Robust Programs with Filtered Iterators
Size: px
Start display at page:

Download "Robust Programs with Filtered Iterators"

Transcription

1 Robust Programs with Filtered Iterators Jiasi Shen, Martin Rinard MIT EECS & CSAIL 1

2 Standard Scenario Input file Program Output 2

3 Structured Input Units Input Input unit Input unit Input unit unit Program Output 3

4 Request Request Request Request Server 4

5 Video Video Videoframe Videoframe frame frame Video player 5

6 Data analytics 6

7 Unanticipated Corner Cases Input Input unit Input unit Input unit unit Program Output 7

8 Unanticipated Corner Cases Input Input unit Input unit Input unit unit Program Output 8

9 Unanticipated Corner Cases Input Input unit Input unit Input unit unit Program 9

10 Easy to avoid? 10

11 User Study 11

12 Small Programming Task Original image Thumbnail 12

13 Small Programming Task Example input Img Img Img Img Example output Img1 2 Img Img3 Img4 3 13

14 Small Programming Task Original image Img Image Name Scaling factor Height Width Pixels 14

15 Small Programming Task Original image Img Image Name Scaling factor Height Width Pixels

16 Small Programming Task Original image Thumbnail Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 16

17 Small Programming Task Original image Thumbnail Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 17

18 Small Programming Task Original image Thumbnail Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 3 _ ( ) / 4 = 3 18

19 Small Programming Task Original image Thumbnail Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 3 5 ( ) / 4 = 5 19

20 Small Programming Task Original image Thumbnail Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels _ ( ) / 4 = 4 20

21 Small Programming Task Original image Thumbnail Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels ( ) / 4 = 3 21

22 Your program should be able to handle arbitrary inputs by skipping malformed images. 22

23 Defects by MIT Participants Defect Participant 1 Participant 2 Participant 3 Participant 4 Participant 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X MP X X X MS X X WP X X WS X X WM X X X X WA X X Total

24 Defect AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X MP X X X MS X X WP X X WS X X WM X X X X WA X X Total s = 0;... while ( c!= '\n' ){... s = s * 10 + c-'0';... c = read(f); } redh = h/s; Illegal input, unanticipated 24

25 Defect AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X MP X X X MS X X WP X X WS X X WM X X X X WA X X Total imgsize = h * w; img = malloc(imgsize);... nh = h / s; nw = w / s; while(i<nh) {... while(j<nw) {... res = res + img[(i*s+ni)* w + (j*s+nj)];... Legal input, extreme cases 25

26 Defect AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X MP X X X MS X X WP X X WS X X WM X X X X WA X X Total fn = malloc(11);... while (i < 11) { c = read(f);... if (c == ' ') { break; }... fn[i] = c; i = i+1; } fn[i] = 0; Legal input, developer mistake 26

27 Input Units and Defects All possible input units Legal input units Illegal input units Extreme cases Developer mistakes Program doesn t crash on these input units Unanticipated 27

28 Bad Input Units Cause Crashes All possible input units Legal input units Illegal input units Program crashes on these bad input units 28

29 Unanticipated Corner Cases Input Input unit Input unit Input unit unit Program 29

30 Fix: Discard and Continue Execution Discard Input Input unit Input unit Input unit unit New program Output 30

31 Fix: Discard and Continue Execution Discard Input Input unit Input unit Input unit unit Continue execution New program Output 31

32 Fix: Discard and Continue Execution As if the bad input unit never existed Input unit Input unit Input unit Continue execution New program Output 32

33 Behavior Appears Repeatedly Applications and input units Wireshark (packets) GIMP (images) Claws Mail (message options) Chromium (CSS attributes) Fixed bugs by conceptually discarding the bad input units and continuing execution Other potential applications Embedded systems (events) Network routers (packets) Other input formats with input units (chunks, files, objects, ) Servers (requests) Data analytics (rows) Video players (frames) Document editors (lines, data sheets) F. Long et al, Automatic Runtime Error Repair and Containment via Recovery Shepherding, PLDI 14 33

34 Goal: Automatically Discard Bad Input Units Discard Input Input unit Input unit Input unit unit Continue execution Program Output 34

35 Goal: Automatically Discard Bad Input Units Program doesn t crash on any input unit Illegal input units Legal input units Automatically skip these input units Process these input units 35

36 Provide the Abstraction as a Language Construct 36

37 Schema of Filtered Iterators split input into input units iterate over input units { atomic transaction { delay outputs until commit process input unit if unhandled exception or assertion failure { abort transaction } else{ commit transaction release outputs }}} 37

38 Schema of Filtered Iterators split input into input units iterate over input units { atomic transaction { delay outputs until commit process input unit if unhandled exception or assertion failure { abort transaction } else{ commit transaction release outputs }}} 38

39 Schema of Filtered Iterators split input into input units iterate over input units { atomic transaction { delay outputs until commit process input unit if unhandled exception or assertion failure { abort transaction } else{ commit transaction release outputs }}} 39

40 Schema of Filtered Iterators split input into input units iterate over input units { atomic transaction { delay outputs until commit process input unit if unhandled exception or assertion failure { abort transaction } else{ commit transaction release outputs }}} 40

41 Schema of Filtered Iterators split input into input units iterate over input units { atomic transaction { delay outputs until commit process input unit if unhandled exception or assertion failure { abort transaction } else{ commit transaction release outputs }}} 41

42 Schema of Filtered Iterators split input into input units iterate over input units { atomic transaction { delay outputs until commit process input unit if unhandled exception or assertion failure { abort transaction } else{ commit transaction release outputs }}} 42

43 Schema of Filtered Iterators split input into input units iterate over input units { atomic transaction { delay outputs until commit process input unit if unhandled exception or assertion failure { }}} abort transaction } else{ commit transaction release outputs Continue execution as if bad input units never existed 43

44 Input Input unit Input unit Input unit unit split input into input units process input unit Output 44

45 Filter Out Bad Input Units Based on Execution Errors Discard Input Input unit Input unit Input unit unit split input into input units Continue execution process input unit Output 45

46 All possible input units Legal input units Illegal input units Program doesn t crash on these input units 46

47 Achieved: Automatically Recover from Bad Input Units Program doesn t crash on any input unit Illegal input units Legal input units Automatically skip these bad input units process input unit 47

