You are viewing content from a past/completed conference.
Virtual Threads for Lightweight Concurrency and Other JVM Enhancements
Abstract
Concurrent applications, those serving multiple independent application actions simultaneously, are the bread and butter of server-side programming. The thread has long been software’s primary unit of concurrency, and has also served as a core construct for observability and debugging, but its cost was such that it could no longer efficiently represent a domain unit of concurrency, such as the session, request or transaction. As a result, various languages have seen a proliferation of both libraries and language constructs that offer scalable concurrency by abandoning the thread as the unit of software concurrency.
This talk will present how and why Java abstracted its existing thread construct to provide an alternative user-mode implementation of threads as opposed to offering a new concurrency construct. We will also briefly mention other transformative features recently added to the JVM in the areas of garbage collection and observability/profiling.
From the same track
Session
WebAssembly
Wasm: What is Universal Compute Good For?
Tuesday Jun 13 / 10:35AM EDT
WebAssembly represents the future of portable computing, providing an efficient and secure runtime for many languages. In the last year there has been an explosion of growth in Wasm on the backend, from managed platforms, tooling, and further standardization work around WASI.
Sean Isom
Senior Engineer @Adobe
Wasm: What is Universal Compute Good For?
Session
WebAssembly
Build Features Faster With WebAssembly Components
Tuesday Jun 13 / 01:40PM EDT
Wasm modules revolutionized portable application code. For the first time, they allowed us to write in a high-level language - like Go or Rust - and then target WebAssembly as the platform-agnostic bytecode.
Bailey Hayes
Director @Cosmonic
Build Features Faster With WebAssembly Components
Session
Security
Sigstore: Secure and Scalable Infrastructure for Signing and Verifying Software
Tuesday Jun 13 / 11:50AM EDT
Sigstore is an open-source project that aims to provide a transparent and secure way to sign and verify software artifacts.
Billy Lynch
Staff Software Engineer @Chainguard
Zack Newman
Research Scientist @Chainguard
Sigstore: Secure and Scalable Infrastructure for Signing and Verifying Software
Session
Software Supply Chain Security
Achieving SLSA Certification with a “Bring-Your-Own-Builder” Framework
Tuesday Jun 13 / 04:10PM EDT
Supply-chain Levels for Software Artifacts, or SLSA (pronounced “salsa”), is a security framework to reason about and improve the integrity of released artifacts. With the recent release of SLSA version 1.0, SLSA is seeing increased adoption, both from industry and open source projects.
Asra Ali
Software Engineer @Google
Achieving SLSA Certification with a “Bring-Your-Own-Builder” Framework
Session
Software Supply Chain Security
Securing the Software Supply Chain: How in-toto and TUF Work Together to Combat Supply Chain Attacks
Tuesday Jun 13 / 05:25PM EDT
Software supply chain attacks have seen a 742% increase in the last three years. in-toto is a battle-tested and broadly deployed CNCF incubated project that counters these threats.
Marina Moore
PhD Candidate @NYU & Tech Lead for CNCF's TAG Security
Securing the Software Supply Chain: How in-toto and TUF Work Together to Combat Supply Chain Attacks
