197 research outputs found
SKaLib: SKaMPI as a library
SKaLib is a library to support the development of benchmarks.
It offsprings from the SKaMPI-project. SKaMPI is a benchmark to
measure the performance of MPI-operations. Many mechanisms and
function of the SKaMPI-benchmark program are also useful when
benchmarking other functions than MPI\u27s. The goal of SKaLibis to
offer the benchmarking mechanisms of SKaMPI to a broader range
of applications. The mechanisms are: precision adjustable
measurement of time, controlled standard error, automatic
parameter refinement, and merging results of several
benchmarking runs.
This documents fulfills two purposes: on the one hand it should
be a manual to use the library SKaLib and explains how to
benchmark an operation. On the other hand this report
complements the SKaMPI-user manual. The latter report explains
the configurations and the output of SKaMPI, whereas this
reports gives a detailed description of the internal data
structures and operations used in the SKaMPI-benchmark.
There is also a scientific section which motivates and describes
the algorithms and underlying formulas used by SKaMPI
SKaMPI: the special Karlsruher MPI-benchmark. User manual
SKaMPI is the Special Karlsruher MPI-Benchmark. SKaMPI measures
the performance of MPI implementations, and of course of the
underlying hardware. It performs various measurements of several
MPI functions. SKaMPI\u27s primary goal is giving support to
software developers. The knowledge of MPI function\u27s
performance has several benefits: The software developer knows
the right way of implementing a program for a given machine,
without (or with shortening) the tedious time costly tuning,
which usually has to take place. The developer has not to wait
until the code is written, performance issues can also
be considered during the design stage. Developing for
performance even can take place, also if the considered target
machine is not accessible.
MPI performance knowledge is especially important, when
developing portable parallel programs. So the code can be
developed for all considered target platforms in an optimal
manner. So we achieve performance portability, which means that
code runs without time consuming tuning after recompilation on a
new platform
Counter-constrained finite state machines: modelling component protocols with resource-dependencies
This report deals with the specification of software component
protocols (i.e., the set of service call sequences). The
contribution of this report is twofold: (a) We discuss specific
requirements of real-world protocols, especially in the presence
of components wich make use of limited resources. (b) We define
counter-constrained finite state machines (CC-FSMs), a novel
extension of finite state machines, specifically created to
model protocols having dependencies between services due to
their access to shared resources. We provide a theoretical
framework for reasoning and analysing CC-FSMs. Opposed to finite
state machines and other approaches, CC-FSMs combine two
valuable properties: (a) CC-FSMs are powerful enough to model
realistic component protocols with resource allocation, usage,
and de-allocation dependencies between methods (as occurring in
common abstract datatypes such as stacks or queues) and (b)
CC-FSMs have a decidabile equivalence- and inclusion problem as
proved in this report by providing algorithms for efficient
checking equivalence and inclusion. These algorithms directly
lead to efficient checks for component interoperability and
substitutability.
Keywords: software component protocols, finite state machine
extension, decidable inclusion check, interoperability,
substitutability
Tool-Based Attack Graph Estimation and Scenario Analysis for Software Architectures
With the increase of connected systems and the ongoing digitalization of various aspects of our life, the security demands for software increase. Software architects should design a secure and resistant system. One solution can be the identification of attack paths or the usage of an access control policy analysis.
However, due to the system complexity identifying an attack path or analyzing access control policies is hard.
Current attack path calculation approaches, often only focus on the network topology and do not consider the more fine-grained information a software architecture can provide, such as the components or deployment. In addition, the impact of access control policies for a given scenario is unclear.
We developed an open-source attack propagation tool, which can calculate an attack graph based on the software architecture. This tool could help software architects to identify potential critical attack paths. Additionally, we extended the used access control metamodel to support a scenario-based access control analysis
MINT - Modellgetriebene Integration von Informationssystemen : Projektbericht
Das Projekt MINT (Modellgetriebene Integration von Informationssystemen) beschäftigt sich mit der Entwicklung von Methoden zur Umsetzung modellgetriebener Ansätze, wie z. B. der Model Driven Architecture (MDA) der Object Management Group (OMG), im Bereich der Integration von betrieblichen Informationssystemen. Dabei werden sowohl die Integration von Legacy Systemen in moderne Umgebungen als auch die Integration von Individualsoftware in einen Standardsoftware-Kontext berücksichtigt
Architectural Attack Propagation Analysis for Identifying Confidentiality Issues
Exchanging data between different systems enables us to build new smart services and digitise various areas of our daily life. This digitalisation leads to more efficient usage of resources, and an increased monetary value. However, the connection of different systems also increases the number of potential vulnerabilities. The vulnerabilities on their own might be harmless, but attackers could build attack paths based on the combination of different vulnerabilities. Additionally, attackers might exploit existing access control policies to further propagate through the system. For analysing this dependency between vulnerabilities and access control policies, we extended an architecture description language (ADL) to model access control policies and specify vulnerabilities. We developed an attack propagation analysis operating on the extended ADL, which can help to determine confidentiality violations in a system. We evaluated our approach by analysing the accuracy and the effort compared to a manual analysis using different scenarios in three case studies. The results indicate that our analysis is capable of identifying attack paths and reducing the effort compared to manual detection
Supplementary Material for the Evaluation of the Publication – A Layered Reference Architecture for Model-based Quality Analysis
In this technical report, we present the supplementary information for the evaluation of the Layered Reference Architecture for Model-based Quality Analysis. In chapter 2, we present the case studies, rst in their monolithic and then in their modular form. We present installation instructions for the tools required to reproduce the evaluation results in chapter 3. In chapter 4, we provide detailed information about the evolution scenarios. The tooling and the results of the scenarios can be found online [7]
Dependability Metrics : Research Workshop Proceedings
Justifying reliance in computer systems is based on some form of evidence about such systems. This in turn implies the existence of scientific techniques to derive such evidence from given systems or predict such evidence of systems. In a general sense, these techniques imply a form of measurement. The workshop Dependability Metrics'', which was held on November 10, 2008, at the University of Mannheim, dealt with all aspects of measuring dependability
Architectural Attack Propagation Analysis for Identifying Confidentiality Issues
Exchanging data between different systems enables us to build new smart services and digitise various areas of our daily life. This digitalisation leads to more efficient usage of resources, and an increased monetary value. However, the connection of different systems also increases the number of potential vulnerabilities. The vulnerabilities on their own might be harmless, but attackers could build attack paths based on the combination of different vulnerabilities. Additionally, attackers might exploit existing access control policies to further propagate through the system. For analysing this dependency between vulnerabilities and access control policies, we extended an architecture description language (ADL) to model access control policies and specify vulnerabilities. We developed an attack propagation analysis operating on the extended ADL, which can help to determine confidentiality violations in a system. We evaluated our approach by analysing the accuracy and the effort compared to a manual analysis using different scenarios in three case studies. The results indicate that our analysis is capable of identifying attack paths and reducing the effort compared to manual detection
- …