This event has ended. Visit the official site or create your own event on Sched.
Gateways 2020 is scheduled from October 12 to October 23, with the tutorial and workshop track during the first week and the main conference track during the second week. This fifth Gateways annual conference is an opportunity for gateway creators and enthusiasts to learn, share, connect, and shape the future of gateways, while supporting and growing our community. Register for the conference by October 5.

The default time zone is Eastern Time. You can adjust it to your time zone on the right side of the schedule underneath the search box (or in the top bar, depending on the width of your screen).

Already registered for the conference and want to personalize your own schedule? Sign up for your own free Gateways 2020 Sched account. Note: Signing up for Sched is NOT the same as registering for the conference.
Back To Schedule
Wednesday, October 14 • 1:00pm - 4:30pm
Secure Coding Practices & Automated Assessment Tools

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Limit: 30 participants

High performance computing increasingly involves the development and deployment of network and cloud services to access resources for computation, communication, data, instruments, and analytics. Unique to the HPC field is the large amount of software that we develop to drive these services. These services must assure data integrity and availability, while providing access to a global scientific and engineering community.
Securing your network is not enough. Every service that you deploy is a window into your data center from the outside world, and a window that could be exploited by an attacker.

This tutorial is relevant to anyone wanting to learn about minimizing security flaws in the software they develop or manage. We share our experiences gained from performing vulnerability assessments of critical middleware. You will learn skills critical for software developers and analysts concerned with security.

Software assurance tools – tools that scan the source or binary code of a program to find weaknesses – are the first line of defense in assessing the security of a software project. These tools can catch flaws in a program that affect both the correctness and safety of the code. This tutorial is also relevant to anyone wanting to learn how to use these automated assessment tools to minimize security flaws in the software they develop or manage.
  • Audience: This tutorial is targeted at developers wishing to minimize the security flaws in the software that they develop. The target audience for this tutorial is anyone involved with the development, deployment, assessment, or management of critical software.
  • Skill level: 50% beginner, 25% intermediate, 25% advanced
  • Prerequisites: To gain maximum benefit from this tutorial, attendees should be familiar with the process of developing software and at least one of the Java, C, C++ or scripting programming languages. This tutorial does not assume any prior knowledge of security assessment or vulnerabilities.
  • Advance Setup: This tutorial includes hands-on exercises, and a few steps can help you prepare for it. In https://www.cs.wisc.edu/mist/tutorial-instructions.pdf, you can find the instructions for downloading the virtual machine image we'll use for the hands-on exercises. Please follow those instructions, and feel free to contact elisa@cs.wisc.edu if you have any questions or issues. 

Wednesday October 14, 2020 1:00pm - 4:30pm EDT
Tutorial Rooms