Jonathan Lalou's Blog

Lecturers

Alex Fronasier serves as Business Development Lead for Product Engineering in North America at Amazon Web Services (AWS), championing cloud-enabled advances across manufacturing domains. Shalender Gupta is Global Head of Data Engineering, Analytics, and Reporting at Apollo Tyres, steering the organization’s worldwide data and digital strategy. Gautam, representing AWS partner expertise, contributed deep insights into bespoke HPC platform customization.

Abstract

In an industry where milliseconds of performance and fractions of material efficiency separate market leaders from followers, simulation-driven design has become the lifeblood of innovation. Apollo Tyres’ bold migration to AWS High-Performance Computing stands as a compelling case study in how purposeful cloud architecture can dramatically accelerate engineering workflows while simultaneously driving down costs. This narrative traces the company’s journey from constrained on-premises systems to a scalable, self-service HPC environment, revealing the strategic decisions, technical foundations, and cultural shifts that unlocked unprecedented gains in speed, agility, and sustainability.

The New Imperatives of Engineering Excellence

Manufacturing no longer unfolds in isolated silos; it now competes in a digital-first arena where speed is existential. Established enterprises face disruptors unencumbered by legacy infrastructure, capable of moving from concept to market at breathtaking pace. Success, therefore, hinges on two intertwined capabilities: modernizing operations through cloud and automation, and compressing product development cycles to shrink time-to-market.

Today’s products are marvels of complexity—millions of lines of code, thousands of components, and sprawling global supply chains. Managing this intricacy demands a digital thread: a continuous, traceable flow of data across the entire lifecycle, from requirements to configuration to multidisciplinary validation. Apollo Tyres illustrated this beautifully with their tire genealogy—a living digital record that links every design decision to its downstream performance implications.

Yet complexity alone does not guarantee advantage. True differentiation emerges when organizations leverage simulation to explore thousands of virtual experiments, uncovering innovations that physical prototyping could never economically reveal. Quality must be engineered in from the outset, augmented by AI, IoT, and advanced analytics, rather than inspected in at the end. Efficiency, meanwhile, is not about cutting corners but about eliminating waste through smarter, data-driven choices.

These forces—digital primacy, digital thread mastery, and simulation at scale—are mutually reinforcing. Cloud-enabled operations feed the thread; the thread supplies rich data for quality optimization; simulation accelerates both. Companies that harmonize all three are positioned to dominate.

AWS lives these principles daily. Designing much of its own hardware while orchestrating a planetary supply chain gives the company intimate familiarity with these challenges. A relentless “working backwards” philosophy—from customer needs to rapid prototyping—infuses everything from data center infrastructure to consumer devices and warehouse robotics. At the heart of this agility lies secure, cloud-native collaboration, enabling globally distributed teams to innovate seamlessly, whether crafting integrated circuits or pioneering satellite constellations.

The Anatomy of Simulation and the Allure of the Cloud

A typical engineering simulation journey begins with conceptual design, evolves into detailed model preparation with boundary conditions, proceeds to systematic exploration of design alternatives, and concludes with job execution, result analysis, and insight extraction. These cycles repeat across phases: early design space mapping builds competitive edge, mid-stage robustness testing exposes failure modes, and pre-manufacturing validation de-risks production.

Organizations are flocking to the cloud for compelling reasons. Unlimited elastic capacity banishes queue times, dramatically lifting engineer productivity. Pay-as-you-go economics paired with on-demand scaling delivers financial flexibility. Global teams collaborate without friction, while built-in resilience ensures business continuity. Cutting-edge hardware becomes instantly accessible without capital outlay, and software licenses achieve far higher utilization—driving superior ROI. Shared infrastructure even advances corporate sustainability goals.

AWS structures its HPC offering around three pillars: an intuitive front-end for job submission, virtual desktops, and high-performance remote visualization; a vast compute layer with purpose-built instances; and sophisticated data management that preserves traceability—the very essence of the digital thread.

The true power lies in workload-to-instance matching. Different simulations—structural, thermal, fluid dynamics—exhibit distinct compute, memory, or accelerator profiles. AWS’s broad portfolio allows each job to run on its optimal instance, yielding dramatic cost-performance gains. Spot instances handle interruptible workloads, on-demand serves mission-critical runs, and savings plans lock in baseline capacity. Emerging AI-driven provisioning promises to automate these decisions entirely, while GPU instances capitalize on solver redesigns that exploit parallel processing.

Apollo Tyres’ Awakening: From Legacy Constraints to Cloud Liberation

Apollo Tyres commands respect across Asia-Pacific and Europe, with premium offerings marketed under the Vredestein banner for luxury and performance vehicles. Operating seven plants and spanning every tire category—from passenger cars to agricultural and off-road—the company faced classic HPC growing pains.

On-premises clusters imposed crushing capital burdens, interminable procurement cycles, and inflexible scaling during demand peaks. Visibility across global sites was fragmented, and manual job orchestration created bottlenecks that delayed critical insights. Tire design, after all, demands exquisitely detailed multiphysics simulation—modeling rubber compounds, structural integrity, heat dissipation, and wear under extreme conditions.

The pivot to AWS began with foundational services: AWS ParallelCluster for orchestration, Amazon DCV for seamless remote workstation access, and FSx for NetApp ONTAP for high-throughput storage. This triad enabled tight integration between simulation suites and design tools, delivering up to 59% faster runtimes and more than 60% cost reduction.

Rigorous benchmarking proved pivotal. Shalender Gupta shared a clear hierarchy: Graviton processors running Amazon Linux offered the lowest cost; if incompatible, shift to x86 AMD, then Intel; reserve Windows only for unavoidable enterprise applications. This disciplined approach shattered myths of cloud expense, revealing optimal configurations that balanced performance and economy.

Tachyon: Placing Power Back in Engineers’ Hands

To eliminate operational friction, Apollo Tyres partnered with AWS to deploy Tachyon—a tailored, cloud-native HPC management platform. Tachyon fundamentally rebalances control: researchers gain self-service autonomy, while administrators retain comprehensive visibility and governance.

Engineers now submit, monitor, and troubleshoot jobs through an elegant interface. They provision workstations on demand from a curated catalog and navigate files effortlessly—no more IT tickets. Administrators enjoy unified observability across clusters, project-level budgeting, and seamless Active Directory integration.

Under the hood, Tachyon runs on Amazon EKS with lightweight nodes, leverages OpenSearch for metadata, uses Lambda for scheduled billing and notifications, and deploys proxy nodes close to compute clusters. Secure private connectivity via Direct Connect or VPN completes the enterprise-grade posture.

Live demonstrations revealed the platform’s finesse: granular job configuration (queues, nodes, tasks per node, memory), instant cost previews before submission, deep utilization telemetry, and direct access to simulation outputs. Workstation sharing and lifecycle monitoring further streamline collaboration.

Tachyon AI elevates the experience further. Physics-informed models accelerate simulations, while an Amazon Bedrock-powered assistant enables natural-language interaction—querying job status, generating scripts, diagnosing failures, or optimizing for cost versus speed.

The results speak volumes: simulation times fell by 60% compared to on-premises, capital expenditure shifted to controlled operational spend, engineers refocused on innovation rather than infrastructure wrangling, and virtual prototyping largely supplanted physical testing.

Wisdom Earned and Horizons Ahead

Key lessons crystallized: exhaustive benchmarking is non-negotiable for cost and performance optimization; design everything for elasticity; monitor relentlessly with budget alerts; automate wherever possible. Planning for multi-cluster scale from day one smoothed subsequent expansion.

Looking forward, Apollo Tyres envisions chemical compound simulation to optimize material performance and longevity, component rationalization to simplify the bill of materials, global rollout across all R&D centers, and AI agents that autonomously run simulations and recommend optimal designs.

By mastering cloud HPC, Apollo Tyres has not merely accelerated workflows—it has redefined what is possible in tire engineering, setting a benchmark for simulation-driven manufacturing in the digital age.

Links:

• Session Video on YouTube

Lecturer

Vedang Manerikar is the founder of Unravel.tech and a veteran software architect with over 15 years of experience in the Clojure ecosystem. Previously serving as the Head of Backend Engineering at Helpshift, Vedang has managed large-scale distributed systems and led complex technical migrations. At Unravel.tech, his work focuses on the intersection of Clojure and Artificial Intelligence, specifically building “Agentic Systems” and implementing Generative AI (GenAI) and Large Language Model (LLM) solutions. He is the author of mcp-cljc-sdk, a cross-platform Clojure SDK for the Model Context Protocol.

Abstract

The rapid advancement of Artificial Intelligence has created a need for standardized communication between AI agents and external systems. The Model Context Protocol (MCP), introduced by Anthropic, has emerged as a solution to the integration problem, providing a common interface for agents to interact with diverse data sources and tools. This article explores the architecture of MCP and argues that Clojure is uniquely positioned as an ideal language for implementing MCP servers. We analyze the protocol’s similarity to the Language Server Protocol (LSP), examine real-world applications in browser automation and communication platforms, and discuss how Clojure’s REPL-driven development and data-centric philosophy streamline the creation of powerful, composable AI workflows.

The Model Context Protocol: A New Standard for AI UX

At its core, MCP is an open standard designed to enable AI applications—such as Claude Desktop or Cursor—to access the external world in a structured manner. While one might ask why standard HTTP interfaces are insufficient, the answer lies in the integration problem. Without a standard, every AI agent would need a custom integration for every service (PostgreSQL, Google Drive, GitHub, etc.). MCP solves this by acting as a “USB port” for AI; developers write a server for their service once, and it becomes immediately accessible to any MCP-compliant agent.
Vedang describes MCP not just as a data access layer, but as a “baseline AI UX.” It defines how an agent discovers tools, reads resources, and follows prompts. This standardization allows for the creation of sophisticated workflows where an agent can, for example, use a Playwright MCP server to browse Hacker News, a WhatsApp MCP server to read messages, and a local filesystem server to summarize information and save it to a document. By providing a consistent interface, MCP shifts the focus from integration plumbing to the design of the agent’s behavior and user experience.

Clojure as the Premier Language for MCP

Clojure’s technical characteristics align remarkably well with the requirements of building MCP servers. The protocol is heavily reliant on JSON-RPC and the exchange of structured data, which plays directly into Clojure’s “data-as-code” philosophy. Vedang highlights several key reasons why Clojure developers are particularly well-prepared for the LLM world:
1. REPL-Driven Development: MCP servers often act as intermediaries between non-deterministic LLMs and deterministic systems. The ability to interactively test and refine server responses in a live REPL mirrors the iterative nature of working with AI.
2. Data Transformation: Clojure’s rich library for manipulating maps and vectors makes it trivial to transform complex API responses into the simplified “Context” required by LLMs.
3. Cross-Platform Capability: With the mcp-cljc-sdk, developers can write server logic once and deploy it on both the JVM (using clojure.main or GraalVM native images) and Node.js (via ClojureScript), providing flexibility in how the server is hosted and consumed.

Code Sample: Defining a Simple MCP Tool

(defmethod handle-request "tools/call" [request]
  (let [{:keys [name arguments]} (:params request)]
    (case name
      "get-weather" (let [city (:city arguments)]
                      {:content [{:type "text"
                                  :text (str "The weather in " city " is sunny.")}]})
      {:error "Tool not found"})))

Practical Applications and Agentic Workflows

The power of MCP is best demonstrated through real-world “Agentic” use cases. Vedang shares examples of servers he has developed to automate complex tasks. One such server integrates with WhatsApp, allowing an AI agent to scan chat groups for business leads. Instead of a human manually reading hundreds of messages, the agent uses the MCP server to fetch the latest messages, identifies intent, and provides a summarized report of actionable items.
Another significant application is in browser automation. Using an MCP server for Playwright, an AI can navigate the web as a user would—logging into sites, extracting data from dynamically rendered pages, and performing actions. This allows for prompts like “Find me a hotel within walking distance of the reClojure conference,” where the agent autonomously searches maps, checks availability, and compares prices. These examples illustrate how MCP enables the transition from simple chatbots to true “agents” capable of multi-step reasoning and interaction with the physical or digital world.

The Future of Content-Centric AI

Looking ahead, the evolution of MCP suggests a shift toward a “content-is-king” paradigm. Current AI interactions are often limited by the UX of the chat box. However, with MCP, the focus can move toward the actual content being produced or modified—whether that is a codebase, a spreadsheet, or a document. Vedang envisions a future where multiple coding agents can work in parallel on the same repository, coordinated through a “better Git” or similar bidi-rectinal communication protocols enabled by MCP.
By standardizing the way agents interact with our tools, MCP paves the way for a new generation of software that is designed from the ground up to be AI-enhanced. For the Clojure community, this represents a significant opportunity to lead the development of the “AI UX” by building robust, composable servers that unlock the full potential of Large Language Models.

Links:

• Vedang Manerikar on LinkedIn
• Unravel.tech Website
• mcp-cljc-sdk on GitHub
• Watch the Lecture: Writing MCP Servers in Clojure

Lecturer

Enis Spahi is a software architect and consultant with extensive experience in designing and implementing large-scale distributed systems. He is a specialist in API design, microservices architecture, and contract-driven development. Enis is recognized for his contributions to the community regarding API governance and the standardization of machine-to-machine communication. His professional focus involves streamlining the collaboration between backend service providers and frontend or third-party consumers, advocating for “API-First” and “Consumer-Driven” methodologies to reduce integration friction.

Abstract

While APIs are fundamentally engineered for machine-to-machine communication, their development is deeply influenced by human factors, including discoverability, documentation, and interpersonal coordination. This article explores the methodologies for enhancing provider and consumer interaction through standardized specification languages and contract testing. By analyzing the transition from “Code-First” to “API-First” and “Consumer-First” approaches, the discussion highlights the innovations brought by OpenAPI, AsyncAPI, and Pact. The analysis further evaluates the technical implications of automated documentation and contract verification in maintaining system integrity within microservices ecosystems.

The Human Challenge in Technical Interfaces

The primary bottleneck in modern software delivery is often not the implementation of logic, but the communication of how that logic can be accessed. Enis Spahi identifies a recurring problem in the industry: the lack of API discoverability. Even the most technically sound API is useless if a potential consumer cannot find it or understand its requirements. This “Communication Gap” often leads to wasted development cycles, where teams build redundant services or struggle with mismatched expectations.

To address this, the methodology shifts from viewing an API as a technical byproduct to viewing it as a Product. This perspective necessitates a commitment to high-quality documentation and a “Common Language” that both providers and consumers can use to negotiate the interface’s behavior.

Standardization via Specification Languages

A cornerstone of modern API communication is the use of standardized specification languages. These formats provide a machine-readable “source of truth” that can be transformed into human-readable documentation or even executable code.

• OpenAPI (formerly Swagger): This has become the de facto standard for RESTful APIs. It allows providers to define endpoints, request/response formats, and security requirements in a YAML or JSON file.
• AsyncAPI: As architectures move toward event-driven patterns, AsyncAPI provides the same level of rigor for asynchronous communications (e.g., Kafka, RabbitMQ), defining message formats and channel structures.
• Documentation as Code: By maintaining specifications in version control, documentation becomes a living asset. Tools can automatically generate interactive portals (like Swagger UI) where consumers can explore and test the API in real-time.

Comparative Methodologies: Code-First vs. API-First vs. Consumer-First

The strategy chosen for API development significantly impacts the relationship between the provider and the consumer.

1. Code-First: Implementation begins immediately, and the specification is generated from the code. While fast for small teams, this often leads to “leaky abstractions,” where internal implementation details are inadvertently exposed to consumers.
2. API-First: The specification is designed and agreed upon before any code is written. This allows frontend and backend teams to work in parallel, using the specification to generate mocks. It fosters a more deliberate and consumer-friendly design.
3. Consumer-First (Contract Testing): This methodology, exemplified by tools like Pact, takes collaboration a step further. Consumers define their expectations in a “contract.” The provider then verifies its implementation against these contracts. This ensures that a provider never makes a change that would break an existing consumer.

Code Sample: A Simple Pact Consumer Contract

@Pact(consumer = "UserWebClient", provider = "UserService")
public RequestResponsePact createPact(PactDslWithProvider builder) {
    return builder
        .given("User 123 exists")
        .uponReceiving("A request for User 123")
        .path("/users/123")
        .method("GET")
        .willRespondWith()
        .status(200)
        .body(new PactDslJsonBody()
            .stringType("username", "espahi")
            .stringType("email", "enis@example.com"))
        .toPact();
}

Implications for Scalability and Governance

In a microservices environment, the number of interfaces can grow exponentially. Without a standardized approach to communication, the system becomes a “Distributed Monolith” where every change requires cross-team meetings and manual testing.

