Site navigation

ScotSoft 2021 | Space, Security and ML Take Centre Stage

Graham Turner


Scotsoft 2021
The ScotlandIS tech conference returned, virtually presenting a broad spectrum of tech topics from a diverse range of 30 speakers.

When keynote speaker – retired NASA astronaut, engineer and educator – Professor Bonnie Dunbar, delivered her speech from her home in Texas, the literal largest framework for the digital environment, space, and the technological innovations that’s accomodated our ambitions within it, set the tone for the this year’s ScotlandIS ScotSoft conference – broad, open and exciting.

Dr. Dunbar has special affection for Scotland – her grandfather emigrating to the US from Dundee giving her a personal link to the country. She makes frequent trips, speaking at universities and engaging in local school programmes.

With a storied 27 year career at NASA, her keynote ran like a highlight reel of space technology, all the way back to the launch of Sputnik. This was while making a compelling case that space exploration has been one of the biggest catalysts of innovation in the digital age.

“Exploration often is the push-pull of new technological innovations”, she said.

Dr. Dunbar also unveiled some of the ambitious endeavours currently in the works between the various global space agencies.

Of paticular interest were the mock ups by the European Space Agency for it’s Moon Village, a research base – that Dr. Dunbar analagously compares to the ambition now fulfilled of setting up similar research platforms in the Antartic.

The Professor also went into some detail about the Artemis Space Mission, mankind’s next great foray to the moon, with intentions to set up a lunar base camp and a gateway which is part of the larger, still-working-out-the-kinks matter of travelling to Mars.

While this is all incredibly exciting, it came with a warning, with space debris becoming more and more of an issue: “If we dont control it, and make a plan for deorbiting, it will create a shell around the planet which will hinder any exploration”.

What can spam teach us?

It often seems like Machine Learning is developing faster than we can find ways to leverage it’s full potential in advanced analytics and beyond.

Understanding how we can use ML to turn undesirable or inpenetrable data (in this case, spam) into valuable insights was the over-arching theme of A Cloud Guru Azure Instructer, Lars Klint’s talk.

“What’s the sentiment behind spam?” He posits.

A recent test showed that 84% of emails are spam. That’s an astounding amount of data, can anything useful be mined from it?

Using Microsoft’s Azure Cognitive Services – which uses AI as a means to parse and explore data at scale – Klint conducted a live ‘sentiment analytsis’ experiment – part as a way to show if some form of intention can be identified behind spam while showing the accessibility and UX of Azure in its ability to make ML useful for anyone, even if they don’t have an intimate knowledge of how it works.

In his experiment, Klint identified the ‘sentiment’ in the language behind spam emails – with positive, negative and neutral scores – how this ‘sentiment’ is spread across the industries that send spam and possible applications of this kind of advanced analytics.

As a live example, Klint had Azure analyse an email he had received about how he can “boost his horse tail and mane effectively”. The AI was able to identify the use of language in this as being positive, saying that with further testing and approaches, you could identify whether the spam was created by a human or a bot.

Klint ended by showing a broader experiment he had previously conducted of 20 spam emails centered around shopping, business and health. In it, he identified the overarching ‘sentiment’ in each – from which, we can identify a sense of intention.

Shopping was neutral: It’s transactional – they want you to buy something; business was positive – the intention was position themselves as ‘good’ or ‘better’ than their competition and the language inherently reflects that. Finally, health was deeemed as negative – the messaging being summed as, “you’re sick, we have the cure”, as Klint put it.

Much of this is raw in terms of real-world application but Klint posit’s, if used correctly, this kind of application in ML could have beneficial effects on things like recruitment at a large scale.

Cybersecurity misconceptions are causing huge problems for businesses

Ethical hacker and Managing Director of Akimbo Core, Holly Grace Williams had the unenviable task of trying to demonstrate what is a hugely broad topic and make it useful and actionable.

The talk centered around system vulnerabilities, over-reliances within cybersecurity and general overview of why their should be a greater onus on system hardening as opposed to plugging isolated vulnerabilities within a system.

Or, as Williams put it, “how can an organisation harden their system at each stage of an attack?” Putting forth the idea that businesses need to stop thinking about attacks as a single event and realise that’s it’s a multi-stage operation and how you identify and address attacks at a various stages has a profound effect on the eventual damage – or lack of if treated properly.

Williams expanded on this point: “If your company has a static policy for fixing vulnerabilities, that’s something i would review – not all vulnerabilities are born equal, some can be much more readily exploitable.

“Dont just follow what’s deemed as ‘best practice’ step-by-step without any thought. Ask why are you implementing this control?”

She went on to offer some tanglible advice to businesses, starting with most basic – passwords, citing bad practices she often sees like specifing the number of characters in a password. Williams talked about a solid industry standard of otaing passwords every 90 days that follows the Microsoft model – with passwords including three out four from uppercase, lowercase, numbers and symbols.


