Towards Experience Management for Very Small Entities

International audienceThe ISO/IEC 29110 standard: Lifecycle profiles for Very Small Entities, provides several Process Reference Models applicable to the vast majority of very small entities (defined by the ISO as "an entity (enterprise, organization, department or project) having up to 25 people") which do not develop critical software and share typical situational factors. An ISO/IEC 29110 pilot project has been established between the Software Engineering group at Brest University and a 14-employee company with the aim of establishing an engineering discipline for a new Web-based project. As the project proceeded, it became apparent that setting up the ISO/IEC 29110 standard has to be performed in two steps: 1) provide self-training materials to the VSE employees on this new standard; and 2) support good practices with a simple Experience Management system which is compatible with the ISO/IEC 29110 standard. This paper reports the lessons learned about training from the pilot project, and addresses the research issues associated with the Experience Management system

Experience Management for Very Small Entities: Improving the Copy-paste Model

International audienceThe emerging ISO/IEC 29110 standard Lifecycle profiles for Very Small Entities is developing a "Generic" profile group applicable to a vast majority of very small entities (enterprises, organizations, departments or projects) having up to 25 people, that do not develop critical software and have typical situational factors. The developers of the standard, ISO/IEC JCT1/SC7 Working Group 24, recommended the use of pilot projects as a mean to trial the adoption of the new International standard in small organizations. Accordingly an ISO/IEC 29110 pilot project has been established between the Software Engineering group of Brest University and a 14-person company with the aim of establishing an engineering discipline for a new web-based project. As the project proceeded, it became apparent that the current set of ISO/IEC 29110 documents describing a first profile, the Basic profile, was not sufficient to sustain this VSE in its SE activities. What was needed was to organize the knowledge contained in them. The results of this pilot study are providing VSEs with a simple Experience Management system which is compatible with the emerging ISO/IEC 29110 standard. It is founded on two principles: 1) keeping the Content Management System-based Experience Management infrastructure as simple as possible, structured with the decomposition of the ISO/IEC 29110 processes; and 2) the requirement of Experience Management dedicated processes, taken from D. Schon's work on the reflection-on-action approach to learning

Un assistant de mémoire pour les très petits projets d'ingénierie du logiciel

International audienceNous proposons d'assister la mémoire des très petits projets d'ingénierie du logiciel avec une infrastructure la plus simple possible (un wiki sémantique) et des activités de gestion de connaissances intégrées dans deux processus issus de la norme ISO/IEC 29110, la gestion de projet (Project Management) et l'implémentation du logiciel (Software Implementation). L'enregistrement, la réutilisation, la recherche et le partage de connaissances sont facilités par l'emploi d'un noyau ontologique basé sur le modèle de référence CIDOC CRM, enrichi par la modélisation du domaine de la norme 29110

CD40 deficiency mitigates Alzheimer's disease pathology in transgenic mouse models

We have previously shown that transgenic mice carrying a mutant human APP but deficient in CD40L, display a decrease in astrocytosis and microgliosis associated with a lower amount of deposited Aβ. Furthermore, an anti-CD40L treatment causes a diminution of Aβ pathology in the brain and an improved performance in several cognitive tasks in the double transgenic PSAPP mouse model. Although these data suggest a potential role for CD40L in Alzheimer's disease pathology in transgenic mice they do not cast light on whether this effect is due to inhibition of signaling via CD40 or whether it is due to the mitigation of some other unknown role of CD40L. In the present report we have generated APP and PSAPP mouse models with a disrupted CD40 gene and compared the pathological features (such as amyloid burden, astrocytosis and microgliosis that are typical of Alzheimer's disease-like pathology in these transgenic mouse strains) with appropriate controls. We find that all these features are reduced in mouse models deficient for CD40 compared with their littermates where CD40 is present. These data suggest that CD40 signaling is required to allow the full repertoire of AD-like pathology in these mice and that inhibition of the CD40 signaling pathway is a potential therapeutic strategy in Alzheimer's disease

Provably secure compilation of side-channel countermeasures

Software-based countermeasures provide effective mitigation against side-channel attacks, often with minimal efficiency and deployment overheads. Their effectiveness is often amenable to rigorous analysis: specifically, several popular countermeasures can be formalized as information flow policies, and correct implementation of the countermeasures can be verified with state-of-the-art analysis and verification techniques. However, in absence of further justification, the guarantees only hold for the language (source, target, or intermediate representation) on which the analysis is performed. We consider the problem of preserving side-channel countermeasures by compilation, and present a general method for proving that compilation preserves software-based side-channel countermeasures. The crux of our method is the notion of 2-simulation, which adapts to our setting the notion of simulation from compiler verification. Using the Coq proof assistant, we verify the correctness of our method and of several representative instantiations

Modification of titania nanoparticles for photocatalytic antibacterial activity via a colloidal route with glycine and subsequent annealing

Changes in the colloid-chemical and photocatalytic properties of titania nanoparticles by attrition milling in the presence of glycine (Gly) and subsequent heat treatment were examined. By milling at 1500 rpm for 6 h, the average particle size was decreased from 123 to 85 nm, with simultaneous decrease in the specific surface area from 35.1 to 23.5 m2/g. Interfacial reactions between titania and Gly were confirmed by Fourier transform infrared spectroscopy, from the blue shift of the COO− related vibrational bands by 25 cm−1, relative to the same band from the pristine Gly. The bimodal N1s x-ray photoelectron spectroscopy peak similar to that from the reported titania—amino acid complex is another indication of the complex formation with the participation of nitrogen. When the dispersion was dried and calcined at 500 °C in air, the powder exhibited pale yellow color. Diffuse reflectance spectroscopy showed significant visible light absorption, suggesting nitrogen incorporation into titania. The fired product showed high photocatalytic antibacterial activity by irradiation of blue light centered at around 440 nm, using Escherichia coli as a specimen of bacterial species. Thus, the present Gly-modified titania nanoparticles could be used for eliminating indoor bacteria under soft blue illumination. The series of interfacial chemical processes involved are also discusse

