The document discusses the Lua virtual machine (LuaVM) bytecode format and instructions. It shows an example Lua function written in bytecode format, with each instruction taking up one bytecode. The bytecode format uses registers to reference values on the stack and constants to reference values in the constant table. Common Lua operations like variable assignment and table indexing can be represented in a single bytecode instruction this way.
ゼロから作るKubernetesによるJupyter as a Service ー Kubernetes Meetup Tokyo #43Preferred Networks
Preferred Networksでは新物質開発や材料探索を加速する汎用原子レベルシミュレータを利用できるクラウドサービスを開発しています。 顧客毎に独立した環境にユーザがJupyter Notebookを立ち上げ、自社PyPIパッケージによりAPI経由で弊社独自技術を簡単に利用できます。Kubernetesの機能を駆使してマルチテナント環境を構築しており、各顧客に独立したAPIサーバを提供し、その負荷状況によりAPIサーバをスケーリングさせたり、顧客毎にNotebookに対する通信制限や配置Nodeの制御などを実現しています。
本発表ではKubernetesによるマルチテナントJupyter as a Serviceの実現方法を紹介します。
Lab08/Lab08.cppLab08/Lab08.cpp//**************************************************************************************************************
// FILE: Lab08.cpp
//
// DESCRIPTION: Contains the main() function. Instantiates a PointTest object which tests the Point class.
//
// AUTHORS: your-name (your-email-address)
// your-partner's-name (your-partners-email-address)
//
// COURSE: CSE100 Principles of Programming with C++, Fall 2015
//
// LAB INFO: Lab 8 Date/Time: your-lab-date-and-time TA: your-lab-ta
//--------------------------------------------------------------------------------------------------------------
// TESTING:
//
// TEST CASE 1:
// ------------
// TEST CASE INPUT DATA:
// Point p1 x = 11
// Point p1 y = 22
// Point p2 x = -33
// Point p2 y = -44
//
// EXPECTED OUTPUT GIVEN THE INPUT:
// The point p1 is (11, 22)
// The point p2 is (-33, -44)
// The distance between the points is 79.322
// Moving point p1...The point p1 is now at (100, 200)
// The distance between the points is 277.894
// Moving point p2...The point p2 is now at (300, 400)
// The distance between the points is 282.843
//
// OBSERVED OUTPUT:
// Document the output from your program when you perform this test case
//
// TEST CASE RESULT: Document PASS or FAIL
//
// TEST CASE 2:
// ------------
// TEST CASE INPUT DATA:
// Point p1 x = ???
// Point p1 y = ???
// Point p2 x = ???
// Point p2 y = ???
//
// EXPECTED OUTPUT GIVEN THE INPUT:
// ??? Document the expected output ???
//
// OBSERVED OUTPUT:
// ??? Document the output from your program when you perform this test case ???
//
// TEST CASE RESULT: ??? Document PASS or FAIL ???
//**************************************************************************************************************
#include"PointTest.hpp"
//--------------------------------------------------------------------------------------------------------------
// FUNCTION: main()
//
// DESCRIPTION
// Starting point for the program.
//
// PSEUDOCODE
// Define a PointTest object named pointTest calling the default ctor.
// Call run() on the pointTest object.
// Return 0.
//--------------------------------------------------------------------------------------------------------------
???
Lab08/Point.cppLab08/Point.cpp//**************************************************************************************************************
// FILE: Point.cpp
//
// DESCRIPTION: Implementation of the Point class. See Point.hpp for the class declaration.
//
// AUTHORS: your-name (your-email-address)
// your-partner's-name (your-partners-email-address)
//
// COURSE: CSE100 Principles of Programming with C++, Fall 2015
//
// LAB INFO: Lab 8 Date/Time: your-lab-date-and-time TA: your-lab-ta
//**************************************************************************************************************
#include<cmath>// For sqrt()
#include<sstream>// For stringstre ...
Data structuresUsing java language and develop a prot.pdfarmyshoes
Data structures:
****Using java language and develop a prototype for a demo program that reads in strings that
look like:
Using the infix to postfix code below:
A = 3; // your code should store A and 3 as a key-value pair
B = 4; // your code should store B and 4 as a key-value pair
A; // your code should now look-up A and then display its value
later we (you) will add the ability to write
Y = A * B + 3;
Y; // your code should show 16
Using this code
// infix.java
// converts infix arithmetic expressions to postfix
// to run this program: C>java InfixApp
import java.io.*; // for I/O
////////////////////////////////////////////////////////////////
class StackX {
private int maxSize;
private char[] stackArray;
private int top;
// --------------------------------------------------------------
public StackX(int s) // constructor
{
maxSize = s;
stackArray = new char[maxSize];
top = -1;
}
// --------------------------------------------------------------
public void push(char j) // put item on top of stack
{
stackArray[++top] = j;
}
// --------------------------------------------------------------
public char pop() // take item from top of stack
{
return stackArray[top--];
}
// --------------------------------------------------------------
public char peek() // peek at top of stack
{
return stackArray[top];
}
// --------------------------------------------------------------
public boolean isEmpty() // true if stack is empty
{
return (top == -1);
}
// -------------------------------------------------------------
public int size() // return size
{
return top + 1;
}
// --------------------------------------------------------------
public char peekN(int n) // return item at index n
{
return stackArray[n];
}
// --------------------------------------------------------------
public void displayStack(String s) {
System.out.print(s);
System.out.print(\"Stack (bottom-->top): \");
for (int j = 0; j < size(); j++) {
System.out.print(peekN(j));
System.out.print(\' \');
}
System.out.println(\" \");
}
// --------------------------------------------------------------
} // end class StackX
////////////////////////////////////////////////////////////////
class InToPost // infix to postfix conversion
{
private StackX theStack;
private String input;
private String output = \"\";
// --------------------------------------------------------------
public InToPost(String in) // constructor
{
input = in;
int stackSize = input.length();
theStack = new StackX(stackSize);
}
// --------------------------------------------------------------
public String doTrans() // do translation to postfix
{
for (int j = 0; j < input.length(); j++) {
char ch = input.charAt(j);
theStack.displayStack(\"For \" + ch + \" \"); // *diagnostic*
switch (ch) {
case \'+\': // it’s + or -
case \'-\':
gotOper(ch, 1); // go pop operators
break; // (precedence 1)
case \'*\': // it’s * or /
case \'/\':
gotOper(ch, 2); // go pop operators
break; // (precedence 2)
case \'(\': // it’s a left paren
theStack.push(.
ゼロから作るKubernetesによるJupyter as a Service ー Kubernetes Meetup Tokyo #43Preferred Networks
Preferred Networksでは新物質開発や材料探索を加速する汎用原子レベルシミュレータを利用できるクラウドサービスを開発しています。 顧客毎に独立した環境にユーザがJupyter Notebookを立ち上げ、自社PyPIパッケージによりAPI経由で弊社独自技術を簡単に利用できます。Kubernetesの機能を駆使してマルチテナント環境を構築しており、各顧客に独立したAPIサーバを提供し、その負荷状況によりAPIサーバをスケーリングさせたり、顧客毎にNotebookに対する通信制限や配置Nodeの制御などを実現しています。
本発表ではKubernetesによるマルチテナントJupyter as a Serviceの実現方法を紹介します。
Lab08/Lab08.cppLab08/Lab08.cpp//**************************************************************************************************************
// FILE: Lab08.cpp
//
// DESCRIPTION: Contains the main() function. Instantiates a PointTest object which tests the Point class.
//
// AUTHORS: your-name (your-email-address)
// your-partner's-name (your-partners-email-address)
//
// COURSE: CSE100 Principles of Programming with C++, Fall 2015
//
// LAB INFO: Lab 8 Date/Time: your-lab-date-and-time TA: your-lab-ta
//--------------------------------------------------------------------------------------------------------------
// TESTING:
//
// TEST CASE 1:
// ------------
// TEST CASE INPUT DATA:
// Point p1 x = 11
// Point p1 y = 22
// Point p2 x = -33
// Point p2 y = -44
//
// EXPECTED OUTPUT GIVEN THE INPUT:
// The point p1 is (11, 22)
// The point p2 is (-33, -44)
// The distance between the points is 79.322
// Moving point p1...The point p1 is now at (100, 200)
// The distance between the points is 277.894
// Moving point p2...The point p2 is now at (300, 400)
// The distance between the points is 282.843
//
// OBSERVED OUTPUT:
// Document the output from your program when you perform this test case
//
// TEST CASE RESULT: Document PASS or FAIL
//
// TEST CASE 2:
// ------------
// TEST CASE INPUT DATA:
// Point p1 x = ???
// Point p1 y = ???
// Point p2 x = ???
// Point p2 y = ???
//
// EXPECTED OUTPUT GIVEN THE INPUT:
// ??? Document the expected output ???
//
// OBSERVED OUTPUT:
// ??? Document the output from your program when you perform this test case ???
