Software systems we can trust
Prof. Lionel Briand holds the Canada Research Chair in Intelligent Software Dependability and Compliance.
Recently returned to Ottawa after 12 years in Europe, he is eager to connect with local tech companies and align his research with their needs. In fact, he believes it is crucial to the global competitiveness of Canada’s tech sector for academic researchers and private industry to do a better job of coordinating their efforts.
“I have always done my research in close collaboration with industry to ensure the research problems I work on are relevant and the solutions I devise will be impactful,” he said.
During his 25-year career, Prof. Briand has worked with around 40 private sector companies, often in the automotive, telecommunications and financial industries.
His research focuses on improving reliability and dependability of software systems – their security against malicious actors, their functional reliability, and their compliance with laws and regulation – though increased automation.
Why automation? There is a growing shortage of qualified computer scientists in most industries to manage all the aspects of development, testing and certification of these increasingly complex systems. The “intelligent” in his title refers to the fact that greater automation through artificial intelligence is key to offset this shortage of human expertise.
“This has highly practical applications because all aspects of society and all industry sectors now depend on reliable, safe and secure software,” he said. “Whether it is online banking and shopping, automobiles or avionics, there is no aspect of life that is not affected.”
Smarter algorithms to drive the bad guys out of business
In the battle against cybercrime to secure critical networks and websites and protect the public interest, the first rule is to know your enemy.
That is a guiding principle for Prof. Guy-Vincent Jourdan.
“You cannot effectively fight against something if you don’t understand how it operates,” he said. “If you understand how it operates, you can push where it hurts.”
His team is working in partnership with IBM Security teams all over the world to address the challenges of detecting and countering malicious activities in cyberspace, such as phishing attacks, by using machine learning and purpose-built algorithms.
We are all acquainted with phishing – the bad guys contact you by email or text message, often posing as a legitimate institution, to lure you into providing sensitive data or to click a link that will download malware into your system.
The challenge is to quickly identify and target these efforts, before than can even succeed in luring a victim.
“If you come up with the perfect algorithm that is going to analyze a web page and tell you in 30 seconds that the page is a phishing site, that is great in academia but it is far too slow to be useful in the real world,” Prof. Jourdan said.
Creating that faster algorithm goes hand in hand with learning the weaknesses of the cybercrime industry’s business models. One weakness is the thin margin of profit under which most malicious actors operate.
”For example, by making it more time consuming and expensive for them to mount a successful attack, by cutting the bridge between the attacker and the information they are trying to obtain, it is no longer profitable for them,” Prof. Jourdan said.