The State of Software for Evolutionary Biology

With Next Generation Sequencing data being routinely used, evolutionary biology is transforming into a computational science. Thus, researchers have to rely on a growing number of increasingly complex software. All widely used core tools in the field have grown considerably, in terms of the number of features as well as lines of code and consequently, also with respect to software complexity. A topic that has received little attention is the software engineering quality of widely used core analysis tools. Software developers appear to rarely assess the quality of their code, and this can have potential negative consequences for end-users. To this end, we assessed the code quality of 16 highly cited and compute-intensive tools mainly written in C/Cþþ (e.g., MrBayes, MAFFT, SweepFinder, etc.) and JAVA (BEAST) from the broader area of evolutionary biology that are being routinely used in current data analysis pipelines. Because, the software engineering quality of the tools we analyzed is rather unsatisfying, we provide a list of best practices for improving the quality of existing tools and list techniques that can be deployed for developing reliable, high quality scientific software from scratch. Finally, we also discuss journal as well as science policy and, more importantly, funding issues that need to be addressed for improving software engineering quality as well as ensuring support for developing new and maintaining existing software. Our intention is to raise the awareness of the community regarding software engineering quality issues and to emphasize the substantial lack of funding for scientific software developmen

Using Remote Attestation of Trust for Computer Forensics

Telecommunications systems are critical systems with high quality of service constraints. In Network Function Virtualization (NFV), commonly known as the Telco Cloud, network functions are distributed as virtual machines that run on generic servers in a datacenter. These network functions control critical elements; therefore, they should be run on trusted hardware. Trusted computing concepts can be used to guarantee the trustworthiness of the underlying hardware platform running critical workload. These concepts include the Trusted Platform Module and Remote Attestation. This work identifies limitations in existing solutions and uses those as motivation for designing and implementing a finer-grained definition of trust. This thesis designs and develops a remote attestation solution, which includes a policy and rule based mechanism for determining platform trust in a trusted cloud. Additionally, it develops a fine-grained concept of trust in a cloud environment based on NFV. Finally, this thesis utilizes the remote attestation solution to develop a forensics system based on root cause analysis, which allows the investigation of attestation failures and their mitigation