Enis emphasizes that adopting these automated tools—OpenAPI generators for client libraries and Pact for contract verification—shifts the burden of compatibility from humans to the CI/CD pipeline. This automation allows for “Independent Deployability,” where teams can release updates with the mathematical certainty that they are not breaking downstream consumers.

Conclusion

Enhancing the interaction between API providers and consumers requires a strategic blend of technical standards and human-centric design. By moving toward API-First and Consumer-Driven methodologies, organizations can bridge the gap between intent and implementation. The use of OpenAPI and Pact transforms APIs from fragile connections into robust, documented, and verified contracts. Ultimately, the success of a distributed system depends not just on how well its machines talk, but on how clearly its human creators communicate their expectations.

Links:

• Enis Spahi on LinkedIn
• OpenAPI Specification Official Site
• AsyncAPI Initiative
• Pact Foundation – Contract Testing
• Lecture Video: Communicating our APIs

Lecturer

The presentation features resilience specialists who architect backup and recovery solutions for SaaS DevOps platforms. Their expertise spans data protection strategies for Jira, Confluence, GitHub, and related tools that lack native recovery capabilities.

Abstract

The session reveals a critical gap in DevOps resilience: SaaS platforms that store mission-critical data without adequate backup controls. Through incident analysis and recovery patterns, it establishes that infrastructure protection alone insufficiently addresses application data loss, advocating purpose-built solutions for comprehensive business continuity.

DevOps Tools as Critical Business Assets

Modern software delivery depends on SaaS platforms:

• Jira: Product roadmaps, sprint planning
• Confluence: Technical documentation, runbooks
• GitHub: Source code, CI/CD configurations

These tools contain intellectual property and operational knowledge that infrastructure backups cannot restore. A corrupted Jira automation recently disrupted an entire product organization despite perfect infrastructure resilience.

Risk Taxonomy and Impact Analysis

Data loss manifests through multiple vectors:

1. Human Error (62%): Misconfigured automations, bulk deletes
2. Malicious Actors (24%): Compromised admin accounts
3. Application Bugs (14%): Vendor updates, API failures

Impact extends beyond availability—corrupted sprint data delays releases, lost documentation impedes incident response, deleted repositories halt deployments.

Native Backup Limitations

SaaS providers prioritize availability over recoverability:

Vendor SLA: 99.9% uptime
Vendor Backup: 30-day undo window
Point-in-time restore: Not supported

Jira retains deleted issues for 30 days; Confluence pages vanish permanently after trash emptying. GitHub offers no granular repository restore—organizations must rebuild from local clones.

Resilience Architecture Patterns

Purpose-built solutions implement:

backup_policy:
  frequency: 4_hours
  retention: 365_days
  granularity: issue_level
  encryption: customer_managed_keys

Automated backups capture metadata, attachments, and permissions. Recovery enables:

• Single issue restoration
• Project-level rollback
• Cross-instance migration

Recovery Time Objective Achievement

Traditional recovery requires vendor support tickets and partial exports. Specialized platforms achieve:

• RTO: < 5 minutes for critical items
• RPO: < 1 hour for configuration changes
• Audit trail: Immutable recovery logs

Proactive Resilience Framework

Organizations implement three pillars:

1. Risk Assessment: Map DevOps tools to business processes
2. Resilience Engineering: Automated backups with testing
3. Recovery Planning: Documented procedures and drills

Regular recovery exercises validate SLAs—75% of organizations lack tested SaaS recovery plans by 2028 projections.

Conclusion: Comprehensive Data Resilience

Infrastructure resilience protects servers; data resilience protects the business. DevOps tools represent crown jewels that native backups inadequately safeguard. Organizations that implement specialized protection achieve competitive advantage through uninterrupted delivery, regulatory compliance, and rapid incident recovery.

Links:

• Lecture Video

In the ever-evolving ecosystem of application evolution, where legacy lingers and modernity mandates migration, Sweekriti Satpathy, a Microsoft maestro and .NET navigator, unveils the transformative tapestry of .NET MAUI. With six years sculpting cross-platform solutions, Sweekriti shepherds developers from Xamarin’s yesteryears and WPF’s weighty windows to MAUI’s multiplatform marvels. Her narrative, nuanced with practical pointers, navigates the nuances of modernization—Blazor’s hybrid harbors, AI’s augmentation—ensuring enterprises endure with elegance.

Sweekriti salutes the assembly, her mirth mingling with memories of a maritime mixer. MAUI, Microsoft’s answer to multiplatform mandates, melds mobile, desktop, web—Xamarin’s successor, WPF’s wayfarer. Her mission: migrate mindfully, minimizing mayhem, maximizing modernity.

From Xamarin to MAUI: Migration’s Methodical March

Xamarin’s exodus begins with blueprints: Sweekriti suggests surveys—dependency diagnostics, platform pivots—preceding plunges. MAUI’s magic lies in unification: single projects supplant scattered solutions, XAML’s expressiveness enduring. Her tactic: transition incrementally—controls converted, bindings bolstered—leveraging MAUI’s matured middleware.

Challenges chime: platform peculiarities persist—Android’s activities, iOS’s interfaces. Sweekriti’s salve: .NET 8’s stabilizers, Visual Studio’s validators—tools taming turbulence. Her demo: a Xamarin relic reborn, pages ported, performance polished.

Blazor’s Bastion: Hybrid Horizons

Blazor’s hybridity heralds hope: MAUI’s embrace embeds web widgets, “islands” invigorating interfaces. Sweekriti showcases: Razor razes redundancy, SignalR synchronizes states—web-to-native nexus nurtured. WPF, WinForms wanderers welcome: MAUI’s mantle modernizes, Blazor’s bridge bearing legacy’s load.