Williams’ talk rounded out by discussing the OWASP top 10 and how the inclusion of injection at the top and a listed system of merit means that problems further down ‘the list’ are being ignored and giving less attention in terms of protection.

Specifically, Williams spoke about cross-site scripting at number seven on the OWASP list, “this was the most common vulnerability of 2019 and is still incredibly prevalent”, she said.

In terms of system hardening, Williams suggested output encoding as a start, but also for every vulnerability on your system, look at not only fixing but what can be done to make it harder for attackers and easier for your team to detect when there is a problem.

An honest look at the current cybersecurity landscape

In his talk, the founder of Pragmatic Web Security, Dr. Phillip De Ryck lambasted the slew of bad faith commentators when it comes to cybersecurity, suggesting that making fun of security failures is nothing short of ‘counter-productive arrogance’.

“Make insecurity explicit. Make it explicit when you are doing something insecure”. He says, headlining a talk that seeks to offer actionable advice to push back against a wave of unconstructive criticism.

In this specific example, Dr. De Ryck says that explicitly marking features as insecure helps prevent accidental misuse and simplifies code scanning efforts.

De Ryck posits that a deeper dive into your systems from inception can change the cybersecurity landscape for your company, look at the frameworks your systems are built on. Secure-by-default frameworks reduce the need for pivoting, damage control and even going so far as having to relearn the foundations on which your legacy systems were built.

Security prompts for employees are an issue, human-error wise. Although multi-factor authentications aren’t inherently bad, we’re so trained to blindly click accept that more subtle and effective “security nudges”, as De Ryck calls them can have a profoundly positive effect on security.

De Ryck rounded out his talk by discussing the benefits of implementing platform-level security features, suggesting that going with “trusted types” in building applications on a secure platform, “not only covers the application, but also its dependencies”.

Teaching a computer how to reverse engineer knitting patterns

Continuing the theme of finding novel ways to present the idea of being actionable with ML, Kiristine Howard – part of the AWS Developer Relations team – dived into a demo application she built that attempts to teach a computer to reverse engineer knitting patterns.

It’s her hope to show that AI and ML tooling can have far-reaching applications in – among others – identifying business risk, driving cars, optimising vaccines, and even creating art.

Howard’s talk discussed the ML stack and the different services that cater to different levels of machine learning expertise. She posited that getting clean data is the hardest part of machine learning. It will take up around 80% of your time.

“I’m going to show you a project that I’ve been working on for a couple years now, which is an attempt to teach a computer to reverse engineer knitting patterns,” she said.

During this project, Howard said that the ML algorithm wasn’t as accurate as it could have been, starting with only around a 45% success rate at matching kitting patterns. This indicated there are some lengths to go before the technology can be applied without human interaction.

When asked when she believes the accuracy of ML will get to higher levels, she she said it was a difficult question to answer: “It depends on what your definition of accurate is. I think as a software dev, the important takeaway is that the APIs you call in the future won’t necessarily return a binary result.

“We need to get comfortable branching our business logic depending on a range of answers of varying levels of confidence.

“The accuracy I need for knitting stitches is way different than what you’d need for identifying cancer cells.”

The case for space

Rounding out our picks for ScotSoft, we circle back to space technology, coming full circle to Professor Dunbar’s keynote speech.

In his talk, The Greater Houston Partnership‘s David Alexander discusses the role of space and space technology in solving the world’s problems, with a focus on climate change.  

He also discussed a novel imaging technology being developed at the Rice Space Institute with funding from NASA for environmental modelling. 

Alexander questions the current state of space exploration with the introduction of SpaceX and Blue Origin onto the stage. He comments that Elon Musk and Jeff Bezos getting involved in the space race has already had negative implications on space exploration 

He said that their involvement is “eroding some of the great work being done in the space industry, particularly in Scotland”. 

Alexander provides some suggestions for why more people are starting to become involved in the space industry and exploration. 

Elements such as the reduced cost of space launches, the marked improvement in hardware and the cost of satellite manufacture are all having an impact. 

However, Alexander says he sees a positive space-fuelled future, with what he sees as a planet “empowered by satellites,” and Scotland is likely to be at the forefront. 

The country is already building a strong presence, with companies like Edinburgh-based Skyrora already carrying out rocket launches from Scottish soil. Alexander said Scotland is “providing a package of services” for future space exploration.  

“Putting Scotland as a small but talented country, in a good position to have a strong impact,” Alexander adds. 

Join the Conversation: Digital Transformation 2021 Summit

Technology trends and industry disruption will be key themes at the upcoming Digital Transformation Summit on 28th October.

Now in its sixth year, the Summit has established itself as Scotland’s largest annual conference focussed on digitalisation and organisational change.

For more information on how to register a free place visit:

Graham Turner

Sub Editor

Latest News

%d bloggers like this: