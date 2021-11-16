ContributorsPublishersAdvertisers
Software

Exploring Usable Security to Improve the Impact of Formal Verification: A Research Agenda

By Google Scholar
arxiv.org
 8 days ago

Carolina Carreira (INESC-ID and IST, University of Lisbon, Portugal), João F. Ferreira (INESC-ID and IST, University of Lisbon, Portugal), Alexandra Mendes (HASLab, INESC TEC and Universidade da Beira Interior, Portugal), Nicolas Christin (Carnegie Mellon University, Pittsburgh, Pennsylvania, USA) As software becomes more complex and assumes an even greater role...

arxiv.org

Comments / 0

Related
The Guardian

Research Impact Manager

We will be promoting our research strategy from mid-November. This is our framework for our investments and activity from 2022 to 2026. The Research Impact Manager will play a key role in developing the evaluation framework, data pipeline and stakeholder communication around the strategy. We are looking for someone with drive, experience and passion for research impact - and who can lead in embedding this new programme of work.
JOBS
securityboulevard.com

Lacework Acquires Soluble to Improve Cloud Security

Lacework this week revealed it has acquired Soluble, a provider of a platform for remediating code that was created to provision infrastructure. At the same time, Lacework has added an inline vulnerability scanner to its namesake platform that makes it possible to identify vulnerable container images and update them before they are deployed. Designed to be integrated with continuous integration platforms like Jenkins, the inline vulnerability scanner makes it possible for developers to discover and address issues before they are discovered by cybersecurity teams in a production environment.
BUSINESS
techxplore.com

Research team formalizes novel data stream processing concept

A team of collaborators from the U.S. Department of Energy's Oak Ridge National Laboratory, Google Inc., Snowflake Inc. and Ververica GmbH has tested a computing concept that could help speed up real-time processing of data that stream on mobile and other electronic devices. The concept explores the function of watermarks,...
SOFTWARE
Dark Reading

4 Considerations for Improving Cloud Security Hygiene

We think we understand what hygiene is, but what about cloud security hygiene? It's not like our computers have teeth to brush, but that model is an entry point to a different understanding of security hygiene. If there's some task you need to do regularly, you need to do it everywhere. It's not okay to just brush your teeth once a year, or only to brush the front teeth; you also can't just patch software or check your security configurations once a year, or only for your most visible systems.
MICROSOFT
RELATED LOCAL CHANNELS
State
Pennsylvania State
aithority.com

Pydio Cell 3.0 Ends The Compromise Between Usability and Security

This week, Pydio released version 3.0 of its Pydio Cells document sharing and collaboration platform with a new flat datasource architecture and enhancements all through its core to deliver a product that ends the compromise between useability and security. Top AiThority.com Insights: “Bitcoin Has No Intrinsic Value”. Then What Gives...
SOFTWARE
Bank Info Security

A Systematic Approach To Improving Software Security - RUGGED SDLC

Applications aren't the only iterative processes that today's developers have to contend with. Security has become of prime importance to organisations and their end users, with some teams finding that they're having to wrestle between speed and security to get the job done. It doesn't have to be this way. In this ebook You will learn how to address fundamental ways of improving the security within your SDLC with an approach that focuses on secure software by design.
SOFTWARE
stlmag.com

Explorers Club St. Louis encourages scientific exploration and field research

On a recent Tuesday night, members of the Explorers Club St. Louis gathered at The Ritz-Carlton, St. Louis in Clayton to hear from Peter Diamandis, one of the “World’s 50 Greatest Leaders" according to Fortune magazine. Diamandis, who holds degrees in molecular genetics and aerospace engineering from Massachusetts Institute of Technology and a medical degree from Harvard, founded the X Prize Foundation, a nonprofit that encourages technological developments to benefit humanity through public competitions.
SAINT LOUIS, MO
onmsft.com

Microsoft Authenticator gets new features to improve security

Microsoft has released a new update for its Authenticator app for iOS and Android, and the new bits bring new security features for enterprise users and IT admins. The company noted that some of these features are generally available while the rest are currently available in public preview. Microsoft Authenticator...
COMPUTERS
IN THIS ARTICLE
#Usability#Formal Verification#Mental Models#Software Systems#Inesc#Ist#University Of Lisbon#Lo
helpnetsecurity.com

Arista joins Microsoft Intelligent Security Association to help improve customer security

Arista Networks announced it has joined the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors and managed security service providers that have integrated their solutions to better defend against a world of increasing threats. Arista was nominated based on an integration between Arista’s NDR (Network Detection and...
TECHNOLOGY
helpnetsecurity.com

Ethical hackers and the economics of security research

Bugcrowd released a report which provides CIOs and CISOs valuable insight on ethical hackers and the economics of security research. New findings indicate a startling shift in the threat landscape with 8 out of 10 ethical hackers recently having identified a vulnerability they had never seen before. This comprehensive annual...
TECHNOLOGY
arxiv.org

