Effective Performance Analysis and Debugging
Total Page:16
File Type:pdf, Size:1020Kb
Load more
Recommended publications
-
Towards an Application Lifecycle Management Framework
VTT CREATES BUSINESS FROM TECHNOLOGY Technology and market foresight • Strategic research • Product and service development • IPR and licensing Dissertation VTT PUBLICATIONS 759 • Assessments, testing, inspection, certification • Technology and innovation management • Technology partnership • • • VTT PUBLICATIONS 759 TOWARDS AN APPLICATION LIFECYCLE MANAGEMENT FRAMEWORK AN APPLICATION 759 TOWARDS • VTT PUBLICATIONS VTT PUBLICATIONS 742 Elina Mattila. Design and evaluation of a mobile phone diary for personal health management. 2010. 83 p. + app. 48 p. 743 Jaakko Paasi & Pasi Valkokari (eds.). Elucidating the fuzzy front end – Experiences from the INNORISK project. 2010. 161 p. 744 Marja Vilkman. Structural investigations and processing of electronically and protonically conducting polymers. 2010. 62 p. + app. 27 p. 745 Juuso Olkkonen. Finite difference time domain studies on sub-wavelength aperture structures. 2010. 76 p. + app. 52 p. 746 Jarkko Kuusijärvi. Interactive visualization of quality Variability at run-time. 2010. 111 p. 747 Eija Rintala. Effects of oxygen provision on the physiology of baker’s yeast Saccharomyces cerevisiae. 2010. 82 p. + app. 93 p. 748 Virve Vidgren. Maltose and maltotriose transport into ale and lager brewer’s yeast strains. 2010. 93 p. + app. 65 p. 749 Toni Ahonen, Markku Reunanen & Ville Ojanen (eds.). Customer value driven service business development. Outcomes from the Fleet Asset Management Project. 2010. 43 p. + app. 92 p. 750 Tiina Apilo. A model for corporate renewal. Requirements for innovation management. 2010. 167 p. + app. 16 p. 751 Sakari Stenudd. Using machine learning in the adaptive control of a smart environment. 2010. 75 p. 752 Evanthia Monogioudi. Enzymatic Cross-linking of ββ-casein and its impact on digestibility and allergenicity. -
IBM Developer for Z/OS Enterprise Edition
Solution Brief IBM Developer for z/OS Enterprise Edition A comprehensive, robust toolset for developing z/OS applications using DevOps software delivery practices Companies must be agile to respond to market demands. The digital transformation is a continuous process, embracing hybrid cloud and the Application Program Interface (API) economy. To capitalize on opportunities, businesses must modernize existing applications and build new cloud native applications without disrupting services. This transformation is led by software delivery teams employing DevOps practices that include continuous integration and continuous delivery to a shared pipeline. For z/OS Developers, this transformation starts with modern tools that empower them to deliver more, faster, with better quality and agility. IBM Developer for z/OS Enterprise Edition is a modern, robust solution that offers the program analysis, edit, user build, debug, and test capabilities z/OS developers need, plus easy integration with the shared pipeline. The challenge IBM z/OS application development and software delivery teams have unique challenges with applications, tools, and skills. Adoption of agile practices Application modernization “DevOps and agile • Mainframe applications • Applications require development on the platform require frequent updates access to digital services have jumped from the early adopter stage in 2016 to • Development teams must with controlled APIs becoming common among adopt DevOps practices to • The journey to cloud mainframe businesses”1 improve their -
Devsecops in Reguated Industries Capgemini Template.Indd
DEVSECOPS IN REGULATED INDUSTRIES ACCELERATING SOFTWARE RELIABILITY & COMPLIANCE TABLE OF CONTENTS 03... Executive Summary 04... Introduction 07... Impediments to DevSecOps Adoption 10... Playbook for DevSecOps Adoption 19... Conclusion EXECUTIVE SUMMARY DevOps practices enable rapid product engineering delivery and operations, particularly by agile teams using lean practices. There is an evolution from DevOps to DevSecOps, which is at the intersection of development, operations, and security. Security cannot be added after product development is complete and security testing cannot be done as a once-per-release cycle activity. Shifting security Left implies integration of security at all stages of the Software Development Life Cycle (SDLC). Adoption of DevSecOps practices enables faster, more reliable and more secure software. While DevSecOps emerged from Internet and software companies, it can benefit other industries, including regulated and high security environments. This whitepaper covers how incorporating DevSecOps in regulated Industries can accelerate software delivery, reducing the time from code change to production deployment or release while reducing security risks. This whitepaper defines a playbook for DevSecOps goals, addresses challenges, and discusses evolving workflows in DevSecOps, including cloud, agile, application modernization and digital transformation. Bi-directional requirement traceability, document generation and security tests should be part of the CI/CD pipeline. Regulated industries can securely move away -
Opportunities and Open Problems for Static and Dynamic Program Analysis Mark Harman∗, Peter O’Hearn∗ ∗Facebook London and University College London, UK