48 Achieved: Automatically Recover from Bad Input Units Discard Input Input unit Input unit Input unit unit split input into input units Continue execution process input unit Output 48

49 Achieved: Automatically Recover from Bad Input Units As if the bad input unit never existed Input unit Input unit Input unit split input into input units Continue execution process input unit Output 49

50 All possible input units Legal input units Illegal input units Program doesn t crash on these input units 50

51 Not A Goal: Discard All Illegal Input Units All possible input units Legal input units Illegal input units Not a goal to discard all illegal input units Program doesn t crash on these input units 51

52 Not A Goal: Produce Correct Outputs for All Processed Input Units All possible input units Legal input units Illegal input units Program doesn t crash on these input units Not a goal to be logically correct 52

53 RIFL (Robust Input Filtering Language) Research Vehicle 53

54 Syntax for Text Files inspectt (e, f, du) { } process input unit e loop condition f input file handle du end-of-unit delimiter 54

55 CSV Example A,B,C 1,2,3 inspectt (!end(f), f, \n ) {... inspectt (..., f,, ) {... }} A,B,C 1,2,3 A B C 55

56 Syntax for Binary Files inspectb (e, f, o, w) { } process input unit e loop condition f input file handle o offset of length field w width of length field 56

57 PCAP Example Packet n 12 bytes 4 bytes n bytes Packet inspectb (true, f, 12, 4) { }... 57

58 Consequences of Filtered Iterators 58

59 User Study Participants: Computer science graduate students and post-docs at MIT RIFL group Control group: RIFL excluding filtered iterators Thumbnail generator task Time: Unlimited (took minutes) 59

60 Images are Input Units Example input Img Img Img Img Example output Img1 2 Img Img3 Img4 3 Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 60

61 Benign Input Units Example input Img Img CharS b CharPix a4 BufOvfVeryLongName Div0S Div0H HeapOvf BufOvfInt Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 61

62 Illegal Input Units Example input Img Img CharS b CharPix a4 BufOvfVeryLongName Div0S Div0H HeapOvf BufOvfInt Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 62

63 Tricky Input Units Example input Img Img CharS b CharPix a4 BufOvfVeryLongName Div0S Div0H HeapOvf BufOvfInt Img Img Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 63

64 Handle arbitrary inputs by skipping malformed images Example input Img Img CharS b CharPix a4 BufOvfVeryLongName Div0S Div0H HeapOvf BufOvfInt Img Img Example output Img1 2 Img Img3 Img4 3 Image Name Scaling factor Height Width Pixels Thumbnail Name Pixels 64

65 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

66 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

67 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

68 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

69 Possible Fatal Defects Defect AWL AWO ARL ARO DS DD NA IL Description Out-of-bounds array write when reading input, triggered by input fields that are longer than an input buffer. Out-of-bounds array write when reading input, triggered by an integer overflow that causes overly small memory allocation. Out-of-bounds array read during computation, triggered by image dimensions that are too large for an input buffer. Out-of-bounds array read during computation, triggered by an integer overflow that causes overly small memory allocation. Division by zero during computation, triggered by a zero scaling factor. Division by zero when checking integer over ow, triggered by a zero dimension. Null array access when reading input, triggered by failed memory allocation. Infinite loop when reading illegal input units. 69

70 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

71 Possible Other Defects Defect MP MS WP WS WM WA Description Memory leak even when processing common legal input units. Memory leak when skipping input units. Wrong behavior from producing partial outputs for illegal input units. Wrong behavior from desynchronization for at least one input unit after illegal input units. Wrong behavior from misusing illegal input units and producing outputs for these illegal input units as if they are legal. Wrong behavior from aborting on illegal input units. 71

72 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

73 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

74 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

75 Data Corruption or Input Desynchronization Defect Control 1 Control 2 Control 3 Control 4 Control 5 Input CharTrail b Img AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X Output CharTrail 2 IL X Fatal MP X X X MS X X Img5 2 WP X X WS X X WM X X X X WA X X Other Total

76 Undesirable Partial Output Defect Control 1 Control 2 Control 3 Control 4 Control 5 Input Short Img AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Output Short2EEEEE 2 2 Fatal MP X X X MS X X WP X X WS X X WM X X X X WA X X Other Total

77 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

78 Fewer Defects with Filtered Iterators Defect RIFL 1 RIFL 2 RIFL 3 RIFL 4 RIFL 5 Control 1 Control 2 Control 3 Control 4 Control 5 AWL X X X AWO ARL X ARO X X X X DS X X X X DD NA X X X X X IL X Fatal MP X X X X X MS X X X WP X X WS X X WM X X X X X X X WA X X Other Total

79 Fatal and Non-Fatal Defects in Control Group All possible input units Legal input units Illegal input units Program doesn t crash on these input units 79

80 Non-Fatal Defects in RIFL Group Program doesn t crash on any input unit Illegal input units Legal input units Automatically skip these bad input units process input unit 80

81 RIFL group (filtered iterators) Control group More Correct Behavior with Filtered Iterators 81

82 Simpler Code with Filtered Iterators 50 Cyclomatic Complexity RIFL group Control group 82

83 Simpler Code with Filtered Iterators 50 Cyclomatic Complexity RIFL group Control group 83

84 Simpler Code with Filtered Iterators 50 Cyclomatic Complexity RIFL group Control group 84

85 Simpler Code with Filtered Iterators 50 Cyclomatic Complexity RIFL group Control group 85

86 Simpler Code with Filtered Iterators Cyclomatic Complexity Lines of Code RIFL group Control group RIFL group Control group Omit unnecessary checks for crashes Check semantic errors with assertions without having to elaborate error recovery Focus on main functionality 86

87 Automatically Handle Errors That Would Otherwise Cause Crashes or Assertion Failures 87

88 Automatically Handle Corner Cases That Developers Don t Want to Handle Exhaustively 88

89 Potential Limitations Debugging Can make unintentional mistakes silent Error log or IDE support Assumptions Structured input units Obtaining partial results is preferable to terminating 89

