dbProlog: a Prolog/relational database interface

dbProlog is a prototype system that provides a C-Prolog user access to data in an external relational database via both loose and tight coupling. To the application programmer, dbProlog is a group of six built-in Prolog predicates that effect communication between a C-Prolog process and a database management system process. Prolog application program statements may be written using the six predicates to make the interface transparent to an end-user. The system is based on a driver process that must be customized to the interfaced DBMS and whose primary function is the translation of requests and replies between C-Prolog and the DBMS. dbProlog supports Prolog\u27s depth-first search on database retrievals by producing the next record when the retrieval predicate is encountered upon backtracking. dbProlog also supports multiple active database retrievals, as may be required by a Prolog rule that references two or more database retrievals, or by a recursive rule

Map Calculus in GIS: a proposal and demonstration

This paper provides a new representation for fields (continuous surfaces) in Geographical Information Systems (GIS), based on the notion of spatial functions and their combinations. Following Tomlin's (1990) Map Algebra, the term 'Map Calculus' is used for this new representation. In Map Calculus, GIS layers are stored as functions, and new layers can be created by combinations of other functions. This paper explains the principles of Map Calculus and demonstrates the creation of function-based layers and their supporting management mechanism. The proposal is based on Church's (1941) Lambda Calculus and elements of functional computer languages (such as Lisp or Scheme)

A conceptual model for megaprogramming

Megaprogramming is component-based software engineering and life-cycle management. Magaprogramming and its relationship to other research initiatives (common prototyping system/common prototyping language, domain specific software architectures, and software understanding) are analyzed. The desirable attributes of megaprogramming software components are identified and a software development model and resulting prototype megaprogramming system (library interconnection language extended by annotated Ada) are described

Osiris: Automated Discovery of Microarchitectural Side Channels

In the last years, a series of side channels have been discovered on CPUs. These side channels have been used in powerful attacks, e.g., on cryptographic implementations, or as building blocks in transient-execution attacks such as Spectre or Meltdown. However, in many cases, discovering side channels is still a tedious manual process. In this paper, we present Osiris, a fuzzing-based framework to automatically discover microarchitectural side channels. Based on a machine-readable specification of a CPU's ISA, Osiris generates instruction-sequence triples and automatically tests whether they form a timing-based side channel. Furthermore, Osiris evaluates their usability as a side channel in transient-execution attacks, i.e., as the microarchitectural encoding for attacks like Spectre. In total, we discover four novel timing-based side channels on Intel and AMD CPUs. Based on these side channels, we demonstrate exploitation in three case studies. We show that our microarchitectural KASLR break using non-temporal loads, FlushConflict, even works on the new Intel Ice Lake and Comet Lake microarchitectures. We present a cross-core cross-VM covert channel that is not relying on the memory subsystem and transmits up to 1 kbit/s. We demonstrate this channel on the AWS cloud, showing that it is stealthy and noise resistant. Finally, we demonstrate Stream+Reload, a covert channel for transient-execution attacks that, on average, allows leaking 7.83 bytes within a transient window, improving state-of-the-art attacks that only leak up to 3 bytes

Change impact analysis of multi-language and heterogeneously-licensed software

Today software systems are built with heterogeneous languages such as Java, C, C++, XML, Perl or Python just to name a few. This introduces new challenges both for the software analysis domain and program evolution as programmers must to cope with a variety of programming paradigms and languages. We believe that there is the need of global views supporting developers to effectively cope with complexity and to facilitate program comprehension and analysis of such heterogeneous systems. Furthermore, the heterogeneity of the systems is not limited to the language but also impacts the components licensing. In fact, licensing is another type of heterogeneity introduced by the large reuse of open source code. The heterogeneity of licenses also introduces challenges such how to legally combine components in different programming languages and licenses in the same system and how the change of the software can create a violation of licenses. In this context, we would like to develop a re-engineering tool for analysing change impact of heterogeneously licensed system considering multi-language environment. First, we want to study change impact analysis in multi-language system in general and extend it to support the issue of licenses