1 From Start-ups to Scale-ups: Opportunities and Open Problems for Static and Dynamic Program Analysis Mark Harman∗, Peter O’Hearn∗ ∗Facebook London and University College London, UK Abstract—This paper1 describes some of the challenges and research questions that target the most productive intersection opportunities when deploying static and dynamic analysis at we have yet witnessed: that between exciting, intellectually scale, drawing on the authors’ experience with the Infer and challenging science, and real-world deployment impact. Sapienz Technologies at Facebook, each of which started life as a research-led start-up that was subsequently deployed at scale, Many industrialists have perhaps tended to regard it unlikely impacting billions of people worldwide. that much academic work will prove relevant to their most The paper identifies open problems that have yet to receive pressing industrial concerns. On the other hand, it is not significant attention from the scientific community, yet which uncommon for academic and scientific researchers to believe have potential for profound real world impact, formulating these that most of the problems faced by industrialists are either as research questions that, we believe, are ripe for exploration and that would make excellent topics for research projects. boring, tedious or scientifically uninteresting. This sociological phenomenon has led to a great deal of miscommunication between the academic and industrial sectors. I. INTRODUCTION We hope that we can make a small contribution by focusing on the intersection of challenging and interesting scientific How do we transition research on static and dynamic problems with pressing industrial deployment needs. Our aim analysis techniques from the testing and verification research is to move the debate beyond relatively unhelpful observations communities to industrial practice? Many have asked this we have typically encountered in, for example, conference question, and others related to it. -
Building Useful Program Analysis Tools Using an Extensible Java Compiler
Building Useful Program Analysis Tools Using an Extensible Java Compiler Edward Aftandilian, Raluca Sauciuc Siddharth Priya, Sundaresan Krishnan Google, Inc. Google, Inc. Mountain View, CA, USA Hyderabad, India feaftan, [email protected] fsiddharth, [email protected] Abstract—Large software companies need customized tools a specific task, but they fail for several reasons. First, ad- to manage their source code. These tools are often built in hoc program analysis tools are often brittle and break on an ad-hoc fashion, using brittle technologies such as regular uncommon-but-valid code patterns. Second, simple ad-hoc expressions and home-grown parsers. Changes in the language cause the tools to break. More importantly, these ad-hoc tools tools don’t provide sufficient information to perform many often do not support uncommon-but-valid code code patterns. non-trivial analyses, including refactorings. Type and symbol We report our experiences building source-code analysis information is especially useful, but amounts to writing a tools at Google on top of a third-party, open-source, extensible type-checker. Finally, more sophisticated program analysis compiler. We describe three tools in use on our Java codebase. tools are expensive to create and maintain, especially as the The first, Strict Java Dependencies, enforces our dependency target language evolves. policy in order to reduce JAR file sizes and testing load. The second, error-prone, adds new error checks to the compilation In this paper, we present our experience building special- process and automates repair of those errors at a whole- purpose tools on top of the the piece of software in our codebase scale. -
The Art, Science, and Engineering of Fuzzing: a Survey
1 The Art, Science, and Engineering of Fuzzing: A Survey Valentin J.M. Manes,` HyungSeok Han, Choongwoo Han, Sang Kil Cha, Manuel Egele, Edward J. Schwartz, and Maverick Woo Abstract—Among the many software vulnerability discovery techniques available today, fuzzing has remained highly popular due to its conceptual simplicity, its low barrier to deployment, and its vast amount of empirical evidence in discovering real-world software vulnerabilities. At a high level, fuzzing refers to a process of repeatedly running a program with generated inputs that may be syntactically or semantically malformed. While researchers and practitioners alike have invested a large and diverse effort towards improving fuzzing in recent years, this surge of work has also made it difficult to gain a comprehensive and coherent view of fuzzing. To help preserve and bring coherence to the vast literature of fuzzing, this paper presents a unified, general-purpose model of fuzzing together with a taxonomy of the current fuzzing literature. We methodically explore the design decisions at every stage of our model fuzzer by surveying the related literature and innovations in the art, science, and engineering that make modern-day fuzzers effective. Index Terms—software security, automated software testing, fuzzing. ✦ 1 INTRODUCTION Figure 1 on p. 5) and an increasing number of fuzzing Ever since its introduction in the early 1990s [152], fuzzing studies appear at major security conferences (e.g. [225], has remained one of the most widely-deployed techniques [52], [37], [176], [83], [239]). In addition, the blogosphere is to discover software security vulnerabilities. At a high level, filled with many success stories of fuzzing, some of which fuzzing refers to a process of repeatedly running a program also contain what we consider to be gems that warrant a with generated inputs that may be syntactically or seman- permanent place in the literature. -
