The Future of Asian Trade Deals and IP

The first part of this open access book sets out to re-examine some basic principles of trade negotiation, such as choosing the right representatives to negotiate and enhancing transparency as a cure to the public’s distrust against trade talks. Moreover, it analyses how the Comprehensive and Progressive Agreement for the Trans-Pacific Partnership (CPTPP) might impact on the Regional Comprehensive Economic Partnership's (RCEP) IP chapter and examines the possible norm setters of Asian IP. It then focuses on the People's Republic of China's (PRC) trade and IP strategy against the backdrop of the power games between the PRC, India and the US. The second part of the book reflects on issues related to investor–state dispute settlement and its relationship with IP, such as how to re-calibrate the balance in international investment arbitration, and whether compulsory license of IP constitutes expropriation in India, the PRC and select ASEAN countries. The third part of the book questions and strives to improve some of the proposed IP provisions of CPTPP and RCEP and to redefine some aspects of international IP norms, such as: pre-grant patent opposition and experimental use exception; patent term extension; patent linkage and data exclusivity for the pharmaceutical sector; plant variety protection; pre-established damages for copyright infringement; and the restructuring of copyright limitations in the public interest. The open access edition of this book is available under a CC BY-NC-ND 3.0 licence on bloomsburycollections.com. Open access was funded by the Applied Research Centre for Intellectual Assets and the Law in Asia, School of Law, Singapore Management University

Autonomous Recovery in Componentized Internet Applications

In this paper we show how to reduce downtime of J2EE applications by rapidly and automatically recovering from transient and intermittent software failures, without requiring application modifications. Our prototype combines three application-agnostic techniques: macroanalysis for fault detection and localization, microrebooting for rapid recovery, and external management of recovery actions. The individual techniques are autonomous and work across a wide range of componentized Internet applications, making them well-suited to the rapidly changing software of Internet services. The proposed framework has been integrated with JBoss, an open-source J2EE application server. Our prototype provides an execution platform that can automatically recover J2EE applications within seconds of the manifestation of a fault. Our system can provide a subset of a system's active end users with the illusion of continuous uptime, in spite of failures occurring behind the scenes, even when there is no functional redundancy in the system

The Future of Asian Trade Deals and IP

The first part of this open access book sets out to re-examine some basic principles of trade negotiation, such as choosing the right representatives to negotiate and enhancing transparency as a cure to the public’s distrust against trade talks. Moreover, it analyses how the Comprehensive and Progressive Agreement for the Trans-Pacific Partnership (CPTPP) might impact on the Regional Comprehensive Economic Partnership's (RCEP) IP chapter and examines the possible norm setters of Asian IP. It then focuses on the People's Republic of China's (PRC) trade and IP strategy against the backdrop of the power games between the PRC, India and the US. The second part of the book reflects on issues related to investor–state dispute settlement and its relationship with IP, such as how to re-calibrate the balance in international investment arbitration, and whether compulsory license of IP constitutes expropriation in India, the PRC and select ASEAN countries. The third part of the book questions and strives to improve some of the proposed IP provisions of CPTPP and RCEP and to redefine some aspects of international IP norms, such as: pre-grant patent opposition and experimental use exception; patent term extension; patent linkage and data exclusivity for the pharmaceutical sector; plant variety protection; pre-established damages for copyright infringement; and the restructuring of copyright limitations in the public interest. The open access edition of this book is available under a CC BY-NC-ND 3.0 licence on bloomsburycollections.com. Open access was funded by the Applied Research Centre for Intellectual Assets and the Law in Asia, School of Law, Singapore Management University

ENHANCING CLOUD SYSTEM RUNTIME TO ADDRESS COMPLEX FAILURES

As the reliance on cloud systems intensifies in our progressively digital world, understanding and reinforcing their reliability becomes more crucial than ever. Despite impressive advancements in augmenting the resilience of cloud systems, the growing incidence of complex failures now poses a substantial challenge to the availability of these systems. With cloud systems continuing to scale and increase in complexity, failures not only become more elusive to detect but can also lead to more catastrophic consequences. Such failures question the foundational premises of conventional fault-tolerance designs, necessitating the creation of novel system designs to counteract them. This dissertation aims to enhance distributed systems’ capabilities to detect, localize, and react to complex failures at runtime. To this end, this dissertation makes contributions to address three emerging categories of failures in cloud systems. The first part delves into the investigation of partial failures, introducing OmegaGen, a tool adept at generating tailored checkers for detecting and localizing such failures. The second part grapples with silent semantic failures prevalent in cloud systems, showcasing our study findings, and introducing Oathkeeper, a tool that leverages past failures to infer rules and expose these silent issues. The third part explores solutions to slow failures via RESIN, a framework specifically designed to detect, diagnose, and mitigate memory leaks in cloud-scale infrastructures, developed in collaboration with Microsoft Azure. The dissertation concludes by offering insights into future directions for the construction of reliable cloud systems

