Daniel Spiewak and Aaron Bedra take a look at code verifying starting with Tony Hoare’s paper on testing(1969), type theory, and language-integrated proof systems.
William Pugh explains how to use FindBugs, a Java static code analysis tool, to discover bugs. The talk covers general issues regarding code bugs with advice on how to make sure you get rid of them.
Erik Dörnenburg shares techniques for estimating code quality by collecting and analyzing data using the toxicity chart, metrics tree maps, size&complexity pyramid, complexity view, code city, etc.
Michael Feathers analyzes real code bases concluding that code is not nearly as beautiful as designers aspire to, discussing the everyday decisions that alter the code bit by bit.
Bernhard Merkle advices on preventing architectural degradation of a project by using tools for constant monitoring of the code, exemplifying with an analysis of Ant, Findbugs and Eclipse.
Erik Dörnenburg explains how to use various visualization tools to spot patterns, trends and outliers in the code that are an indication of code quality level.
In this presentation from the JVM Languages Summit 2009, Cliff Click discusses the Von Neumann architecture, CISC vs RISC, the rise of multicore, Instruction-Level Parallelism (ILP), pipelining, out-of-order dispatch, static vs dynamic ILP, performance impact of cache misses, memory performance, memory vs CPU caching, examples of memory/CPU cache interaction, and tips for improving performance.
Magnus Robertsson shows how to control the code architecture manually, statically and dynamically in order to avoid an architectural drift leading to a big-ball-of-mud. For that, he recommends ways to enforce the reference architecture through peer review, code analysis, and zero tolerance to warnings and errors.
In this presentation from the JVM Languages Summit 2008, Charles Nutter discusses bringing JRuby to the JVM, why Ruby is hard to implement, JIT compilation, precompilation, core Ruby implementation, Java library method access, method call semantics, scopes, open classes, heap-based frames, library challenges, strings, regexps, I/O, green threads, POSIX features, C lib support and future plans.
In this RubyFringe talk, Reginald Braithwaite shows how to write Ruby that reads, writes, and rewrites Ruby. The demos include extending the Ruby language with conditional expressions, new forms of evaluation such as call-by-name and call-by-need, and more.
Creating secure code requires more than just good intentions. Programmers need to know how to make their code safe in an almost infinite number of scenarios and configurations. Static source code analysis can uncover the kinds of errors that lead directly to vulnerabilities and in this talk, Brian Chess frames the software security problem and shows how static analysis is part of the solution.