Air Traffic Control: System Management Capabilities Improved, but More Can Be Done to Institutionalize Improvements

A chapter report issued by the Government Accountability Office with an abstract that begins "Since 1981, the Federal Aviation Administration (FAA) has been working to modernize its aging air traffic control (ATC) system. Individual projects have suffered cost increases, schedule delays, and performance shortfalls of large proportions, leading GAO to designate the program a high-risk information technology initiative in 1995. Because the program remains a high risk initiative, GAO was requested to assess FAA's progress in several information technology management areas. This report, one in a series responding to that request, has two objectives: (1) to evaluate FAA's capabilities for developing and acquiring software and systems on its ATC modernization program and (2) to assess the actions FAA has under way to improve these capabilities.

Keeping Context In Mind: Automating Mobile App Access Control with User Interface Inspection

Recent studies observe that app foreground is the most striking component that influences the access control decisions in mobile platform, as users tend to deny permission requests lacking visible evidence. However, none of the existing permission models provides a systematic approach that can automatically answer the question: Is the resource access indicated by app foreground? In this work, we present the design, implementation, and evaluation of COSMOS, a context-aware mediation system that bridges the semantic gap between foreground interaction and background access, in order to protect system integrity and user privacy. Specifically, COSMOS learns from a large set of apps with similar functionalities and user interfaces to construct generic models that detect the outliers at runtime. It can be further customized to satisfy specific user privacy preference by continuously evolving with user decisions. Experiments show that COSMOS achieves both high precision and high recall in detecting malicious requests. We also demonstrate the effectiveness of COSMOS in capturing specific user preferences using the decisions collected from 24 users and illustrate that COSMOS can be easily deployed on smartphones as a real-time guard with a very low performance overhead.Comment: Accepted for publication in IEEE INFOCOM'201

FPGA based remote code integrity verification of programs in distributed embedded systems

The explosive growth of networked embedded systems has made ubiquitous and pervasive computing a reality. However, there are still a number of new challenges to its widespread adoption that include scalability, availability, and, especially, security of software. Among the different challenges in software security, the problem of remote-code integrity verification is still waiting for efficient solutions. This paper proposes the use of reconfigurable computing to build a consistent architecture for generation of attestations (proofs) of code integrity for an executing program as well as to deliver them to the designated verification entity. Remote dynamic update of reconfigurable devices is also exploited to increase the complexity of mounting attacks in a real-word environment. The proposed solution perfectly fits embedded devices that are nowadays commonly equipped with reconfigurable hardware components that are exploited to solve different computational problems

Program Transformations for Asynchronous and Batched Query Submission

The performance of database/Web-service backed applications can be significantly improved by asynchronous submission of queries/requests well ahead of the point where the results are needed, so that results are likely to have been fetched already when they are actually needed. However, manually writing applications to exploit asynchronous query submission is tedious and error-prone. In this paper we address the issue of automatically transforming a program written assuming synchronous query submission, to one that exploits asynchronous query submission. Our program transformation method is based on data flow analysis and is framed as a set of transformation rules. Our rules can handle query executions within loops, unlike some of the earlier work in this area. We also present a novel approach that, at runtime, can combine multiple asynchronous requests into batches, thereby achieving the benefits of batching in addition to that of asynchronous submission. We have built a tool that implements our transformation techniques on Java programs that use JDBC calls; our tool can be extended to handle Web service calls. We have carried out a detailed experimental study on several real-life applications, which shows the effectiveness of the proposed rewrite techniques, both in terms of their applicability and the performance gains achieved.Comment: 14 page

Optimal mobility-aware admission control in content delivery networks

This paper addresses the problem of mobility management in Content Delivery Networks (CDN). We introduce a CDN architecture where admission control is performed at mobility aware access routers. We formulate a Markov Modulated Poisson Decision Process for access control that captures the bursty nature of data and packetized traffic together with the heterogeneity of multimedia services. The optimization of performance parameters, like the blocking probabilities and the overall utilization, is conducted and the structural properties of the optimal solutions are also studied. Heuristics are proposed to encompass the computational difficulties of the optimal solution when several classes of multimedia traffic are considered

Pre-K in Texas: A Critical Component for Academic Success

With funding from the Meadows Foundation and the Miles Foundation, researchers at CHILDREN AT RISK engaged in a study to examine how participation in Texas public PreKindergarten Pre-K1 is associated with performance on the 3rd Grade State of Texas Assessment of Academic Readiness (STAAR) Reading assessment. CHILDREN AT RISK tracked approximately 47,000 students from the 2010-2011 school year to the 2014-2015 school year.2 These students began public Pre-K in 2010 and completed 3rd grade in 2015. The study focused on five major independent school districts (ISD) in Texas (Austin ISD, Dallas ISD, Fort Worth ISD, Houston ISD, and San Antonio ISD) and 12 additional school districts surrounding these major metropolitan areas.3 The purpose of this report is twofold. The first purpose is to educate parents, policy makers, and the public about the association between Texas public Pre-K and 3rd grade STAAR Reading outcomes. Across campuses and students, this study examines the relationship between varying levels of public Pre-K participation and STAAR Reading scores by comparing 3rd grade STAAR Reading means among multiple sub-groups of economically disadvantaged students. The second purpose is to offer policy recommendations that will increase access to and improve the quality of the Texas public Pre-K program on behalf of parents, taxpayers, and—most importantly—children

PCODE: an efficient and reliable collective communication protocol for unreliable broadcast domain

Existing programming environments for clusters are typically built on top of a point-to-point communication layer (send and receive) over local area networks (LANs) and, as a result, suffer from poor performance in the collective communication part. For example, a broadcast that is implemented using a TCP/IP protocol (which is a point-to-point protocol) over a LAN is obviously inefficient as it is not utilizing the fact that the LAN is a broadcast medium. We have observed that the main difference between a distributed computing paradigm and a message passing parallel computing paradigm is that, in a distributed environment the activity of every processor is independent while in a parallel environment the collection of the user-communication layers in the processors can be modeled as a single global program. We have formalized the requirements by defining the notion of a correct global program. This notion provides a precise specification of the interface between the transport layer and the user-communication layer. We have developed PCODE, a new communication protocol that is driven by a global program and proved its correctness. We have implemented the PCODE protocol on a collection of IBM RS/6000 workstations and on a collection of Silicon Graphics Indigo workstations, both communicating via UDP broadcast. The experimental results we obtained indicate that the performance advantage of PCODE over the current point-to-point approach (TCP) can be as high as an order of magnitude on a cluster of 16 workstations