|
Series |
Type |
Lecture |
Description |
Lecturer |
| |
|
|
|
|
|
Tools and Techniques
|
Lectures |
|
Lecture 1 |
Introduction to the Track To start, we discuss some of the characteristics of software
projects for high energy physics, and some of the issues
that arise when people want to contribute to them. This
forms the framework for the Software Technologies Track. We
then continue with a brief introduction to software
engineering from the perspective of the individual
contributor, both as a formal process and how it actually
effects what you do.
Tools You Can Use
This lecture discusses several categories of tools &
techniques you can use to make yourself more productive and
effective. Continuous testing and documentation has proven
to be important in producing high quality work, but it's
often difficult to do; we discuss some available approaches.
Many problems require specific tools and techniques to solve
them effectively: We discuss the examples of performance
tuning and memory access problems. |
Bob Jacobsen
|
|
Lecture 2 |
Tools for Collaboration
HEP software is built by huge teams. How can this be done
effectively, while still giving people satisfying tasks to
perform?
This lecture discusses some of the technical approaches
used. Source control (e.g. CVS) is becoming common, so we
just skim over it's advantages and disadvantages to get to
the larger area of release control (e.g. CMT) and release
testing & distribution. We'll focus on why is this
considered a hard problem, and what are the current
techniques for dealing with it. |
Bob Jacobsen
|
|
Lecture 3 |
Software
Engineering Across the Project
Now that we've covered both individual and group work, we go
back to the software engineering topics of the first lecture
to see how these fit together. How does our individual work
effect the ability of the entire project to proceed? What
are tools and techniques that will improve both our
individual work, and out contributions to the whole?
We close with a summary of observations. |
Bob Jacobsen
|
|
Exercises |
Exercise 1
and
Exercise 2
|
Exercises
1 and 2
The first two exercises provide some direct experience with
the tools and techniques described in Lectures 1 and 2. In
particular, pairs of students will work together to update
existing applications, working through examples designed to
show the strengths and weaknesses of several approaches.
|
Bob Jacobsen |
|
Exercise 3
and
Exercise 4 |
Exercises
3 and 4 After the two-person teams acquire some experience with the
CMT release system, and CVS if needed, we will have groups
of 5 teams work together to create a functional release from
individual sub-projects at various stages of completion.
Although a limited exercise, this is intended to demonstrate
some of the real issues discussed in the lecture. |
Bob Jacobsen
|
|
Exercise 5 |
Exercises 5
Wrap-up session. |
Bob Jacobsen
|
|
|
|
|
|
|
|
Computer Architecture and Performance
Tuning
|
Lectures |
|
Lecture 1 |
Understanding scalable hardware
The first lecture describes the hardware architecture of
a modern PC server with processors based on the Intel Core
microarchitecture. Other processor architectures will also
be mentioned. Bottlenecks (and acceleration opportunities)
in the architectures will be covered in detail, not just
inside the processor, but also related to caches, memory
buses, and the like. The aim is to give each student a
good understanding of what resources are available from a
hardware viewpoint. |
Sverre Jarp |
|
Lecture 2 |
Software
that may scale with the hardware
In the second lecture we will (briefly) discuss certain
strategies which can allow software to scale to the
maximum resource potential in a given architecture. We will
also describe the issue of “performance portability” across
platforms. At least one scalable HEP example will be
portrayed. The overall impact of programming styles and
compilers (use of intrinsics and optimization flags) will
also be reviewed. |
Sverre Jarp |
|
Lecture 3 |
Understanding performance tuning
Performance tuning is an important step in application
development. Modern processor architectures often give us
the benefit of being able to look inside the application at
very low levels, however drawing high-level conclusions is
not always straightforward. The objective of this lecture is
to familiarize the attendees with certain common metrics
which can be used to define application performance. In
addition, we will demonstrate how to use perfmon2,
a language independent Linux performance monitoring system,
in order to obtain information about program characteristics
and bottlenecks. |
Sverre Jarp
Andrzej
Nowak |
|
Exercises |
Exercise 1 Exercise 2 Exercise 3 |
The aim of the exercises in this series is to give the
attendees a pratical introduction to performance monitoring
on Linux. Pfmon will serve as the primary tool used during
the course, enabling the participants to discover how the
structure of the code influences its performance. The
participants will also be given the task of correlating
performance figures with certain programming decisions. In
addition, the participants will understand the limits of
performance tuning and the ways to establish at which point
inside those limits their workload is placed. The exercises
will be supported by demonstrating real world problems in
production environments.
