Automatic Software Repair: a Bibliography

This article presents a survey on automatic software repair. Automatic software repair consists of automatically finding a solution to software bugs without human intervention. This article considers all kinds of repairs. First, it discusses behavioral repair where test suites, contracts, models, and crashing inputs are taken as oracle. Second, it discusses state repair, also known as runtime repair or runtime recovery, with techniques such as checkpoint and restart, reconfiguration, and invariant restoration. The uniqueness of this article is that it spans the research communities that contribute to this body of knowledge: software engineering, dependability, operating systems, programming languages, and security. It provides a novel and structured overview of the diversity of bug oracles and repair operators used in the literature

An architecture for certification-aware service discovery

Service-orientation is an emerging paradigm for building complex systems based on loosely coupled components, deployed and consumed over the network. Despite the original intent of the paradigm, its current instantiations are limited to a single trust domain (e.g., a single organization). Also, some of the key promises of service-orientation - such as the dynamic orchestration of externally provided software services, using runtime service discovery and deployment - are still unachieved. One of the main reasons for this is the trust gap that normally arises when software services, offered by previously unknown providers, are to be selected at run-time, without any human intervention. To close this gap, the concept of machine-readable security certificates (called asserts) has been recently introduced, which paves the way to automated processing about security properties of services. Similarly to current security certification schemes, the assessment of the security properties of a service is delegated to an independent third party (certification authority), who issues a corresponding assert, bound to the service. In this paper, we propose an architecture, which exploits the assert concept to realise a certification-aware service discovery framework. The architecture supports the discovery of single services based on certified security properties (in additional to the usual functional properties), as well as the dynamic synthesis of service compositions, that satisfy the given security properties. The architecture is extensible, thus allowing for a range of domain specific matchmaking components, to cover dimensions related to, e.g., performance, cost and other non-functional characteristics

Completely Automated Public Physical test to tell Computers and Humans Apart: A usability study on mobile devices

A very common approach adopted to fight the increasing sophistication and dangerousness of malware and hacking is to introduce more complex authentication mechanisms. This approach, however, introduces additional cognitive burdens for users and lowers the whole authentication mechanism acceptability to the point of making it unusable. On the contrary, what is really needed to fight the onslaught of automated attacks to users data and privacy is to first tell human and computers apart and then distinguish among humans to guarantee correct authentication. Such an approach is capable of completely thwarting any automated attempt to achieve unwarranted access while it allows keeping simple the mechanism dedicated to recognizing the legitimate user. This kind of approach is behind the concept of Completely Automated Public Turing test to tell Computers and Humans Apart (CAPTCHA), yet CAPTCHA leverages cognitive capabilities, thus the increasing sophistication of computers calls for more and more difficult cognitive tasks that make them either very long to solve or very prone to false negatives. We argue that this problem can be overcome by substituting the cognitive component of CAPTCHA with a different property that programs cannot mimic: the physical nature. In past work we have introduced the Completely Automated Public Physical test to tell Computer and Humans Apart (CAPPCHA) as a way to enhance the PIN authentication method for mobile devices and we have provided a proof of concept implementation. Similarly to CAPTCHA, this mechanism can also be used to prevent automated programs from abusing online services. However, to evaluate the real efficacy of the proposed scheme, an extended empirical assessment of CAPPCHA is required as well as a comparison of CAPPCHA performance with the existing state of the art. To this aim, in this paper we carry out an extensive experimental study on both the performance and the usability of CAPPCHA involving a high number of physical users, and we provide comparisons of CAPPCHA with existing flavors of CAPTCHA

Machine-Readable Privacy Certificates for Services

Privacy-aware processing of personal data on the web of services requires managing a number of issues arising both from the technical and the legal domain. Several approaches have been proposed to matching privacy requirements (on the clients side) and privacy guarantees (on the service provider side). Still, the assurance of effective data protection (when possible) relies on substantial human effort and exposes organizations to significant (non-)compliance risks. In this paper we put forward the idea that a privacy certification scheme producing and managing machine-readable artifacts in the form of privacy certificates can play an important role towards the solution of this problem. Digital privacy certificates represent the reasons why a privacy property holds for a service and describe the privacy measures supporting it. Also, privacy certificates can be used to automatically select services whose certificates match the client policies (privacy requirements). Our proposal relies on an evolution of the conceptual model developed in the Assert4Soa project and on a certificate format specifically tailored to represent privacy properties. To validate our approach, we present a worked-out instance showing how privacy property Retention-based unlinkability can be certified for a banking financial service.Comment: 20 pages, 6 figure

NASA space station automation: AI-based technology review

Research and Development projects in automation for the Space Station are discussed. Artificial Intelligence (AI) based automation technologies are planned to enhance crew safety through reduced need for EVA, increase crew productivity through the reduction of routine operations, increase space station autonomy, and augment space station capability through the use of teleoperation and robotics. AI technology will also be developed for the servicing of satellites at the Space Station, system monitoring and diagnosis, space manufacturing, and the assembly of large space structures

Aplikácia kognitivného modelu vizuálnej pozornosti v automatizovanej montáži

Zásobovacie zariadenia a podsystémy v štruktúrach montážnych systémov majú významné postavenie. Technickú zložitosť klasických zásobovacích zariadení a podsystémov je možné eliminovať pružnými programovateľnými automatizovanými zariadeniami. Informácie o spomínanom objekte zabezpečované senzorovými modulmi sa spracovávajú v riadiacom systéme zariadenia resp. na vyššej úrovni riadenia montážneho systému. Spracované informácie sú distribuované ako riadiace informácie výkonným jednotkám a prvkom, ktoré vykonávajú príslušné funkcie. Riadiace systémy programovateľných zásobovacích zariadení a podsystémov plnia viaceré funkcie napr. spracovanie informácií od senzorových jednotiek a modulov, správne vyhodnotenie polohy súčiastky a určenie postupu činnosti výkonných jednotiek a prvkov, distribúcia výkonných inštrukcií pohonovým jednotkám, atď. Programové vybavenie založené na využívaní kognitívneho modelu vizuálnej pozornosti charakterizuje nový prístup k riešeniu uvádzaných problémov. Pri vizuálnom vnímání scény obsahujúcej rôzne objekty a pre potrebu interakcie s určitým cieľovým objektom nachádzajúcim sa v tejto scéne je nutné aby systém upriamil svoju pozornosť na tento (cieľový) objekt. Tento mechanizmus je jedným z principiálnych prvkov videnia a podobne ako mnoho biologicky motivovaných systémov je veľmi výhodne využiteľný v praxi. Navrhovaný model je implementáciou mechanizmu vizuálnej pozornosti vo vytvorenom počítačom simulovanom prostredí.Logistic devices and sub - systems in the structures of assembly systems have significant position. Technical complexity of classical devices and sub - systems can be decreased by using of flexible programmable automated devices. Information's about objects provided by sensor modules are handled in processing system of the device, respective on the higher level of the assembly system. Executed information is distributed like processing information to executive units and elements. Control systems of programmable supply devices and sub - systems take handle of many functions, for example: processing information from sensor devices and modules, right calculating of the bearing of the component, distributing of executive instructions to actuating units, and many others. Software accessories based on the using of cognitive model of visual attention featured a new way of solving former problems. By visual reception the scenes contains miscellaneous objects and for the demand of the interaction with the target object is necessary that the system is need to be focused to this object. This mechanism is one of the pricipally elements of vision, and like many biologically motivated systems is very useful in practice. Designed model is an implementation of the mechanism of visual attention in the computer created simulation environment