Her hint: harness Hot Reload—code’s cadence quickened, iterations ignited. Sweekriti’s synergy: Blazor’s brevity blends with MAUI’s breadth, birthing business-critical brilliance.

AI’s Augmentation: Amplifying Adaptation

AI accelerates ascent: Copilot’s code conjures, IntelliSense interprets intents. Sweekriti spotlights: AI-aided migrations—snippets synthesized, errors eradicated—streamline shifts. Her caution: calibrate AI’s contributions, human hands honing outputs.

Integration intrigues: MAUI mates with Aspire, Azure’s ally for cloud-native quests. Sweekriti signals Scott Hunter’s keynote, where Aspire’s orchestration aligns with MAUI’s mobile might—serverless synergies, Functions fortifying frontends.

Future-Proofing Fortitude: Strategic Steps

Sweekriti’s strategy: start small—pilot projects probe possibilities; scale smart—Aspire’s scaffolding supports surges. Her vision: MAUI as mainstay, modernizing monoliths, mobilizing markets.

Her valediction: embrace evolution—MAUI’s multiplatform mantle ensures endurance, enterprise emboldened.

Links:

• Microsoft company website
• Sweekriti Satpathy on LinkedIn

Lecturer

Kevlin Henney is an independent consultant, trainer, and author specializing in software architecture, programming paradigms, and agile practices. He has contributed to numerous books, including “97 Things Every Programmer Should Know,” and is a frequent speaker at international conferences. Kevlin’s work spans decades, influencing developers through his insights on language evolution and design patterns. Relevant links include his X account (https://x.com/kevlinhenney) and Mastodon (https://mastodon.social/@kevlinhenney).

Abstract

This article analyzes Kevlin Henney’s exploration of programming languages’ historical trajectory, current state, and prospective developments. It dissects paradigms, influences, and biases shaping language adoption, emphasizing slow evolution despite rapid technological hype. Through data-driven analysis and historical anecdotes, it underscores the dominance of 20th-century languages, the assimilation of functional features into mainstream ones, and AI’s reinforcing role, offering implications for future trends.

Historical Foundations and Paradigm Shifts

Programming languages bridge hardware and human cognition, embodying philosophies for structuring thoughts and systems. Kevlin traces their origins to the 1950s, with Fortran as an experimental compiler challenging beliefs that high-level languages couldn’t match assembly efficiency. John Backus’s team at IBM proved otherwise, unleashing a “virus” that normalized compilation.

By 1977, Backus questioned liberation from the “von Neumann style”—imperative models mimicking memory storage, jumps, and assignments. He advocated functional styles with program algebras, introducing “style” before Robert Floyd’s 1978 formalization of paradigms. Paradigms, borrowed from other disciplines, frame programming approaches: imperative, functional, logic.

Historical influences abound; Algol 68, despite limited adoption, pioneered constructs like if-then-else as expressions, impacting modern syntax. Kevlin highlights languages’ slow pace: mainstream ones still integrate decades-old ideas, with developers embracing “new” features older than themselves.

This context reveals languages as ecosystems defining skills, communities, and loyalties, evolving gradually amid technological progress.

Current Landscape: Dominance and Biases

Contemporary rankings like TIOBE and RedMonk illustrate stasis. TIOBE’s January 2026 top 10 features Python leading, followed by C, Java, C++, and others—all 20th-century except Go. Skewed distributions show Python’s dominance, with top-five accounting for nearly 60% of activity.

RedMonk, biased toward Stack Overflow and GitHub, elevates TypeScript but confirms 20th-century prevalence. Even gRPC-supported languages skew vintage. Kevlin notes human statistical misconceptions: top-10 lists appear linear, but power laws dominate, amplifying incumbents.

Biases perpetuate this: legacy code bases influence employment and evolution, with languages borrowing features (e.g., lambdas from 1930s lambda calculus) to retain users. Java’s 2014 lambdas postdate C++’s; JavaScript popularized them, but Lisp implemented in 1960.

Paradigms blend: few pure functional languages in top-20; most hybridize, raiding functional concepts (lambdas, map-reduce) without full adoption. SQL, a declarative logic language, exemplifies non-functional declarativeness, rewritten as comprehensions in Python or Haskell.

Excel, per Simon Peyton Jones, is the most popular functional language, with 2020 lambdas (now in Google Sheets) adding calculus. This assimilation dilutes paradigms; functional programming peaked a decade ago, its ideas mainstreamed.

AI’s Influence on Language Evolution

Artificial intelligence reinforces biases. Early Lisp dominance in symbolic AI gave way to neural networks and machine learning in the 1980s-1990s. Modern LLMs, statistical at core, excel in languages with abundant data: JavaScript, Python, TypeScript.

Anders Hejlsberg observes AI’s proficiency proportional to exposure, disadvantaging new languages. LLMs default to mainstream, using Python for tasks like counting ‘R’s in “strawberry”—orchestrating code where reasoning falters.

Implications: AI makes languages “irrelevant” yet crucial, as defaults bias toward past dominants. Orchestration (e.g., Gemini writing Python) joins developers’ statistical set, perpetuating incumbents.

Future Trajectories and Constraints

Future predictions defy certainty, but trends suggest continuity. Change lags expectations; quantum computing remains niche, irrelevant to mainstream for decades.

Functional programming won’t dominate; von Neumann imperatives persist. AI amplifies long tails—easier language creation—but cores stabilize. Notations could innovate, per Richard Feynman, but comfort favors sharing existing ones.