//
// TEST CASE RESULT: ??? Document PASS or FAIL ???
//**************************************************************************************************************
#include"PointTest.hpp"
//--------------------------------------------------------------------------------------------------------------
// FUNCTION: main()
//
// DESCRIPTION
// Starting point for the program.
//
// PSEUDOCODE
// Define a PointTest object named pointTest calling the default ctor.
// Call run() on the pointTest object.
// Return 0.
//--------------------------------------------------------------------------------------------------------------
???
Lab08/Point.cppLab08/Point.cpp//**************************************************************************************************************
// FILE: Point.cpp
//
// DESCRIPTION: Implementation of the Point class. See Point.hpp for the class declaration.
//
// AUTHORS: your-name (your-email-address)
// your-partner's-name (your-partners-email-address)
//
// COURSE: CSE100 Principles of Programming with C++, Fall 2015
//
// LAB INFO: Lab 8 Date/Time: your-lab-date-and-time TA: your-lab-ta
//**************************************************************************************************************
#include<cmath>// For sqrt()
#include<sstream>// For stringstre ...
Data structuresUsing java language and develop a prot.pdfarmyshoes
Data structures:
****Using java language and develop a prototype for a demo program that reads in strings that
look like:
Using the infix to postfix code below:
A = 3; // your code should store A and 3 as a key-value pair
B = 4; // your code should store B and 4 as a key-value pair
A; // your code should now look-up A and then display its value
later we (you) will add the ability to write
Y = A * B + 3;
Y; // your code should show 16
Using this code
// infix.java
// converts infix arithmetic expressions to postfix
// to run this program: C>java InfixApp
import java.io.*; // for I/O
////////////////////////////////////////////////////////////////
class StackX {
private int maxSize;
private char[] stackArray;
private int top;
// --------------------------------------------------------------
public StackX(int s) // constructor
{
maxSize = s;
stackArray = new char[maxSize];
top = -1;
}
// --------------------------------------------------------------
public void push(char j) // put item on top of stack
{
stackArray[++top] = j;
}
// --------------------------------------------------------------
public char pop() // take item from top of stack
{
return stackArray[top--];
}
// --------------------------------------------------------------
public char peek() // peek at top of stack
{
return stackArray[top];
}
// --------------------------------------------------------------
public boolean isEmpty() // true if stack is empty
{
return (top == -1);
}
// -------------------------------------------------------------
public int size() // return size
{
return top + 1;
}
// --------------------------------------------------------------
public char peekN(int n) // return item at index n
{
return stackArray[n];
}
// --------------------------------------------------------------
public void displayStack(String s) {
System.out.print(s);
System.out.print(\"Stack (bottom-->top): \");
for (int j = 0; j < size(); j++) {
System.out.print(peekN(j));
System.out.print(\' \');
}
System.out.println(\" \");
}
// --------------------------------------------------------------
} // end class StackX
////////////////////////////////////////////////////////////////
class InToPost // infix to postfix conversion
{
private StackX theStack;
private String input;
private String output = \"\";
// --------------------------------------------------------------
public InToPost(String in) // constructor
{
input = in;
int stackSize = input.length();
theStack = new StackX(stackSize);
}
// --------------------------------------------------------------
public String doTrans() // do translation to postfix
{
for (int j = 0; j < input.length(); j++) {
char ch = input.charAt(j);
theStack.displayStack(\"For \" + ch + \" \"); // *diagnostic*
switch (ch) {
case \'+\': // it’s + or -
case \'-\':
gotOper(ch, 1); // go pop operators
break; // (precedence 1)
case \'*\': // it’s * or /
case \'/\':
gotOper(ch, 2); // go pop operators
break; // (precedence 2)
case \'(\': // it’s a left paren
theStack.push(.
In this talk we will discover the "new" version of the standard of the most hated|used|loved programming language: JavaScript. We're going to see how it evolved and how it got better, making our developers' life definitely better.
We will also see how it allows us to pick our favourite paradigm: Functional or Object Oriented.
Michal Malohlava presents: Open Source H2O and Scala Sri Ambati
Michal Malohlava discusses the magic behind the math - exposing the way that open source big data analysis H2O uses Scala to get work done, and demos how users can interact with Scala to get the most out of data analysis.
Please fix my errors class Iterator public Construc.pdfkitty811
Please fix my errors
class Iterator
{
public:
/// Constructor taking a head and tail pointer; YOU'RE WELCOME
Iterator(Node<T> *head, Node<T> *tail) : head_(head), tail_(tail)
{
cursor_ = end();
}
/// Constructor taking a head, tail, and cursor pointer; YOU'RE WELCOME
Iterator(Node<T> *head, Node<T> *tail, Node<T> *cursor) : head_(head), tail_(tail),
cursor_(cursor) {}
/// Get a pointer to the head node, or end() if this list is empty
Node<T> *begin() { return head_; }
/// Get a node pointer representing "end" (aka "depleted"). Probably want to just use nullptr.
Node<T> *end() { return nullptr; }
/// Get the node to which this iterator is currently pointing
Node<T> *getCursor() { return cursor_; }
/**
* Assignment operator
* Return a copy of this Iterator, after modification
*/
Iterator &operator=(const Iterator &other)
{
head_ = other.head_;
tail_ = other.tail_;
cursor_ = other.cursor_;
return *this;
}
/**
* Comparison operator
* Returns true if this iterator is equal to the other iterator, false otherwise
*/
bool operator==(const Iterator &other)
{
return cursor_ == other.cursor_;
}
/**
* Inequality comparison operator
* Returns true if this iterator is not equal to the other iterator, false otherwise
*/
bool operator!=(const Iterator &other)
{
return !(*this == other);
}
/**
* Prefix increment operator
* Return a copy of this Iterator, after modification
*/
Iterator &operator++()
{
cursor_ = cursor_->getNext();
return *this;
}
/*** Postfix increment
* Return a copy of this Iterator, BEFORE it was modified
*/
Iterator operator++(int)
{
Iterator copy(*this);
++(*this);
return copy;
}
/*** Prefix decrement operator
* Return a copy of this Iterator, after modification
*/
Iterator &operator--()
{
cursor_ = cursor_->getPrev();
return *this;
}
/**
* Postfix decrement operator
* Return a copy of this Iterator BEFORE it was modified
*/
Iterator operator--(int)
{
Iterator copy = *this;
--(*this);
return copy;
}
/**
* AdditionAssignment operator
* Return a copy of the current iterator, after modification
*/
Iterator operator+=(size_t add)
{
for (size_t i = 0; i < add && cursor_ != nullptr; ++i)
{
cursor_ = cursor_->getNext();
}
return *this;
}
/**
* SubtractionAssignment operator
* Return a copy of the current iterator, after modification
*/
Iterator operator-=(size_t sub)
{
for (size_t i = 0; i < sub && cursor_ != nullptr; ++i)
{
cursor_ = cursor_->getPrev();
}
return *this;
}
/**
* AdditionAssignment operator, supporting positive or negative ints
*/
Iterator operator+=(int add)
{
if (add > 0)
{
for (int i = 0; i < add && cursor_ != nullptr; ++i)
{
cursor_ = cursor_->getNext();
}
}
else
{
for (int i = 0; i > add && cursor_->getPrev() != nullptr; --i)
{
cursor_ = cursor_->getPrev();
}
}
return *this;
}
/**
* SubtractionAssignment operator, supporting positive or negative ints
*/
Iterator operator-=(int subtract)
{
// This function adds an integer to the current iterators position in the list,
if (subtract > 0)
{
for (int i = 0; i < subtract && cursor_.
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
GraphSummit Singapore | The Art of the Possible with Graph - Q2 2024Neo4j
Neha Bajwa, Vice President of Product Marketing, Neo4j
Join us as we explore breakthrough innovations enabled by interconnected data and AI. Discover firsthand how organizations use relationships in data to uncover contextual insights and solve our most pressing challenges – from optimizing supply chains, detecting fraud, and improving customer experiences to accelerating drug discoveries.
Enchancing adoption of Open Source Libraries. A case study on Albumentations.AIVladimir Iglovikov, Ph.D.
Presented by Vladimir Iglovikov:
- https://www.linkedin.com/in/iglovikov/
- https://x.com/viglovikov
- https://www.instagram.com/ternaus/
This presentation delves into the journey of Albumentations.ai, a highly successful open-source library for data augmentation.
Created out of a necessity for superior performance in Kaggle competitions, Albumentations has grown to become a widely used tool among data scientists and machine learning practitioners.
This case study covers various aspects, including:
People: The contributors and community that have supported Albumentations.
Metrics: The success indicators such as downloads, daily active users, GitHub stars, and financial contributions.
Challenges: The hurdles in monetizing open-source projects and measuring user engagement.
Development Practices: Best practices for creating, maintaining, and scaling open-source libraries, including code hygiene, CI/CD, and fast iteration.
