Refactoring the Whitby Intelligent Tutoring System for Clean Architecture

Whitby is the server-side of an Intelligent Tutoring System application for learning System-Theoretic Process Analysis (STPA), a methodology used to ensure the safety of anything that can be represented with a systems model. The underlying logic driving the reasoning behind Whitby is Situation Calculus, which is a many-sorted logic with situation, action, and object sorts. The Situation Calculus is applied to Ontology Authoring and Contingent Scaffolding: the primary activities within Whitby. Thus many fluents and actions are aggregated in Whitby from these two sub-applications and from Whitby itself, but all are available through a common situation query interface that does not depend upon any of the fluents or actions. Each STPA project in Whitby is a single situation term, which is queried for fluents that include the ontology, and to determine what pedagogical interventions to offer. Initially Whitby was written in Prolog using a module system. In the interest of a cleaner architecture and implementation with improved code reuse and extensibility, the initial application was refactored into Logtalk. This refactoring includes decoupling the Situation Calculus reasoner, Ontology Authoring framework, and Contingent Scaffolding framework into third-party libraries that can be reused in other applications. This extraction was achieved by inverting dependencies via Logtalk protocols and categories, which are reusable interfaces and components that provide functionally cohesive sets of predicate declarations and predicate definitions. In this paper the architectures of two iterations of Whitby are evaluated with respect to the motivations behind the refactor: clean architecture enabling code reuse and extensibility.

Comparative Analysis and Enhancement of CFG-based Hardware-Assisted CFI Schemes

Subverting the flow of instructions (e.g., by use of code-reuse attacks) still poses a serious threat to the security of today’s systems. Various control flow integrity (CFI) schemes have been proposed as a powerful technique to detect and mitigate such attacks. In recent years, many hardware-assisted implementations of CFI enforcement based on control flow graphs (CFGs) have been presented by academia. Such approaches check whether control flow transfers follow the intended CFG by limiting the valid target addresses. However, these papers all target different platforms and were evaluated with different sets of benchmark applications, which makes quantitative comparisons hardly possible. For this paper, we have implemented multiple promising CFG-based CFI schemes on a common platform comprising a RISC-V within FPGA. By porting almost 40 benchmark applications to this system we can present a meaningful comparison of the various techniques in terms of run-time performance, hardware utilization, and binary size. In addition, we present an enhanced CFI approach that is inspired by what we consider the best concepts and ideas of previously proposed mechanisms. We have made this approach more practical and feature-complete by tackling some problems largely ignored previously. We show with this fine-grained scheme that CFI can be achieved with even less overheads than previously demonstrated.

Context-based intelligent recommendation by code reuse for smart decision support and cognitive adaptive systems

PurposeThis paper aims to use the concept of machine learning to enable people and machines to interact more certainly to extend and expand human expertise and cognition.Design/methodology/approachIntelligent code reuse recommendations based on code big data analysis, mining and learning can effectively improve the efficiency and quality of software reuse, including common code units in a specific field and common code units that are not related to the field.FindingsFocusing on the topic of context-based intelligent code reuse recommendation, this paper expounds the research work in two aspects mainly in practical applications of smart decision support and cognitive adaptive systems: code reuse recommendation based on template mining and code reuse recommendation based on deep learning.Originality/valueOn this basis, the future development direction of intelligent code reuse recommendation based on context has prospected.

Not so fast: understanding and mitigating negative impacts of compiler optimizations on code reuse gadget sets

Despite extensive testing and correctness certification of their functional semantics, a number of compiler optimizations have been shown to violate security guarantees implemented in source code. While prior work has shed light on how such optimizations may introduce semantic security weaknesses into programs, there remains a significant knowledge gap concerning the impacts of compiler optimizations on non-semantic properties with security implications. In particular, little is currently known about how code generation and optimization decisions made by the compiler affect the availability and utility of reusable code segments called gadgets required for implementing code reuse attack methods such as return-oriented programming. In this paper, we bridge this gap through a study of the impacts of compiler optimization on code reuse gadget sets. We analyze and compare 1,187 variants of 20 different benchmark programs built with two production compilers (GCC and Clang) to determine how their optimization behaviors affect the code reuse gadget sets present in program variants with respect to both quantitative and qualitative metrics. Our study exposes an important and unexpected problem; compiler optimizations introduce new gadgets at a high rate and produce code containing gadget sets that are generally more useful to an attacker than those in unoptimized code. Using differential binary analysis, we identify several undesirable behaviors at the root of this phenomenon. In turn, we propose and evaluate several strategies to mitigate these behaviors. In particular, we show that post-production binary recompilation can effectively mitigate these behaviors with negligible performance impacts, resulting in optimized code with significantly smaller and less useful gadget sets.

Graph representations in genetic programming

Graph representations promise several desirable properties for genetic programming (GP); multiple-output programs, natural representations of code reuse and, in many cases, an innate mechanism for neutral drift. Each graph GP technique provides a program representation, genetic operators and overarching evolutionary algorithm. This makes it difficult to identify the individual causes of empirical differences, both between these methods and in comparison to traditional GP. In this work, we empirically study the behaviour of Cartesian genetic programming (CGP), linear genetic programming (LGP), evolving graphs by graph programming and traditional GP. By fixing some aspects of the configurations, we study the performance of each graph GP method and GP in combination with three different EAs: generational, steady-state and $$(1+\lambda )$$ ( 1 + λ ) . In general, we find that the best choice of representation, genetic operator and evolutionary algorithm depends on the problem domain. Further, we find that graph GP methods can increase search performance on complex real-world regression problems and, particularly in combination with the ($$1 + \lambda$$ 1 + λ ) EA, are significantly better on digital circuit synthesis tasks. We further show that the reuse of intermediate results by tuning LGP’s number of registers and CGP’s levels back parameter is of utmost importance and contributes significantly to better convergence of an optimization algorithm when solving complex problems that benefit from code reuse.

A ROS-Gazebo Interface for the Katana Robotic Arm Manipulation

Nowadays, simulators are being used more and more during the development of robotic systems due to the efficiency of the development and testing processes of such applications. Undoubtedly, these simulators save time, resources and costs, as well as enable ease of demonstrations of the system. Specifically, tools like the open source Robotic Operating System (ROS) and Gazebo have gained popularity in building models of robotic systems. ROS is extensively used in robotics due to the pros of hardware abstraction and code reuse. The Gazebo platform is used for visualisation because of its high compatibility with ROS. In this paper, ROS and Gazebo have been integrated to build an interface for the visualisation of the Katana Arm manipulator.