2,024 research outputs found
Recommended from our members
Pointer Provenance in a Capability Architecture
We design and implement a framework for tracking pointer
provenance, using our CHERI fat-pointer capability architec-
ture to facilitate analysis of security implications of program
pointer flows in both user and privileged code, with mini-
mal instrumentation. CHERI enforces pointer provenance
validity at the architectural level, in the presence of complex
pointer arithmetic and type casting. CHERI present new op-
portunities for provenance research: we discuss use cases
and highlight lessons and open questions from our work.DARPA/AFRL FA8750-10-C-0237, Google Chrome University Research Program Awar
An extension of Laplace's method
Asymptotic expansions are obtained for contour integrals of the form in which
is a large real or complex parameter, , and are
analytic functions of , and the positive constants and are
related to the local behaviour of the functions and near the
endpoint . Our main theorem includes as special cases several important
asymptotic methods for integrals such as those of Laplace, Watson, Erd\'elyi
and Olver. Asymptotic expansions similar to ours were derived earlier by Dingle
using formal, non-rigorous methods. The results of the paper also serve to
place Dingle's investigations on a rigorous mathematical foundation. The new
results have potential applications in the asymptotic theory of special
functions in transition regions, and we illustrate this by two examples.Comment: 19 pages, 2 figures, revised version, accepted for publication in
Constructive Approximatio
Celecoxib exerts protective effects in the vascular endothelium via COX-2-independent activation of AMPK-CREB-Nrf2 signalling
Although concern remains about the athero-thrombotic risk posed by cyclo-oxygenase (COX)-2-selective inhibitors, recent data implicates rofecoxib, while celecoxib appears equivalent to NSAIDs naproxen and ibuprofen. We investigated the hypothesis that celecoxib activates AMP kinase (AMPK) signalling to enhance vascular endothelial protection. In human arterial and venous endothelial cells (EC), and in contrast to ibuprofen and naproxen, celecoxib induced the protective protein heme oxygenase-1 (HO-1). Celecoxib derivative 2,5-dimethyl-celecoxib (DMC) which lacks COX-2 inhibition also upregulated HO-1, implicating a COX-2-independent mechanism. Celecoxib activated AMPKα(Thr172) and CREB-1(Ser133) phosphorylation leading to Nrf2 nuclear translocation. Importantly, these responses were not reproduced by ibuprofen or naproxen, while AMPKα silencing abrogated celecoxib-mediated CREB and Nrf2 activation. Moreover, celecoxib induced H-ferritin via the same pathway, and increased HO-1 and H-ferritin in the aortic endothelium of mice fed celecoxib (1000 ppm) or control chow. Functionally, celecoxib inhibited TNF-α-induced NF-κB p65(Ser536) phosphorylation by activating AMPK. This attenuated VCAM-1 upregulation via induction of HO-1, a response reproduced by DMC but not ibuprofen or naproxen. Similarly, celecoxib prevented IL-1β-mediated induction of IL-6. Celecoxib enhances vascular protection via AMPK-CREB-Nrf2 signalling, a mechanism which may mitigate cardiovascular risk in patients prescribed celecoxib. Understanding NSAID heterogeneity and COX-2-independent signalling will ultimately lead to safer anti-inflammatory drugs
Exploring C semantics and pointer provenance
The semantics of pointers and memory objects in C has been a vexed question for many years. C values cannot be treated as either purely abstract or purely concrete entities: the language exposes their representations, but compiler optimisations rely on analyses that reason about provenance and initialisation status, not just runtime representations. The ISO WG14 standard leaves much of this unclear, and in some respects differs with de facto standard usage - which itself is difficult to investigate.
