Automated sequence and motion planning for robotic spatial extrusion of 3D trusses

While robotic spatial extrusion has demonstrated a new and efficient means to fabricate 3D truss structures in architectural scale, a major challenge remains in automatically planning extrusion sequence and robotic motion for trusses with unconstrained topologies. This paper presents the first attempt in the field to rigorously formulate the extrusion sequence and motion planning (SAMP) problem, using a CSP encoding. Furthermore, this research proposes a new hierarchical planning framework to solve the extrusion SAMP problems that usually have a long planning horizon and 3D configuration complexity. By decoupling sequence and motion planning, the planning framework is able to efficiently solve the extrusion sequence, end-effector poses, joint configurations, and transition trajectories for spatial trusses with nonstandard topologies. This paper also presents the first detailed computation data to reveal the runtime bottleneck on solving SAMP problems, which provides insight and comparing baseline for future algorithmic development. Together with the algorithmic results, this paper also presents an open-source and modularized software implementation called Choreo that is machine-agnostic. To demonstrate the power of this algorithmic framework, three case studies, including real fabrication and simulation results, are presented.Comment: 24 pages, 16 figure

Reingeniería de una composición en lenguaje WS-BPEL 2.0: ASTRO

144 páginas (PDF)

Implementación de operadores de mutación para WS-BPEL 2.0

En este proyecto fin de carrera se completa una herramienta real denominada GAmera desarrollada en el grupo de investigación SPI&FM. GAmera es una herramienta de generación de mutantes para WS-BPEL que en vez de generarlos todos genera sólo un subconjunto de ellos. Dicha herramienta se divide en dos partes: un algoritmo genético que dirige todo el proceso y un entorno que compara los mutantes con el proceso original, para comprobar si su comportamiento varía o no. Este PFC se enmarca dentro de esta segunda parte

Knowledge Discovery and Data Mining (KDDM) survey report.

The large number of government and industry activities supporting the Unit of Action (UA), with attendant documents, reports and briefings, can overwhelm decision-makers with an overabundance of information that hampers the ability to make quick decisions often resulting in a form of gridlock. In particular, the large and rapidly increasing amounts of data and data formats stored on UA Advanced Collaborative Environment (ACE) servers has led to the realization that it has become impractical and even impossible to perform manual analysis leading to timely decisions. UA Program Management (PM UA) has recognized the need to implement a Decision Support System (DSS) on UA ACE. The objective of this document is to research the commercial Knowledge Discovery and Data Mining (KDDM) market and publish the results in a survey. Furthermore, a ranking mechanism based on UA ACE-specific criteria has been developed and applied to a representative set of commercially available KDDM solutions. In addition, an overview of four R&D areas identified as critical to the implementation of DSS on ACE is provided. Finally, a comprehensive database containing detailed information on surveyed KDDM tools has been developed and is available upon customer request

Security analyses for detecting deserialisation vulnerabilities : a thesis presented in partial fulfilment of the requirements for the degree of Doctor of Philosophy in Computer Science at Massey University, Palmerston North, New Zealand

An important task in software security is to identify potential vulnerabilities. Attackers exploit security vulnerabilities in systems to obtain confidential information, to breach system integrity, and to make systems unavailable to legitimate users. In recent years, particularly 2012, there has been a rise in reported Java vulnerabilities. One type of vulnerability involves (de)serialisation, a commonly used feature to store objects or data structures to an external format and restore them. In 2015, a deserialisation vulnerability was reported involving Apache Commons Collections, a popular Java library, which affected numerous Java applications. Another major deserialisation-related vulnerability that affected 55\% of Android devices was reported in 2015. Both of these vulnerabilities allowed arbitrary code execution on vulnerable systems by malicious users, a serious risk, and this came as a call for the Java community to issue patches to fix serialisation related vulnerabilities in both the Java Development Kit and libraries. Despite attention to coding guidelines and defensive strategies, deserialisation remains a risky feature and a potential weakness in object-oriented applications. In fact, deserialisation related vulnerabilities (both denial-of-service and remote code execution) continue to be reported for Java applications. Further, deserialisation is a case of parsing where external data is parsed from their external representation to a program's internal data structures and hence, potentially similar vulnerabilities can be present in parsers for file formats and serialisation languages. The problem is, given a software package, to detect either injection or denial-of-service vulnerabilities and propose strategies to prevent attacks that exploit them. The research reported in this thesis casts detecting deserialisation related vulnerabilities as a program analysis task. The goal is to automatically discover this class of vulnerabilities using program analysis techniques, and to experimentally evaluate the efficiency and effectiveness of the proposed methods on real-world software. We use multiple techniques to detect reachability to sensitive methods and taint analysis to detect if untrusted user-input can result in security violations. Challenges in using program analysis for detecting deserialisation vulnerabilities include addressing soundness issues in analysing dynamic features in Java (e.g., native code). Another hurdle is that available techniques mostly target the analysis of applications rather than library code. In this thesis, we develop techniques to address soundness issues related to analysing Java code that uses serialisation, and we adapt dynamic techniques such as fuzzing to address precision issues in the results of our analysis. We also use the results from our analysis to study libraries in other languages, and check if they are vulnerable to deserialisation-type attacks. We then provide a discussion on mitigation measures for engineers to protect their software against such vulnerabilities. In our experiments, we show that we can find unreported vulnerabilities in Java code; and how these vulnerabilities are also present in widely-used serialisers for popular languages such as JavaScript, PHP and Rust. In our study, we discovered previously unknown denial-of-service security bugs in applications/libraries that parse external data formats such as YAML, PDF and SVG

Desarrollo de un motor de ejecución de restricciones de expresiones de Snomed CT

[ES] En el área de los sistemas de información sanitarios, dado que la información se encuentra repartida formando islas independientes, es primordial construir sistemas interoperables que sean capaces de transmitir información entre ellos. Un punto clave es conseguir un alto grado de interoperabilidad semántica, gracias a la cual los sistemas entienden la información que les es transmitida y son capaces de trabajar con ella. En este sentido, la principal debilidad actual es la falta de coordinación entre los modelos de información clínicos y los modelos terminológicos para definir el significado y el contenido de los datos clínicos. La organización SNOMED International, consciente de esta problemática, ha desarrollado recientemente el Lenguaje de Restricciones de Expresiones de SNOMED CT. Gracias a este lenguaje, es posible definir subconjuntos de conceptos clínicos que servirán para definir enlaces terminológicos de contenido entre los modelos de información clínicos y terminologías médicas. En este trabajo se describe una implementación de un motor de ejecución para dicho lenguaje, cuyo objetivo final es el enlace terminológico avanzado entre arquetipos y SNOMED CT, como pilar fundamental para conseguir sistemas semánticamente interoperables.[EN] In the clinical information systems area it is primordial to build interoperable systems able to transmit information between them. It is necessary because clinical information is stored and divided in separate islands. A crucial issue is to achieve high levels of semantic interoperability for transmitting and understanding information between systems. Nowadays, one of the weaknesses when working in this direction is the lack of a coordinated use of information models and terminological models to define the meaning and content of clinical data. SNOMED International organisation is aware of this problem and has recently developed the SNOMED CT Expression Constraint Language to specify subsets of concepts. These subsets are used in content terminological binding between clinical information models and terminological models. In this work we describe an implementation of an execution engine for this language. Our final objective is to allow advanced terminological binding between archetypes and SNOMED CT as a fundamental pillar to get semantically interoperable systems.Giménez Solano, VM. (2017). Desarrollo de un motor de ejecución de restricciones de expresiones de Snomed CT. http://hdl.handle.net/10251/89038.TFG