Software Engineering Radio - the podcast for professional software developers

Steve Summers, the Security lead for aerospace and defense systems at NI, dives into the vital topic of securing test and measurement equipment. He clarifies the distinctions between operational technology (OT) and information technology (IT) while discussing pressing security challenges faced within OT systems. The conversation spotlights the CompactRIO system's security intricacies, including its specialized Linux distribution and the importance of FPGAs. Additionally, they touch on evolving regulations and the need for robust cybersecurity practices in safety-critical industries.

Ashley Peacock, author of Serverless Apps on Cloudflare and an expert in serverless tech, shares insights on Cloudflare's role as a comprehensive developer platform. He discusses the nuances of dependency injection, the advantages of Cloudflare Workers over AWS Lambda, and features like R2 and D1 databases. Ashley elaborates on external databases' benefits, eventual consistency, and strategies for migrating from S3 to R2. Also highlighted are the effectiveness of durable objects for real-time apps and the importance of community resources for those starting with Cloudflare.

Eran Yahav, Professor of Computer Science at Technion, Israel, and CTO of Tabnine, speaks with host Gregory M. Kapfhammer about the Tabnine AI coding assistant. They discuss how the design and implementation allows software engineers to use code completion and perform tasks such as automated code review while still maintaining developer privacy. Eran and Gregory also explore how research in the field of natural language processing (NLP) and large language models (LLMs) has informed the features in Tabnine. Brought to you by IEEE Computer Society and IEEE Software magazine.

Malcolm Matalka, founder of Terrateam, shares insights on developing in OCaml without relying on frameworks. He explains the benefits of strong typing while discussing the seamless integration of front-end and back-end systems. Matalka highlights the importance of community support in a niche language and reflects on the challenges of using OCaml in a Go-centric world. The conversation also covers the pros and cons of monolithic architecture, type management complexities, and custom framework development, all emphasizing a leaner, more controlled software engineering approach.

Emre Baran, CEO of Cerbos and veteran in B2B and B2C products, teams up with Alex Olivier, CPO of Cerbos with a diverse tech background, to explore stateless decoupled authorization frameworks. They clarify key terms and address the challenges and benefits of these systems. A deep dive into Cerbos showcases its advantages over Open Policy Agent. The duo discusses the intricacies of applying YAML for policy management and the critical role of audit logs in compliance. They wrap up with insights into emerging trends in authorization.

Tyler Flint, CEO of qpoint.io and an expert in managing vendor dependencies, shares valuable insights on handling external APIs. He discusses the differences between internal and external services, the challenges of tracking usage, and security concerns like authentication. Metrics for monitoring, acceptable error rates, and tips for managing outages are covered, along with the transition of qPoint from a proxy-based solution to eBPF. Tyler emphasizes the importance of understanding hidden dependencies and maintaining robust API relationships for operational resilience.

Vlad Khononov, a software architect and author of 'Balancing Coupling in Software Design', discusses the crucial balance of coupling in software design. He explores the three dimensions of coupling: integration strength, distance, and volatility. Vlad shares insights on how design decisions affect complexity versus modularity, stressing the importance of managing coupling to reduce cognitive load. The conversation also covers adapting principles of coupling to real-world projects, offering strategies for maintaining software quality and flexibility in changing business environments.

Sunil Mallya, Co-founder and CTO of Flip AI, shares his expertise on small language models (SLMs) versus large language models (LLMs). He delves into their differences, revealing how SLMs can be more efficient and accurate for specific tasks. Sunil highlights the importance of domain-specific training datasets and discusses recent advancements like the DeepSeek R1 that show smaller models outperforming larger ones in particular contexts. He also touches on the evolving landscape of model deployment and how organizations can optimize performance while managing costs.

Pete Warden, CEO of Useful Sensors and a founding member of TensorFlow at Google, delves into TinyML—machine learning for low-power devices. He discusses its real-world applications, from voice activation to offline translation, and emphasizes the importance of local processing for privacy. Warden shares insights on challenges like model compression and deployment. He also highlights its potential in agriculture and healthcare, advocating for practical approaches for beginners eager to dive into TinyML development.

Brenden Matthews is a seasoned software engineer and author known for his expertise in Rust programming. He dives into the concept of idiomatic Rust, explaining its significance and sharing essential design patterns to enhance code readability. Matthews discusses the power of Generics and Traits, emphasizing effective code management. He introduces valuable tools like Rust Format and Clippy for code improvement and highlights anti-patterns to avoid, including the pitfalls of unwrap(). With insights into macros and safe coding practices, this discussion is a treasure trove for developers seeking to master Rust.