BEGIN:VCALENDAR VERSION:2.0 PRODID:Linklings LLC BEGIN:VTIMEZONE TZID:America/Denver X-LIC-LOCATION:America/Denver BEGIN:DAYLIGHT TZOFFSETFROM:-0700 TZOFFSETTO:-0600 TZNAME:MDT DTSTART:19700308T020000 RRULE:FREQ=YEARLY;BYMONTH=3;BYDAY=2SU END:DAYLIGHT BEGIN:STANDARD TZOFFSETFROM:-0600 TZOFFSETTO:-0700 TZNAME:MST DTSTART:19701101T020000 RRULE:FREQ=YEARLY;BYMONTH=11;BYDAY=1SU END:STANDARD END:VTIMEZONE BEGIN:VEVENT DTSTAMP:20260422T000712Z LOCATION:402 DTSTART;TZID=America/Denver:20231112T133000 DTEND;TZID=America/Denver:20231112T170000 UID:submissions.supercomputing.org_SC23_sess215_tut105@linklings.com SUMMARY:Secure Coding Practices and Dependency Analysis Tools DESCRIPTION:Elisa Heymann (University of Wisconsin, Madison; Autonomous Un iversity of Barcelona, Spain) and Barton Miller (University of Wisconsin-M adison)\n\nHPC increasingly involves the development and deployment of net work and cloud services. Unique to the HPC field is the large amount of so ftware that we develop to drive these services. These services must assure data integrity and availability, while providing access to a global scien tific and engineering community. \n\nSecuring your network is not enough! Every service that you deploy is a window into your data center from the o utside world, and a window that could be exploited by an attacker.\n\nThis tutorial is relevant to anyone wanting to learn about minimizing security flaws in the software they develop or manage. We share our experiences ga ined from performing vulnerability assessments of critical middleware. You will learn skills critical for software developers and analysts. \n\nDepe ndency analysis tools –tools that find weaknesses in the software supply c hain– are the first line of defense in assessing the security of a softwar e project. These tools can catch flaws in the packages and libraries a pro gram depends upon, and that affects the safety of the application. This tu torial is also relevant to anyone wanting to learn how to use these automa ted dependency analysis tools to minimize security flaws in the software t hey develop or manage.\n\nTag: Performance Measurement, Modeling, and Tool s, Software Engineering\n\nRegistration Category: Tutorial Reg Pass\n\n END:VEVENT END:VCALENDAR