September 24-26, 2017 At the Hyatt Regency, Cambridge, MA

IEEE Secure Development Conference



Posted on: July 28th, 2017 by Yousef Iskander

Christoph Kern

Software Engineer, Google

Christoph Kern is a software engineer in Google’s Information Security Engineering organization, whose goal is to keep Google’s products secure and users safe. Within this larger organization, he works with a team of security engineers to prevent security defects in Google’s applications and services through framework, API, and platform design.

9:15 am, Monday, September 25, 2017
Secure Design: A Better Bug Repellent

Traditionally, software security assurance has focused largely on discovering bugs after the fact (through (fuzz) testing, static analysis, or code review), with a bit of developer education added in. Our experience at Google shows that in practice, this doesn’t work all that well, especially for certain classes of vulnerabilities such as those related to complex, whole-system flows of untrusted data.

A step towards addressing this unsatisfactory state of affairs is to change focus from chasing down instances of implementation-level defects and vulnerabilities, and instead treat the mere potential that a particular type of defect could exist as a design flaw at the application architecture and frameworks level.

Over the past several years we have developed design patterns that, when applied to application architecture, API and framework design, do indeed result in a drastic reduction if not elimination of the potential for certain types of defects to occur in application code.

This talk will briefly summarize our perception of the limitations of traditional approaches to software security. We will then give examples of secure design patterns we have developed, and discuss how we were able to apply them at scale to frameworks and APIs that form the basis of Google flagship products such as GMail, Docs, Search, G+ and many others.

Francesco Logozzo

Theoretical & Experimental Static Analysis Expert, Facebook

Francesco is a Software Engineer in the Detection and Security Infrastructure team at Facebook. He has developed industrial static analyzers at Facebook and Microsoft. He has published more than 40 research papers in venues such as POPL, PLDI, and OOPSLA. He served in more than 20 program committees. He was invited to give invited speeches in both Industrial and Academic venues. He holds a Ph.D. in Abstract interpretation from Ecole Polytechnique, obtained under the supervision of Dr. Radhia Cousot.

1:15 pm, Monday, September 25, 2017
Defense-in-Depth at Facebook with Static Analysis

Facebook employs a defense-in-depth approach to product security; we use a range of preventative and detection-based approaches to help ensure that our Hack/PHP codebase and its myriad backend services behave as intended. In this context, ‘preventative’ might refer to secure-by-default libraries for doing privacy-aware data fetching. ‘Detection’ might refer to manual review by a security engineer, automated static analysis before the code is employed in production, runtime detection (e.g. Invariant Detector; IEEE S&P 2017), or our bug bounty program.

In this talk, I will discuss a static analyzer that we built to surface potential security and privacy issues in the codebase. We have developed a bottom-up, inter-procedural, abstract interpreter that focuses on security issues that are difficult to prevent using the type system (i.e., Hack) or secure libraries and frameworks. We designed the tool based on guidance from Facebook’s security engineering teams. When a new class of vulnerabilities is discovered, we evaluate whether it is amenable to static analysis. If that is the case, we prototype the new rule, refine it based on feedback from security engineers, and then evaluate the rule against the whole codebase. In some cases, we are able to generate a patch automatically. Concurrently, we run this tool on every code change, thus preventing the reintroduction of this type of issue.

I will also describe some of the advances in static analysis that enable the tool to scale to thousands of changes per day in a codebase that measures tens of millions of lines of code.

Eric Baize

Chairman, SAFECode; Vice President, Product Security, Dell EMC

Throughout his career, Eric Baize has been passionate about building security and privacy into systems and technology from design to deployment. He currently leads Dell EMC’s Product Security Office and serves as Chairman of SAFECode.

At Dell EMC, Eric leads the team that sets the standards and practices for all aspects of product security for the product portfolio: Vulnerability response, secure development, consistent security architecture, and code integrity throughout the supply chain.

Eric joined Dell through its combination with EMC where he built EMC’s highly successful product security program from the ground up and was a founding member of the leadership team that drove EMC’s acquisition of RSA Security in 2006. He later led RSA’s strategy for cloud and virtualization. Prior to joining EMC in 2002, Eric held various positions for Groupe Bull in Europe and in the US.

Eric has been a member of the SAFECode Board of Directors since the organization was founded in 2007 and also serves on the BSIMM Board of Advisors. He holds multiple U.S. patents, has authored international security standards, is a regular speaker at industry conferences and has been quoted in leading print and online news media. Eric holds a Masters of Engineering degree in Computer Science from Ecole Nationale Supérieure des Télécommunications de Bretagne, France and is a Certified Information Security Manager.

Follow Eric Baize on Twitter: @ericbaize

9:30 am, Tuesday, September 26, 2017
Scaling Secure Development by Changing the Software Culture Code

For almost two decades, software security practitioners have successfully defined advanced techniques and tools that can effectively be applied to develop secure software. Today, with tens of millions of developers creating code for all kinds of software-enabled devices, mobile apps and cloud services, we need to expand the conversation to how to scale software security. This talk will challenge developers, organizations and technology buyers to change their culture in order to deliver software security at scale. It will lay out a vision for a Software Culture Code ingrained with security. It will also identify the many stakeholders who are shaping today’s software culture. These stakeholders can have a direct or indirect influence over people and organizations creating or using software and change the way we work, leading to the delivery and deployment of more secure software.