OmniForce: On Human-Centered, Large Model Empowered and Cloud-Edge Collaborative AutoML System

Automated machine learning (AutoML) seeks to build ML models with minimal human effort. While considerable research has been conducted in the area of AutoML in general, aiming to take humans out of the loop when building artificial intelligence (AI) applications, scant literature has focused on how AutoML works well in open-environment scenarios such as the process of training and updating large models, industrial supply chains or the industrial metaverse, where people often face open-loop problems during the search process: they must continuously collect data, update data and models, satisfy the requirements of the development and deployment environment, support massive devices, modify evaluation metrics, etc. Addressing the open-environment issue with pure data-driven approaches requires considerable data, computing resources, and effort from dedicated data engineers, making current AutoML systems and platforms inefficient and computationally intractable. Human-computer interaction is a practical and feasible way to tackle the problem of open-environment AI. In this paper, we introduce OmniForce, a human-centered AutoML (HAML) system that yields both human-assisted ML and ML-assisted human techniques, to put an AutoML system into practice and build adaptive AI in open-environment scenarios. Specifically, we present OmniForce in terms of ML version management; pipeline-driven development and deployment collaborations; a flexible search strategy framework; and widely provisioned and crowdsourced application algorithms, including large models. Furthermore, the (large) models constructed by OmniForce can be automatically turned into remote services in a few minutes; this process is dubbed model as a service (MaaS). Experimental results obtained in multiple search spaces and real-world use cases demonstrate the efficacy and efficiency of OmniForce

Dependability Assessment of Android OS

In this brave new world of smartphone-dependent society, dependability is a strong requirement and needs to be addressed properly. Assessing the dependability of these mobile system is still an open issue, and companies should have the tools to improve their devices and beat the competition against other vendors. The main objective of this dissertation is to provide the methods to assess the dependability of mobile OS, fundamental for further improvements. Mobile OS are threatened mainly by traditional residual faults (when errors spread across components as failures), aging-related faults (when errors accumulate over time), and misuses by users and applications. This thesis faces these three aspects. First, it presents a qualitative method to define the fault model of a mobile OS, and an exhaustive fault model for Android. I designed and developed AndroFIT, a novel fault injection tool for Android smartphone, and performed an extensive fault injection campaign on three Android devices from different vendors to analyze the impact of component failure on the mobile OS. Second, it presents an experimental methodology to analyze the software aging phenomenon in mobile OS. I performed a software aging analysis campaign on Android devices to identify the impacting factors on performance degradation and resource consumption. Third, it presents the design and implementation of a novel fuzzing tool, namely Chizpurfle, able to automatically test Android vendor customizations by leveraging code coverage information at run-time

Verifying Information Flow Control Libraries

Information Flow Control (IFC) is a principled approach to protecting the confidentiality and integrity of data in software systems. Intuitively, IFC sys- tems associate data with security labels that track and restrict flows of information throughout a program in order to enforce security. Most IFC techniques require developers to use specific programming languages and tools that require substantial efforts to develop or to adopt. To avoid redundant work and lower the threshold for adopting secure languages, IFC has been embedded in general-purpose languages through software libraries that promote security-by-construction with their API.This thesis makes several contributions to state-of-the-art static (MAC) and dynamic IFC libraries (LIO) in three areas: expressive power, theoretical IFC foundations and protection against covert channels. Firstly, the thesis gives a functor algebraic structure to sensitive data, in a way that it can be processed through classic functional programming patterns that do not incur in security checks. Then, it establishes the formal security guarantees of MAC, using the standard proof technique of term erasure, enriched with two-steps erasure, a novel idea that simplifies reasoning about advanced programming features, such as exceptions, mutable references and concurrency. Secondly, the thesis demonstrates that the lightweight, but coarse-grained, enforcement of dynamic IFC libraries (e.g., LIO) can be as precise and permissive as the fine-grained, but heavyweight, approach of fully-fledged IFC languages. Lastly, the thesis contributes to the design of secure runtime systems that protect IFC libraries, and IFC languages as well, against internal- and external-timing covert channels that leak information through certain runtime system resources and features, such as lazy evaluation and parallelism.The results of this thesis are supported with extensive machine-checked proof scripts, consisting of 12,000 lines of code developed in the Agda proof assistant