Entity-life modeling: modeling a thread architecture on the problem environment

With Java threads and the wider availability of multiprocessors, more programmers are confronted with multithreading. Concurrent threads let you take advantage of multiprocessors to speed up execution. They are also useful on a single processor, where one thread can compute while others wait for external input. Entity-life modeling is an approach for designing multithread programs.     

Meet real-time requirements of parallel programs and maximallyutilize system resources

The time-cost behavior of a program directly depends on its execution environment (i.e., the number of other programs in the system). We present techniques to analyze the time-cost behavior of programs that include the effect of their execution environment. It is assumed the underlying system has a shared memory architecture. The paper shows that one can analytically relate a parallel program's time cost to its execution environment. A direct benefit of the work is to let us meet the real-time requirement of a parallel program and utilize maximally a multiprocessor system's resource     

Slithice:一个基于系统依赖图的Java程序切片工具

当前程序切片的相关理论已经较为成熟,但针对Java程序的静态切片工具却非常少见。为便于展开切片应用研究,设计并实现了一个基于系统依赖图的Eclipse切片插件——Slithice。该插件支持不同粒度的底层分析和系统依赖图构建,从而可以使切片算法能够在精度和性能之间进行权衡,适应各种规模程序的分析需要。     

Activating networks: a progress report

Active networks-networks you can add programs to or customize to particular applications-are probably most familiar as Web proxy caches and firewalls. In their more sophisticated form, however, they have become customized infrastructures that let designers program control planes-the control software and network hardware used to manipulate the transport system's behavior. Programming mechanisms such as open signaling are becoming more widespread, for example. But research in active networks has taken a step beyond even these sophisticated infrastructures. Working systems now let designers modify packet-switching infrastructures on the fly using either a switch-like model, which mixes active packets with other packets, or in a capsule model, which regards all packets as programs. In surveying working systems and experimental results, the authors have found that first-generation systems have opted to use modern programming language technologies such as Caml and Java to provide usability and safety, and cryptographic techniques to provide security. The systems differ in the degree of flexibility and performance they offer. Many differences stem from the use of a particular security model. The paper discusses a general architecture for active networks     

多个NIOS程序在EPCS中的存储及切换运行

针对Altera FPGA,提出了一种在EPCS Flash中存入多个NIOS Ⅱ嵌入式程序(不同的配置文件和NIOS Ⅱ应用文件)并实现程序间相互切换运行的方法.通过搭建平台并以两个嵌入式程序为例,分别分析了它们的配置及引导流程,阐述了程序存储及切换运行的具体方法,实验结果证明了该方法的可行性.该方法使得带NIOS Ⅱ软核的FPGA嵌入式系统在调试以及应用上更加方便灵活,尤其针对系统程序的远程更新,在不破坏原有程序的基础上即可完成,大大提升了系统的安全性.     

A backtracking algorithm for the stream AND-parallel execution of logic programs

We present the first backtracking algorithm for stream AND-parallel logic programs. It relies on compile-time knowledge of the dataflow graph of each clause to let it figure out efficiently which goals to kill or restart when a goal fails. This crucial information, which we derive from mode declarations, was not available at compile-time in any previous stream AND-parallel system. We show that modes can increase the precision of the backtracking algorithm, though our algorithm allows this precision to be traded off against overhead on a procedure-by-procedure and call-by-call basis. The modes also allow our algorithm to handle efficiently programs that manipulate partially instantiated data structures and an important class of programs with circular dependency graphs. On code that does not need backtracking, the efficiency of our algorithm approaches that of the committed-choice languages; on code that does need backtracking its overhead is comparable to that of the independent AND-parallel backtracking algorithms.     

Response-time analysis of composite Web services

Web services let programs submit requests to other programs over the Internet via open protocols and standards. Many traditional Web sites, including popular search engines like Google and large online bookstores are boosting their traffic through Web service APIs. A single Internet application can invoke many different Web services - for example, the metasearch engine WebSifter uses several online ontologies to refine a user's request into a more meaningful query and then submits that query to various search engines in parallel. We call such applications composite Web services. Many important challenges stem from the quality-of-service issues in composite Web services. We address the impact of slow services on the overall response time of a transaction that uses several Web services in parallel.     

