Analysing Software Supply Chains of Infrastructure as Code: Extraction of Ansible Plugin Dependencies
Presentation, 2025 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER'25), Montreal, Canada
Talks and presentations
Software Composition Analysis – Covering Infrastructure as Code
Demo, Cybersecurity: Strategic research and industry impact, 3rd edition, Mechelen, Belgium
Demonstration of a Software Composition Analysis (SCA) for Ansible Infrastructure-as-Code plugins. The analysis identifies dependencies on third-party software. The outcome is used to comprehend the software supply chains of Ansible artifacts.
Delivering security by design: testing, supply chain challenges …
Breakout session, Cybersecurity: Strategic research and industry impact, 3rd edition, Mechelen, Belgium
In this session, we’ll review the essential tools for managing development dependencies (e.g., Maven, npm), deployment dependencies (e.g., Docker, Kubernetes), and infrastructure configurations (e.g., Ansible, Puppet) in the software supply chain—and highlight the unique security challenges that come with each. We’ll present the latest research into these security challenges, and demystify the inner workings of the newest tools designed to tackle them.
Behaviour-aware Security Smell Detection for Infrastructure as Code
Presentation, 22nd Belgium-Netherlands Software Evolution Workshop, Nijmegen, Netherlands
Ansible Is Turing Complete
Presentation, 2nd Workshop on Configuration Languages, Cascais, Portugal
Security Tooling for Ansible Infrastructure as Code
Demo, Cybersecurity: Strategic research and industry impact, 2nd edition, Mechelen, Belgium
Securing Infrastructure Code for Build and Deployment Environments
Breakout session, Cybersecurity: Strategic research and industry impact, 2nd edition, Mechelen, Belgium
DevOps has transformed software development and deployment by promoting seamless collaboration between teams to boost speed, reliability, and innovation. Infrastructure as Code (IaC), managing computing infrastructure through executable source code, plays a central role, ensuring predictability, efficiency, and reliability. For instance, Ansible serves as a versatile IaC tool, simplifying configuration management and automation, while Docker packages apps and their dependencies into isolated containers for consistent execution, and Helm streamlines Kubernetes app management. In this session, we explore IaC security challenges, including Ansible vulnerability detection techniques, Docker container package monitoring, and insights from Helm chart security analysis. Learn how to address security challenges in these popular IaC tools.
The Docker Hub Image Inheritance Network: Construction and Empirical Insights
Presentation, 23rd IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM'23), Bogotá, Colombia
Helm Charts for Kubernetes Applications: Evolution, Outdatedness and Security Risks
Presentation, 20th International Conference on Mining Software Repositories (MSR'23), Melbourne, Australia
Control and Data Flow in Security Smell Detection for Infrastructure as Code: Is It Worth the Effort?
Presentation, 20th International Conference on Mining Software Repositories (MSR'23), Melbourne, Australia
Transposing Static Analyses from Application to Infrastructure Code: the Curious Case of Ansible
Presentation, Dagstuhl Seminar 23082 "Resilient Software Configuration and Infrastructure Code Analysis", Dagstuhl, Germany
In this talk, we present our journey towards and our experiences in transposing static analyses from application to infrastructure code.
Security Smell Detection for Ansible Infrastructure as Code
Demo, Cybersecurity: Strategic research and industry impact, Mechelen, Belgium
Smelly Variables in Ansible Infrastructure Code: Detection, Prevalence, and Lifetime (in-person long talk)
Presentation, 19th International Conference on Mining Software Repositories (MSR'22), Pittsburgh, Pennsylvania, USA
Smelly Variables in Ansible Infrastructure Code: Detection, Prevalence, and Lifetime (poster)
Poster, 19th International Conference on Mining Software Repositories (MSR'22), Pittsburgh, Pennsylvania, USA
Smelly Variables in Ansible Infrastructure Code: Detection, Prevalence, and Lifetime (virtual lightning talk)
Presentation, 19th International Conference on Mining Software Repositories (MSR'22), Online
Using Program Dependence Graphs to Detect Misunderstandings of Ansible’s Variable Precedence and Expression Evaluation Semantics
Presentation, 20th Belgium-Netherlands Software Evolution Workshop (BENEVOL'21), Virtual (originally 's-Hertogenbosch, Netherlands)
The Pitfalls of Ansible’s Variable and Template Expression Semantics (lightning talk)
Presentation, 1st Workshop on Configuration Languages (CONFLANG), Virtual (originally Chicago, Illinois, USA)
The Pitfalls of Ansible’s Variable and Template Expression Semantics (full-length presentation)
Presentation, 1st Workshop on Configuration Languages (CONFLANG), Virtual (originally Chicago, Illinois, USA)
Andromeda: A Dataset of Ansible Galaxy Roles and Their Evolution
Presentation, 18th International Conference on Mining Software Repositories (MSR'21), Virtual (originally Madrid, Spain)
Mining for Graph-Based Library Usage Patterns in COBOL Systems
Presentation, 28th IEEE International Conference on Software Analysis, Evolution, and Reengineering (SANER'21), Virtual (originally Honolulu, Hawaii, USA)
Inlining Control-Flow Jumps in Library Usage Graphs of Legacy Code
Presentation, 19th Belgium-Netherlands Software Evolution Workshop (BENEVOL'20), Luxembourg City, Luxembourg
Structural Change Distilling of Ansible Roles
Presentation, 19th Belgium-Netherlands Software Evolution Workshop (BENEVOL'20), Luxembourg City, Luxembourg
Does Infrastructure as Code Adhere to Semantic Versioning? An Analysis of Ansible Role Evolution
Presentation, 20th IEEE International Working Conference on Source Code Analysis and Manipulation (SCAM2020), Virtual (originally Adelaide, Australia)
Inter-Procedural Graph-Based API Misuse Detection
Presentation, 18th Belgium-Netherlands Software Evolution Workshop (BENEVOL'19), Brussels, Belgium