12,589 research outputs found
Taming âBlack Swansâ: A Schmittian Perspective on State-led Crisis Management
Using a design-thinking approach to state-led crisis management, this thesis seeks to resolve the contemporary problem of Black Swans; that is, crises that are unprecedented, unexpected, unpredictable, and uncertain.Due to their nature and composition, Black Swans cause a significant increase in state fragility (Introduction). Despite this, Black Swans remain understudied within existing literature on crisis management (Chapter One). This thesis argues that Black Swans cause a significant increase in state fragility because the strategies governments and leaders currently use to recognise and contain them are sub-optimal (Chapter Two). A resolution is found by drawing resources from the legal-political theory that Carl Schmitt (1888-1985) developed between 1918 and 1933 (Chapter Three). In particular, Schmittâs concepts of âthe exceptionâ and âsovereign dictatorshipâ are used to devise new strategies that enable governments and leaders to recognise and contain Black Swans optimally (Chapter Four & Chapter Five).This thesis articulates and defends a new way for constitutional states to manage Black Swans. It achieves this end by engaging in an innovative and revealing dialogue between crisis management studies and Schmittian studies (Conclusion). Unlike previous analyses, this thesis establishes that: (i) detailed strategies can be prescribed to manage Black Swans; and (ii) Carl Schmittâs legal-political theory can be used to resolve problems at the forefront of contemporary crisis management
Automation for network security configuration: state of the art and research trends
The size and complexity of modern computer networks are progressively increasing, as a consequence of novel architectural paradigms such as the Internet of Things and network virtualization. Consequently, a manual orchestration and configuration of network security functions is no more feasible, in an environment where cyber attacks can dramatically exploit breaches related to any minimum configuration error. A new frontier is then the introduction of automation in network security configuration, i.e., automatically designing the architecture of security services and the configurations of network security functions, such as firewalls, VPN gateways, etc. This opportunity has been enabled by modern computer networks technologies, such as virtualization. In view of these considerations, the motivations for the introduction of automation in network security configuration are first introduced, alongside with the key automation enablers. Then, the current state of the art in this context is surveyed, focusing on both the achieved improvements and the current limitations. Finally, possible future trends in the field are illustrated
Simulation-based Validation for Autonomous Driving Systems
Simulation is essential to validate autonomous driving systems. However, a
simple simulation, even for an extremely high number of simulated miles or
hours, is not sufficient. We need well-founded criteria showing that simulation
does indeed cover a large fraction of the relevant real-world situations. In
addition, the validation must concern not only incidents, but also the
detection of any type of potentially dangerous situation, such as traffic
violations.
We investigate a rigorous simulation and testing-based validation method for
autonomous driving systems that integrates an existing industrial simulator and
a formally defined testing environment. The environment includes a scenario
generator that drives the simulation process and a monitor that checks at
runtime the observed behavior of the system against a set of system properties
to be validated. The validation method consists in extracting from the
simulator a semantic model of the simulated system including a metric graph,
which is a mathematical model of the environment in which the vehicles of the
system evolve. The monitor can verify properties formalized in a first-order
linear temporal logic and provide diagnostics explaining their non
satisfaction. Instead of exploring the system behavior randomly as many
simulators do, we propose a method to systematically generate sets of scenarios
that cover potentially risky situations, especially for different types of
junctions where specific traffic rules must be respected. We show that the
systematic exploration of risky situations has uncovered many flaws in the real
simulator that would have been very difficult to discover by a random
exploration process
Language integrated relational lenses
Relational databases are ubiquitous. Such monolithic databases accumulate large
amounts of data, yet applications typically only work on small portions of the data
at a time. A subset of the database defined as a computation on the underlying
tables is called a view. Querying views is helpful, but it is also desirable to update
them and have these changes be applied to the underlying database. This view
update problem has been the subject of much previous work before, but support
by database servers is limited and only rarely available.
Lenses are a popular approach to bidirectional transformations, a generalization
of the view update problem in databases to arbitrary data. However, perhaps surprisingly, lenses have seldom actually been used to implement updatable views in
databases. Bohannon, Pierce and Vaughan propose an approach to updatable views called relational lenses. However, to the best of our knowledge this
proposal has not been implemented or evaluated prior to the work reported in
this thesis.
This thesis proposes programming language support for relational lenses. Language integrated relational lenses support expressive and efficient view updates,
without relying on updatable view support from the database server. By integrating relational lenses into the programming language, application development
becomes easier and less error-prone, avoiding the impedance mismatch of having
two programming languages. Integrating relational lenses into the language poses
additional challenges. As defined by Bohannon et al. relational lenses completely
recompute the database, making them inefficient as the database scales. The
other challenge is that some parts of the well-formedness conditions are too general for implementation. Bohannon et al. specify predicates using possibly infinite
abstract sets and define the type checking rules using relational algebra.
Incremental relational lenses equip relational lenses with change-propagating semantics that map small changes to the view into (potentially) small changes
to the source tables. We prove that our incremental semantics are functionally
equivalent to the non-incremental semantics, and our experimental results show
orders of magnitude improvement over the non-incremental approach. This thesis introduces a concrete predicate syntax and shows how the required checks
are performed on these predicates and show that they satisfy the abstract predicate specifications. We discuss trade-offs between static predicates that are fully
known at compile time vs dynamic predicates that are only known during execution and introduce hybrid predicates taking inspiration from both approaches.
