Monday, January 21, 2013

Software security needs survey and vulnerability handling

Last week, I was part of a panel at the NSF SI2 PI meeting. It was a good meeting discussing a lot of the challenges we are facing with sustainability and engaging the science community. Two presentations I found of particular interest were Neil Chue Hong's presentation on Software Sustaibaility (I'm very happy to have Neil on CTSC's advisory committee) and Jim Herbsleb's presentation on software ecosystems (not posted at this time unfortunately).

My presentation was on things software projects should do in order to handle vulnerabilities, something members of the CTSC team have from being leaders of software projects, from being part of the team running large production infrastructures and doing research into finding software vulnerabilities. For those wanting more information on this topic, I wrote a white paper on it a couple years ago.

I also announced that CTSC has a survey for NSF projects writing software. We'd like to better understand your projects needs, so please take a few minutes to complete it. Or if you prefer, just contact me directly at or (812) 856-0363.