William Faulkner’s quote—”The past is never dead. It’s not even past”—encapsulates: legacies endure, shaped by data, communities, and AI.

In conclusion, languages evolve slowly, assimilating ideas while incumbents dominate, with AI entrenching this amid potential for niche proliferation.

Links:

• Lecture Video
• Kevlin Henney on X
• Kevlin Henney on Mastodon

Lecturer

Kevin Brockhoff is a Director and Consulting Expert at CGI, one of the world’s largest IT and business consulting firms. With decades of experience in the technology industry, Kevin specializes in navigating the complex intersections of cybersecurity, digital transformation, and large-scale enterprise systems. His work at CGI involves helping multinational organizations—spanning sectors such as banking, government, and manufacturing—modernize their legacy infrastructure while maintaining robust security postures. Kevin is a prominent voice in the Miami technology community, frequently sharing insights at the Miami Java User Group (MiamiJUG) regarding automated refactoring and the integration of generative AI in software engineering.

Abstract

As enterprises face an accelerating stream of feature requests and increasingly sophisticated cyber threats, the accumulation of technical debt and security vulnerabilities has become a critical bottleneck. This article examines a deterministic approach to large-scale code remediation using OpenRewrite, an open-source automated refactoring ecosystem. Unlike indeterminate generative AI agents, which can produce inconsistent results and hallucinations, OpenRewrite utilizes Lossless Semantic Trees (LSTs) to ensure predictable, traceable, and scalable code transformations. By combining the creative potential of AI with the reliability of rule-based transformers, organizations can achieve a fourfold increase in productivity for vulnerability remediation. The following analysis explores the methodology of LST-based refactoring, its application across thousands of repositories, and its strategic role in modernizing global IT infrastructure.

The Crisis of Speed and Indeterminacy in Enterprise Software

In the modern software landscape, engineering teams are caught in a perpetual race between delivering new features and mitigating emerging security risks. Kevin emphasizes that speed is the decisive factor in this environment; delays in remediation allow vulnerabilities to proliferate across growing application portfolios. While generative AI agents have been proposed as a solution to this problem, they introduce significant challenges when applied in isolation at an enterprise scale.

The primary issue with relying solely on Large Language Models (LLMs) for code refactoring is their indeterminate nature. Applying an AI agent to the same codebase multiple times may yield different results, and the risk of “hallucinations” necessitates a manual human review of every line of code. Furthermore, current AI tools often struggle with scalability; while they may function effectively on a single repository, managing transformations across 5,000 repositories requires a more structured, traceable mechanism.

OpenRewrite: Deterministic Refactoring via Lossless Semantic Trees

To address the limitations of AI, Kevin advocates for the use of OpenRewrite, a tool sponsored by Moderne that provides a deterministic framework for source code modification. At the heart of OpenRewrite is the Lossless Semantic Tree (LST). While a traditional Abstract Syntax Tree (AST) represents the hierarchical structure of code, the LST incorporates two additional layers of critical information:

1. Type Information: Every node in the tree is enriched with comprehensive type data, similar to the output of a compiler.
2. Formatting Preservation: Uniquely, the LST captures all original formatting, including whitespace and comments.

This architecture allows OpenRewrite to parse code, apply transformations, and write it back to the source file with character-for-character fidelity to the original style, provided no changes were intended. Most importantly, these modifications are deterministic; a “recipe”—the rule-based transformer used by the engine—will produce identical results every time it is applied, enabling mass application across thousands of repositories without the need for exhaustive manual re-verification.

Methodology: Combining AI with Rule-Based Transformers

The most effective strategy for large-scale remediation involves a hybrid approach that leverages both AI and deterministic tools. In this model, AI agents are used to assist human developers in generating the refactoring recipes themselves. Once a recipe is refined and tested, it acts as a reliable, version-controlled asset that can be executed at scale.

OpenRewrite’s ecosystem is divided into open-source and commercial components. The core engine and a vast catalog of common recipes—covering framework migrations (such as Spring Boot upgrades), security fixes, and stylistic consistency—are available under the Apache license. For large-scale enterprise management, the Moderne platform provides advanced capabilities, including:

• SaaS and On-Premise (DX) Options: These allow for mass refactoring across an entire organization’s source code system.
• Semantic Search: By calculating embeddings on LSTs, the platform enables highly sophisticated code intelligence and search.
• Batch Remediation Tracking: A centralized dashboard for managing the progress of large-scale security and tech debt campaigns.

Implementation and Impact

The practical application of these tools has demonstrated a 4X increase in productivity for security vulnerability remediation at major corporations. Beyond security, use cases include technical modernization, library upgrades, and maintaining architectural standards. By automating the “grunt work” of refactoring, senior engineers can focus on higher-level architectural decisions while the deterministic engine ensures that thousands of microservices remain up-to-date with the latest security patches and framework versions.

Relevant links and hashtags:

• Kevin Brockhoff on LinkedIn
• CGI Official Website
• OpenRewrite Project
• Moderne Platform
• MiamiJUG YouTube Channel

Lecturer

Alex Gavrilescu is the developer of Backlog.md, a command-line utility for AI-enhanced project oversight, with a history in program creation and mobile advancement. He emphasizes processes that elevate AI task accomplishment, derived from personal ventures in auxiliary initiatives.

Abstract

This examination follows the progression from preliminary AI scripting setbacks to a polished arrangement attaining near-flawless duty fulfillment through Backlog.md. It clarifies notions like specification-guided creation and agent coordination, placed amid initial cue deficiencies. Emphasizing tactics for background supplying and archetype choice, it scrutinizes effects on output, particularly in disconnected settings. The exploration furnishes profundity on moving to AI-primary oversight, stressing functional inventories and mergers.

