Slide1 l.jpg
Advertisement
This presentation is the property of its rightful owner.
1 / 13

CSCP: The Bugs and the Bees: Research in Swarm Programming and Security PowerPoint PPT Presentation

The Bees -

Download Presentation

CSCP: The Bugs and the Bees: Research in Swarm Programming a...

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript


Slide1 l.jpg

The Bugs and the Bees

Research in Swarm Programming and Security

David Evans

[email protected]

http://www.cs.virginia.edu/~evans

University of Virginia

Department of Computer Science


Research projects l.jpg

Splint

Research Projects

  • The Bugs

  • The Bees - “Programming the Swarm”

How can we efficiently find coding errors?

How can we program large collections of devices and reason about their behavior?

David Evans - CSCP


A gross oversimplification l.jpg

A Gross Oversimplification

all

Formal Verifiers

Bugs Detected

Splint

Compilers

none

Low

Unfathomable

Effort Required

David Evans - CSCP


Approach l.jpg

Approach

  • Extend type checking to detect more classes of problems

  • Programmers add annotations (formal specifications)

    • Simple and precise

    • Describe programmers intent:

      • Types, memory management, data hiding, aliasing, modification, null-ity, buffer sizes, security, etc.

  • Splint detects inconsistencies between annotations and code

    • Simple (fast!) dataflow analyses

David Evans - CSCP


Recent work l.jpg

Recent Work

  • Detecting Buffer Overflow Vulnerabilities [David Larochelle]

    • Most commonly exploited security vulnerability

    • Still the most common attack

      • Code Red exploited buffer overflow in IIS

      • >50% of CERT advisories, 23% of CVE entries in 2001

  • Attributes describe sizes of allocated buffers

David Evans - CSCP


Splint l.jpg

Splint

  • More information: splint.cs.virginia.edu

    IEEE Software Jan/Feb 2002

    USENIX Security ’01, PLDI ’96

  • Public release (since 1996 as LCLint) – real users, mentioned in C FAQ, C Unleashed, Linux Journal, etc.

  • We need cooperative industrial users

  • Students:

    • Graduate: David Larochelle, Greg Yukl

    • Undergraduate: David Friedman, Mike Lanouette, Hien Phan

  • Funding: NASA

David Evans - CSCP


Programming the swarm l.jpg

Programming the Swarm

David Evans - CSCP


Slide8 l.jpg

“Programming the Swarm”

“Programming in the Small”

“Programming in the Large”

Billions of small, cheap unreliable devices in physical environments

Swarm Programming, Group Behaviors

Tools for Reasoning about Groups in unpredictable environments

Monolithic Computers

First High-Level Languages

Manual Proof of Properties of Trivial Programs

Fixed Networks of PCs

Modular Programming, Interfaces, Objects

Tools for Reasoning about Distributed Programs

(Really) Brief History of Computer Science

1990

1950

1960

1970

1980

2001-

Machines

Programming

Methods

Reasoning

Tools

David Evans - CSCP


Programming the swarm long range goal l.jpg

Programming the Swarm: Long-Range Goal

Cement

10 GFlop

David Evans - CSCP


Why this might be possible l.jpg

Why this Might be Possible?

  • Biology Does It

    • Ant routing

      • Find best route to food source using pheromone trails

    • Bee house-hunting

      • Reach consensus by dancing and split to new hive

    • Complex creatures self-organize from short DNA program and dumb chemicals

      • Genetic code for 2 humans differs in only 2M base pairs (.5 MB < 1% of Win2000)

David Evans - CSCP


Swarm programming model l.jpg

Swarm Programming Model

Behavioral

Description

Device

Units

Swarm

Program

Synthesizer

Device

Programs

Environment

Model

Programmed

Device

Units

Device

Model

Primitives

Library

David Evans - CSCP


Research issues l.jpg

Research Issues

  • How can we describe the properties of swarm behaviors, devices and environments?

  • What are the right primitives and combination mechanisms?

  • How can we synthesize swarm programs with known functional and non-functional properties?

  • Security

    • Can we use swarm programming to build systems that are resilient to classes of attack?

    • Can we produce swarm programs with known behavioral constraints?

    • Can we provide privacy using wireless communications in a swarm?

David Evans - CSCP


Programming the swarm13 l.jpg

Programming the Swarm

swarm.cs.virginia.edu

  • Students:

    • Graduate: Gilbert Backers, Joel Winstead, Weilin Zhong

    • Undergraduates: Keen Browne, Mike Cuvelier, John Calandrino, Bill Oliver, Mike Hoyge, Jon McCune, Errol McEachron, Ankush Seth

  • Funding: NSF

David Evans - CSCP


  • Login