CADET: Debugging and Fixing Misconfigurations Using Counterfactual Reasoning
CADET: Debugging and Fixing Misconfigurations using Counterfactual Reasoning Md Shahriar Iqbal∗ Rahul Krishna∗ Mohammad Ali Javidian University of South Carolina Columbia University Purdue University [email protected] [email protected] [email protected] Baishakhi Ray Pooyan Jamshidi Columbia University University of South Carolina [email protected] [email protected] Abstract Swap Mem. Swap Memory Modern computing platforms are highly-configurable with thou- sands of interacting configuration options. However, configuring GPU Resource these systems is challenging and misconfigurations can cause un- 512 Mb Latency 1Gb Memory Pressure expected non-functional faults. This paper proposes CADET (short 2Gb 3Gb for Causal Debugging Toolkit) that enables users to identify, ex- 4Gb Latency plain, and fix the root cause of non-functional faults early and in a GPU Growth GPU Growth principled fashion. CADET builds a causal model by observing the (a) (b) (c) performance of the system under different configurations. Then, it uses casual path extraction followed by counterfactual reason- Figure 1: Observational data (in Fig.1a) (incorrectly) shows ing over the causal model to (a) identify the root causes of non- that high GPU memory growth leads to high latency. The trend functional faults, (b) estimate the effects of various configuration is reversed when the data is segregated by swap memory. options on the performance objective(s), and (c) prescribe candi- date repairs to the relevant configuration options to fix the non- functional fault. We evaluated CADET on 5 highly-configurable systems by comparing with state-of-the-art configuration optimiza- heat dissipation [15, 71, 74, 84]. The sheer number of modalities tion and ML-based debugging approaches. -
Enterprise Application Lifecycle Management Solutions Enterprise Application Lifecycle Management Solutions
Enterprise Application Lifecycle Management Solutions Enterprise Application Lifecycle Management Solutions This extensive onsite knowledge gained from years of expe- Products and Solutions for rience combined with our trusted relationships with end- users, puts us in a unique position to self-instrument the Comprehensive Enterprise products crucially needed by our customers to successfully accomplish their Enterprise Application Lifecycle Manage- Application Lifecycle ment projects. Management With this in mind, we have developed Our Enterprise Application Lifecycle Ma- RaySuite. nagement Solutions include delivering RaySuite is a comprehensive set of products that automates various tasks within an Enterprise Application Lifecycle. consulting and software packaging ser- vices to enterprises undergoing an OS This automation ranges from the analysis of the existing application portfolio and license inventories via complex migration or implementing a software license management and software packaging, all the way deployment tool. We have successfully to comprehensive quality control and fi nally software deployment in production. These automated processes served over 600 enterprise customers are sustainable and can be replicated for every change and with excellent results. every patch. A central database and a common user interface found throughout all RaySuite products form a consistent solution and off er a strong contrast to existing patchwork solutions that are often found in enterprises, as a result of limited vision and the implementation of various suppliers. Al- though Raynet guarantees a consistent approach with the use of its entire product range, it is still possible to buy and implement the individual products of RaySuite autono- mously as well as integrate them with existing third-party or home-grown products. -
Automatic Deployment of Distributed Software Systems: Definitions and State of the Art
Open Archive TOULOUSE Archive Ouverte (OATAO) OATAO is an open access repository that collects the work of Toulouse researchers and makes it freely available over the web where possible. This is an author-deposited version published in : http://oatao.univ-toulouse.fr/ Eprints ID : 14816 To link to this article : DOI :10.1016/j.jss.2015.01.040 URL : http://dx.doi.org/10.1016/j.jss.2015.01.040 To cite this version : Arcangeli, Jean-Paul and Boujbel, Raja and Leriche, Sébastien Automatic Deployment of Distributed Software Systems: Definitions and State of the Art. (2015) Journal of Systems and Software, vol. 103. pp. 198-218. ISSN 0164-1212 Any correspondance concerning this service should be sent to the repository administrator: [email protected] Automatic deployment of distributed software systems: Definitions and state of the art a, a b Jean-Paul Arcangeli ∗, Raja Boujbel , Sébastien Leriche a Université de Toulouse, UPS, IRIT, 118 Route de Narbonne, F-31062 Toulouse, France b Université de Toulouse, ENAC, 7 Avenue Édouard Belin, F-31055 Toulouse, France a b s t r a c t Deployment of software systems is a complex post-production process that consists in making software available for use and then keeping it operational. It must deal with constraints concerning both the system and the target machine(s), in particular their distribution, heterogeneity and dynamics, and satisfy requirements from different stakeholders. In the context of mobility and openness, deployment must react to the instability of the network of machines (failures, connections, disconnections, variations in the quality of the resources, etc.). -
Devops Point of View an Enterprise Architecture Perspective
