Efficient design and evaluation of countermeasures against fault attacks using formal verification

This paper presents a formal verification framework and tool that evaluates the robustness of software countermeasures against fault-injection attacks. By modeling reference assembly code and its protected variant as automata, the framework can generate a set of equations for an SMT solver, the solutions of which represent possible attack paths. Using the tool we developed, we evaluated the robustness of state-of-the-art countermeasures against fault injection attacks. Based on insights gathered from this evaluation, we analyze any remaining weaknesses and propose applications of these countermeasures that are more robust

Requirements of time management tools for outpatient physiotherapy practice

The effects of electronic appointment booking systems on the time management activities of health professionals have received little attention to date. We report on time management practices in three outpatient physiotherapy departments with different paper and electronic systems. The study has identified a set of time management activities and associated social behaviours common to physiotherapy departments. The convenience, flexibility and expressive nature of paper diary systems is of significant value to users, whilst the clarity and superior database functionality of electronic systems are valued by staff using this medium. The study highlights several potential barriers to the effective deployment of electronic booking systems in physiotherapy departments, including poor resource and training provision, concerns regarding restrictive diary control measures, the continued reliance on burdensome duplication procedures and the need to coordinate multiple information artefacts, which need to be addressed if such technology is to be successfully designed and deployed. Copyright © 2005 SAGE Publications (London, Thousand Oaks, CA and New Delhi)

Symbolic QED Pre-silicon Verification for Automotive Microcontroller Cores: Industrial Case Study

We present an industrial case study that demonstrates the practicality and effectiveness of Symbolic Quick Error Detection (Symbolic QED) in detecting logic design flaws (logic bugs) during pre-silicon verification. Our study focuses on several microcontroller core designs (~1,800 flip-flops, ~70,000 logic gates) that have been extensively verified using an industrial verification flow and used for various commercial automotive products. The results of our study are as follows: 1. Symbolic QED detected all logic bugs in the designs that were detected by the industrial verification flow (which includes various flavors of simulation-based verification and formal verification). 2. Symbolic QED detected additional logic bugs that were not recorded as detected by the industrial verification flow. (These additional bugs were also perhaps detected by the industrial verification flow.) 3. Symbolic QED enables significant design productivity improvements: (a) 8X improved (i.e., reduced) verification effort for a new design (8 person-weeks for Symbolic QED vs. 17 person-months using the industrial verification flow). (b) 60X improved verification effort for subsequent designs (2 person-days for Symbolic QED vs. 4-7 person-months using the industrial verification flow). (c) Quick bug detection (runtime of 20 seconds or less), together with short counterexamples (10 or fewer instructions) for quick debug, using Symbolic QED

Publications ethics

The editor of any medical journal has to be aware of the ethical and legal framework within which medical research is conducted. When research and publications relate to children, then particularly high standards are required in the design, conduct, and reporting of research in order to protect the rights of children and their families. Authors have a number of duties and responsibilities that are mirrored by those of editors and publishers. Of particular importance are the principles of transparency and integrity. Authors should be explicit about who carried out the work and who funded the study. They should declare whether the work has been published before and is not being considered for publication elsewhere. The authors must protect the rights of research participants including their anonymity. Editors and publishers have a duty to ensure high editorial standards and efficient and effective peer review systems. They should follow ethical and responsible publication practices and should safeguard the intellectual property of the authors. This review discusses in detail the duties and responsibilities of authors, editors, and publishers in modern medical publishing

Розв’язування задач як основа математичної підготовки майбутніх інженерів

The results of the study of the problem of solving mathematical tasks in the preparation of future engineers are revealed. The urgency and importance of the topic is substantiated by the need of Ukrainian enterprises in qualified specialists of engineering specialties and the need of the society to ensure high quality of education. An approach to task solving in higher mathematics is theoretically developed. The peculiarities of its practical implementa-tion are clarified. Guidelines and steps for solving problems are explained. Rules for verifying resolved tasks are produced. The errors that future engi-neers make when solving tasks are classified. The necessity of making changes to the higher mathematics syllabus at the National Technical University "Kharkiv Polytechnic Institute" and the introduction of laboratory works using Mathcad, Mathlab, Scilab etc. are substantiated.Статтю присвячено найголовнішому аспекту математичної підготовки майбутніх інженерів – розв’язуванню задач. Теоретично розроблено підхід до розв’язування задач з вищої математики. Розкрито особливості його практичної реалізації. Виявлено методичні рекомендації та етапи розв’язування задач. Висвітлено правила перевірки розв’язаних задач. Класифіковано помилки, яких припускаються майбутні інженери під час розв’язання задач. Досліджено структуру практичного заняття для ефективного вирішення поставленої проблеми. Рекомендовано схему самоаналізу викладачем проведеного заняття. Підтверджено високий результат розв’язання математичних задач на студактивних заняттях

Combination of DROOL rules and Protégé knowledge bases in the ONTO-H annotation tool

ONTO-H is a semi-automatic collaborative tool for the semantic annotation of documents, built as a Protégé 3.0 tab plug-in. Among its multiple functionalities aimed at easing the document annotation process, ONTO-H uses a rule-based system to create cascading annotations out from a single drag and drop operation from a part of a document into an already existing concept or instance of the domain ontology being used for annotation. It also gives support to the detection of name conflicts and instance duplications in the creation of the annotations. The rule system runs on top of the open source rule engine DROOLS and is connected to the domain ontology used for annotation by means of an ad-hoc programmed Java proxy

Flexible Yet Secure De-Duplication Service for Enterprise Data on Cloud Storage

The cloud storage services bring forth infinite storage capacity and flexible access capability to store and share large-scale content. The convenience brought forth has attracted both individual and enterprise users to outsource data service to a cloud provider. As the survey shows 56% of the usages of cloud storage applications are for data back up and up to 68% of data backup are user assets. Enterprise tenants would need to protect their data privacy before uploading them to the cloud and expect a reasonable performance while they try to reduce the operation cost in terms of cloud storage, capacity and I/Os matter as well as systems’ performance, bandwidth and data protection. Thus, enterprise tenants demand secure and economic data storage yet flexible access on their cloud data. In this paper, we propose a secure de-duplication solution for enterprise tenants to leverage the benefits of cloud storage while reducing operation cost and protecting privacy. First, the solution uses a proxy to do flexible group access control which supports secure de-duplication within a group; Second, the solution supports scalable clustering of proxies to support large-scale data access; Third, the solution can be integrated with cloud storage seamlessly. We implemented and tested our solution by integrating it with Dropbox. Secure de-duplication in a group is performed at low data transfer latency and small storage overhead as compared to de-duplication on plaintext