90 Related Work Exception handling J. B. Goodenough. Exception Handling: Issues and a Proposed Notation. Commun. ACM 1975 Recovery by manipulating execution M. Rinard et al. Enhancing Server Availability and Security Through Failure-oblivious Computing. OSDI 2004 S. Sidiroglou and A. D. Keromytis. Using Execution Transactions To Recover From Buffer Overflow Attacks. Technical Report 2004 Language designs involving transactions A. Shinnar et al. Integrating support for undo with exception handling. Technical Report 2004 B. Demsky and A. Dash. Bristlecone: A Language for Robust Software Systems. ECOOP 2008 A. Warth et al. Worlds: Controlling the Scope of Side Effects. ECOOP

91 Conclusion Filtered iterators Iterate over input units Filter out bad input units when errors occur Atomic rollback of updates Inspired by developer bug fixes Enable more robust and simpler programs Abilities verified by user study 91

Similar documents

A Humble Introduction to DIJKSTRA S A A DISCIPLINE OF PROGRAMMING

A Humble Introduction to DIJKSTRA S A A DISCIPLINE OF PROGRAMMING A Humble Introduction to DIJKSTRA S A A DISCIPLINE OF PROGRAMMING Do-Hyung Kim School of Computer Science and Engineering Sungshin Women s s University CONTENTS Bibliographic Information and Organization

More information

Clojure Concurrency Constructs, Part Two. CSCI 5828: Foundations of Software Engineering Lecture 13 10/07/2014

Clojure Concurrency Constructs, Part Two. CSCI 5828: Foundations of Software Engineering Lecture 13 10/07/2014 Clojure Concurrency Constructs, Part Two CSCI 5828: Foundations of Software Engineering Lecture 13 10/07/2014 1 Goals Cover the material presented in Chapter 4, of our concurrency textbook In particular,

More information

Comp 11 Lectures. Mike Shah. July 26, Tufts University. Mike Shah (Tufts University) Comp 11 Lectures July 26, / 40

Comp 11 Lectures. Mike Shah. July 26, Tufts University. Mike Shah (Tufts University) Comp 11 Lectures July 26, / 40 Comp 11 Lectures Mike Shah Tufts University July 26, 2017 Mike Shah (Tufts University) Comp 11 Lectures July 26, 2017 1 / 40 Please do not distribute or host these slides without prior permission. Mike

More information

Coordination. Failures and Consensus. Consensus. Consensus. Overview. Properties for Correct Consensus. Variant I: Consensus (C) P 1. v 1.

Coordination. Failures and Consensus. Consensus. Consensus. Overview. Properties for Correct Consensus. Variant I: Consensus (C) P 1. v 1. Coordination Failures and Consensus If the solution to availability and scalability is to decentralize and replicate functions and data, how do we coordinate the nodes? data consistency update propagation

More information

COMP 204. Exceptions continued. Yue Li based on material from Mathieu Blanchette, Carlos Oliver Gonzalez and Christopher Cameron

COMP 204. Exceptions continued. Yue Li based on material from Mathieu Blanchette, Carlos Oliver Gonzalez and Christopher Cameron COMP 204 Exceptions continued Yue Li based on material from Mathieu Blanchette, Carlos Oliver Gonzalez and Christopher Cameron 1 / 27 Types of bugs 1. Syntax errors 2. Exceptions (runtime) 3. Logical errors

More information

COP4020 Programming Languages. Introduction to Axiomatic Semantics Prof. Robert van Engelen

COP4020 Programming Languages. Introduction to Axiomatic Semantics Prof. Robert van Engelen COP4020 Programming Languages Introduction to Axiomatic Semantics Prof. Robert van Engelen Assertions and Preconditions Assertions are used by programmers to verify run-time execution An assertion is a

More information

Static Program Analysis

Static Program Analysis Static Program Analysis Xiangyu Zhang The slides are compiled from Alex Aiken s Michael D. Ernst s Sorin Lerner s A Scary Outline Type-based analysis Data-flow analysis Abstract interpretation Theorem

More information

Distributed Consensus

Distributed Consensus Distributed Consensus Reaching agreement is a fundamental problem in distributed computing. Some examples are Leader election / Mutual Exclusion Commit or Abort in distributed transactions Reaching agreement

More information

Computer Science Introductory Course MSc - Introduction to Java

Computer Science Introductory Course MSc - Introduction to Java Computer Science Introductory Course MSc - Introduction to Java Lecture 1: Diving into java Pablo Oliveira ENST Outline 1 Introduction 2 Primitive types 3 Operators 4 5 Control Flow

More information

1 st Semester 2007/2008

1 st Semester 2007/2008 Chapter 17: System Departamento de Engenharia Informática Instituto Superior Técnico 1 st Semester 2007/2008 Slides baseados nos slides oficiais do livro Database System c Silberschatz, Korth and Sudarshan.

More information

10:00 12:30. Do not open this problem booklet until the start of the examination is announced.

10:00 12:30. Do not open this problem booklet until the start of the examination is announced. 21 I 20 8 26 10:00 12:30 (1),. Do not open this problem booklet until the start of the examination is announced. (2) 4.. Answer the following 4 problems. Use the designated answer sheet for each problem.

More information

FACTORS AFFECTING CONCURRENT TRUNCATE

FACTORS AFFECTING CONCURRENT TRUNCATE T E C H N I C A L N O T E FACTORS AFFECTING CONCURRENT TRUNCATE DURING BATCH PROCESSES Prepared By David Kurtz, Go-Faster Consultancy Ltd. Technical Note Version 1.00 Thursday 2 April 2009 (E-mail: david.kurtz@go-faster.co.uk,

More information

Verified Characteristic Formulae for CakeML. Armaël Guéneau, Magnus O. Myreen, Ramana Kumar, Michael Norrish April 18, 2017

Verified Characteristic Formulae for CakeML. Armaël Guéneau, Magnus O. Myreen, Ramana Kumar, Michael Norrish April 18, 2017 Verified Characteristic Formulae for CakeML Armaël Guéneau, Magnus O. Myreen, Ramana Kumar, Michael Norrish April 18, 2017 CakeML Has: references, modules, datatypes, exceptions, a FFI,... Doesn t have:

More information

Failure detectors Introduction CHAPTER

Failure detectors Introduction CHAPTER CHAPTER 15 Failure detectors 15.1 Introduction This chapter deals with the design of fault-tolerant distributed systems. It is widely known that the design and verification of fault-tolerent distributed

More information

University of Toronto Faculty of Applied Science and Engineering Final Examination

University of Toronto Faculty of Applied Science and Engineering Final Examination University of Toronto Faculty of Applied Science and Engineering Final Examination ECE 24S - Digital Systems Examiner: Belinda Wang, Jianwen Zhu 2: - 4:3pm, April 26th, 24 Duration: 5 minutes (2.5 hours)

More information

ITI Introduction to Computing II

ITI Introduction to Computing II (with contributions from R. Holte) School of Electrical Engineering and Computer Science University of Ottawa Version of January 11, 2015 Please don t print these lecture notes unless you really need to!