Secure Compilation of Side-Channel Countermeasures: The Case of Cryptographic “Constant-Time”

International audienceSoftware-based countermeasures provide effective mitigation against side-channel attacks, often with minimal efficiency and deployment overheads. Their effectiveness is often amenable to rigorous analysis: specifically, several popular countermeasures can be formalized as information flow policies, and correct implementation of the countermeasures can be verified with state-of-the-art analysis and verification techniques. However , in absence of further justification, the guarantees only hold for the language (source, target, or intermediate representation) on which the analysis is performed. We consider the problem of preserving side-channel countermeasures by compilation for cryptographic "constant-time", a popular countermeasure against cache-based timing attacks. We present a general method, based on the notion of constant-time-simulation, for proving that a compilation pass preserves the constant-time countermeasure. Using the Coq proof assistant, we verify the correctness of our method and of several representative instantiations

Effect of Crystallographic Phase (β vs. γ) and Surface Area on Gas Phase Nitroarene Hydrogenation Over Mo2N and Au/Mo2N

The catalytic action of Mo2N and Au/Mo2N has been assessed in the selective gas phase hydrogenation of p-chloronitrobenzene (p-CNB) to p-chloroaniline (p-CAN). The nitrides were synthesised via temperature programmed treatment of MoO3 in H2+N2 and Au introduced by deposition-precipitation with urea. We have examined the influence of nitride crystallographic phase (tetragonal β-Mo2N vs. cubic γ-Mo2N) and surface area (7-66m2g−1) on the catalytic response. Catalyst activation by temperature programmed reduction has been monitored and the reduced catalysts characterised in terms of BET area/pore volume, H2 chemisorption/temperature programmed desorption (TPD), powder X-ray diffraction (XRD), elemental analysis, scanning (SEM) and transmission (TEM) electron microscopy and X-ray photoelectron spectroscopy (XPS) measurements. The formation of β- and γ-Mo2N was confirmed by XRD and TEM. γ-Mo2N exhibits a platelet morphology whereas β-Mo2N is characterised by an aggregation of small crystallites. Hydrogen chemisorption and TPD analysis have established a greater hydrogen uptake capacity (per unit area) for β-Mo2N relative to γ-Mo2N, which is associated with surface nitrogen deficiency, i.e. higher surface Mo/N for β-Mo2N. Incorporation of Au on both nitrides resulted in an increase in surface hydrogen. The Au phase takes the form of nano-scale particles with a mean size of 7 and 4nm on β-Mo2N and γ-Mo2N, respectively. Both β-Mo2N and γ-Mo2N promoted the exclusive hydrogenation of p-CNB to p-CAN where the β-form delivered a higher specific (per m2) rate; the specific rate for γ-Mo2N was independent of surface area. The inclusion of Au on both nitrides served to enhance p-CAN productio

Un assistant de mémoire pour les très petits projets d’ingénierie du logiciel

Nous proposons d’assister la mémoire des très petits projets d’ingénierie du logiciel avec une infrastructure la plus simple possible (un wiki sémantique) et des activités de gestion de connaissances intégrées dans deux processus issus de la norme ISO/IEC 29110, la gestion de projet et l’implémentation du logiciel. L’enregistrement, la réutilisation, la recherche et le partage de connaissances sont facilités par l’emploi d’un noyau ontologique basé sur le modèle de référence CIDOC CRM, enrichi par la modélisation du domaine de la norme 29110.We propose assisting the memory of very small software engineering projects thanks to an infrastructure kept as simple as possible (a semantic wiki) as well as knowledge management activities integrated into two  ISO/IEC 29110 standard processes, namely Project Management and Software Implementation. The recording, re-using, researching, and sharing of knowledge are facilitated by the use of an ontological core based on the CIDOC CRM and enhanced by the domain modeling of the 29110 standard

The last mile: High-Assurance and High-Speed cryptographic implementations

We develop a new approach for building cryptographic implementations. Our approach goes the last mile and delivers assembly code that is provably functionally correct, protected against side-channels, and as efficient as handwritten assembly. We illustrate our approach using ChaCha20Poly1305, one of the two ciphersuites recommended in TLS 1.3, and deliver formally verified vectorized implementations which outperform the fastest non-verified code.We realize our approach by combining the Jasmin framework, which offers in a single language features of high-level and low-level programming, and the EasyCrypt proof assistant, which offers a versatile verification infrastructure that supports proofs of functional correctness and equivalence checking. Neither of these tools had been used for functional correctness before. Taken together, these infrastructures empower programmers to develop efficient and verified implementations by "game hopping", starting from reference implementations that are proved functionally correct against a specification, and gradually introducing program optimizations that are proved correct by equivalence checking.We also make several contributions of independent interest, including a new and extensible verified compiler for Jasmin, with a richer memory model and support for vectorized instructions, and a new embedding of Jasmin in EasyCrypt.This work is partially supported by project ONR N00014-19-1-2292. Manuel Barbosa was supported by grant SFRH/BSAB/143018/2018 awarded by FCT. This work was partially funded by national funds via FCT in the context of project PTDC/CCI-INF/31698/2017