The SWAMP will be presenting and demonstrating at Software Assurance Conference 2018! SwACon is a software assurance (SwA) conference dedicated to advancing the state of the art in software assurance disciplines. The theme of this year’s event is open source tools and techniques that are available for SwA activities. The event is hosted by the Software Engineering Institute (SEI) in collaboration with the DoD Joint Federated Assurance Center (JFAC).
SwACon 2018 will be held on Tuesday, November 27 at the NRECA Conference Center (4301 Wilson Blvd. Arlington, VA – 1st floor). There will be presentations all day, roughly from 9am to 5pm Eastern, and you may attend only selected presentations, if needed. The event is free of charge but does require advance registration. Remote participation will also be available. To register, email swamp@continuousassurance.org for details before November 18.
Agenda:
SwACon 2018
November 27th, 2018
NRECA Conference Center (1st floor)
Arlington, VA
8:45AM to 9:30AM Check-in and Registration; Light breakfast items to be served
9:30AM to 10:45AM Getting Started with ROSE Compiler Infrastructure – Dan Quinlan
ROSE is an open source compiler infrastructure to build source-to-source program transformation and analysis tools for large-scale C (C89 and C98), C++ (C++98 and C++11), UPC, Fortran (77/95/2003), OpenMP, Java, Python, and PHP applications. ROSE is developed at Lawrence Livermore National Laboratory (LLNL). Presented by Dr. Dan Quinlan, LLNL.
10:45AM to 11:00AM Morning beverage break
11:00AM to 12:00PM Introduction to Binary Analysis with Pharos – Cory Cohen
The SEI’s Pharos project is an open-source static binary analysis framework that is primarily targeted at malware analysis but can also be used for software assurance tasks. Presented by Cory Cohen, SEI.
12:00PM to 1:00PM Lunch break – participants on their own for lunch
1:00PM to 2:30PM Introduction to Software Assurance Marketplace (SWAMP) - Von Welch & Brian Aydemir
Join us to learn about the Software Assurance Marketplace (SWAMP) – a Continuous Software Assurance Platform. During this presentation, we will introduce the SWAMP project and team, describe SWAMP’s capabilities, present a live demo, and explain how you can start using the SWAMP. Presented by Von Welch, Director of Indiana University – Center for Applied Cybersecurity Research (CACR) & Brian Aydemir, Systems Integration Developer, Morgridge Institute for Research/SWAMP.
2:30PM to 2:45PM Afternoon break; Light snacks to be served
2:45PM to 3:45PM Securing Software with Trail of Bits – Peter Goodman & Trent Brunson
3:45PM to 3:55PM Short transition break
3:55PM to 4:55PM Introduction to Source Code Analysis Laboratory (SCALe) - Lori Flynn