DevOps Point of View An Enterprise Architecture perspective Amsterdam, 2020 Management summary “It is not the strongest of the species that survive, nor the most intelligent, but the one most responsive to change.”1 Setting the scene Goal of this Point of View In the current world of IT and the development of This point of view aims to create awareness around the IT-related products or services, companies from transformation towards the DevOps way of working, to enterprise level to smaller sizes are starting to help gain understanding what DevOps is, why you need it use the DevOps processes and methods as a part and what is needed to implement DevOps. of their day-to-day organization process. The goal is to reduce the time involved in all the An Enterprise Architecture perspective software development phases, to achieve greater Even though it is DevOps from an Enterprise Architecture application stability and faster development service line perspective, this material has been gathered cycles. from our experiences with customers, combined with However not only on the technical side of the knowledge from subject matter experts and theory from organization is DevOps changing the playing within and outside Deloitte. field, also an organizational change that involves merging development and operations teams is Targeted audience required with an hint of cultural changes. And last but not least the skillset of all people It is specifically for the people within Deloitte that want to involved is changing. use this as an accelerator for conversations and proposals & to get in contact with the people who have performed these type of projects. -
Code Debugging Tool to Help Teach Mainframe Programming Languages Claudio Gonçalves Bernardo Paulo Roberto Chineara Batuta Msc
Code Debugging Tool to Help Teach Mainframe Programming Languages Claudio Gonçalves Bernardo Paulo Roberto Chineara Batuta MSc. Computer Engineer MBA Software Quality Universidade Paulista Centro Universitário Araraquara Brazilia – Brazil São Paulo - Brazil [email protected] [email protected] Abstract – The purpose of testing activity is to discover errors in important to check the quality of software at various stages of software and for this objective to be achieved many activities development, not only restricting the testing phase of the software. must be performed. There are several types of test and while An appropriate test is one that discovers the greatest possible some are generated and focused on functional verification of a number of faults in the software and when this software is designed component and incorporating components in the structure of the to run in an large environment, also known as Mainframe, becomes program, others are applied to point traceability requirements. an even greater difficulty, since this environment is complex and the There are systems tests designed to validate part of a software characteristics of each facility are different. Universities see this component, which is a part of software solution greater. Its difficulty as a major obstacle to the teaching of languages such as function is only to be a small part of a more complex reality. The Cobol, PL/I, Easytrieve, Assembler and others, who did not die and different types of tests are complementary and in most cases are will not die, as a single system mainframe can deliver thousands of applicable to all software developed. All aim to develop programs virtual Linux platforms with a small fraction the dollar cost, power with the fewest mistakes as possible, allowing the product to and space [20]. -
Radiant Info School Project Management Project Management
Radiant info school Project Management Project Management Life Cycle Managing your digital media project is one of the most important and often overlooked aspects of the development process. You will find that effort you put into planning, scheduling, and organizing your project will pay off enormously. Here we'll outline some proven techniques for planning, scheduling, and completing your project. A project has five phases. Here's a brief summary of each: . Initiation Articulate your vision for the project, establish goals, assemble your team, and define expectations and the scope of your project. Develop a Business Case Undertake a Feasibility Study Establish the Project Charter It will help you to define the scope of your project. Writing the Project Charter is typically one of the most challenging steps in the Project Life Cycle, as it defines the parameters within which the project must be delivered. It sets out the project vision, objectives, scope and implementation, thereby giving the team clear boundaries within which the project must be delivered. Appoint the Project Team Set up the Project Office Perform Phase Review Radiant info school Project Management . Planning Refine the scope, identify specific tasks and activities to be completed, and develop a schedule and budget. Create a Project Plan Create a Resource Plan Create a Financial Plan Create a Quality Plan Create a Risk Plan Create an Acceptance Plan Create a Communications Plan Create a Procurement Plan Contract the Suppliers Define the Tender Process Issue a Statement of Work Issue a Request for Information Issue a Request for Proposal Create Supplier Contract Perform Phase Review execution Build Deliverables Monitor and Control Perform Time Management Perform Cost Management Perform Quality Management Perform Change Management This process helps you to manage all requests for change within your project.