Building Highly Dependable Software

Building Highly Dependable Software is a two-day training course with programming exercises taught by Matthew Butler. It is offered at the Gaylord Rockies from 9AM to 5PM on Saturday and Sunday, September 19th and 20th (immediately following the conference). Lunch is included.

Course Description

Whether you write software that runs in insecure environments, safety critical systems that protect lives or just software that has to survive whatever your users throw at it that day, building highly dependable software begins with robust designs and high-quality, bug-free code.

The difference between a garden variety bug and a security vulnerability lies in how close that bug is to an attack surface. The difference between a recoverable system error and a fatal safety fault depends on how well the designers have built a fail-safe system. But how do you tell the difference? If you write high-quality, bug-free code on robust architectures you are most of the way to having secure, highly dependable systems.

So how do you build safe, secure architectures and write high-quality, bug-free code? In this class we’ll learn how to design, write, review and test code to its highest quality. And in the process, we’ll learn how to build highly dependable systems.

This is a highly interactive class that begins with an exercise where the class works to penetrate into a live system exploring how simple mistakes can lead to large vulnerabilities. Then we move through the design process, development and test and finish out with goals for building more secure, robust and safe systems.

Course Topics

  • Why systems fail
  • Architecture analysis
  • Threat Modeling techniques
  • Code review techniques for safety and security
  • Penetration techniques and tools
  • Secure designs, code structure and hardened code
  • Designs for safety critical applications
  • Test case development
  • Testing strategies and tools for safety and security
  • Static Analysis
  • Dynamic Analysis
  • Fuzz Testing
  • Best practices for software design
  • How updates to C++20 affect code quality and safety & security outcomes

Prerequisites

A laptop is recommended but not required.

Register Here

Course Instructor

Matthew Butler

Matthew Butler has been using C++ professionally since 1990. He has spent the past three decades as a systems architect and software engineer developing systems for network and applications security, signals intelligence, real-time data analysis and safety critical systems. He works on platforms ranging from embedded micro-controllers to FPGAs to large-scale, real-time platforms. He is a member of the ISO C++ Standards Committee and is focused on core language features, software vulnerabilities and safety critical systems. He is also an international conference speaker and trainer in secure software development and safety critical systems.