More information

Hoare Calculus and Predicate Transformers

Hoare Calculus and Predicate Transformers Hoare Calculus and Predicate Transformers Wolfgang Schreiner Wolfgang.Schreiner@risc.uni-linz.ac.at Research Institute for Symbolic Computation (RISC) Johannes Kepler University, Linz, Austria http://www.risc.uni-linz.ac.at

More information

An Automotive Case Study ERTSS 2016

An Automotive Case Study ERTSS 2016 Institut Mines-Telecom Virtual Yet Precise Prototyping: An Automotive Case Study Paris Sorbonne University Daniela Genius, Ludovic Apvrille daniela.genius@lip6.fr ludovic.apvrille@telecom-paristech.fr

More information

Reasoning About Imperative Programs. COS 441 Slides 10b

Reasoning About Imperative Programs. COS 441 Slides 10b Reasoning About Imperative Programs COS 441 Slides 10b Last time Hoare Logic: { P } C { Q } Agenda If P is true in the initial state s. And C in state s evaluates to s. Then Q must be true in s. Program

More information

Leveraging Transactional Memory for a Predictable Execution of Applications Composed of Hard Real-Time and Best-Effort Tasks

Leveraging Transactional Memory for a Predictable Execution of Applications Composed of Hard Real-Time and Best-Effort Tasks Leveraging Transactional Memory for a Predictable Execution of Applications Composed of Hard Real-Time and Best-Effort Tasks Stefan Metzlaff, Sebastian Weis, and Theo Ungerer Department of Computer Science,

More information

Decision Procedures. Jochen Hoenicke. Software Engineering Albert-Ludwigs-University Freiburg. Winter Term 2016/17

Decision Procedures. Jochen Hoenicke. Software Engineering Albert-Ludwigs-University Freiburg. Winter Term 2016/17 Decision Procedures Jochen Hoenicke Software Engineering Albert-Ludwigs-University Freiburg Winter Term 2016/17 Jochen Hoenicke (Software Engineering) Decision Procedures Winter Term 2016/17 1 / 436 Program

More information

Speculative Parallelism in Cilk++

Speculative Parallelism in Cilk++ Speculative Parallelism in Cilk++ Ruben Perez & Gregory Malecha MIT May 11, 2010 Ruben Perez & Gregory Malecha (MIT) Speculative Parallelism in Cilk++ May 11, 2010 1 / 33 Parallelizing Embarrassingly Parallel

More information

Parallelization of the QC-lib Quantum Computer Simulator Library

Parallelization of the QC-lib Quantum Computer Simulator Library Parallelization of the QC-lib Quantum Computer Simulator Library Ian Glendinning and Bernhard Ömer VCPC European Centre for Parallel Computing at Vienna Liechtensteinstraße 22, A-19 Vienna, Austria http://www.vcpc.univie.ac.at/qc/

More information

Database Systems SQL. A.R. Hurson 323 CS Building

Database Systems SQL. A.R. Hurson 323 CS Building SQL A.R. Hurson 323 CS Building Structured Query Language (SQL) The SQL language has the following features as well: Embedded and Dynamic facilities to allow SQL code to be called from a host language

More information

Compilers. Lexical analysis. Yannis Smaragdakis, U. Athens (original slides by Sam

Compilers. Lexical analysis. Yannis Smaragdakis, U. Athens (original slides by Sam Compilers Lecture 3 Lexical analysis Yannis Smaragdakis, U. Athens (original slides by Sam Guyer@Tufts) Big picture Source code Front End IR Back End Machine code Errors Front end responsibilities Check

More information

Introduction to Axiomatic Semantics

Introduction to Axiomatic Semantics Introduction to Axiomatic Semantics Meeting 9, CSCI 5535, Spring 2009 Announcements Homework 3 is out, due Mon Feb 16 No domain theory! Homework 1 is graded Feedback attached 14.2 (mean), 13 (median),

More information

Finally the Weakest Failure Detector for Non-Blocking Atomic Commit

Finally the Weakest Failure Detector for Non-Blocking Atomic Commit Finally the Weakest Failure Detector for Non-Blocking Atomic Commit Rachid Guerraoui Petr Kouznetsov Distributed Programming Laboratory EPFL Abstract Recent papers [7, 9] define the weakest failure detector

More information

Module 10.1: nag polynom eqn Roots of Polynomials. Contents

Module 10.1: nag polynom eqn Roots of Polynomials. Contents Nonlinear Equations Module Contents Module 10.1: nag polynom eqn Roots of Polynomials nag polynom eqn provides a procedure for computing the roots of a polynomial with real or complex coefficients. Contents

More information

Axiomatic Semantics. Lecture 9 CS 565 2/12/08

Axiomatic Semantics. Lecture 9 CS 565 2/12/08 Axiomatic Semantics Lecture 9 CS 565 2/12/08 Axiomatic Semantics Operational semantics describes the meaning of programs in terms of the execution steps taken by an abstract machine Denotational semantics

More information

Software Verification

Software Verification Software Verification Grégoire Sutre LaBRI, University of Bordeaux, CNRS, France Summer School on Verification Technology, Systems & Applications September 2008 Grégoire Sutre Software Verification VTSA

More information

AGREEMENT PROBLEMS (1) Agreement problems arise in many practical applications:

AGREEMENT PROBLEMS (1) Agreement problems arise in many practical applications: AGREEMENT PROBLEMS (1) AGREEMENT PROBLEMS Agreement problems arise in many practical applications: agreement on whether to commit or abort the results of a distributed atomic action (e.g. database transaction)

More information

Axiomatic Semantics. Operational semantics. Good for. Not good for automatic reasoning about programs

Axiomatic Semantics. Operational semantics. Good for. Not good for automatic reasoning about programs Review Operational semantics relatively l simple many flavors (small vs. big) not compositional (rule for while) Good for describing language implementation reasoning about properties of the language eg.