This thesis adapts the typing rules for relational lenses from sequential composition to a functional style of sub-expressions. We prove that any well-typed
functional relational lens expression can derive a well-typed sequential lens.
We use these additions to relational lenses as the foundation for two practical implementations: an extension of the Links functional language and a library written
in Haskell. The second implementation demonstrates how type-level computation can be used to implement relational lenses without changes to the compiler.
These two implementations attest to the possibility of turning relational lenses
into a practical language feature
LIPIcs, Volume 251, ITCS 2023, Complete Volume
LIPIcs, Volume 251, ITCS 2023, Complete Volum
Pacti: Scaling Assume-Guarantee Reasoning for System Analysis and Design
Contract-based design is a method to facilitate modular system design. While
there has been substantial progress on the theory of contracts, there has been
less progress on scalable algorithms for the algebraic operations in this
theory. In this paper, we present: 1) principles to implement a contract-based
design tool at scale and 2) Pacti, a tool that can efficiently compute these
operations. We then illustrate the use of Pacti in a variety of case studies
Evaluation Methodologies in Software Protection Research
Man-at-the-end (MATE) attackers have full control over the system on which
the attacked software runs, and try to break the confidentiality or integrity
of assets embedded in the software. Both companies and malware authors want to
prevent such attacks. This has driven an arms race between attackers and
defenders, resulting in a plethora of different protection and analysis
methods. However, it remains difficult to measure the strength of protections
because MATE attackers can reach their goals in many different ways and a
universally accepted evaluation methodology does not exist. This survey
systematically reviews the evaluation methodologies of papers on obfuscation, a
major class of protections against MATE attacks. For 572 papers, we collected
113 aspects of their evaluation methodologies, ranging from sample set types
and sizes, over sample treatment, to performed measurements. We provide
detailed insights into how the academic state of the art evaluates both the
protections and analyses thereon. In summary, there is a clear need for better
evaluation methodologies. We identify nine challenges for software protection
evaluations, which represent threats to the validity, reproducibility, and
interpretation of research results in the context of MATE attacks
Eunomia: Enabling User-specified Fine-Grained Search in Symbolically Executing WebAssembly Binaries
Although existing techniques have proposed automated approaches to alleviate
the path explosion problem of symbolic execution, users still need to optimize
symbolic execution by applying various searching strategies carefully. As
existing approaches mainly support only coarse-grained global searching
strategies, they cannot efficiently traverse through complex code structures.
In this paper, we propose Eunomia, a symbolic execution technique that allows
users to specify local domain knowledge to enable fine-grained search. In
Eunomia, we design an expressive DSL, Aes, that lets users precisely pinpoint
local searching strategies to different parts of the target program. To further
optimize local searching strategies, we design an interval-based algorithm that
automatically isolates the context of variables for different local searching
strategies, avoiding conflicts between local searching strategies for the same
variable. We implement Eunomia as a symbolic execution platform targeting
WebAssembly, which enables us to analyze applications written in various
languages (like C and Go) but can be compiled into WebAssembly. To the best of
our knowledge, Eunomia is the first symbolic execution engine that supports the
full features of the WebAssembly runtime. We evaluate Eunomia with a dedicated
microbenchmark suite for symbolic execution and six real-world applications.
Our evaluation shows that Eunomia accelerates bug detection in real-world
applications by up to three orders of magnitude. According to the results of a
comprehensive user study, users can significantly improve the efficiency and
effectiveness of symbolic execution by writing a simple and intuitive Aes
script. Besides verifying six known real-world bugs, Eunomia also detected two
new zero-day bugs in a popular open-source project, Collections-C.Comment: Accepted by ACM SIGSOFT International Symposium on Software Testing
and Analysis (ISSTA) 202
Exploring acceptance of autonomous vehicle policies using KeyBERT and SNA: Targeting engineering students
This study aims to explore user acceptance of Autonomous Vehicle (AV)
policies with improved text-mining methods. Recently, South Korean policymakers
have viewed Autonomous Driving Car (ADC) and Autonomous Driving Robot (ADR) as
next-generation means of transportation that will reduce the cost of
transporting passengers and goods. They support the construction of V2I and V2V
communication infrastructures for ADC and recognize that ADR is equivalent to
pedestrians to promote its deployment into sidewalks. To fill the gap where
end-user acceptance of these policies is not well considered, this study
applied two text-mining methods to the comments of graduate students in the
fields of Industrial, Mechanical, and Electronics-Electrical-Computer. One is
the Co-occurrence Network Analysis (CNA) based on TF-IWF and Dice coefficient,
and the other is the Contextual Semantic Network Analysis (C-SNA) based on both
KeyBERT, which extracts keywords that contextually represent the comments, and
double cosine similarity. The reason for comparing these approaches is to
balance interest not only in the implications for the AV policies but also in
the need to apply quality text mining to this research domain. Significantly,
the limitation of frequency-based text mining, which does not reflect textual
context, and the trade-off of adjusting thresholds in Semantic Network Analysis
(SNA) were considered. As the results of comparing the two approaches, the
C-SNA provided the information necessary to understand users' voices using
fewer nodes and features than the CNA. The users who pre-emptively understood
the AV policies based on their engineering literacy and the given texts
revealed potential risks of the AV accident policies. This study adds
suggestions to manage these risks to support the successful deployment of AVs
on public roads.Comment: 29 pages with 11 figure
- âŠ