Trimming Stability Selection increases variable selection robustness

Contamination can severely distort an estimator unless the estimation procedure is suitably robust. This is a well-known issue and has been addressed in Robust Statistics, however, the relation of contamination and distorted variable selection has been rarely considered in literature. As for variable selection, many methods for sparse model selection have been proposed, including Stability Selection which is a meta-algorithm based on some variable selection algorithm in order to immunize against particular data configurations. We introduce the variable selection breakdown point that quantifies the number of cases resp. cells that have to be contaminated in order to let no relevant variable be detected. We show that particular outlier configurations can completely mislead model selection and argue why even cell-wise robust methods cannot fix this problem. We combine the variable selection breakdown point with resampling, resulting in the Stability Selection breakdown point that quantifies the robustness of Stability Selection. We propose a trimmed Stability Selection which only aggregates the models with the lowest in-sample losses so that, heuristically, models computed on heavily contaminated resamples should be trimmed away. We provide a short simulation study that reveals both the potential of our approach as well as the fragility of variable selection, even for an extremely small cell-wise contamination rate.
SCIENCE
YOU MAY ALSO LIKE
NewsBreak
Technology
NewsBreak
Computers
Country
Portugal
NewsBreak
Computer Science
NewsBreak
Software
arxiv.org

Semantic-Aware Collaborative Deep Reinforcement Learning Over Wireless Cellular Networks

Collaborative deep reinforcement learning (CDRL) algorithms in which multiple agents can coordinate over a wireless network is a promising approach to enable future intelligent and autonomous systems that rely on real-time decision-making in complex dynamic environments. Nonetheless, in practical scenarios, CDRL faces many challenges due to the heterogeneity of agents and their learning tasks, different environments, time constraints of the learning, and resource limitations of wireless networks. To address these challenges, in this paper, a novel semantic-aware CDRL method is proposed to enable a group of heterogeneous untrained agents with semantically-linked DRL tasks to collaborate efficiently across a resource-constrained wireless cellular network. To this end, a new heterogeneous federated DRL (HFDRL) algorithm is proposed to select the best subset of semantically relevant DRL agents for collaboration. The proposed approach then jointly optimizes the training loss and wireless bandwidth allocation for the cooperating selected agents in order to train each agent within the time limit of its real-time task. Simulation results show the superior performance of the proposed algorithm compared to state-of-the-art baselines.
COMPUTERS
arxiv.org

The Pareto-Optimal Temporal Aggregation of Energy System Models

The growing share of intermittent renewable energy sources, storage technologies, and the increasing degree of so-called sector coupling necessitates optimization-based energy system models with high temporal and spatial resolutions, which significantly increases their runtimes and limits their maximum sizes. In order to maintain the computational viability of these models for large-scale application cases, temporal aggregation has emerged as a technique for reducing the number of considered time steps by reducing the original time horizon down to fewer, more representative ones. This study presents advanced but generally applicable clustering techniques that allow for ad-hoc improvements of state-of-the-art approaches without requiring profound knowledge of the individual energy system model. These improvements comprise the optimal tradeoff between the number of typical days and inner-daily temporal resolutions, as well as constituting a representation method that can reproduce the value distribution of the original time series. We prove the superiority of these approaches by applying them to two fundamentally different model types, namely a single-node building energy system and a European carbon-neutral energy scenario, and benchmark these against state-of-the-art approaches. This is performed for a variety of temporal resolutions, which leads to many hundreds of model runs. The results show that the proposed improvements on current methods strictly dominate the status quo with respect to Pareto-optimality in terms of runtime and accuracy. Although a speeding up factor of one magnitude could be achieved using traditional aggregation methods within a cost deviation range of two percent, the algorithms proposed herein achieve this accuracy with a runtime speedup by a factor of two orders of magnitude.
ENERGY INDUSTRY
arxiv.org

A Geometric Approach to Optimal Control of Hybrid and Impulsive Systems

Hybrid dynamical systems are systems which undergo both continuous and discrete transitions. The Bolza problem from optimal control theory is applied to these systems and a hybrid version of Pontryagin's maximum principle is presented. This hybrid maximum principle is presented to emphasize its geometric nature which makes its study amenable to the tools of geometric mechanics and symplectic geometry. One explicit benefit of this geometric approach is that Zeno behavior can be strongly controlled for "generic" control problems. Moreover, when the underlying control system is a mechanical impact system, additional structure is present which can be exploited and is thus explored. Multiple examples are presented for both mechanical and non-mechanical systems.
MATHEMATICS
arxiv.org

Importance sampling approach to chance-constrained DC optimal power flow

Despite significant economic and ecological effects, a higher level of renewable energy generation leads to increased uncertainty and variability in power injections, thus compromising grid reliability. In order to improve power grid security, we investigate a joint chance-constrained (CC) direct current (DC) optimal power flow (OPF) problem. The problem aims to find economically optimal power generation while guaranteeing that all power generation, line flows, and voltages simultaneously remain within their bounds with a pre-defined probability. Unfortunately, the problem is computationally intractable even if the distribution of renewables fluctuations is specified. Moreover, existing approximate solutions to the joint CC OPF problem are overly conservative, and therefore have less value for the operational practice. This paper proposes an importance sampling approach to the CC DC OPF problem, which yields better complexity and accuracy than current state-of-the-art methods. The algorithm efficiently reduces the number of scenarios by generating and using only the most important of them, thus enabling real-time solutions for test cases with up to several hundred buses.
ENERGY INDUSTRY
arxiv.org

