2,564 research outputs found
Portunes: generating attack scenarios by finding inconsistencies between security policies in the physical, digital and social domain
The security goals of an organization are implemented through security policies, which concern physical security, digital security and security awareness.
An insider is aware of these security policies, and might be able to thwart the security goals without violating any policies, by combining physical, digital and social means.
This paper presents the Portunes model, a model for describing and analyzing attack scenarios across the three security areas. Portunes formally describes security alignment of an organization and finds attack scenarios by analyzing inconsistencies between policies from the different security areas. For this purpose, the paper defines a language in the tradition of the Klaim family of languages, and uses graph-based algorithms to find attack scenarios that can be described using the defined language
Lost in Abstraction: Monotonicity in Multi-Threaded Programs (Extended Technical Report)
Monotonicity in concurrent systems stipulates that, in any global state,
extant system actions remain executable when new processes are added to the
state. This concept is not only natural and common in multi-threaded software,
but also useful: if every thread's memory is finite, monotonicity often
guarantees the decidability of safety property verification even when the
number of running threads is unknown. In this paper, we show that the act of
obtaining finite-data thread abstractions for model checking can be at odds
with monotonicity: Predicate-abstracting certain widely used monotone software
results in non-monotone multi-threaded Boolean programs - the monotonicity is
lost in the abstraction. As a result, well-established sound and complete
safety checking algorithms become inapplicable; in fact, safety checking turns
out to be undecidable for the obtained class of unbounded-thread Boolean
programs. We demonstrate how the abstract programs can be modified into
monotone ones, without affecting safety properties of the non-monotone
abstraction. This significantly improves earlier approaches of enforcing
monotonicity via overapproximations
Gradual Liquid Type Inference
Liquid typing provides a decidable refinement inference mechanism that is
convenient but subject to two major issues: (1) inference is global and
requires top-level annotations, making it unsuitable for inference of modular
code components and prohibiting its applicability to library code, and (2)
inference failure results in obscure error messages. These difficulties
seriously hamper the migration of existing code to use refinements. This paper
shows that gradual liquid type inference---a novel combination of liquid
inference and gradual refinement types---addresses both issues. Gradual
refinement types, which support imprecise predicates that are optimistically
interpreted, can be used in argument positions to constrain liquid inference so
that the global inference process e effectively infers modular specifications
usable for library components. Dually, when gradual refinements appear as the
result of inference, they signal an inconsistency in the use of static
refinements. Because liquid refinements are drawn from a nite set of
predicates, in gradual liquid type inference we can enumerate the safe
concretizations of each imprecise refinement, i.e. the static refinements that
justify why a program is gradually well-typed. This enumeration is useful for
static liquid type error explanation, since the safe concretizations exhibit
all the potential inconsistencies that lead to static type errors. We develop
the theory of gradual liquid type inference and explore its pragmatics in the
setting of Liquid Haskell.Comment: To appear at OOPSLA 201
Generating indicative-informative summaries with SumUM
We present and evaluate SumUM, a text summarization system that takes a raw technical text as input and produces an indicative informative summary. The indicative part of the summary identifies the topics of the document, and the informative part elaborates on some of these topics according to the reader's interest. SumUM motivates the topics, describes entities, and defines concepts. It is a first step for exploring the issue of dynamic summarization. This is accomplished through a process of shallow syntactic and semantic analysis, concept identification, and text regeneration. Our method was developed through the study of a corpus of abstracts written by professional abstractors. Relying on human judgment, we have evaluated indicativeness, informativeness, and text acceptability of the automatic summaries. The results thus far indicate good performance when compared with other summarization technologies
Hatching Compositions of Low-code Templates
Funding Information:
Acknowledgements. Partially supported by grant Lisboa-01-0247-Feder-045917.
Publisher Copyright:
© 2022 ACM.Low-code frameworks strive to simplify and speed-up application development. Native support for the reuse and composition of parameterised coarse-grain components (templates) is essential to achieve these goals. OSTRICH-a rich template language for the OutSystems platform-was designed to simplify the use and creation of such templates. However, without a built-in composition mechanism, OSTRICH templates are hard to create and maintain. This paper presents a template composition mechanism and its typing and instantiation algorithms for model-driven low-code development environments. We evolve OSTRICH to support nested templates and allow the instantiation (hatching) of templates in the definition of other templates. Thus, we observe a significant increase code reuse potential, leading to a safer evolution of applications. The present definition seamlessly extends the existing Out-Systems metamodel with template constructs expressed by model annotations that maintain backward compatibility with the existing language toolchain. We present the metamodel, its annotations, and the corresponding validation and instantiation algorithms. In particular, we introduce a type-based validation procedure that ensures that using a template inside a template produces valid models. The work is validated using the OSTRICH benchmark. Our prototype is an extension of the OutSystems IDE allowing the annotation of models and their use to produce new models. We also analyse which existing OutSystems sample screens templates can be improved by using and sharing nested templates.publishe
From treebank resources to LFG F-structures
We present two methods for automatically annotating treebank resources with functional structures. Both methods define systematic patterns of correspondence between partial PS configurations and functional structures. These are applied to PS rules extracted from treebanks, or directly to constraint set encodings of treebank PS trees
- …