Software Research Seminar Talks

  • Newell-Simon Hall
  • Mauldin Auditorium 1305
  • MIQUEL VELEZ and GABRIEL FERREIRA
  • Ph.D. Students
  • Ph.D. Program in Software Engineering, Institute for Software Research
  • Carnegie Mellon University
Talks

Miguel Velez, Software Engineering, Ph.D. Student
Reducing Instrumentation Overhead for Java Performance Measurement

We have developed a white-box approach to reduce the cost of building performance models for highly configurable systems. Part of our approach consists of instrumenting the code regions influenced by configuration options to know how their execution times are affected. As with any type of program instrumentation, we created overhead when executing the instrumented programs that we produced. However, for most of the programs we wanted to analyze, the overhead was extremely high! As a result, we were not able to run programs that would otherwise take a few seconds to execute. In this talk, I will present an approach that

Gabriel Ferreira, Software Engineering Ph.D. Student
Enabling Improved Security in Software Ecosystems: The Node.js/npm case

In this talk, I will present my most recent work on designing a permission system for the Node.js/npm ecosystem. I will introduce a threat model known as automatic package updates, an important security challenge in the Node.js/npm ecosystem, and will also present our analysis infrastructure based on static checks and runtime monitors that enable us to address this challenge. At the end of talk, I will discuss different designs for the permission system and speculate about how they affect its quality attributes of security, performance, and practicality

For More Information, Please Contact: 

cherold@andrew.cmu.edu

Keywords: