COEL: A Web-based Chemistry Simulation Framework

The chemical reaction network (CRN) is a widely used formalism to describe macroscopic behavior of chemical systems. Available tools for CRN modelling and simulation require local access, installation, and often involve local file storage, which is susceptible to loss, lacks searchable structure, and does not support concurrency. Furthermore, simulations are often single-threaded, and user interfaces are non-trivial to use. Therefore there are significant hurdles to conducting efficient and collaborative chemical research. In this paper, we introduce a new enterprise chemistry simulation framework, COEL, which addresses these issues. COEL is the first web-based framework of its kind. A visually pleasing and intuitive user interface, simulations that run on a large computational grid, reliable database storage, and transactional services make COEL ideal for collaborative research and education. COEL's most prominent features include ODE-based simulations of chemical reaction networks and multicompartment reaction networks, with rich options for user interactions with those networks. COEL provides DNA-strand displacement transformations and visualization (and is to our knowledge the first CRN framework to do so), GA optimization of rate constants, expression validation, an application-wide plotting engine, and SBML/Octave/Matlab export. We also present an overview of the underlying software and technologies employed and describe the main architectural decisions driving our development. COEL is available at http://coel-sim.org for selected research teams only. We plan to provide a part of COEL's functionality to the general public in the near future.Comment: 23 pages, 12 figures, 1 tabl

Inference and Regeneration of Programs that Manipulate Relational Databases

We present a new technique that infers models of programs that manipulate relational databases. This technique generates test databases and input commands, runs the program, then observes the resulting outputs and updated databases to infer the model. Because the technique works only with the externally observable inputs, outputs, and databases, it can infer the behavior of programs written in arbitrary languages using arbitrary coding styles and patterns. We also present a technique for automatically regenerating an implementation of the program based on the inferred model. The regenerator can produce a translated implementation in a different language and systematically include relevant security and error checks. We present results that illustrate the use of the technique to eliminate SQL injection vulnerabilities and the translation of applications from Java and Ruby on Rails to Python

Security Applications of Formal Language Theory

We present an approach to improving the security of complex, composed systems based on formal language theory, and show how this approach leads to advances in input validation, security modeling, attack surface reduction, and ultimately, software design and programming methodology. We cite examples based on real-world security flaws in common protocols representing different classes of protocol complexity. We also introduce a formalization of an exploit development technique, the parse tree differential attack, made possible by our conception of the role of formal grammars in security. These insights make possible future advances in software auditing techniques applicable to static and dynamic binary analysis, fuzzing, and general reverse-engineering and exploit development. Our work provides a foundation for verifying critical implementation components with considerably less burden to developers than is offered by the current state of the art. It additionally offers a rich basis for further exploration in the areas of offensive analysis and, conversely, automated defense tools and techniques. This report is divided into two parts. In Part I we address the formalisms and their applications; in Part II we discuss the general implications and recommendations for protocol and software design that follow from our formal analysis

Product Family Design Knowledge Representation, Aggregation, Reuse, and Analysis

A flexible information model for systematic development and deployment of product families during all phases of the product realization process is crucial for product-oriented organizations. In current practice, information captured while designing products in a family is often incomplete, unstructured, and is mostly proprietary in nature, making it difficult to index, search, refine, reuse, distribute, browse, aggregate, and analyze knowledge across heterogeneous organizational information systems. To this end, we propose a flexible knowledge management framework to capture, reorganize, and convert both linguistic and parametric product family design information into a unified network, which is called a networked bill of material (NBOM) using formal concept analysis (FCA); encode the NBOM as a cyclic, labeled graph using the Web Ontology Language (OWL) that designers can use to explore, search, and aggregate design information across different phases of product design as well as across multiple products in a product family; and analyze the set of products in a product family based on both linguistic and parametric information. As part of the knowledge management framework, a PostgreSQL database schema has been formulated to serve as a central design repository of product design knowledge, capable of housing the instances of the NBOM. Ontologies encoding the NBOM are utilized as a metalayer in the database schema to connect the design artifacts as part of a graph structure. Representing product families by preconceived common ontologies shows promise in promoting component sharing, and assisting designers search, explore, and analyze linguistic and parametric product family design information. An example involving a family of seven one-time-use cameras with different functions that satisfy a variety of customer needs is presented to demonstrate the implementation of the proposed framework

An Application Perspective on High-Performance Computing and Communications

We review possible and probable industrial applications of HPCC focusing on the software and hardware issues. Thirty-three separate categories are illustrated by detailed descriptions of five areas -- computational chemistry; Monte Carlo methods from physics to economics; manufacturing; and computational fluid dynamics; command and control; or crisis management; and multimedia services to client computers and settop boxes. The hardware varies from tightly-coupled parallel supercomputers to heterogeneous distributed systems. The software models span HPF and data parallelism, to distributed information systems and object/data flow parallelism on the Web. We find that in each case, it is reasonably clear that HPCC works in principle, and postulate that this knowledge can be used in a new generation of software infrastructure based on the WebWindows approach, and discussed in an accompanying paper

Computing and Information Science (CIS)

Cornell University Courses of Study Vol. 97 2005/200