In this paper we explore the possible source-language semantics for memory objects and pointers, in ISO C and in C as it is used and implemented in practice, focussing especially on pointer provenance. We aim to, as far as possible, reconcile the ISO C standard, mainstream compiler behaviour, and the semantics relied on by the corpus of existing C code. We present two coherent proposals, tracking provenance via integers and not; both address many design questions. We highlight some pros and cons and open questions, and illustrate the discussion with a library of test cases. We make our semantics executable as a test oracle, integrating it with the Cerberus semantics for much of the rest of C, which we have made substantially more complete and robust, and equipped with a web-interface GUI. This allows us to experimentally assess our proposals on those test cases. To assess their viability with respect to larger bodies of C code, we analyse the changes required and the resulting behaviour for a port of FreeBSD to CHERI, a research architecture supporting hardware capabilities, which (roughly speaking) traps on the memory safety violations which our proposals deem undefined behaviour. We also develop a new runtime instrumentation tool to detect possible provenance violations in normal C code, and apply it to some of the SPEC benchmarks. We compare our proposal with a source-language variant of the twin-allocation LLVM semantics proposal of Lee et al. Finally, we describe ongoing interactions with WG14, exploring how our proposals could be incorporated into the ISO standard
Recommended from our members
CHERI Concentrate: Practical Compressed Capabilities
We present CHERI Concentrate, a new fat-pointer compression scheme applied to CHERI, the most developed capability-pointer system at present. Capability fat-pointers are a primary candidate for enforcing fine-grained and non-bypassable security properties in future computer systems, although increased pointer size can severely affect performance. Thus, several proposals for capability compression have been suggested but these did not support legacy instruction sets, ignored features critical to the existing software base, and also introduced design inefficiencies to RISC-style processor pipelines. CHERI Concentrate improves on the state-of-the-art region-encoding efficiency, solves important pipeline problems, and eases semantic restrictions of compressed encoding, allowing it to protect a full legacy software stack. We analyze and extend logic from the open-source CHERI prototype processor design on FPGA to demonstrate encoding efficiency, minimize delay of pointer arithmetic, and eliminate additional load-to-use delay. To verify correctness of our proposed high-performance logic, we present a HOL4 machine-checked proof of the decode and pointer-modify operations. Finally, we measure a 50%-75% reduction in L2 misses for many compiled C-language benchmarks running under a commodity operating system using compressed 128-bit and 64-bit formats, demonstrating both compatibility with and increased performance over the uncompressed, 256-bit format
Recommended from our members
The convective storm initiation project
Copyright @ 2007 AMSThe Convective Storm Initiation Project (CSIP) is an international project to understand precisely where, when, and how convective clouds form and develop into showers in the mainly maritime environment of southern England. A major aim of CSIP is to compare the results of the very high resolution Met Office weather forecasting model with detailed observations of the early stages of convective clouds and to use the newly gained understanding to improve the predictions of the model. A large array of ground-based instruments plus two instrumented aircraft, from the U.K. National Centre for Atmospheric Science (NCAS) and the German Institute for Meteorology and Climate Research (IMK), Karlsruhe, were deployed in southern England, over an area centered on the meteorological radars at Chilbolton, during the summers of 2004 and 2005. In addition to a variety of ground-based remote-sensing instruments, numerous rawin-sondes were released at one- to two-hourly intervals from six closely spaced sites. The Met Office weather radar network and Meteosat satellite imagery were used to provide context for the observations made by the instruments deployed during CSIP. This article presents an overview of the CSIP field campaign and examples from CSIP of the types of convective initiation phenomena that are typical in the United Kingdom. It shows the way in which certain kinds of observational data are able to reveal these phenomena and gives an explanation of how the analyses of data from the field campaign will be used in the development of an improved very high resolution NWP model for operational use.This work is funded by the National Environment Research Council following an initial award from the HEFCE Joint Infrastructure Fund
Thunderclap: Exploring Vulnerabilities in Operating System IOMMU Protection via DMA from Untrustworthy Peripherals
Direct Memory Access (DMA) attacks have been known for many years: DMA-enabled I/O peripherals have complete access to the state of a computer and can fully compromise it including reading and writing all of system memory.
With the popularity of Thunderbolt 3 over USB Type-C and smart internal devices, opportunities for these attacks to be performed casually with only seconds of physical access to a computer have greatly broadened. In response, commodity hardware and operating-system (OS) vendors have incorporated support for Input-Output Memory Management Units (IOMMUs), which impose memory protection on DMA, and are widely believed to protect against DMA attacks.
We investigate the state-of-the-art in IOMMU protection across OSes using a novel I/O security research platform, and find that current protections fall short when faced with a functional network peripheral that uses its complex interactions with the OS for ill intent, and demonstrate compromises against macOS, FreeBSD, and Linux, which notionally utilize IOMMUs to protect against DMA attackers. Windows only uses the IOMMU in limited cases and remains vulnerable.
Using Thunderclap, an open-source FPGA research platform we built, we explore a number of novel exploit techniques to expose new classes of OS vulnerability. The complex vulnerability space for IOMMU-exposed shared memory available to DMA-enabled peripherals allows attackers to extract private data (sniffing cleartext VPN traffic) and hijack kernel control flow (launching a root shell) in seconds using devices such as USB-C projectors or power adapters.
We have worked closely with OS vendors to remedy these vulnerability classes, and they have now shipped substantial feature improvements and mitigations as a result of our work.DARPA I2O FA8750-10-C-0237 ("CTSRD")
DARPA MTO HR0011- 18-C-0016 ("ECATS")
Arm Ltd
Google Inc
This work was also supported by EPSRC EP/R012458/1 (“IOSEC”)
The Influence of Objectively Measured Physical Activity During Pregnancy on Maternal and Birth Outcomes in Urban Black South African Women.
Objectives Research indicates the beneficial effects of physical activity during pregnancy on maternal health, although controversy still exists regarding its influence on birth outcomes. Little research has been done to objectively measure physical activity during pregnancy in black African women from low-to-middle income countries. The purpose of this study was to examine the association between physical activity and maternal and birth outcomes in this unique population. Methods This observational, longitudinal study assessed total physical activity using a hip-mounted triaxial accelerometer at 14-18 weeks (second trimester, n = 120) and 29-33 weeks (third trimester, n = 90) gestation. Physical activity is expressed as gravity-based acceleration units (mg). Maternal outcomes included both weight and weight gain at 29-33 weeks gestation. Birth outcomes included gestational age, birth weight, ponderal index and Apgar score, measured within 48 h of delivery. Results There was a significant decline in physical activity from the second to the third trimester (12.8 ± 4.1 mg vs. 9.7 ± 3.6 mg, p ≤ 0.01). Physical activity at 29-33 weeks as well as a change in PA was inversely associated with weight change at 29-33 weeks (β = - 0.24; 95% CI - 0.49; - 0.00; p = 0.05 and β = - 0.36; 95% CI - 0.62; - 0.10; p = 0.01, respectively). No significant associations were found between physical activity and birth outcomes. Conclusions for Practice Physical activity during pregnancy may be an effective method to control gestational weight gain, whilst presenting no adverse risk for fetal development, in women from a low-income urban setting.This work is based on the research supported in part by the National Research Foundation of South Africa for the Grant Nos.: 87944 and 98248 ... SAN is supported by the MRC/DFID African Research Leader Scheme (UK) and DST-NRF Centre of Excellence in Human Development at the University of the Witwatersand, Johannesburg, South Africa. SB and KW are supported by a UK Medical Research Council program grant (MC UU 12015/3), and TW is supported by a studentship from MedImmune Ltd. LKM acknowledges funding from the Academy of Medical Sciences-Newton Advanced Fellowship
The Interstellar Medium In Galaxies Seen A Billion Years After The Big Bang
Evolution in the measured rest frame ultraviolet spectral slope and
ultraviolet to optical flux ratios indicate a rapid evolution in the dust
obscuration of galaxies during the first 3 billion years of cosmic time (z>4).
This evolution implies a change in the average interstellar medium properties,
but the measurements are systematically uncertain due to untested assumptions,
and the inability to measure heavily obscured regions of the galaxies. Previous
attempts to directly measure the interstellar medium in normal galaxies at
these redshifts have failed for a number of reasons with one notable exception.
Here we report measurements of the [CII] gas and dust emission in 9 typical
(~1-4L*) star-forming galaxies ~1 billon years after the big bang (z~5-6). We
find these galaxies have >12x less thermal emission compared with similar
systems ~2 billion years later, and enhanced [CII] emission relative to the
far-infrared continuum, confirming a strong evolution in the interstellar
medium properties in the early universe. The gas is distributed over scales of
1-8 kpc, and shows diverse dynamics within the sample. These results are
consistent with early galaxies having significantly less dust than typical
galaxies seen at z<3 and being comparable to local low-metallicity systems.Comment: Submitted to Nature, under review after referee report. 22 pages, 4
figures, 4 Extended Data Figures, 5 Extended Data table
Patient-centric trials for therapeutic development in precision oncology
An enhanced understanding of the molecular pathology of disease gained from genomic studies is facilitating the development of treatments that target discrete molecular subclasses of tumours. Considerable associated challenges include how to advance and implement targeted drug-development strategies. Precision medicine centres on delivering the most appropriate therapy to a patient on the basis of clinical and molecular features of their disease. The development of therapeutic agents that target molecular mechanisms is driving innovation in clinical-trial strategies. Although progress has been made, modifications to existing core paradigms in oncology drug development will be required to realize fully the promise of precision medicine
- …