Abstract-Software systems are constantly evolving, with new versions and patches being released on a continuous basis. Unfortunately, software updates present a high risk, with many releases introducing new bugs and security vulnerabilities.We tackle this problem using a simple but effective multiversion based approach. Whenever a new update becomes available, instead of upgrading the software to the new version, we run the new version in parallel with the old; by carefully coordinating their executions and selecting the behavior of the more reliable version when they diverge, we create a more secure and dependable multi-version application.We have implemented this technique in a prototype system targeting multicore processors, and show that it can be applied successfully to several security-critical applications, such as lighttpd and redis.
Software repositories provide rich information about the construction and evolution of software systems. While static data that can be mined directly from version control systems has been extensively studied, dynamic metrics concerning the execution of the software have received much less attention, due to the inherent difficulty of running and monitoring a large number of software versions.In this paper, we present Covrig, a flexible infrastructure that can be used to run each version of a system in isolation and collect static and dynamic software metrics, using a lightweight virtual machine environment that can be deployed on a cluster of local or cloud machines.We use Covrig to conduct an empirical study examining how code and tests co-evolve in six popular open-source systems. We report the main characteristics of software patches, analyse the evolution of program and patch coverage, assess the impact of nondeterminism on the execution of test suites, and investigate whether the coverage of code containing bugs and bug fixes is higher than average.
We present a new simple extension of multiple walker metadynamics which makes it possible to simulate simultaneously multiple different molecular systems and to predict their free energy surfaces, named Altruistic metadynamics. Similarly to basic metadynamics, it uses a bias potential in the form of hills summed over the simulation. Each system adds a big hill to its "own" bias potential and smaller hills to bias potentials of other systems, hence, each system enhances sampling of other systems. This makes it possible to achieve either faster reaching of the stationary point or higher accuracy of the calculated free energy surfaces. This should be efficient in modeling of series of chemically similar systems, for example, in computational drug screening by metadynamics. The method was tested on model energy surfaces, alanine dipeptide modeled in different force fields and monosaccharides of D-hexopyranose series.
Metadynamics method has been widely used to enhance sampling in molecular simulations. Its original form suffers two major drawbacks, poor convergence in complex (especially biomolecular) systems and its serial nature. The first drawback has been addressed by introduction of a convergent variant known as well-tempered metadynamics. The second was addressed by introduction of a parallel multisystem metadynamics referred to as altruistic metadynamics. Here, we combine both approaches into well-tempered altruistic metadynamics. We provide mathematical arguments and trial simulations to show that it accurately predicts free energy surfaces.
Abstract. Web applications in many domains such as healthcare and finance must process sensitive data, while complying with legal policies regarding the release of different classes of data to different parties. Currently, software bugs may lead to irreversible disclosure of confidential data in multi-tier web applications. An open challenge is how developers can guarantee these web applications only ever release sensitive data to authorised users without costly, recurring security audits.Our solution is to provide a trusted middleware that acts as a "safety net" to event-based enterprise web applications by preventing harmful data disclosure before it happens. We describe the design and implementation of SafeWeb, a Ruby-based middleware that associates data with security labels and transparently tracks their propagation at different granularities across a multi-tier web architecture with storage and complex event processing. For efficiency, maintainability and ease-of-use, SafeWeb exploits the dynamic features of the Ruby programming language to achieve label propagation and data flow enforcement. We evaluate SafeWeb by reporting our experience of implementing a web-based cancer treatment application and deploying it as part of the UK National Health Service (NHS).
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.