scientifically based information through the analysis of physical and digital evidence. Software is a critical part of many forensic sciences, though none perhaps more so than the investigation of digital evidence. The National Institute of Standards and Technology (NIST) has been working to strengthen forensic science methods for almost a century. In recent years, several scientific advisory bodies have expressed the need for reviews of the scientific basis of forensic methods and identified NIST as an appropriate agency for conducting them. A scientific foundation review is a study that documents and assesses the foundations of a scientific discipline, that is, the trusted and established knowledge that supports and underpins the discipline’s methods. This talk will describe NIST’s scientific foundation study performed for digital evidence.
Bio: Barbara Guttman is the Manager of the Software Quality Group in NIST’s Information Technology Lab (ITL) and is the NIST lead for Digital Forensics. Her group runs the National Software Reference Library and the Computer Forensics Tool Testing Project. She is active in the Scientific Working Group on Digital Evidence (SWGDE), the Organization of Scientific Area Committee’s Digital Evidence Subcommittee (OSAC DE), and the International Association of Chiefs of Police Computer Crime and Digital Evidence Committee (IACP CCDE). She has been working in forensics for over 20 years. She also oversees research in software assurance: the Software Assurance Metrics and Tool Evaluation (SAMATE) project, the Static Analysis Tool Exposition, the SAMATE Reference Data Set, and the Bugs Framework (BF).
Title: How Software Verification Competitions Pave the Road for Better Tools
Abstract: In this talk I present a high-level overview of how software verification competitions have aided the improvement of static software verification tools in recent years, highlight the design principles of benchmark suites to achieve a fair comparison of static tools, and emphasize the importance of reproducibility for this purpose. Demonstrated by several evaluations, I also discuss obstacles and solutions to soundness and completeness of static analysis tools, and the differences in evaluating with benchmark suites versus real-world applications. I describe our design decisions in the development of our own data race benchmark suite, DataRaceBench, and reflect on how our design principles may have contributed to its acceptance by the community. Finally, I briefly summarize our own experience as participants in software verification competitions and describe aspects of our development process which produced error-free submission results seven years in a row.
Bio: Markus Schordan is a senior computer scientist at Lawrence Livermore National Laboratory in California. He is author/co-author of 50+ peer-refereed journal/conference/workshop publications, and served as program committee member in 25+ conference/workshop program committees, most recently C3PO@ISC 2022, Correctness@SC22, RC 2021, Correctness@SC21, ISoLA 2020/21, RC 2020, SLE 2019. He is a full voting member of the IFIP Working group 2.4 Software Implementation Technology, served as Co-General Chair of CGO 2018, the International Symposium on Code Generation and Optimization, and as Track Chair at ISoLA 2020/18/16 software verification tracks. Throughout his career, he has been working on aspects of software verification, compiler construction, high-performance computing, reversible computation, parallel discrete event simulation, and game engineering.
Title: The Digital Thread as Digital Transformation of Software-knit Ecosystems
Abstract: End-to-end interoperability is a challenge in smart advanced ecosystems. With the Digital Thread concept, we show how to tackle it at the application layer, by connecting the various components using advanced low-code/no-code model-driven application development platforms. This approach is powerful, as it combines domain specific data and computations at a higher level, it is elegant, as it provides methods and techniques for systematic integration based on layered Domain-Specific Languages (DSL), and it is transformative of the traditional software development paradigms, as it supports co-design and co-development with a much wider circle of individuals, including many non-programmers. We will show how this approach concretely supports several SDGs on a few examples from ongoing smart manufacturing and healthcare-related projects.
Bio: Professor Tiziana Margaria is Chair of Software Systems at the Dept. of Computer Science and Information Systems at the University of Limerick. She has broad experience in the use of formal methods for high assurance systems, in particular concerning functional verification, reliability, and compliance of complex heterogeneous systems. Current application domains are to embedded systems, healthcare, and smart advanced manufacturing. She is Vicepresident of the Irish Computer Society and of IFIP WG10.5. She is a principal investigator of Lero, the Irish research centre on Software, Confirm, the Irish national Research Centre on Smart Manufacturing, of LDCRC, the Limerick Digital Cancer Research Centre, and co-director of the SF Centre of Research Training in AI. Her most recent achievement is the Immersive Software Engineering integrated BSc/MSc, which is a tightly knit ecosystem spanning education, industrial practice and research.