Community Building: Strategies for making adoption easy, iterating quickly, and fostering a vibrant, engaged community.
Marketing: Both online and offline marketing tactics, focusing on real, impactful interactions and collaborations.
Mental Health: Maintaining balance and not feeling pressured by user demands.
Key insights include the importance of automation, making the adoption process seamless, and leveraging offline interactions for marketing. The presentation also emphasizes the need for continuous small improvements and building a friendly, inclusive community that contributes to the project's growth.
Vladimir Iglovikov brings his extensive experience as a Kaggle Grandmaster, ex-Staff ML Engineer at Lyft, sharing valuable lessons and practical advice for anyone looking to enhance the adoption of their open-source projects.
Explore more about Albumentations and join the community at:
GitHub: https://github.com/albumentations-team/albumentations
Website: https://albumentations.ai/
LinkedIn: https://www.linkedin.com/company/100504475
Twitter: https://x.com/albumentations
UiPath Test Automation using UiPath Test Suite series, part 6DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 6. In this session, we will cover Test Automation with generative AI and Open AI.
UiPath Test Automation with generative AI and Open AI webinar offers an in-depth exploration of leveraging cutting-edge technologies for test automation within the UiPath platform. Attendees will delve into the integration of generative AI, a test automation solution, with Open AI advanced natural language processing capabilities.
Throughout the session, participants will discover how this synergy empowers testers to automate repetitive tasks, enhance testing accuracy, and expedite the software testing life cycle. Topics covered include the seamless integration process, practical use cases, and the benefits of harnessing AI-driven automation for UiPath testing initiatives. By attending this webinar, testers, and automation professionals can gain valuable insights into harnessing the power of AI to optimize their test automation workflows within the UiPath ecosystem, ultimately driving efficiency and quality in software development processes.
What will you get from this session?
1. Insights into integrating generative AI.
2. Understanding how this integration enhances test automation within the UiPath platform
3. Practical demonstrations
4. Exploration of real-world use cases illustrating the benefits of AI-driven test automation for UiPath
Topics covered:
What is generative AI
Test Automation with generative AI and Open AI.
UiPath integration with generative AI
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
6. I think that one cannot completely grok a
scripting language, or any complex system for
that matter, without slitting the animal open
and examining the entrails, organs and other
yucky stuff that isn’t normally seen.
2010 2 24
11. /*----------------------------------------------------------------------
38 (5.1.4 ) name args description
------------------------------------------------------------------------*/
OP_MOVE,/* A B R(A) := R(B) */
OP_LOADK,/* A Bx R(A) := Kst(Bx) */
OP_LOADBOOL,/* A B C R(A) := (Bool)B; if (C) pc++ */
R(X) X OP_LOADNIL,/* A B R(A) := ... := R(B) := nil */
OP_GETUPVAL,/* A B R(A) := UpValue[B] */
OP_GETGLOBAL,/* A Bx R(A) := Gbl[Kst(Bx)] */
