OntoMaven: Maven-based Ontology Development and Management of Distributed Ontology Repositories

In collaborative agile ontology development projects support for modular reuse of ontologies from large existing remote repositories, ontology project life cycle management, and transitive dependency management are important needs. The Apache Maven approach has proven its success in distributed collaborative Software Engineering by its widespread adoption. The contribution of this paper is a new design artifact called OntoMaven. OntoMaven adopts the Maven-based development methodology and adapts its concepts to knowledge engineering for Maven-based ontology development and management of ontology artifacts in distributed ontology repositories.Comment: Pre-print submission to 9th International Workshop on Semantic Web Enabled Software Engineering (SWESE2013). Berlin, Germany, December 2-5, 201

High-altitude gravity waves in the Martian thermosphere observed by MAVEN/NGIMS and modeled by a gravity wave scheme

First high-altitude observations of gravity wave (GW)-induced CO$_2$ density perturbations in the Martian thermosphere retrieved from NASA's NGIMS instrument on board the MAVEN satellite are presented and interpreted using the extended GW parameterization of Yi\u{g}it et al. [2008] and the Mars Climate Database as an input. Observed relative density perturbations between 180-220 km of 20-40 % demonstrate appreciable local time, latitude, and altitude variations. Modeling for the spatiotemporal conditions of the MAVEN observations suggests that GWs can directly propagate from the lower atmosphere to the thermosphere, produce appreciable dynamical effects, and likely contribute to the observed fluctuations. Modeled effects are somewhat smaller than the observed but their highly variable nature is in qualitative agreement with observations. Possible reasons for discrepancies between modeling and measurements are discussed.Comment: Accepted for publication in Geophysical Research Letters (GRL). Special section: First Results from the MAVEN Mission to Mar

Remote Pager

The following routine was published in the October, 1987 issue of The Linking Ring, the trade journal of the International Brotherhood of Magicians

80 Years of Gardner Magic

The magician and historiam Max Maven poignantly eulogized Martin Gardner in his article In Memoriam in the July 2010 issue of GENII magazine. Commenting on the diverse interests of Gardner in non-fiction, puzzles, recreational mathematics, philosophy, games, skepticism, word play and magic, Maven noted: So far as is known, the final Gardner publication during his lifetime was a magic trick that he contributed to the May 2010 issue of Word Ways, a quarterly journal with a small but fervent readership. I will mention, without humility, that the trick was based on one of mine -- which in turn was based on one of Martin\u27s

Extracting Build Changes with BUILDDIFF

Build systems are an essential part of modern software engineering projects. As software projects change continuously, it is crucial to understand how the build system changes because neglecting its maintenance can lead to expensive build breakage. Recent studies have investigated the (co-)evolution of build configurations and reasons for build breakage, but they did this only on a coarse grained level. In this paper, we present BUILDDIFF, an approach to extract detailed build changes from MAVEN build files and classify them into 95 change types. In a manual evaluation of 400 build changing commits, we show that BUILDDIFF can extract and classify build changes with an average precision and recall of 0.96 and 0.98, respectively. We then present two studies using the build changes extracted from 30 open source Java projects to study the frequency and time of build changes. The results show that the top 10 most frequent change types account for 73% of the build changes. Among them, changes to version numbers and changes to dependencies of the projects occur most frequently. Furthermore, our results show that build changes occur frequently around releases. With these results, we provide the basis for further research, such as for analyzing the (co-)evolution of build files with other artifacts or improving effort estimation approaches. Furthermore, our detailed change information enables improvements of refactoring approaches for build configurations and improvements of models to identify error-prone build files.Comment: Accepted at the International Conference of Mining Software Repositories (MSR), 201