|
Sverre Jarp
Andrzej
Nowak |
|
Prerequisite
Knowledge
|
Desirable prerequisite
and references to further
information |
-
Basics of modern computer architecture
-
Basic knowledge about compilers
-
Familiarity with Linux and the C/C++ programming
languages
|
|
|
|
|
|
|
|
|
Computer Security
|
Lectures |
Lecture 1 |
An
Introduction to Cryptography
Computer security relies on a number of complementary
technologies. Cryptography is one of them. Unlike what
is sometimes believed, cryptography's role is not only to
ensure the confidentiality of exchanges. It also serves to
protect the integrity of transmitted information, and more
importantly in Grid environments to authenticate individuals
and systems. The lecture describes he fundamentals of
asymmetric encryption, and explain how it is implemented in
the real world. |
Alberto Pace |
|
Lecture 2 |
An
Introduction to PKI
Cryptography is not sufficient to ensure that secret
information is safely shared. In particular, distributing
cryptographic keys requires an infrastructure of logically
connected systems. This is called Public Key Infrastructure
and is the subject of this lecture. |
Alberto Pace |
|
Lecture 3 |
An
Introduction to Kerberos
Kerberos is an alternative to PKI fro authentication. This
third lecture explains the respective positioning and the
differences. It also explains how the two technologies can
be integrated. This is illustrated by practical examples
drawn from web and mail services. |
Alberto Pace |
|
|
|
|
|
|
|
Networking QoS and Performance
|
Lectures |
Lecture 1 |
Internet
QoS options
Improving Quality of Service guarantees and performances in
data network is a key requirement of Grid computing. Indeed,
fast transfers require high-bit rate connections, and grid
operation requires network predictability and high
availability. On the other hand, the Internet historical
technology is not naturally best suited to deterministic
behaviour. This lecture explains the technical challenges and
the range of options available to improve QoS guarantees in
Internet-based networks. |
François Fluckiger |
|
Lecture 2 |
TCP and
Congestion Control
Not only the underlying network has to be highly performing,
but the network software running within the end-systems must
have an optimal behaviour. This lecture recalls the basics of
TCP and discusses the relationships between TCP and the
risks of congestions over Internet-based connections. |
François Fluckiger |
|
Lecture 3 |
Multimedia
over the Internet
The Grid is not only a network of computer resources but
also a network of people cooperating to use these resources.
Part of the collaborative tools scientists are increasingly
using include audio and video systems. They place new
challenging requirements on the networking systems. The
class discusses these requirements and their consequences on
the end-systems as well as within the underlying network. |
François Fluckiger |
|
Prerequisite Knowledge |
Mandatory
prerequisite |
For this series of
lectures, there is no mandatory pre-requisite knowledge, as
long as the participants are professional computer
scientists. |
|
|
Desirable prerequisite
and
references to further
information
|
The participants will draw
maximum benefits from the lectures if they have a fair
knowledge of computer network principles, in particular the
concepts of
-
Networking layering
-
Internet transport
infrastructure (e.g. mesh topology, routers, links)
-
Internet layers (e.g.
differences between PPP, IP, UDP, TCP)
|
|
|
Books
-
Computer Networks, Ed. 4
Andrew Tannenbaum, Prentice Hall, ISBN
0-130-661023
-
Internetworking with TCP/IP, vol 1
Douglas E. Commer, Prentice Hall, ISBN
0-130-183806
-
Understanding Networked
Multimedia
Francois Fluckiger, Prentice Hall, ISBN
0-131-90992-4
Vikipedia
Computer Networking (http://en.wikipedia.org/wiki/Computer_networks)
Other Links
Linux-Networking Concepts |
|
|
|
|
|
|
|
|
Creating
secure software |
Lectures
|
Lecture 1 |
Introduction
to computer security
First
lecture starts with a definition of computer security and an
explanation of why it is so difficult to achieve. The
lecture highlights the importance of proper threat modeling
and risk assessment. It then presents three complementary
methods of mitigating threats: protection, detection,
reaction; and tries to prove that security through obscurity
is not a good choice. |
Sebastian Lopienski |
|
Lecture 2 |
Security
in different phases of software development
The second
lecture addresses the following question: how to create
secure software? It introduces the main security principles
(like least-privilege, or defense-in-depth) and discusses
security in different phases of the software development
cycle. The emphasis is put on the implementation part: most
common pitfalls and security bugs are listed, followed by
advice on best practice for security development. |
Sebastian Lopienski |
|
Exercises |
Exercises 1
Exercises 2 |
Avoiding,
detecting and removing software security vulnerabilities
In the
practice session, a range of typical security
vulnerabilities will be presented. The goal is to learn how
they are exploited (for privilege escalation, data
confidentiality compromise etc.), how to correct them, and
how to avoid them in the first place!
Students
will be given source code of a simple program, and will be
asked to find vulnerabilities and fix them. On-line course
documentation consists of several parts (made available in
steps, one after another), each tackles different
vulnerability type. For a given security bug planted in the
code, the documentation first shows how this
bug/vulnerability can be attacked. Then students are given
time to find the bug and work on a fix. And after some time,
a possible solution is made available. |
Sebastian Lopienski |
|
Prerequisite
Knowledge |
Desirable prerequisite
and
References to
further information |
|
|
|
Books
-
Secrets and Lies: Digital Security in a Networked World
by Bruce Schneier
-
Security Engineering: A Guide to Building Dependable
Distributed Systems by Ross Anderson
-
Writing Secure Code
by Michael Howard, David LeBlanc
-
Secure Coding: Principles and Practices
by Mark G. Graff, Kenneth R. van Wyk
|
|
