Insecure, Unsafe, and Lying Software.
Eduardo Fernandez, Professor of Computer Sci & Eng at FAU
Software systems are now an integral part of our life. Databases maintained by a variety of institutions & organizations define who we are, what we own, what is our expertise, our jobs, as well as holding our flight reservations, tickets for concerts, appointments, etc. In other words, they hold a panorama of our past, present, and future life. Most parts of this panorama persist through our whole life, and even beyond. Therefore, we need to expect that this data is accurate, protected properly, and designed appropriately. The entities that control all these data have an enormous influence on our lives and must be trustworthy. However, due to greed or negligence, sometimes software systems turn against us.
We show three recent examples of software that was intentionally or negligently mishandled by important corporations: Equifax’s database breach of 150 million records (insecure software); Volkswagen’s emission controls pollution deceit (lying software), and Boeing’s 737MAX crashes with 346 people dead (unsafe software). Details of these cases are described to see the errors and the intentional or negligent decisions that produced those outcomes. We’ll discuss how we can prevent these problems.
Speaker’s Bio: Eduardo B. Fernandez (Eduardo Fernandez-Buglioni) is a professor in the Department of Computer Science and Engineering at Florida Atlantic University, Boca Raton, Florida. He has published numerous papers on authorization models, object-oriented analysis and design, cloud computing, and security patterns. He has written four books on these subjects, the most recent being a book on security patterns; he is working now on a book on Cloud and IoT security patterns. He has lectured all over the world, taught several graduate and undergraduate courses, and is an active consultant for IBM, Allied Signal, Panasonic, Motorola, Lucent, Huawei, etc. He holds an MS degree in Electrical Engineering from Purdue University and a Ph.D. in Computer Science from UCLA.