QoSME: QoS Management Environment

Distributed multimedia applications are sensitive to the Quality of Service (QoS) delivered by underlying communication networks. For example, a video conference exchange can be very sensitive to the effective network throughput. Network jitter can greatly disrupt a speech stream. The main question this thesis addresses is how to adapt multimedia applications to the QoS delivered by the network and vice versa. Such adaptation is especially important because current networks are unable to assure the QoS required by applications and the latter is usually unprepared for periods of QoS degradation. This work introduces the QoS Management Environment (QoSME) that provides mechanisms for such adaptation. The main contributions of this thesis are: Language level abstractions for QoS management. The Quality Assurance Language (QuAL) in QoSME enables the specification of how to allocate, monitor, analyze, and adapt to delivered QoS. Applications can express in QuAL their QoS needs and how to handle potential violations. Automatic QoS monitoring. QoSME automatically generates the instrumentation to monitor QoS when applications use QuAL constructs. The QoSME runtime scrutinizes interactions among applications, transport protocols, and Operating Systems (OS) and collects in QoS Management Information Bases (MIBs) statistics on the QoS delivered. Integration of QoS and standard network management. A Simple Network Management Protocol (SNMP) agent embedded in QoSME provides QoS MIB access to SNMP managers. The latter can use this feature to monitor end-to-end QoS delivery and adapt network resource allocation and operations accordingly. A partial prototype of QoSME has been released for public access. It runs on SunOS 4.3 and Solaris 2.3 and supports communication on ATM adaptation layer, ST-II, UDP/IP, TCP/IP, and Unix internal protocols