Impact of Spatial and Technology Aggregation on Optimal Energy System Design

Designing an optimal energy system with large shares of renewable energy sources is computationally challenging. Considering greater spatial horizon and level of detail, during the design, exacerbates this challenge. This paper investigates spatial and technology aggregation of energy system model, as a complexity-reduction technique. To that end, a novel two-step aggregation scheme based on model parameters such as Variable Renewable Energy Sources (VRES) time series and capacities, transmission capacities and distances, etc, is introduced. First, model regions are aggregated to obtain reduced region set. The aggregation is based on a holistic approach that considers all model parameters and spatial contiguity of regions. Next, technology aggregation is performed on each VRES, present in each newly-defined region. Each VRES is aggregated based on the temporal profiles to obtain a representative set. The impact of these aggregations on accuracy and computational complexity of a cost-optimal energy system design is analyzed for a European energy system scenario.The aggregations are performed to obtain different combinations of number of regions and VRES types, and the results are benchmarked against initial spatial resolution of 96 regions and 68 VRES types in each region. The results show that the system costs deviate significantly when lower number of regions and/or VRES types are considered. As the spatial resolution is increased in terms of both number of regions and VRES types, the system cost fluctuates at first and stabilizes at some point, approaching the benchmark value. Optimal combination can be determined based on an acceptable cost deviation and the point of stabilization. For instance, if <5% deviation is acceptable, 33 regions and 38 VRES types in each region is optimal. With this setting, the system cost is under-estimated by 4.42% but the run time is reduced by 92.95%.
ENERGY INDUSTRY
arxiv.org

Δ-MILP: Deep Space Network Scheduling via Mixed-Integer Linear Programming

This paper introduces $\Delta$-MILP, a powerful variant of the mixed-integer linear programming (MILP) optimization framework to solve NASA's Deep Space Network (DSN) scheduling problem. This work is an extension of our original MILP framework (DOI:10.1109/ACCESS.2021.3064928) and inherits many of its constructions and strengths, including the base MILP formulation for DSN scheduling. To provide more feasible schedules with respect to the DSN requirements, $\Delta$-MILP incorporates new sets of constraints including 1) splitting larger tracks into shorter segments and 2) preventing overlapping between tracks on different antennas. Additionally, $\Delta$-MILP leverages a heuristic to balance mission satisfaction and allows to prioritize certain missions in special scenarios including emergencies and landings. Numerical validations demonstrate that $\Delta$-MILP now satisfies 100% of the requested constraints and provides fair schedules amongst missions with respect to the state-of-the-art for the most oversubscribed weeks of the years 2016 and 2018.
INDUSTRY
TechRadar

Improving security knowledge while deploying IPv6

It’s safe to say that the move to IPv6 has been a major focus for the Internet community for some time now. The supply of IPv4 addresses was exhausted in 2019, so that milestone is now a matter for the history books. With the rates of IPv6 deployment increasing across the world, it looks as though real headway is finally being made – in fact, IPv6 is even said to be growing faster than IPv4 did, driven in great part by the growth of IoT enabled devices and smart homes.
COMPUTERS
arxiv.org

A Global Two-stage Algorithm for Non-convex Penalized High-dimensional Linear Regression Problems

By the asymptotic oracle property, non-convex penalties represented by minimax concave penalty (MCP) and smoothly clipped absolute deviation (SCAD) have attracted much attentions in high-dimensional data analysis, and have been widely used in signal processing, image restoration, matrix estimation, etc. However, in view of their non-convex and non-smooth characteristics, they are computationally challenging. Almost all existing algorithms converge locally, and the proper selection of initial values is crucial. Therefore, in actual operation, they often combine a warm-starting technique to meet the rigid requirement that the initial value must be sufficiently close to the optimal solution of the corresponding problem. In this paper, based on the DC (difference of convex functions) property of MCP and SCAD penalties, we aim to design a global two-stage algorithm for the high-dimensional least squares linear regression problems. A key idea for making the proposed algorithm to be efficient is to use the primal dual active set with continuation (PDASC) method, which is equivalent to the semi-smooth Newton (SSN) method, to solve the corresponding sub-problems. Theoretically, we not only prove the global convergence of the proposed algorithm, but also verify that the generated iterative sequence converges to a d-stationary point. In terms of computational performance, the abundant research of simulation and real data show that the algorithm in this paper is superior to the latest SSN method and the classic coordinate descent (CD) algorithm for solving non-convex penalized high-dimensional linear regression problems.
CODING & PROGRAMMING

Comments / 0

Community Policy