slide1 l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
CSCP: The Bugs and the Bees: Research in Swarm Programming and Security PowerPoint Presentation
Download Presentation
CSCP: The Bugs and the Bees: Research in Swarm Programming and Security

Loading in 2 Seconds...

play fullscreen
1 / 13

CSCP: The Bugs and the Bees: Research in Swarm Programming and Security - PowerPoint PPT Presentation


  • 473 Views
  • Uploaded on

The Bees -

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'CSCP: The Bugs and the Bees: Research in Swarm Programming and Security' - isaac


An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
slide1

The Bugs and the Bees

Research in Swarm Programming and Security

David Evans

evans@cs.virginia.edu

http://www.cs.virginia.edu/~evans

University of Virginia

Department of Computer Science

research projects

Splint

Research Projects
  • The Bugs
  • The Bees - “Programming the Swarm”

How can we efficiently find coding errors?

How can we program large collections of devices and reason about their behavior?

David Evans - CSCP

a gross oversimplification
A Gross Oversimplification

all

Formal Verifiers

Bugs Detected

Splint

Compilers

none

Low

Unfathomable

Effort Required

David Evans - CSCP

approach
Approach
  • Extend type checking to detect more classes of problems
  • Programmers add annotations (formal specifications)
    • Simple and precise
    • Describe programmers intent:
      • Types, memory management, data hiding, aliasing, modification, null-ity, buffer sizes, security, etc.
  • Splint detects inconsistencies between annotations and code
    • Simple (fast!) dataflow analyses

David Evans - CSCP

recent work
Recent Work
  • Detecting Buffer Overflow Vulnerabilities [David Larochelle]
    • Most commonly exploited security vulnerability
    • Still the most common attack
      • Code Red exploited buffer overflow in IIS
      • >50% of CERT advisories, 23% of CVE entries in 2001
  • Attributes describe sizes of allocated buffers

David Evans - CSCP

splint
Splint
  • More information: splint.cs.virginia.edu

IEEE Software Jan/Feb 2002

USENIX Security ’01, PLDI ’96

  • Public release (since 1996 as LCLint) – real users, mentioned in C FAQ, C Unleashed, Linux Journal, etc.
  • We need cooperative industrial users
  • Students:
    • Graduate: David Larochelle, Greg Yukl
    • Undergraduate: David Friedman, Mike Lanouette, Hien Phan
  • Funding: NASA

David Evans - CSCP

programming the swarm
Programming the Swarm

David Evans - CSCP

slide8

“Programming the Swarm”

“Programming in the Small”

“Programming in the Large”

Billions of small, cheap unreliable devices in physical environments

Swarm Programming, Group Behaviors

Tools for Reasoning about Groups in unpredictable environments

Monolithic Computers

First High-Level Languages

Manual Proof of Properties of Trivial Programs

Fixed Networks of PCs

Modular Programming, Interfaces, Objects

Tools for Reasoning about Distributed Programs

(Really) Brief History of Computer Science

1990

1950

1960

1970

1980

2001-

Machines

Programming

Methods

Reasoning

Tools

David Evans - CSCP

programming the swarm long range goal
Programming the Swarm: Long-Range Goal

Cement

10 GFlop

David Evans - CSCP

why this might be possible
Why this Might be Possible?
  • Biology Does It
    • Ant routing
      • Find best route to food source using pheromone trails
    • Bee house-hunting
      • Reach consensus by dancing and split to new hive
    • Complex creatures self-organize from short DNA program and dumb chemicals
      • Genetic code for 2 humans differs in only 2M base pairs (.5 MB < 1% of Win2000)

David Evans - CSCP

swarm programming model
Swarm Programming Model

Behavioral

Description

Device

Units

Swarm

Program

Synthesizer

Device

Programs

Environment

Model

Programmed

Device

Units

Device

Model

Primitives

Library

David Evans - CSCP

research issues
Research Issues
  • How can we describe the properties of swarm behaviors, devices and environments?
  • What are the right primitives and combination mechanisms?
  • How can we synthesize swarm programs with known functional and non-functional properties?
  • Security
    • Can we use swarm programming to build systems that are resilient to classes of attack?
    • Can we produce swarm programs with known behavioral constraints?
    • Can we provide privacy using wireless communications in a swarm?

David Evans - CSCP

programming the swarm13
Programming the Swarm

swarm.cs.virginia.edu

  • Students:
    • Graduate: Gilbert Backers, Joel Winstead, Weilin Zhong
    • Undergraduates: Keen Browne, Mike Cuvelier, John Calandrino, Bill Oliver, Mike Hoyge, Jon McCune, Errol McEachron, Ankush Seth
  • Funding: NSF

David Evans - CSCP