More information

Introduction to Computer Programming

Introduction to Computer Programming Introduction to Computer Programming Lecture 01 Software engineering is a field of engineering, for designing and writing programs for computers or other electronic devices. A software engineer, or programmer,

More information

CSE613: Parallel Programming, Spring 2012 Date: May 11. Final Exam. ( 11:15 AM 1:45 PM : 150 Minutes )

CSE613: Parallel Programming, Spring 2012 Date: May 11. Final Exam. ( 11:15 AM 1:45 PM : 150 Minutes ) CSE613: Parallel Programming, Spring 2012 Date: May 11 Final Exam ( 11:15 AM 1:45 PM : 150 Minutes ) This exam will account for either 10% or 20% of your overall grade depending on your relative performance

More information

On the weakest failure detector ever

On the weakest failure detector ever On the weakest failure detector ever The MIT Faculty has made this article openly available. Please share how this access benefits you. Your story matters. Citation As Published Publisher Guerraoui, Rachid

More information

Lecture Notes on Compositional Reasoning

Lecture Notes on Compositional Reasoning 15-414: Bug Catching: Automated Program Verification Lecture Notes on Compositional Reasoning Matt Fredrikson Ruben Martins Carnegie Mellon University Lecture 4 1 Introduction This lecture will focus on

More information

Information and Entropy. Professor Kevin Gold

Information and Entropy. Professor Kevin Gold Information and Entropy Professor Kevin Gold What s Information? Informally, when I communicate a message to you, that s information. Your grade is 100/100 Information can be encoded as a signal. Words

More information

Deductive Verification

Deductive Verification Deductive Verification Mooly Sagiv Slides from Zvonimir Rakamaric First-Order Logic A formal notation for mathematics, with expressions involving Propositional symbols Predicates Functions and constant

More information

Hoare Logic (I): Axiomatic Semantics and Program Correctness

Hoare Logic (I): Axiomatic Semantics and Program Correctness Hoare Logic (I): Axiomatic Semantics and Program Correctness (Based on [Apt and Olderog 1991; Gries 1981; Hoare 1969; Kleymann 1999; Sethi 199]) Yih-Kuen Tsay Dept. of Information Management National Taiwan

More information

Verifying Properties of Parallel Programs: An Axiomatic Approach

Verifying Properties of Parallel Programs: An Axiomatic Approach Verifying Properties of Parallel Programs: An Axiomatic Approach By Susan Owicki and David Gries (1976) Nathan Wetzler nwetzler@cs.utexas.edu University of Texas, Austin November 3, 2009 Outline Introduction

More information

The Weighted Byzantine Agreement Problem

The Weighted Byzantine Agreement Problem The Weighted Byzantine Agreement Problem Vijay K. Garg and John Bridgman Department of Electrical and Computer Engineering The University of Texas at Austin Austin, TX 78712-1084, USA garg@ece.utexas.edu,

More information

Toward Secure Implementation of McEliece Decryption

Toward Secure Implementation of McEliece Decryption Toward Secure Implementation of McEliece Decryption Mariya Georgieva & Frédéric de Portzamparc Gemalto & LIP6, 13/04/2015 1 MCELIECE PUBLIC-KEY ENCRYPTION 2 DECRYPTION ORACLE TIMING ATTACKS 3 EXTENDED

More information

I. Numerical Computing

I. Numerical Computing I. Numerical Computing A. Lectures 1-3: Foundations of Numerical Computing Lecture 1 Intro to numerical computing Understand difference and pros/cons of analytical versus numerical solutions Lecture 2

More information

Section 5. TADS Data Reporting Instruction Manual DRAFT Section 5 and Associated Appendices With Proposed Event Type Numbers

Section 5. TADS Data Reporting Instruction Manual DRAFT Section 5 and Associated Appendices With Proposed Event Type Numbers Section 5 TADS Data Reporting Instruction Manual DRAFT Section 5 and Associated Appendices With Proposed Event Type Numbers Rev. 5/10/2010 1 Section 5 Form for Event ID and Event Type Number Data TO s

More information

COMPUTER SCIENCE TRIPOS

COMPUTER SCIENCE TRIPOS CST0.2017.2.1 COMPUTER SCIENCE TRIPOS Part IA Thursday 8 June 2017 1.30 to 4.30 COMPUTER SCIENCE Paper 2 Answer one question from each of Sections A, B and C, and two questions from Section D. Submit the

More information

Time. To do. q Physical clocks q Logical clocks

Time. To do. q Physical clocks q Logical clocks Time To do q Physical clocks q Logical clocks Events, process states and clocks A distributed system A collection P of N single-threaded processes (p i, i = 1,, N) without shared memory The processes in

More information

An analogy from Calculus: limits

An analogy from Calculus: limits COMP 250 Fall 2018 35 - big O Nov. 30, 2018 We have seen several algorithms in the course, and we have loosely characterized their runtimes in terms of the size n of the input. We say that the algorithm

More information

Quiz 2. Due November 26th, CS525 - Advanced Database Organization Solutions

Quiz 2. Due November 26th, CS525 - Advanced Database Organization Solutions Name CWID Quiz 2 Due November 26th, 2015 CS525 - Advanced Database Organization s Please leave this empty! 1 2 3 4 5 6 7 Sum Instructions Multiple choice questions are graded in the following way: You

More information

Växjö University. Software Security Testing. A Flexible Architecture for Security Testing. School of Mathematics and System Engineering

Växjö University. Software Security Testing. A Flexible Architecture for Security Testing. School of Mathematics and System Engineering School of Mathematics and System Engineering Reports from MSI - Rapporter från MSI Växjö University Software Security Testing A Flexible Architecture for Security Testing Martin Andersson Aug 2008 MSI

More information

416 Distributed Systems

416 Distributed Systems 416 Distributed Systems RAID, Feb 26 2018 Thanks to Greg Ganger and Remzi Arapaci-Dusseau for slides Outline Using multiple disks Why have multiple disks? problem and approaches RAID levels and performance

More information

G54FOP: Lecture 17 & 18 Denotational Semantics and Domain Theory III & IV

G54FOP: Lecture 17 & 18 Denotational Semantics and Domain Theory III & IV G54FOP: Lecture 17 & 18 Denotational Semantics and Domain Theory III & IV Henrik Nilsson University of Nottingham, UK G54FOP: Lecture 17 & 18 p.1/33 These Two Lectures Revisit attempt to define denotational

More information

Problem One: Order Relations i. What three properties does a binary relation have to have to be a partial order?

Problem One: Order Relations i. What three properties does a binary relation have to have to be a partial order? CS103 Handout 16 Fall 2011 November 4, 2011 Extra Practice Problems Many of you have expressed interest in additional practice problems to review the material from the first four weeks of CS103. This handout

More information

COMS 6100 Class Notes

COMS 6100 Class Notes COMS 6100 Class Notes Daniel Solus September 20, 2016 1 General Remarks The Lecture notes submitted by the class have been very good. Integer division seemed to be a common oversight when working the Fortran

More information

FAIRNESS FOR INFINITE STATE SYSTEMS

FAIRNESS FOR INFINITE STATE SYSTEMS FAIRNESS FOR INFINITE STATE SYSTEMS Heidy Khlaaf University College London 1 FORMAL VERIFICATION Formal verification is the process of establishing whether a system satisfies some requirements (properties),

More information

Axiomatic Semantics. Stansifer Ch 2.4, Ch. 9 Winskel Ch.6 Slonneger and Kurtz Ch. 11 CSE

Axiomatic Semantics. Stansifer Ch 2.4, Ch. 9 Winskel Ch.6 Slonneger and Kurtz Ch. 11 CSE Axiomatic Semantics Stansifer Ch 2.4, Ch. 9 Winskel Ch.6 Slonneger and Kurtz Ch. 11 CSE 6341 1 Outline Introduction What are axiomatic semantics? First-order logic & assertions about states Results (triples)

More information

MAT 243 Test 2 SOLUTIONS, FORM A

MAT 243 Test 2 SOLUTIONS, FORM A MAT Test SOLUTIONS, FORM A 1. [10 points] Give a recursive definition for the set of all ordered pairs of integers (x, y) such that x < y. Solution: Let S be the set described above. Note that if (x, y)

More information

July 20, The day software bugs nearly lost us the moon. July 20, 2004

July 20, The day software bugs nearly lost us the moon. July 20, 2004 July 20, 1969 The day software bugs nearly lost us the moon July 20, 2004 1 This day, 35 years ago 35 years today 2 (of course, it never happened ) Flag waving in vacuum English writing on rocks 3 Guidance

More information

Probabilistic Guarded Commands Mechanized in HOL

Probabilistic Guarded Commands Mechanized in HOL Probabilistic Guarded Commands Mechanized in HOL Joe Hurd joe.hurd@comlab.ox.ac.uk Oxford University Joint work with Annabelle McIver (Macquarie University) and Carroll Morgan (University of New South

More information

Hoare Logic: Part II

Hoare Logic: Part II Hoare Logic: Part II COMP2600 Formal Methods for Software Engineering Jinbo Huang Australian National University COMP 2600 Hoare Logic II 1 Factorial {n 0} fact := 1; i := n; while (i >0) do fact := fact

More information

Integer Clocks and Local Time Scales

Integer Clocks and Local Time Scales Integer Clocks and Local Time Scales Part I Part II Adrien Guatto ENS - PARKAS SYNCHRON 2014 Adrien Guatto (ENS - PARKAS) Integer Clocks and Local Time Scales SYNCHRON 2014 1 / 31 Part I Adrien Guatto

More information

Databases. DBMS Architecture: Hashing Techniques (RDBMS) and Inverted Indexes (IR)

Databases. DBMS Architecture: Hashing Techniques (RDBMS) and Inverted Indexes (IR) Databases DBMS Architecture: Hashing Techniques (RDBMS) and Inverted Indexes (IR) References Hashing Techniques: Elmasri, 7th Ed. Chapter 16, section 8. Cormen, 3rd Ed. Chapter 11. Inverted indexing: Elmasri,

More information

List reversal: back into the frying pan

List reversal: back into the frying pan List reversal: back into the frying pan Richard Bornat March 20, 2006 Abstract More than thirty years ago Rod Burstall showed how to do a proof of a neat little program, shown in a modern notation in figure

More information

Deadlock. CSE 2431: Introduction to Operating Systems Reading: Chap. 7, [OSC]

Deadlock. CSE 2431: Introduction to Operating Systems Reading: Chap. 7, [OSC] Deadlock CSE 2431: Introduction to Operating Systems Reading: Chap. 7, [OSC] 1 Outline Resources Deadlock Deadlock Prevention Deadlock Avoidance Deadlock Detection Deadlock Recovery 2 Review: Synchronization

More information

EDA045F: Program Analysis LECTURE 10: TYPES 1. Christoph Reichenbach

EDA045F: Program Analysis LECTURE 10: TYPES 1. Christoph Reichenbach EDA045F: Program Analysis LECTURE 10: TYPES 1 Christoph Reichenbach In the last lecture... Performance Counters Challenges in Dynamic Performance Analysis Taint Analysis Binary Instrumentation 2 / 44 Types

More information

Loop Convergence. CS 536: Science of Programming, Fall 2018

Loop Convergence. CS 536: Science of Programming, Fall 2018 Solved Loop Convergence CS 536: Science of Programming, Fall 2018 A. Why Diverging programs aren t useful, so it s useful to know how to show that loops terminate. B. Objectives At the end of this lecture

More information

These are special traffic patterns that create more stress on a switch

These are special traffic patterns that create more stress on a switch Myths about Microbursts What are Microbursts? Microbursts are traffic patterns where traffic arrives in small bursts. While almost all network traffic is bursty to some extent, storage traffic usually

More information

Lecture 18 - Secret Sharing, Visual Cryptography, Distributed Signatures

Lecture 18 - Secret Sharing, Visual Cryptography, Distributed Signatures Lecture 18 - Secret Sharing, Visual Cryptography, Distributed Signatures Boaz Barak November 27, 2007 Quick review of homework 7 Existence of a CPA-secure public key encryption scheme such that oracle

More information

Early stopping: the idea. TRB for benign failures. Early Stopping: The Protocol. Termination

Early stopping: the idea. TRB for benign failures. Early Stopping: The Protocol. Termination TRB for benign failures Early stopping: the idea Sender in round : :! send m to all Process p in round! k, # k # f+!! :! if delivered m in round k- and p " sender then 2:!! send m to all 3:!! halt 4:!

