24 research outputs found
Automated sequence and motion planning for robotic spatial extrusion of 3D trusses
While robotic spatial extrusion has demonstrated a new and efficient means to
fabricate 3D truss structures in architectural scale, a major challenge remains
in automatically planning extrusion sequence and robotic motion for trusses
with unconstrained topologies. This paper presents the first attempt in the
field to rigorously formulate the extrusion sequence and motion planning (SAMP)
problem, using a CSP encoding. Furthermore, this research proposes a new
hierarchical planning framework to solve the extrusion SAMP problems that
usually have a long planning horizon and 3D configuration complexity. By
decoupling sequence and motion planning, the planning framework is able to
efficiently solve the extrusion sequence, end-effector poses, joint
configurations, and transition trajectories for spatial trusses with
nonstandard topologies. This paper also presents the first detailed computation
data to reveal the runtime bottleneck on solving SAMP problems, which provides
insight and comparing baseline for future algorithmic development. Together
with the algorithmic results, this paper also presents an open-source and
modularized software implementation called Choreo that is machine-agnostic. To
demonstrate the power of this algorithmic framework, three case studies,
including real fabrication and simulation results, are presented.Comment: 24 pages, 16 figure
Reingenier铆a de una composici贸n en lenguaje WS-BPEL 2.0: ASTRO
144 p谩ginas (PDF)
Implementaci贸n de operadores de mutaci贸n para WS-BPEL 2.0
En este proyecto fin de carrera se completa una herramienta real denominada GAmera desarrollada en el grupo de investigaci贸n SPI&FM. GAmera es una herramienta de generaci贸n de mutantes para WS-BPEL que en vez de generarlos todos genera s贸lo un subconjunto de ellos. Dicha herramienta se divide en dos partes: un algoritmo gen茅tico que dirige todo el proceso y un entorno que compara los mutantes con el proceso original, para comprobar si su comportamiento var铆a o no. Este PFC se enmarca dentro de esta segunda parte
Recommended from our members
Knowledge Discovery and Data Mining (KDDM) survey report.
The large number of government and industry activities supporting the Unit of Action (UA), with attendant documents, reports and briefings, can overwhelm decision-makers with an overabundance of information that hampers the ability to make quick decisions often resulting in a form of gridlock. In particular, the large and rapidly increasing amounts of data and data formats stored on UA Advanced Collaborative Environment (ACE) servers has led to the realization that it has become impractical and even impossible to perform manual analysis leading to timely decisions. UA Program Management (PM UA) has recognized the need to implement a Decision Support System (DSS) on UA ACE. The objective of this document is to research the commercial Knowledge Discovery and Data Mining (KDDM) market and publish the results in a survey. Furthermore, a ranking mechanism based on UA ACE-specific criteria has been developed and applied to a representative set of commercially available KDDM solutions. In addition, an overview of four R&D areas identified as critical to the implementation of DSS on ACE is provided. Finally, a comprehensive database containing detailed information on surveyed KDDM tools has been developed and is available upon customer request
Security analyses for detecting deserialisation vulnerabilities : a thesis presented in partial fulfilment of the requirements for the degree of Doctor of Philosophy in Computer Science at Massey University, Palmerston North, New Zealand
An important task in software security is to identify potential vulnerabilities. Attackers exploit security vulnerabilities in systems to obtain confidential information, to breach system integrity, and to make systems unavailable to legitimate users. In recent years, particularly 2012, there has been a rise in reported Java vulnerabilities. One type of vulnerability involves (de)serialisation, a commonly used feature to store objects or data structures to an external format and restore them. In 2015, a deserialisation vulnerability was reported involving Apache Commons Collections, a popular Java library, which affected numerous Java applications. Another major deserialisation-related vulnerability that affected 55\% of Android devices was reported in 2015. Both of these vulnerabilities allowed arbitrary code execution on vulnerable systems by malicious users, a serious risk, and this came as a call for the Java community to issue patches to fix serialisation related vulnerabilities in both the Java Development Kit and libraries.
