Characterizing Defects in Infrastructure as Code


Akond Rahman

Event Details
Tuesday, January 29, 2019
Talk:
4 p.m., Avery 115

Reception:
3:30 p.m., Avery 348

Akond Rahman, Ph.D.

Ph.D. Candidate , North Carolina State University

Abstract

Infrastructure as code (IaC) is the practice of automatically configuring dependencies and managing infrastructure in information technology (IT) organizations. However, defects and security weaknesses in IaC scripts can have severe consequences such as creating wide-scale outages. Analysis of defects and security weaknesses in IaC scripts could reveal characteristics to mitigate defects and potential security weaknesses in IaC scripts. In my talk I will present the findings from two research projects that identify (i) properties in defective IaC scripts; and (iii) potential security weaknesses in IaC scripts. I will discuss the implications of my findings along with future research directions in emerging software engineering platforms such as internet of things.

Speaker Bio

Akond Rahman is a PhD candidate at North Carolina State University. His research interests include DevOps, Software Security, and Applied Software Analytics. He graduated with an M.Sc. in Computer Science and Engineering from University of Connecticut and a B.Sc. in Computer Science and Engineering from Bangladesh University of Engineering and Technology. He won the Microsoft Open Source Challenge Award in 2016 and the ACM SIGSOFT Doctoral Symposium Award in 2018. To know more about his work visit https://akondrahman.github.io/