More information

Implementing Uniform Reliable Broadcast with Binary Consensus in Systems with Fair-Lossy Links

Implementing Uniform Reliable Broadcast with Binary Consensus in Systems with Fair-Lossy Links Implementing Uniform Reliable Broadcast with Binary Consensus in Systems with Fair-Lossy Links Jialin Zhang Tsinghua University zhanggl02@mails.tsinghua.edu.cn Wei Chen Microsoft Research Asia weic@microsoft.com

More information

A study of online construction of fragment replicas. Fernanda Torres Pizzorno

A study of online construction of fragment replicas. Fernanda Torres Pizzorno A study of online construction of fragment replicas Fernanda Torres Pizzorno June 30, 2005 Preface In this report, I present the hovedoppgave of my 5 th year in the Siv. ing. i Datateknikk course at NTNU.

More information

CS 16 Fall 2009 Mid-term exam

CS 16 Fall 2009 Mid-term exam CS 16 Fall 2009 Mid-term exam This is a closed-book, closed-note exam. Answer all of the questions clearly, completely, and concisely. You have 50 minutes, so be sure to use your time wisely. All work

More information

cs/ee/ids 143 Communication Networks

cs/ee/ids 143 Communication Networks cs/ee/ids 143 Communication Networks Chapter 5 Routing Text: Walrand & Parakh, 2010 Steven Low CMS, EE, Caltech Warning These notes are not self-contained, probably not understandable, unless you also

More information

Distributed Algorithms (CAS 769) Dr. Borzoo Bonakdarpour

Distributed Algorithms (CAS 769) Dr. Borzoo Bonakdarpour Distributed Algorithms (CAS 769) Week 1: Introduction, Logical clocks, Snapshots Dr. Borzoo Bonakdarpour Department of Computing and Software McMaster University Dr. Borzoo Bonakdarpour Distributed Algorithms

More information

CSCI-564 Advanced Computer Architecture

CSCI-564 Advanced Computer Architecture CSCI-564 Advanced Computer Architecture Lecture 8: Handling Exceptions and Interrupts / Superscalar Bo Wu Colorado School of Mines Branch Delay Slots (expose control hazard to software) Change the ISA

More information

Lecture Notes on Software Model Checking

Lecture Notes on Software Model Checking 15-414: Bug Catching: Automated Program Verification Lecture Notes on Software Model Checking Matt Fredrikson André Platzer Carnegie Mellon University Lecture 19 1 Introduction So far we ve focused on

More information

ITI Introduction to Computing II

ITI Introduction to Computing II (with contributions from R. Holte) School of Electrical Engineering and Computer Science University of Ottawa Version of January 9, 2019 Please don t print these lecture notes unless you really need to!

More information

CS505: Distributed Systems

CS505: Distributed Systems Cristina Nita-Rotaru CS505: Distributed Systems. Required reading for this topic } Michael J. Fischer, Nancy A. Lynch, and Michael S. Paterson for "Impossibility of Distributed with One Faulty Process,

More information

Automatic Verification of Parameterized Data Structures

Automatic Verification of Parameterized Data Structures Automatic Verification of Parameterized Data Structures Jyotirmoy V. Deshmukh, E. Allen Emerson and Prateek Gupta The University of Texas at Austin The University of Texas at Austin 1 Outline Motivation

More information

R E A D : E S S E N T I A L S C R U M : A P R A C T I C A L G U I D E T O T H E M O S T P O P U L A R A G I L E P R O C E S S. C H.

R E A D : E S S E N T I A L S C R U M : A P R A C T I C A L G U I D E T O T H E M O S T P O P U L A R A G I L E P R O C E S S. C H. R E A D : E S S E N T I A L S C R U M : A P R A C T I C A L G U I D E T O T H E M O S T P O P U L A R A G I L E P R O C E S S. C H. 5 S O F T W A R E E N G I N E E R I N G B Y S O M M E R V I L L E S E

More information

Reading and Writing. Mathematical Proofs. Slides by Arthur van Goetham

Reading and Writing. Mathematical Proofs. Slides by Arthur van Goetham Reading and Writing Mathematical Proofs Slides by Arthur van Goetham What is a proof? Why explanations are not proofs What is a proof? A method for establishing truth What establishes truth depends on

More information

EECS150 - Digital Design Lecture 27 - misc2

EECS150 - Digital Design Lecture 27 - misc2 EECS150 - Digital Design Lecture 27 - misc2 May 1, 2002 John Wawrzynek Spring 2002 EECS150 - Lec27-misc2 Page 1 Outline Linear Feedback Shift Registers Theory and practice Simple hardware division algorithms

More information

Practical Provably Correct Voter Privacy Protecting End to End Voting Employing Multiparty Computations and Split Value Representations of Votes

Practical Provably Correct Voter Privacy Protecting End to End Voting Employing Multiparty Computations and Split Value Representations of Votes Practical Provably Correct Voter Privacy Protecting End to End Voting Employing Multiparty Computations and Split Value Representations of Votes Michael O. Rabin Columbia University SEAS Harvard University

More information

Discrete Mathematics and Probability Theory Summer 2015 Chung-Wei Lin Midterm 1

Discrete Mathematics and Probability Theory Summer 2015 Chung-Wei Lin Midterm 1 CS 70 Discrete Mathematics and Probability Theory Summer 2015 Chung-Wei Lin Midterm 1 PRINT Your Name:, last) first) SIGN Your Name: PRINT Your Student ID: CIRCLE your exam room: 2050 VLSB 10 EVANS OTHER

More information

CSCI3390-Assignment 2 Solutions

CSCI3390-Assignment 2 Solutions CSCI3390-Assignment 2 Solutions due February 3, 2016 1 TMs for Deciding Languages Write the specification of a Turing machine recognizing one of the following three languages. Do one of these problems.

