Notes on implementation of sparsely distributed memory

The Sparsely Distributed Memory (SDM) developed by Kanerva is an unconventional memory design with very interesting and desirable properties. The memory works in a manner that is closely related to modern theories of human memory. The SDM model is discussed in terms of its implementation in hardware. Two appendices discuss the unconventional approaches of the SDM: Appendix A treats a resistive circuit for fast, parallel address decoding; and Appendix B treats a systolic array for high throughput read and write operations

American Insurance Association v. Garamendi and Executive Preemption in Foreign Affairs

In American Insurance Association v. Garamendi, the U.S. Supreme Court invalidated California\u27s Holocaust Victim Insurance Relief Act (HVIRA), which required insurance companies doing business in California to disclose all policies they or their affiliates sold in Europe between 1920 and 1945. According to the Court, the state\u27s law unconstitutionally interfered with the foreign affairs power of the national government. The decision was easily overlooked in a Term filled with landmark cases dealing with affirmative action and sexual privacy. What coverage the case did receive emphasized its federalism aspects, and excited little reaction because the result seemed intuitively appropriate given the federal government\u27s interest in conducting foreign affairs. We argue in this paper, however, that Garamendi is more important - and problematic - when seen as a case about separation of powers. In particular, we argue that the decision expands presidential control over foreign affairs, not only at the expense of the states, but also and more critically at the expense of Congress and the Senate. This arises from the Court\u27s invention of a novel constitutional power of executive preemption - that is, an independent ability of the President to override state laws that interfere with executive branch policies in foreign affairs. Until Garamendi, no one had thought that a mere executive branch policy, unsupported by the formal or even tacit approval of any other branch, could have the effect of preemptive law. As a result, one need not be a defender of foreign policy federalism, nor a critic of executive foreign affairs powers, to have grave reservations about the decision\u27s implications for separation of powers, federalism and constitutional theory. It is uncontroversial that state laws and policies must give way to the foreign affairs objectives of the national government. The critical question, though, is how these overriding federal goals are developed and identified. We argue that the Garamendi decision has at least three separate and substantial ill-effects upon this process. First,executive preemption conveys to the President the power to decide which state laws affecting foreign affairs survive and which do not. This concentrates foreign affairs power in the President in a way not contemplated by the Constitution\u27s Framers, who sought to separate executive power from legislative power. Second, Garamendi seemed to make executive agreements the functional equivalents of congressional statutes; this functional equivalency may hasten the decline of the treaty as a foreign policy-making tool, with a concomitant decline in the opportunities for Congress - the Senate, in particular - to shape foreign policy. Third, the decision implicated the relationship between the states and the federal government in foreign affairs, but did so in a way that provided essentially no guidance for the future. Part I of this Article discusses the factual setting of the Holocaust insurance claims that formed the background of the case. Part II outlines the constitutional law of federal-state relations in foreign affairs as it stood before the Garamendi decision. Part III describes the Supreme Court\u27s decision, and points out its discontinuity with prior decisions. In Part IV we turn to the troubling structural implications of Garamendi, which we regard as occurring primarily in the field of separation of powers. We conclude that the Court ended up far from the text, structure and history of the Constitution. In Part V we address the decision\u27s implications for federalism, particular the dangers of concentrating preemptive power in the executive branch. Part VI relates the Garamendi case to the wider theoretical debates of modern foreign affairs law and constitutional interpretation. In contrast to other federalism and separation of powers cases, the Garamendi Court paid little attention to text or structure in analyzing the constitutional questions presented. More surprising, perhaps, is the Court\u27s complete lack of interest in what light history might shed on the foreign affairs issues before it. But neither is Garamendi an exercise in common law doctrinal evolution, because it owes essentially nothing to prior cases or practice, except as rhetorical cover. Garamendi\u27s near-exclusive attention to loose interpretations of prior case law and its lack of sensitivity to text, history, and structure, suggest to us a danger in common law constitutional interpretation as a preferred approach to constitutional interpretation and adjudication in foreign affairs controversies

The PER model of abstract non-interference

Abstract. In this paper, we study the relationship between two models of secure information flow: the PER model (which uses equivalence relations) and the abstract non-interference model (which uses upper closure operators). We embed the lattice of equivalence relations into the lattice of closures, re-interpreting abstract non-interference over the lattice of equivalence relations. For narrow abstract non-interference, we show non-interference it is strictly less general. The relational presentation of abstract non-interference leads to a simplified construction of the most concrete harmless attacker. Moreover, the PER model of abstract noninterference allows us to derive unconstrained attacker models, which do not necessarily either observe all public information or ignore all private information. Finally, we show how abstract domain completeness can be used for enforcing the PER model of abstract non-interference

Cellular automaton rules conserving the number of active sites

This paper shows how to determine all the unidimensional two-state cellular automaton rules of a given number of inputs which conserve the number of active sites. These rules have to satisfy a necessary and sufficient condition. If the active sites are viewed as cells occupied by identical particles, these cellular automaton rules represent evolution operators of systems of identical interacting particles whose total number is conserved. Some of these rules, which allow motion in both directions, mimic ensembles of one-dimensional pseudo-random walkers. Numerical evidence indicates that the corresponding stochastic processes might be non-Gaussian.Comment: 14 pages, 5 figure

Very static enforcement of dynamic policies

Security policies are naturally dynamic. Reflecting this, there has been a growing interest in studying information-flow properties which change during program execution, including concepts such as declassification, revocation, and role-change. A static verification of a dynamic information flow policy, from a semantic perspective, should only need to concern itself with two things: 1) the dependencies between data in a program, and 2) whether those dependencies are consistent with the intended flow policies as they change over time. In this paper we provide a formal ground for this intuition. We present a straightforward extension to the principal flow-sensitive type system introduced by Hunt and Sands (POPL’06, ESOP’11) to infer both end-to-end dependencies and dependencies at intermediate points in a program. This allows typings to be applied to verification of both static and dynamic policies. Our extension preserves the principal type system’s distinguishing feature, that type inference is independent of the policy to be enforced: a single, generic dependency analysis (typing) can be used to verify many different dynamic policies of a given program, thus achieving a clean separation between (1) and (2). We also make contributions to the foundations of dynamic information flow. Arguably, the most compelling semantic definitions for dynamic security conditions in the literature are phrased in the so-called knowledge-based style. We contribute a new definition of knowledge-based progress insensitive security for dynamic policies. We show that the new definition avoids anomalies of previous definitions and enjoys a simple and useful characterisation as a two-run style property

100 Years of Earth System Model Development

This is the final version. Available from American Meteorological Society via the DOI in this recordToday’s global Earth System Models began as simple regional models of tropospheric weather systems. Over the past century, the physical realism of the models has steadily increased, while the scope of the models has broadened to include the global troposphere and stratosphere, the ocean, the vegetated land surface, and terrestrial ice sheets. This chapter gives an approximately chronological account of the many and profound conceptual and technological advances that made today’s models possible. For brevity, we omit any discussion of the roles of chemistry and biogeochemistry, and terrestrial ice sheets

Prochlo: Strong Privacy for Analytics in the Crowd

The large-scale monitoring of computer users' software activities has become commonplace, e.g., for application telemetry, error reporting, or demographic profiling. This paper describes a principled systems architecture---Encode, Shuffle, Analyze (ESA)---for performing such monitoring with high utility while also protecting user privacy. The ESA design, and its Prochlo implementation, are informed by our practical experiences with an existing, large deployment of privacy-preserving software monitoring. (cont.; see the paper