106,838 research outputs found
Sampling-based Program Execution Monitoring
For its high overall cost during product development, program debugging is an important aspect of system development. Debugging is a hard and complex activity, especially in time-sensitive systems which have limited resources and demanding timing constraints. System tracing is a frequently used technique for debugging embedded systems. A specific use of system tracing is to monitor and debug control-flow problems in programs. However, it is difficult to implement because of the potentially high overhead it might introduce to the system and the changes which can occur to the system behaviour due to tracing. To solve the above problems, in this work, we present a sampling-based approach to program execution monitoring which specifically helps developers trace the program execution in time-sensitive systems such as real-time applications. We build the system model and propose three theorems which determine the sampling period or the optimal in different scenarios. We also design seven heuristics and an instrumentation framework to extend the sampling period which can reduce the monitoring overhead and achieve an optimal
tradeoff between accuracy and overhead introduced by instrumentation. Using this monitoring framework, we can use the information extracted through sampling to reconstruct the system state and execution paths to locate the deviation. Based on the statistically significant data, we also model the trend of the sampling period with the instrumentation steps. Based on the modelling results, we devise a scheme for predicting the number of markers we need to reach a certain sampling period. Last, we build a tool chain to instrument and monitoring the software system and further prove the soundness of our approach
Unsupervised Anomaly-based Malware Detection using Hardware Features
Recent works have shown promise in using microarchitectural execution
patterns to detect malware programs. These detectors belong to a class of
detectors known as signature-based detectors as they catch malware by comparing
a program's execution pattern (signature) to execution patterns of known
malware programs. In this work, we propose a new class of detectors -
anomaly-based hardware malware detectors - that do not require signatures for
malware detection, and thus can catch a wider range of malware including
potentially novel ones. We use unsupervised machine learning to build profiles
of normal program execution based on data from performance counters, and use
these profiles to detect significant deviations in program behavior that occur
as a result of malware exploitation. We show that real-world exploitation of
popular programs such as IE and Adobe PDF Reader on a Windows/x86 platform can
be detected with nearly perfect certainty. We also examine the limits and
challenges in implementing this approach in face of a sophisticated adversary
attempting to evade anomaly-based detection. The proposed detector is
complementary to previously proposed signature-based detectors and can be used
together to improve security.Comment: 1 page, Latex; added description for feature selection in Section 4,
results unchange
ScALPEL: A Scalable Adaptive Lightweight Performance Evaluation Library for application performance monitoring
As supercomputers continue to grow in scale and capabilities, it is becoming
increasingly difficult to isolate processor and system level causes of
performance degradation. Over the last several years, a significant number of
performance analysis and monitoring tools have been built/proposed. However,
these tools suffer from several important shortcomings, particularly in
distributed environments. In this paper we present ScALPEL, a Scalable Adaptive
Lightweight Performance Evaluation Library for application performance
monitoring at the functional level. Our approach provides several distinct
advantages. First, ScALPEL is portable across a wide variety of architectures,
and its ability to selectively monitor functions presents low run-time
overhead, enabling its use for large-scale production applications. Second, it
is run-time configurable, enabling both dynamic selection of functions to
profile as well as events of interest on a per function basis. Third, our
approach is transparent in that it requires no source code modifications.
Finally, ScALPEL is implemented as a pluggable unit by reusing existing
performance monitoring frameworks such as Perfmon and PAPI and extending them
to support both sequential and MPI applications.Comment: 10 pages, 4 figures, 2 table
Development and implementation of a LabVIEW based SCADA system for a meshed multi-terminal VSC-HVDC grid scaled platform
This project is oriented to the development of a Supervisory, Control and Data Acquisition
(SCADA) software to control and supervise electrical variables from a scaled platform that
represents a meshed HVDC grid employing National Instruments hardware and LabVIEW logic
environment. The objective is to obtain real time visualization of DC and AC electrical variables
and a lossless data stream acquisition.
The acquisition system hardware elements have been configured, tested and installed on the
grid platform. The system is composed of three chassis, each inside of a VSC terminal cabinet,
with integrated Field-Programmable Gate Arrays (FPGAs), one of them connected via PCI bus
to a local processor and the rest too via Ethernet through a switch. Analogical acquisition
modules were A/D conversion takes place are inserted into the chassis. A personal computer is
used as host, screen terminal and storing space.
There are two main access modes to the FPGAs through the real time system. It has been
implemented a Scan mode VI to monitor all the grid DC signals and a faster FPGA access mode
VI to monitor one converter AC and DC values. The FPGA application consists of two tasks
running at different rates and a FIFO has been implemented to communicate between them
without data loss.
Multiple structures have been tested on the grid platform and evaluated, ensuring the
compliance of previously established specifications, such as sampling and scanning rate, screen
refreshment or possible data loss.
Additionally a turbine emulator was implemented and tested in Labview for further testing
Monitoring with uncertainty
We discuss the problem of runtime verification of an instrumented program
that misses to emit and to monitor some events. These gaps can occur when a
monitoring overhead control mechanism is introduced to disable the monitor of
an application with real-time constraints. We show how to use statistical
models to learn the application behavior and to "fill in" the introduced gaps.
Finally, we present and discuss some techniques developed in the last three
years to estimate the probability that a property of interest is violated in
the presence of an incomplete trace.Comment: In Proceedings HAS 2013, arXiv:1308.490
- …