Preliminary Difficulties with AI Aid

Early AI endeavors, such as applying Claude to repositories, frequently faltered owing to “bare” cues deficient in background, yielding more corrections than advancements. Fulfillment percentages lingered at 50%, hampered by repository disorder and partial comprehension.

Placed: AI excitement vowed mechanization, but truths disclosed requirements for organized entries. Procedurally, appending background documents elevated percentages to 75%, as agents acquired essential particulars.

Ramifications: Inferior arrangements squander duration; methodical tactics transform AI into dependable supports.

Polishing Processes for Elevated Fulfillment

Backlog.md organizes duties as Markdown documents in repositories, permitting parallelization and agent handling. CLI illustrations convert phrases into duties:

backlog init
backlog add "Construct user verification"
backlog run

Agents scheme, enact, assess. Archetype contrasts: Claude for deduction, Codex for scripting, Jules for advantages.

Scrutiny: Inventories determine agent functions—Claude schemes, Codex enacts. Ramifications: 95% fulfillment via coordination.

Mobile-Exclusive and Merger Tactics

Mobile-exclusive processes test portability: CLI permits duty oversight sans workstations. Real-time merges from mobiles illustrate adaptability.

Procedurally, synchronizing with GitHub matters broadens utility, albeit intricate.

Ramifications: AI permits “ubiquitous” creation, enhancing auxiliary initiatives.

Deployment Preparedness and Prospective Boosts

Backlog.md attains elevated percentages via specifications, not supplanting instruments like Jira but supplementing for agents.

Prospective: GR mergers for enterprise.

In overview, organized AI processes revolutionize creation, optimizing fulfillment.

Links:

• Lecture video: https://www.youtube.com/watch?v=LSoDQU_9MMA
• Alex Gavrilescu on Twitter/X: https://twitter.com/H3xx3n

Keynote Speakers

Cameron Balahan serves as the Group Product Manager and lead for the Go programming language at Google, overseeing its strategic development and integration within cloud ecosystems. With a background from The George Washington University, he focuses on enhancing developer productivity and scaling tools for mission-critical applications.

Marc Dougherty functions as the lead for Developer Relations in Go at Google, bridging the community with advancements in the language. His expertise lies in site reliability engineering turned developer advocacy, emphasizing practical implementations for reliable software systems.

Abstract

This scholarly examination probes the recent evolutions in the Go programming language, particularly version 1.24, spotlighting enhancements in cryptography, type systems, and runtime efficiency. It dissects foundational principles guiding Go’s design, methodologies for AI infrastructure integration, and forward-looking initiatives like SIMD optimizations. Through code demonstrations and contextual analyses, the narrative evaluates implications for scalable, secure software engineering, underscoring Go’s role in contemporary cloud and generative AI landscapes.

Foundational Principles and Historical Context

Cameron Balahan and Marc Dougherty commence by delineating Go’s origins, conceived over 15 years ago at Google to reconcile productivity in dynamic languages with the robustness of compiled ones. Balahan articulates Go’s ethos: a language engineered for scalability from inception, addressing modern software architectures, operational environments, and collaborative teams. This premise manifests in three pillars: productivity through simplicity and readability; a holistic developer ecosystem spanning IDE to deployment; and production readiness emphasizing reliability, efficiency, and security.

Contextually, Go emerged amid Google’s challenges in maintaining vast systems, evolving into a cornerstone of cloud infrastructure. Dougherty highlights its adoption in pivotal technologies like Kubernetes and Docker, attributing this to inherent cloud-native features rather than retrofits. User satisfaction metrics, exceptionally high, reflect this alignment, with Go’s growth surpassing developer population trends.

The discourse transitions to version 1.24’s innovations, building on 1.23’s iterator additions and runtime telemetry. Balahan explains post-quantum cryptography integration, fortifying against quantum threats via hybrid key exchanges in TLS. This methodology combines classical and quantum-resistant algorithms, ensuring forward compatibility without immediate overhauls.

Type alias generics, now fully supported, enhance code modularity by permitting aliases with type parameters, facilitating incremental migrations in large codebases. Runtime optimizations, including profile-guided enhancements, reduce CPU overhead by 2-3%, optimizing garbage collection and scheduling for high-throughput scenarios.

Implications extend to enterprise adoption, where Go’s backward compatibility—unchanged since version 1.0—assures long-term stability, contrasting with languages prone to breaking changes.

AI Infrastructure and Generative Applications

Dougherty pivots to Go’s burgeoning role in AI, leveraging its concurrency model and efficiency for infrastructure like vector databases and serving frameworks. He posits Go’s simplicity as ideal for AI’s rapid evolution, where readable code withstands complexity.

Methodologies for AI workloads involve embedding models and vector stores, demonstrated via integrations with Gemini and Weaviate. Code samples illustrate query handling:

func handleQuery(query string) {
    // Embed query using Gemini
    embedding := gemini.Embed(query)

    // Query Weaviate via GraphQL
    docs := weaviate.Query(embedding)

    // Generate response
    response := gemini.Generate(docs)
}

Frameworks like LangChain Go and Firebase Genkit abstract LLM and database interactions, promoting modularity. Genkit’s observability tools enhance debugging in production.

Contextually, Go’s provenance in cloud-native tools positions it for AI’s distributed nature, implying reduced latency in inference pipelines. Implications include seamless migrations amid technological shifts, bolstered by interfaces and embedding.

Future Directions and Community Ecosystem

Balahan outlines forthcoming enhancements in Go 1.25, emphasizing SIMD for vectorized operations crucial to AI optimizations. Multi-core advancements target non-uniform memory access, refining garbage collection for modern hardware.