RUGRAT: Evaluating program analysis and testing tools and compilers with large generated random benchmark applications

Benchmarks are heavily used in different areas of computer science to evaluate algorithms and tools. In program analysis and testing, open‐source and commercial programs are routinely used as benchmarks to evaluate different aspects of algorithms and tools. Unfortunately, many of these programs are written by programmers who introduce different biases, not to mention that it is very difficult to find programs that can serve as benchmarks with high reproducibility of results. We propose a novel approach for generating random benchmarks for evaluating program analysis and testing tools and compilers. Our approach uses stochastic parse trees, where language grammar production rules are assigned probabilities that specify the frequencies with which instantiations of these rules will appear in the generated programs. We implemented our tool for Java and applied it to generate a set of large benchmark programs of up to 5M lines of code each with which we evaluated different program analysis and testing tools and compilers. The generated benchmarks let us independently rediscover several issues in the evaluated tools. Copyright © 2014 John Wiley & Sons, Ltd.     

NetWare Security Products

Certification programs can mean many things to many people. Consider, for example, how the 1991 Webster's New Collegiate Dictionary defines certify

1: to attest as certain, confirm; 2: to testify or vouch for in writing; 3: to guarantee; endorse;. 5: to declare (a person) legally insane and committable to a mental institution; 6: to certificate; license.

Having observed as well as participated in several certification programs, I can assure the reader that these programs encompass some aspects of all of these definitions. However, in keeping with the subject of this column, let us focus on the last definition: to certificate—that is, to authorize by the issuing of a certificate.

Certification programs have been in existence for a long time in many of the socalled traditional professions. For example, for more than 75 years, public accountants have been certified by state examining boards to ensure that they have fulfilled the requirements set forth in state law for the practice of public accounting.     

Separate computation of alias information for reuse

Interprocedural data flow information is useful for many software testing and analysis techniques, including data flow testing, regression testing, program slicing and impact analysis. For programs with aliases, these testing and analysis techniques can yield invalid results, unless the data flow information accounts for aliasing effects. Recent research provides algorithms for performing interprocedural data flow analysis in the presence of aliases; however, these algorithms are expensive, and achieve precise results only on complete programs. This paper presents an algorithm for performing alias analysis on incomplete programs that lets individual software components such as library routines, subroutines or subsystems be independently analyzed. The paper also presents an algorithm for reusing the results of this separate analysis when the individual software components are linked with calling modules. Our algorithms let us analyze frequently used software components, such as library routines or classes, independently, and reuse the results of that analysis when analyzing calling programs, without incurring the expense of completely reanalyzing each calling program. Our algorithms also provide a way to analyze large systems incrementally     

测试驱动开发及开发实践

极限编程是适应于中小型团队在需求不明确或迅速变化的情况下进行软件开发的轻量级方法学。测试驱动开发作为极限编程思想的一种主要实践,可以有效地让程序开发人员开发出更高品质的、经过完整测试的程序。文中介绍了测试驱动开发思想,对测试驱动开发过程给出了清晰的流程,总结了测试驱动开发的多种模式。最后介绍了如何用JUnit进行测试驱动开发。     

Revisiting the Sequential Programming Model for the Multicore Era

Automatic parallelization has thus far not been successful at extracting scalable parallelism from general programs. An aggressive automatic thread extraction framework, coupled with natural extensions to the sequential programming model that allow for a range of legal outcomes rather than forcing programmers to define a single legal program outcome, will let programmers achieve the performance of parallel programming via the simpler sequential model.     

