A Canadian Guide to the Heartbleed Bug

What is the Heartbleed Bug?

Heartbleed Bug

The Heartbleed bug is a recently identified bug in the OpenSSL security protocol toolkit. OpenSSL is widely used on web servers to encrypt user data.In general, software bugs are computer program error that cause the software to behave in an unexpected way (e.g., crash, produce a wrong output). Security bugs are a special kind of bug that can lead to a security vulnerability which allows the software system or the data stored in the system to be accessed in a way that was unintended.

Continue reading

What’s New for Concurrency in Java SE 8?

Java SE 8 Java logo was officially released yesterday (March 18th) and given the fact that Java 7 was released back in 2012, there are definitely lots of updates and new features. These updates include improvements to the Java language itself, Java security, Java tools and more. Although a lot of these updates are interesting and important I am specifically interesting in exploring: What’s new for concurrency?

Based on the release notes the concurrency-related additions are: Continue reading

A Computer Science Professor’s Backpack

Every morning I read through my favourite technology blogs and one series of blog posts that I confess to enjoying are the Featured Bag posts on Lifehacker. These are basically a series of posts where different people from different jobs/walks of life describe the kind of bag they use and what they keep inside it. I find this interesting because I’m always looking for ways to ensure that what I carry to and from work, to research meetings, and to conferences is lightweight and maximizes functionality. A collection of user submitted bags/backpacks can be found on the Lifehacker Go Bag Show and Tell (hosted on Flickr).

So with that said here is my backpack:

My Backpack Continue reading

Advice on Finding Relevant Research Papers

One of the questions I often get asked by new research students in my lab is how can they find research papers that are relevant to their thesis. For a student new to research this can be a very daunting task and doing a straight Google, Bing or Yahoo search generates a lot of noise (i.e. irrelevant content, non peer-reviewed papers, etc.).

The first advice I usually give is where to start searching. There are a number of academic-specific search engines that provide good results from a wide variety of researcher, publisher and academic websites. For example: Continue reading

Interesting Quotes from AMD Canada Event

Quote

On March 7th of last year I attended an OCE event called the “AMD HSA and Heterogeneous Computing Research Showcase.” I recently came across my notes from the event and I thought a few quotes from the keynote speaker, Phil Rogers from AMD Canada,  were worth sharing.

Phil Rogers on AMD’s commitment to open industry standards:

“open standards always win over time.” 

Phil Rogers on programming with threads:

“An expert can get two threads right. An expert can sometimes get three threads right… but cannot get all of the test cases right… doesn’t scale (to 100s of threads).”

Empirical Methods Should Guide the Development of New Software Engineering Tools

Quote

The following quote is one of my favorite quotes regarding the right way to conduct Software Engineering (SE) research. It summarizes the importance of utilizing empirical methods to inspire and guide the development of new SE tools and techniques:

“In all fields of SE, empirical methods should enable the development of scientific knowledge about how useful different SE technologies are, for different kinds of actors, performing different kinds of activities, on different kinds of systems. Such scientific knowledge should guide the development of new SE technology and be a major input to important SE decisions in industry and services.”

– Dag I. K. Sjoberg, Tore Dyba, Magne Jorgensen. The future of empirical methods in software engineering research. In Proc. of ICSE 2007, Future of Soft. Eng. (FOSE ’07), pages 358-378, 2007.
Continue reading

Predicting Mutation Scores

Last week my MSc student, Kevin Jalbert, presented his early thesis results at the Workshop on Realizing Artificial Intelligence Synergies in Software Engineering (RAISE 2012). The workshop took place in Zurich Switzerland and was colocated with ICSE 2012. The title of the presentation (and the paper that appears in the proceedings) was “Predicting Mutation Score Using Source Code and Test Suite Metrics.” The paper was awarded the Best Paper Award at the workshop.

Mutation testing can be used to evaluate the effectiveness of test suites and can also be used as an oracle during the creation or improvement of test suites. Mutation testing works by creating many versions of a program each with a single syntactic fault. These program versions are created using mutation operators which are based on an existing fault taxonomy (i.e., a set of known fault types that we are trying to find during testing). One mutation operator, Relational Operator Replacement (ROR), could create a new mutant version of the program in which one of the instance of a relational operator (e.g., <) is replaced with a different operator. For example, line 3 of the following Java source  code: Continue reading

Good Resources for Learning to Program with Concurrency

With the increase in multicore processors there has been an increase in demand for concurrent programming and an increase in books and resources that focus on programming with concurrency. Below I will outline some of the books on my own bookshelf that have been useful.
Continue reading

The Importance of Incremental Research

Quote

Last year Bertrand Meyer authored a post titled Long Live Incremental Research! at BLOG@CACM. Rather then writing my own post on the topic, I instead want to encourage people to read Meyer’s post as I think he does a great job of summarizing the importance of approaching research incrementally and not aiming for the next great breakthrough. A few quotes from his post:

“First, 99.97% of all research (precise statistic derived from my own ground-breaking research, funding for its continuation would be welcome) is incremental. Second, when a “breakthrough” does happen — the remaining 0.03%  — it was often not planned as a breakthrough.”

Continue reading