Rule-based Metaprogramming for Smart Spaces

The motivation of this work is goes back to the objective of achieving interoperability in multiparty environments such as ubiquitous systems. Full interoperability in an open environment requires mutually sharing the behavior of the participants, so that the behavioral interoperability becomes as relevant as interoperability of data. This requires analysis or evaluation of behavioral descriptions from untrusted parties in a controlled manner. Furthermore we need to manage the evaluation process based on the content and provenance of the descriptions and other information on which the descriptions operate. This information allows one to choose which behaviour is to be used and which data is to be operated on. To enable this vision we propose to present behavioral descriptions as Answer Set Programming (ASP) rules. In this work we present a method for the evaluation of ASP rules based on metaprogramming: the evaluator for the rules is implemented using ASP rules themselves. To facilitate metaevaluation, we transform rules to a reified format, which enables representing rules as facts, and construct the metaevaluator to work directly on this reified format. Facts corresponding to reified rules and the metaevaluation rules are then treated by native ASP tools. We give a proof that our metaevaluator adheres to the stable model semantics for ASP evaluation. Having rules in the reified format is beneficial as behavioral rules can then be shared and manipulated as any other data. We have implemented a mechanism which maintains the provenance information of data during the rule evaluation along with hooks to allow control over the context of the use of that data. This allows attaching arbitrary metainformation to rules and facts and allows independently creating policies which control on how different data is handled in the ASP solving phase. In addition to the metaevaluation phase, we have implemented syntactical safety analysis of reified rules. These methods enable sharing, analyzing and executing behavioral descriptions in a controlled manner within the same semantic ASP framework, providing one solution for the interoperability problem. The evaluation of ASP rules has two logical phases: grounding and actual solving. We have separated provenance handling and syntactic analysis to the metagrounding phase with the intention that rules and data, which do not match the provenance criteria, are never delivered to the solving phase. To the best of our knowledge, this work presents the first implementation of a metagrounder for ASP programs. According to performance analysis, the metagrounder is not yet competitive with current grounder technology.Tämän opinnäytteen motivaationa on yhteensopivuus ubiikkien järjestelmien kaltaisissa usean käyttäjän ympäristöissä. Täydellinen yhteensopivuus avoimissa ympäristöissä vaatii osapuolten käyttäytymisten kuvausten jakamista käyttäjien kesken. Tällöin käyttäytymisen kuvausten yhteensopivuus muodostuu yhtä tärkeäksi kuin muun tiedon yhteensopivuus. Tästä johtuen on tarpeellista analysoida tai evaluoida hallitusti käyttäytymisten kuvauksia, jotka ovat peräisin mahdollisesti epäluotettavilta tahoilta. Tämän lisäksi evaluointiprosessia täytyy hallinnoida perustuen sekä käyttäytymisten kuvausten että muun käytetyn tiedon sisältöön ja alkuperään. Tämän tiedon avulla valitaan mitä käyttäytymiskuvauksia ja mitä tietoa tullaan käyttämään evaluoinnissa. Tämän vision mahdollistamiseksi tässä työssä ehdotetaan käyttäytymiskuvausten esitettämistä sääntöpohjaisella rajoiteohjelmoinnilla (engl. Answer Set Programming, ASP). Tässä opinnäytteessä kuvataan metaohjelmointipohjainen menetelmä sääntöjen evaluoimiseen, missä itse evaluaattori on toteutettu ASP-säännöillä. Jotta metaevaluaatio olisi mahdollista, säännöt muunnetaan reifioituun muotoon, joka sallii sääntöjen esittämisen faktoina ja metaevaluaattori toteutetaan toimimaan näiden reifioitujen kuvausten kanssa. Faktoina esitetyt reifioidut säännöt ja metaevaluaattorin säännöt evaluoidaan olemassaolevilla ASP-työkaluilla. Työssä esitetään oikeellisuustodistus, jonka perusteella toteutettu metaevaluaattori noudattaa stabiilien mallien semantiikkaa. Sääntöjen esittäminen reifioidussa muodossa on hyödyllistä, sillä tällöin sääntöjä voidaan jakaa ja käsitellä samoin kuin muutakin tietoa. Tässä työssä esitetään lisäksi menetelmä, joka säilyttää sääntöjen käyttämien tietojen alkuperän sääntöjen evaluoinnissa. Tämän ohella esitellään edelliseen laajennus jonka avulla voidaan kontrolloida syötetiedon käyttökonteksti. Tämä mekanismi mahdollistaa mielivaltaisen metainformaation liittämisen sääntöihin sekä muuhun tietoon ja suo erityisesti mahdollisuuden määrittää lisätoimintaperiaatteita sääntöevaluoinnin ohjaamiseen. Nämä menetelmät mahdollistavat käyttäytymissääntöjen turvallisen ja hallitun jakamisen, analysoinnin sekä evaluaation yhdessä semanttisessa viitekehyksessä, tarjoten erään mahdollisen ratkaisun yhteensopivuusongelmaan. Työssä esitetään myös syntaktinen turvallisuusanalyysi reifioiduille säännöille. ASP-sääntöjen evaluaatiossa on kaksi loogista vaihetta: muuttujien instantiointi ja varsinainen ratkaiseminen. Tietojen alkuperän käsittely sekä syntaktinen analyysi on rajattu metatasolle. Näin varmistetaan, että tiedot tai säännöt, jotka eivät ole toimintaperiaatteiden mukaisia, eivät koskaan päädy ratkaisuvaiheeseen. Tässä työssä on esitetty käsittääkseemme ensimmäinen toteutus ASP-sääntöjen instantioinnista metatasolla. Suoritetun vertailun perusteella metatason instantioinnin tehokkuus ei ole vielä kilpailukykyinen nykyisten instantiointitekniikoiden kanssa

Proceedings of the 5th Annual Users' Conference

The Transportable Applications Executive (TAE) was conceived in 1979. It was proposed to be a general purpose software executive that could be applied in various systems. The success of this concept and of TAE was demonstrated. Topics included: TAE current status; TAE development; TAE applications; and UNIX emphasis