Despite attention to coding guidelines and defensive strategies, deserialisation remains a risky feature and a potential weakness in object-oriented applications. In fact, deserialisation related vulnerabilities (both denial-of-service and remote code execution) continue to be reported for Java applications. Further, deserialisation is a case of parsing where external data is parsed from their external representation to a program's internal data structures and hence, potentially similar vulnerabilities can be present in parsers for file formats and serialisation languages.
The problem is, given a software package, to detect either injection or denial-of-service vulnerabilities and propose strategies to prevent attacks that exploit them. The research reported in this thesis casts detecting deserialisation related vulnerabilities as a program analysis task. The goal is to automatically discover this class of vulnerabilities using program analysis techniques, and to experimentally evaluate the efficiency and effectiveness of the proposed methods on real-world software. We use multiple techniques to detect reachability to sensitive methods and taint analysis to detect if untrusted user-input can result in security violations.
Challenges in using program analysis for detecting deserialisation vulnerabilities include addressing soundness issues in analysing dynamic features in Java (e.g., native code). Another hurdle is that available techniques mostly target the analysis of applications rather than library code.
In this thesis, we develop techniques to address soundness issues related to analysing Java code that uses serialisation, and we adapt dynamic techniques such as fuzzing to address precision issues in the results of our analysis. We also use the results from our analysis to study libraries in other languages, and check if they are vulnerable to deserialisation-type attacks. We then provide a discussion on mitigation measures for engineers to protect their software against such vulnerabilities.
In our experiments, we show that we can find unreported vulnerabilities in Java code; and how these vulnerabilities are also present in widely-used serialisers for popular languages such as JavaScript, PHP and Rust. In our study, we discovered previously unknown denial-of-service security bugs in applications/libraries that parse external data formats such as YAML, PDF and SVG
Desarrollo de un motor de ejecuci贸n de restricciones de expresiones de Snomed CT
[ES] En el 谩rea de los sistemas de informaci贸n sanitarios, dado que la informaci贸n se encuentra
repartida formando islas independientes, es primordial construir sistemas interoperables que sean
capaces de transmitir informaci贸n entre ellos. Un punto clave es conseguir un alto grado de
interoperabilidad sem谩ntica, gracias a la cual los sistemas entienden la informaci贸n que les es
transmitida y son capaces de trabajar con ella. En este sentido, la principal debilidad actual es la
falta de coordinaci贸n entre los modelos de informaci贸n cl铆nicos y los modelos terminol贸gicos
para definir el significado y el contenido de los datos cl铆nicos. La organizaci贸n SNOMED
International, consciente de esta problem谩tica, ha desarrollado recientemente el Lenguaje de
Restricciones de Expresiones de SNOMED CT. Gracias a este lenguaje, es posible definir
subconjuntos de conceptos cl铆nicos que servir谩n para definir enlaces terminol贸gicos de contenido
entre los modelos de informaci贸n cl铆nicos y terminolog铆as m茅dicas. En este trabajo se describe
una implementaci贸n de un motor de ejecuci贸n para dicho lenguaje, cuyo objetivo final es el enlace
terminol贸gico avanzado entre arquetipos y SNOMED CT, como pilar fundamental para conseguir
sistemas sem谩nticamente interoperables.[EN] In the clinical information systems area it is primordial to build interoperable systems able to
transmit information between them. It is necessary because clinical information is stored and
divided in separate islands. A crucial issue is to achieve high levels of semantic interoperability
for transmitting and understanding information between systems. Nowadays, one of the
weaknesses when working in this direction is the lack of a coordinated use of information models
and terminological models to define the meaning and content of clinical data. SNOMED
International organisation is aware of this problem and has recently developed the SNOMED CT
Expression Constraint Language to specify subsets of concepts. These subsets are used in content
terminological binding between clinical information models and terminological models. In this
work we describe an implementation of an execution engine for this language. Our final objective
is to allow advanced terminological binding between archetypes and SNOMED CT as a
fundamental pillar to get semantically interoperable systems.Gim茅nez Solano, VM. (2017). Desarrollo de un motor de ejecuci贸n de restricciones de expresiones de Snomed CT. http://hdl.handle.net/10251/89038.TFG