More information

Coping with disk crashes

Coping with disk crashes Lecture 04.03 Coping with disk crashes By Marina Barsky Winter 2016, University of Toronto Disk failure types Intermittent failure Disk crash the entire disk becomes unreadable, suddenly and permanently

More information

Lexical Analysis: DFA Minimization & Wrap Up

Lexical Analysis: DFA Minimization & Wrap Up Lexical Analysis: DFA Minimization & Wrap Up Automating Scanner Construction PREVIOUSLY RE NFA (Thompson s construction) Build an NFA for each term Combine them with -moves NFA DFA (subset construction)

More information

Program verification. Hoare triples. Assertional semantics (cont) Example: Semantics of assignment. Assertional semantics of a program

Program verification. Hoare triples. Assertional semantics (cont) Example: Semantics of assignment. Assertional semantics of a program Program verification Assertional semantics of a program Meaning of a program: relation between its inputs and outputs; specified by input assertions (pre-conditions) and output assertions (post-conditions)

More information

Data byte 0 Data byte 1 Data byte 2 Data byte 3 Data byte 4. 0xA Register Address MSB data byte Data byte Data byte LSB data byte

Data byte 0 Data byte 1 Data byte 2 Data byte 3 Data byte 4. 0xA Register Address MSB data byte Data byte Data byte LSB data byte SFP200 CAN 2.0B Protocol Implementation Communications Features CAN 2.0b extended frame format 500 kbit/s Polling mechanism allows host to determine the rate of incoming data Registers The SFP200 provides

More information

Lecture Notes on Invariants for Arbitrary Loops

Lecture Notes on Invariants for Arbitrary Loops 15-414: Bug Catching: Automated Program Verification Lecture Notes on Invariants for Arbitrary Loops Matt Fredrikson Ruben Martins Carnegie Mellon University Lecture 5 1 Introduction The previous lecture

More information

Enhancing the Updatability of Projective Views

Enhancing the Updatability of Projective Views Enhancing the Updatability of Projective Views (Extended Abstract) Paolo Guagliardo 1, Reinhard Pichler 2, and Emanuel Sallinger 2 1 KRDB Research Centre, Free University of Bozen-Bolzano 2 Vienna University

More information

Cryptography and Security Midterm Exam

Cryptography and Security Midterm Exam Cryptography and Security Midterm Exam Solution Serge Vaudenay 25.11.2015 duration: 1h45 no documents allowed, except one 2-sided sheet of handwritten notes a pocket calculator is allowed communication

More information

Resilience Management Problem in ATM Systems as ashortest Path Problem

Resilience Management Problem in ATM Systems as ashortest Path Problem Resilience Management Problem in ATM Systems as ashortest Path Problem A proposal for definition of an ATM system resilience metric through an optimal scheduling strategy for the re allocation of the system

More information

1 Introduction. 1.1 The Problem Domain. Self-Stablization UC Davis Earl Barr. Lecture 1 Introduction Winter 2007

1 Introduction. 1.1 The Problem Domain. Self-Stablization UC Davis Earl Barr. Lecture 1 Introduction Winter 2007 Lecture 1 Introduction 1 Introduction 1.1 The Problem Domain Today, we are going to ask whether a system can recover from perturbation. Consider a children s top: If it is perfectly vertically, you can

More information

New attacks on Keccak-224 and Keccak-256

New attacks on Keccak-224 and Keccak-256 New attacks on Keccak-224 and Keccak-256 Itai Dinur 1, Orr Dunkelman 1,2 and Adi Shamir 1 1 Computer Science department, The Weizmann Institute, Rehovot, Israel 2 Computer Science Department, University

More information

Statistical Debugging. Ben Liblit, University of Wisconsin Madison

Statistical Debugging. Ben Liblit, University of Wisconsin Madison Statistical Debugging Ben Liblit, University of Wisconsin Madison Bug Isolation Architecture Program Source Predicates Sampler Compiler Shipping Application Top bugs with likely causes Statistical Debugging

More information

Lecture Notes on SAT Solvers & DPLL

Lecture Notes on SAT Solvers & DPLL 15-414: Bug Catching: Automated Program Verification Lecture Notes on SAT Solvers & DPLL Matt Fredrikson André Platzer Carnegie Mellon University Lecture 10 1 Introduction In this lecture we will switch

More information

Complex Systems Design & Distributed Calculus and Coordination

Complex Systems Design & Distributed Calculus and Coordination Complex Systems Design & Distributed Calculus and Coordination Concurrency and Process Algebras: Theory and Practice Francesco Tiezzi University of Camerino francesco.tiezzi@unicam.it A.A. 2014/2015 F.

More information

DO NOT COPY DO NOT COPY

DO NOT COPY DO NOT COPY Drill Problems 3 benches. Another practical book is VHDL for Programmable Logic, by Kevin Skahill of Cypress Semiconductor (Addison-esley, 1996). All of the ABEL and VHDL examples in this chapter and throughout

More information

Formal Reasoning CSE 331. Lecture 2 Formal Reasoning. Announcements. Formalization and Reasoning. Software Design and Implementation

Formal Reasoning CSE 331. Lecture 2 Formal Reasoning. Announcements. Formalization and Reasoning. Software Design and Implementation CSE 331 Software Design and Implementation Lecture 2 Formal Reasoning Announcements Homework 0 due Friday at 5 PM Heads up: no late days for this one! Homework 1 due Wednesday at 11 PM Using program logic

More information

Hoare Logic: Reasoning About Imperative Programs

Hoare Logic: Reasoning About Imperative Programs Hoare Logic: Reasoning About Imperative Programs COMP1600 / COMP6260 Dirk Pattinson Australian National University Semester 2, 2018 Programming Paradigms Functional. (Haskell, SML, OCaml,... ) main paradigm:

More information
2024 © sciencedocbox.com Privacy Policy | Terms of Service | Feedback