Qlisp: parallel processing in Lisp

The authors describe a version of Common Lisp for multiprocessing, called Qlisp. It supports medium-grained parallelism for artificial-intelligence and symbolic programs. Qlisp supports the futures data type. It also introduces partially, multiply invoked functions that let program components be synchronized. An implementation of Qlisp on an Alliant FX/8, based on Lucid Common Lisp, a commercial system, is described     

Windows下MASM集成汇编系统的研究与开发

为了方便教学,让学生尽快掌握汇编语言程序设计的方法,开发了基于VC 的Windows下MASM集成汇编系统,该系统集成了微机汇编语言主要调试工具,实现了编程、编译、联接和动态调试等功能的一体化。实践证明:MASM集成汇编系统界面友好、操作方便,有较好的应用价值。     

基于CDIO模式的Java高级编程教学的研究

对于高校培养学生,第一要务就是让培养出来的学生能找到更好、更合适的工作岗位,其次是搞研究。Java高级编程是一门操作性很强的课程,但受传统教学的影响,很多院校还秉承＂讲——学——练＂三步法。这对学生的学习兴趣和实际应用能力都产生极大的阻碍,严重影响课程的教学效果。为此我们尝试在Java高级编程中采用CDIO模式进行教学,采用＂构思-设计-实现-运行（CDIO）＂四部曲,充分调动和发挥学生自主学习和积极思考的主观能动性,培养学生工程式思维模式,让学生有更强的社会核心竞争力。     

Programs with lists are counter automata

We address the problem of verifying programs manipulating one-selector linked data structures. We propose and study in detail an application of counter automata as an accurate abstract model for this problem. We let control states of the counter automata correspond to abstract heap graphs where list segments without sharing are collapsed, and use counters to keep track of the number of elements in these segments. As a significant theoretical result, we show that the obtained counter automata are bisimilar to the original programs. Moreover, from a practical point of view, our translation allows one to apply efficient automatic analysis techniques and tools developed for counter automata (integer programs) in order to verify both safety as well as termination of list-manipulating programs. As another theoretical contribution, we prove that if the control of the generated counter automata does not contain nested loops (i.e., these automata are flat), both safety and termination are decidable for the original programs. Subsequently, we generalise our counter-automata-based model to keep track of ordering properties over lists storing ordered data. Finally, we show effectiveness of our approach by verifying automatically safety as well as termination of several sorting programs.     

分布式虚拟环境中的聊天机器人的研究

该文探索了通过自然语言界面从基于Web的应用中获取知识的一种方法。介绍了一些著名聊天机器人程序着重给出了基于AIML的聊天机器人A.L.I.C.E的运行机制,并分析了其适合于分布式应用的特点。通过对其进行改进将其结合进分布式虚拟环境中,构造了一个基于Web的分布式虚拟环境中的聊天机器人。     

State machines

We are surrounded by real-world state machines: ballpoint pen retractor mechanisms, vending machines, washing-machine controllers, digital watches. They are a trivial but underused technology that can simplify how we implement programs that must track how they got to their current state before handling a new event. However, many programmers feel that state machines are only useful when they're developing communication protocol stacks, which is not an everyday activity. This is unfortunate. State machines can be appropriate in surprising circumstances. Correctly applied, they will result in faster, more modular, less coupled, and easier to maintain code. State machines make it easy to eliminate duplication, honoring the DRY principle. They also let you write more expressive code, because you can specify intent and implementation independently. These are all good, pragmatic, reasons to investigate them further, so let's look at some simple state machine implementations and problems they can solve.     

Securing systems against external programs

Internet users routinely and often unknowingly download and run programs, such as Java applets; and some Web servers let users upload external programs and run them on the server. Although the practice of executing these external programs has the sanction of widespread use, its security implications haven't yet been systematically addressed. In the brief, dynamic history of the Internet, such a situation is not unusual. New communication mechanisms and computing paradigms are often implemented before the security issues they engender have been rigorously analyzed. Our goal is to address this problem in the subdomain of external programs by systematically outlining security issues and classifying current solutions. Our focus is solely on protecting a host from external programs. We do not address the problem of protecting the communication medium or protecting an external program from runtime systems. Furthermore, we do not address the problem of correctly identifying the source of an external program (authentication). We start our inquiry by reviewing the relevant models of computation, followed by an overview of the security problems associated with them. We then classify both the problems and the existing solutions using a resource-centric model that distinguishes problems associated with resource access from those associated with resource consumption. Finally, we classify solutions to each problem according to how and when they are applied