Vulnerable Open Source Dependencies: Counting Those That Matter

BACKGROUND: Vulnerable dependencies are a known problem in today's open-source software ecosystems because OSS libraries are highly interconnected and developers do not always update their dependencies. AIMS: In this paper we aim to present a precise methodology, that combines the code-based analysis of patches with information on build, test, update dates, and group extracted from the very code repository, and therefore, caters to the needs of industrial practice for correct allocation of development and audit resources. METHOD: To understand the industrial impact of the proposed methodology, we considered the 200 most popular OSS Java libraries used by SAP in its own software. Our analysis included 10905 distinct GAVs (group, artifact, version) when considering all the library versions. RESULTS: We found that about 20% of the dependencies affected by a known vulnerability are not deployed, and therefore, they do not represent a danger to the analyzed library because they cannot be exploited in practice. Developers of the analyzed libraries are able to fix (and actually responsible for) 82% of the deployed vulnerable dependencies. The vast majority (81%) of vulnerable dependencies may be fixed by simply updating to a new version, while 1% of the vulnerable dependencies in our sample are halted, and therefore, potentially require a costly mitigation strategy. CONCLUSIONS: Our case study shows that the correct counting allows software development companies to receive actionable information about their library dependencies, and therefore, correctly allocate costly development and audit resources, which is spent inefficiently in case of distorted measurements.Comment: This is a pre-print of the paper that appears, with the same title, in the proceedings of the 12th International Symposium on Empirical Software Engineering and Measurement, 201

Measurements of Forbush decreases at Mars: both by MSL on ground and by MAVEN in orbit

The Radiation Assessment Detector (RAD), on board Mars Science Laboratory's (MSL) Curiosity rover, has been measuring ground level particle fluxes along with the radiation dose rate at the surface of Mars since August 2012. Similar to neutron monitors at Earth, RAD sees many Forbush decreases (FDs) in the galactic cosmic ray (GCR) induced surface fluxes and dose rates. These FDs are associated with coronal mass ejections (CMEs) and/or stream/corotating interaction regions (SIRs/CIRs). Orbiting above the Martian atmosphere, the Mars Atmosphere and Volatile EvolutioN (MAVEN) spacecraft has also been monitoring space weather conditions at Mars since September 2014. The penetrating particle flux channels in the Solar Energetic Particle (SEP) instrument onboard MAVEN can also be employed to detect FDs. For the first time, we study the statistics and properties of a list of FDs observed in-situ at Mars, seen both on the surface by MSL/RAD and in orbit detected by the MAVEN/SEP instrument. Such a list of FDs can be used for studying interplanetary CME (ICME) propagation and SIR evolution through the inner heliosphere. The magnitudes of different FDs can be well-fitted by a power-law distribution. The systematic difference between the magnitudes of the FDs within and outside the Martian atmosphere may be mostly attributed to the energy-dependent modulation of the GCR particles by both the pass-by ICMEs/SIRs and the Martian atmosphere

Impact assessment for vulnerabilities in open-source software libraries

Software applications integrate more and more open-source software (OSS) to benefit from code reuse. As a drawback, each vulnerability discovered in bundled OSS potentially affects the application. Upon the disclosure of every new vulnerability, the application vendor has to decide whether it is exploitable in his particular usage context, hence, whether users require an urgent application patch containing a non-vulnerable version of the OSS. Current decision making is mostly based on high-level vulnerability descriptions and expert knowledge, thus, effort intense and error prone. This paper proposes a pragmatic approach to facilitate the impact assessment, describes a proof-of-concept for Java, and examines one example vulnerability as case study. The approach is independent from specific kinds of vulnerabilities or programming languages and can deliver immediate results

The Effects of Solar Wind Dynamic Pressure on the Structure of the Topside Ionosphere of Mars

We use Mars Atmosphere and Volatile EvolutioN observations of the upstream solar wind, and Mars Express observations of ionospheric electron densities and magnetic fields, to study how the topside ionosphere ($>$ 320 km) of Mars is affected by variations in solar wind dynamic pressure. We find that high solar wind dynamic pressures result in the topside ionosphere being depleted of plasma at all solar zenith angles, coincident with increased induced magnetic field strengths. The depletion of topside plasma in response to high solar wind dynamic pressures is observed in both weak and strong crustal magnetic field regions. Taken together, our results suggest that high solar wind dynamic pressures lead to ionospheric compression, increased ion escape, and reduced day-to-night plasma transport in the high-altitude nightside ionosphere