Language polish focuses on generic flexibility, with community discussions on GitHub informing iterations. Compatibility remains sacrosanct, ensuring legacy code viability.

The ecosystem’s vitality—robust libraries for AI, vibrant meetups—underscores collaborative growth. Dougherty credits community contributions for Go’s relevance, implying sustained innovation through open-source synergy.

Analytically, these trajectories affirm Go’s adaptability, with implications for AI-driven economies where efficient, secure languages predominate.

Links:

• Cameron Balahan on LinkedIn
• Marc Dougherty on LinkedIn
• Lecture Video

Lecturer

Mike Markell is a Practice Manager for AWS Professional Services in Hong Kong, where he leads digital transformation and security initiatives for major enterprises across Asia. Naresh Sharma is a senior technology leader at Cathay Pacific Airways, overseeing the airline’s global application security and DevSecOps strategy. Tony Leong is a Senior Security Architect at Cathay, specialized in building AI-powered security tooling and integrating AppSec-as-Code into high-velocity deployment pipelines.

Abstract

In the highly regulated and high-stakes environment of global aviation, managing security across more than 4,000 annual deployments presents a massive operational challenge. This article details how Cathay Pacific Airways revolutionized its “security-first” culture by moving beyond traditional security scanning to a comprehensive DevSecOps model. The core methodology centers on the implementation of Agentic AI and a RAG-based (Retrieval-Augmented Generation) assistant to solve the industry’s “false positive crisis.” By deploying “AI-powered security champions” and customized scanning rules, Cathay achieved a 75% reduction in vulnerability remediation time and a 50% reduction in security operations costs. The analysis explores the technical and cultural shifts required to empower over 1,000 developers to become proactive security practitioners while maintaining the airline’s rapid pace of innovation.

Context: The Bottleneck of Manual Security Reviews

For a global leader like Cathay Pacific, the pace of digital innovation is essential for maintaining a competitive edge in the aviation industry. However, this speed was being severely hindered by the limitations of traditional security scanning tools. The primary conflict centered on a high noise-to-signal ratio, where approximately 78% of the vulnerabilities identified by standard tools were determined to be false positives. This created a crisis where security teams were overwhelmed by alerts, leading to significant delays in the deployment of features for the airline’s fleet.

Furthermore, the manual review process required to validate these alerts created significant friction between the security and development teams. Developers often viewed security requirements as a hurdle that slowed down their ability to deliver value, while security professionals struggled to keep up with the volume of code being produced. To overcome these challenges, Cathay needed a solution that could scale with their deployment frequency—which covers everything from customer-facing apps to critical flight operation systems—without compromising on the rigorous safety standards that define the brand.

Methodology: Implementing Shift-Left Security with AI

The solution implemented by Cathay Pacific and AWS Professional Services involved a comprehensive “shift-left” strategy, which integrates security at the very beginning of the software development lifecycle. The cornerstone of this methodology is the use of Agentic AI. Unlike traditional static scanners, these AI agents act as “security champions” that provide real-time, context-aware guidance to developers as they write code. This allows for the identification of security anti-patterns and the suggestion of defensive coding practices before the code is even committed to a repository.

Another critical component of the methodology is the AppSec-as-Code library. This centralized knowledge base translates complex security policies into programmatic requirements that can be automatically enforced within CI/CD pipelines. To make this information accessible to developers, the team developed a RAG-based (Retrieval-Augmented Generation) assistant. This tool allows developers to query internal security standards using natural language, receiving accurate and context-specific advice instantly. Finally, the team moved away from “out of the box” tool configurations in favor of highly customized scanning rules. This technical fine-tuning was essential for drastically reducing the false-positive rate and ensuring that the security team only focused on legitimate threats.

Technical Analysis of Operational Gains

The implementation of AI-driven DevSecOps has yielded remarkable quantitative results for Cathay Pacific. The most significant outcome is a 75% reduction in the time required to remediate vulnerabilities. Because the AI agents filter out the vast majority of false positives and provide developers with clear, actionable fix suggestions, the entire security lifecycle has been compressed. Qualitatively, this has led to a 70% improvement in developer security capability, as the tools effectively serve as an automated, on-the-job training system that reinforces secure coding habits.

From a financial perspective, the automation of manual reviews and the reduction in wasted engineering time have led to a 50% cost reduction in security operations. The airline is now able to manage over 4,000 deployments annually with a higher level of confidence and lower overhead than was previously possible. A critical technical lesson learned during the journey was that “by default, no tool is perfect.” Success required a commitment to continuous customization and a willingness to collaborate with product vendors to tune their tools to the specific needs of the aviation industry. This iterative feedback loop was the key to moving from “human-in-the-loop” automation to a more efficient “AI-informed” model.

Consequences: A Cultural and Technical Transformation

The transformation at Cathay Pacific extended far beyond the technical architecture; it required a fundamental shift in the organization’s culture. The success of the project was predicated on a “can-do” spirit and the setting of ambitious targets that challenged the status quo. By providing developers with the tools to take ownership of security, the organization has fostered a culture where security is seen as a shared responsibility rather than an external constraint.

The implications for the global aviation and enterprise sectors are significant. Cathay has proven that it is possible to maintain a high-velocity deployment schedule in a safety-critical environment by leveraging the power of generative AI. Looking forward, the organization plans to develop even more insightful dashboards to provide security leaders with real-time visibility into the health of the application portfolio. The journey serves as a powerful testament to how Agentic AI can bridge the gap between agility and security, turning a potential bottleneck into a powerful competitive advantage.

Links:

• Cathay Pacific Official Website
• AWS Professional Services
• Amazon Bedrock for RAG Applications
• Watch the Security Transformation Story