Cautiously Optimistic Program Analyses for Secure and Reliable Software

Modern computer systems still have various security and reliability vulnerabilities. Well-known dynamic analyses solutions can mitigate them using runtime monitors that serve as lifeguards. But the additional work in enforcing these security and safety properties incurs exorbitant performance costs, and such tools are rarely used in practice. Our work addresses this problem by constructing a novel technique- Cautiously Optimistic Program Analysis (COPA). COPA is optimistic- it infers likely program invariants from dynamic observations, and assumes them in its static reasoning to precisely identify and elide wasteful runtime monitors. The resulting system is fast, but also ensures soundness by recovering to a conservatively optimized analysis when a likely invariant rarely fails at runtime. COPA is also cautious- by carefully restricting optimizations to only safe elisions, the recovery is greatly simplified. It avoids unbounded rollbacks upon recovery, thereby enabling analysis for live production software. We demonstrate the effectiveness of Cautiously Optimistic Program Analyses in three areas: Information-Flow Tracking (IFT) can help prevent security breaches and information leaks. But they are rarely used in practice due to their high performance overhead (>500% for web/email servers). COPA dramatically reduces this cost by eliding wasteful IFT monitors to make it practical (9% overhead, 4x speedup). Automatic Garbage Collection (GC) in managed languages (e.g. Java) simplifies programming tasks while ensuring memory safety. However, there is no correct GC for weakly-typed languages (e.g. C/C++), and manual memory management is prone to errors that have been exploited in high profile attacks. We develop the first sound GC for C/C++, and use COPA to optimize its performance (16% overhead). Sequential Consistency (SC) provides intuitive semantics to concurrent programs that simplifies reasoning for their correctness. However, ensuring SC behavior on commodity hardware remains expensive. We use COPA to ensure SC for Java at the language-level efficiently, and significantly reduce its cost (from 24% down to 5% on x86). COPA provides a way to realize strong software security, reliability and semantic guarantees at practical costs.PHDComputer Science & EngineeringUniversity of Michigan, Horace H. Rackham School of Graduate Studieshttp://deepblue.lib.umich.edu/bitstream/2027.42/170027/1/subarno_1.pd

Correctness Criteria for Function-Based Reclassifiers: A Language Based Approach

An emerging problem in systems security is controlling how a program uses the data it has access to. Information Flow Control (ifc) propagates restrictions on data by following the flow of information, for example if a secret value flows to a public value, that value should be considered secret as well. A common problem in ifc is reclassification of data, for instance to explicitly make data less restricted. An ifc mechanism often has strict flow rules in its normal operation, but reclassification by definition need to bypass these restrictions. This thesis proposes correctness criteria that aim to provide stronger semantic guarantees for the behavior of reclassification functions. We first conduct a survey on prior work in IFC, which concludes that little emphasis has been put on crystallizing such criteria. We then define a set of criteria for reclassification and implement a parser to enforce these criteria. If a piece of code is successfully analyzed by the parser, then that code can be safely used to reclassify data. Rust is emerging as one of the more prominent languages for systems programming due to its memory safety, and we conjecture this can be analogously continued to target ifc as well

Engineering Tolerance: Origins of Multicultural Education Policies in the Atlantic World from 1941 to 1988

This study aims to trace the lines of communication between the United Kingdom, United States, Canada, and France from the early 1940s through 1989 on one subject of policymaking— attempts to shape the minds of citizens through education and schooling. Resulting policies were remarkably similar, in that these were policies that reorganized schools systems and repurposed education to establish in their children a new, more tolerant, and open mind-set. This shift into an interconnected transnational framework should deepen and broaden the scale and scope of my work’s novelty and contribution to the field. In particular, seeking to establish a direct correlation between the United Kingdom and comparators in the Atlantic World, with the United Kingdom as a locus for the greater transnational development of multicultural education policies, will be an original contribution to the discipline. The examination of this thesis was a transnational one that tracked the open dialogue between comparator nations and the resulting influence of each nation on the others. The foci are those pieces of policy that planned shifts in education policy in order to establish how these education policies interrelated. One goal of this thesis was to establish which policy networks between these nations supported emergent policies that could, and would, mirror or birth multicultural education. This paved the way for further analyses of how these policies were moulded not only by national concerns but by international organizations and participation in global planning. The UK, the US, Canada, and France, through a transnational policymaking cycle, have succeeded in building a set of interrelated education and integrative policies. These education policies focussed on rationalizing an increasingly diverse world, while promoting the essential benefits of education to engineer a tolerant mind-set in its future citizens

Ab Condita

Time and structure; expectation and construction; landscape and architecture; history and myth. The foundation is a joint which carries extraordinary potential to speak of the cultures that built it. This text tells stories about three cultures whose identities are interwoven with their foundation-building. Tracing a path among the distinct ways in which they found, it values the foundation as a marker between anticipating and making in the architectural process; an ambiguous joint between land and building; an invisible structure of the surfaces we touch; and an indicator of an attitude towards time. The narrative begins in Rome and concludes in the James Bay Lowlands of Northern Canada. Both indigenous cultures represent extremes in notions of ‘foundation’: Rome’s tufa block substructures have borne buildings stratified over millennia; while the subarctic Omushkego Cree have traditionally had no permanent foundations, their building traces perceived in subtle differences of soil composition. A third base in the Netherlands is both a fulcrum and foil, as the nation’s diverse local and large-scale strategies negotiate heavy and light building traditions, and offer another distinct set of considerations in preparing ground. The aim of this book is two-fold. Firstly, it is to restore the foundation to the purview of the architect. Groundwork is more than a technical puzzle: it is also a deeply imaginative act. Secondly, this text seeks to understand why cultures found the way they do, and to give consideration to the unique inheritances offered by diverse foundation-building traditions

The Journal of ERW and Mine Action Issue 10.1 (2006)

Feature: Explosive Remnants of War | Focus: Africa | Profiles | Making it Personal | Notes from the Field | Research and Developmen

A Century of Parks Canada, 1911-2011

"... a diverse and fascinating array of perspectives on the history of Canada's national parks, illuminating many less well-understood aspects of the evolving place of people in and near these parks." - Stephen Bocking, Professor and Chair, Environmental and Resource Studies Program, Trent University When Canada created a Dominion Parks Branch in 1911, it became the first country in the world to establish an agency devoted to managing its national parks. Over the past century this agency, now Parks Canada, has been at the centre of important debates about the place of nature in Canadian nationhood and relationships between Canada's diverse ecosystems and its communities. Today, Parks Canada manages over forty parks and reserves totalling over 200,000 square kilometres and featuring a dazzling variety of landscapes, and is recognized as a global leader in the environmental challenges of protected places. Its history is a rich repository of experience, of lessons learned - critical for making informed decisions about how to sustain the environmental and social health of our national parks. A Century of Parks Canada is published in partnership with NiCHE (Network in Canadian History and Environment; http://niche-canada.org/)

Computer Aided Verification

The open access two-volume set LNCS 11561 and 11562 constitutes the refereed proceedings of the 31st International Conference on Computer Aided Verification, CAV 2019, held in New York City, USA, in July 2019. The 52 full papers presented together with 13 tool papers and 2 case studies, were carefully reviewed and selected from 258 submissions. The papers were organized in the following topical sections: Part I: automata and timed systems; security and hyperproperties; synthesis; model checking; cyber-physical systems and machine learning; probabilistic systems, runtime techniques; dynamical, hybrid, and reactive systems; Part II: logics, decision procedures; and solvers; numerical programs; verification; distributed systems and networks; verification and invariants; and concurrency