OP_GETTABLE,/* A B C R(A) := R(B)[RK(C)]
*/
OP_SETGLOBAL,/* A Bx Gbl[Kst(Bx)] := R(A) */
OP_SETUPVAL,/* A B UpValue[B] := R(A) */
OP_SETTABLE,/* A B C R(A)[RK(B)] := RK(C) */
OP_NEWTABLE,/* A B C R(A) := {} (size = B,C) */
OP_SELF,/* A B C R(A+1) := R(B); R(A) := R(B)[RK(C)] */
OP_ADD,/* A B C R(A) := RK(B) + RK(C) */
K(X) X OP_SUB,/*
OP_MUL,/*
A B C R(A) := RK(B) - RK(C)
A B C R(A) := RK(B) * RK(C)
*/
*/
OP_DIV,/* A B C R(A) := RK(B) / RK(C) */
OP_MOD,/* A B C R(A) := RK(B) % RK(C) */
OP_POW,/* A B C R(A) := RK(B) ^ RK(C) */
OP_UNM,/* A B R(A) := -R(B) */
OP_NOT,/* A B R(A) := not R(B) */
OP_LEN,/* A B R(A) := length of R(B) */
OP_CONCAT,/* A B C R(A) := R(B).. ... ..R(C) */
RK(X) R(X) OP_JMP,/*
OP_EQ,/*
OP_LT,/*
sBx pc+=sBx
A B C if ((RK(B) == RK(C)) ~= A) then pc++
A B C if ((RK(B) < RK(C)) ~= A) then pc++
*/
*/
*/
OP_LE,/* A B C if ((RK(B) <= RK(C)) ~= A) then pc++ */
K(X-k) OP_TEST,/* A C if not (R(A) <=> C) then pc++
OP_TESTSET,/*
*/
A B C if (R(B) <=> C) then R(A) := R(B) else pc++ */
OP_CALL,/* A B C R(A), ... ,R(A+C-2) := R(A)(R(A+1), ... ,R(A+B-1)) */
OP_TAILCALL,/* A B C return R(A)(R(A+1), ... ,R(A+B-1)) */
OP_RETURN,/* A B return R(A), ... ,R(A+B-2) (see note) */
OP_FORLOOP,/* A sBx R(A)+=R(A+2);
if R(A) <?= R(A+1) then { pc+=sBx; R(A+3)=R(A) }*/
OP_FORPREP,/* A sBx R(A)-=R(A+2); pc+=sBx */
OP_TFORLOOP,/* A C R(A+3), ... ,R(A+2+C) := R(A)(R(A+1), R(A+2));
if R(A+3) ~= nil then R(A+2)=R(A+3) else pc++ */
OP_SETLIST,/* A B C R(A)[(C-1)*FPF+i] := R(A+i), 1 <= i <= B */
OP_CLOSE,/* A close all variables in the stack up to (>=) R(A)*/
OP_CLOSURE,/* A Bx R(A) := closure(KPROTO[Bx], R(A), ... ,R(A+n)) */
OP_VARARG/* A B R(A), R(A+1), ..., R(A+B-1) = vararg */
2010 2 24
12. /*----------------------------------------------------------------------
38 (5.1.4 ) name args description
------------------------------------------------------------------------*/
OP_MOVE,/* A B R(A) := R(B) */
OP_LOADK,/* A Bx R(A) := Kst(Bx) */
OP_LOADBOOL,/* A B C R(A) := (Bool)B; if (C) pc++ */
R(X) X OP_LOADNIL,/* A B R(A) := ... := R(B) := nil */
OP_GETUPVAL,/* A B R(A) := UpValue[B] */
OP_GETGLOBAL,/* A Bx R(A) := Gbl[Kst(Bx)] */
OP_GETTABLE,/* A B C R(A) := R(B)[RK(C)]
*/
OP_SETGLOBAL,/* A Bx Gbl[Kst(Bx)] := R(A) */
OP_SETUPVAL,/* A B UpValue[B] := R(A) */
OP_SETTABLE,/* A B C R(A)[RK(B)] := RK(C) */
OP_NEWTABLE,/* A B C R(A) := {} (size = B,C) */
OP_SELF,/* A B C R(A+1) := R(B); R(A) := R(B)[RK(C)] */
OP_ADD,/* A B C R(A) := RK(B) + RK(C) */
K(X) X OP_SUB,/*
OP_MUL,/*
A B C R(A) := RK(B) - RK(C)
A B C R(A) := RK(B) * RK(C)
*/
*/
OP_DIV,/* A B C R(A) := RK(B) / RK(C) */
OP_MOD,/* A B C R(A) := RK(B) % RK(C) */
OP_POW,/* A B C R(A) := RK(B) ^ RK(C) */
OP_UNM,/* A B R(A) := -R(B) */
OP_NOT,/* A B R(A) := not R(B) */
OP_LEN,/* A B R(A) := length of R(B) */
OP_CONCAT,/* A B C R(A) := R(B).. ... ..R(C) */
RK(X) R(X) OP_JMP,/*
OP_EQ,/*
OP_LT,/*
sBx pc+=sBx
A B C if ((RK(B) == RK(C)) ~= A) then pc++
A B C if ((RK(B) < RK(C)) ~= A) then pc++
*/
*/
*/
OP_LE,/* A B C if ((RK(B) <= RK(C)) ~= A) then pc++ */
K(X-k) OP_TEST,/* A C if not (R(A) <=> C) then pc++
OP_TESTSET,/*
*/
A B C if (R(B) <=> C) then R(A) := R(B) else pc++ */
OP_CALL,/* A B C R(A), ... ,R(A+C-2) := R(A)(R(A+1), ... ,R(A+B-1)) */
OP_TAILCALL,/* A B C return R(A)(R(A+1), ... ,R(A+B-1)) */
OP_RETURN,/* A B return R(A), ... ,R(A+B-2) (see note) */
OP_FORLOOP,/* A sBx R(A)+=R(A+2);
if R(A) <?= R(A+1) then { pc+=sBx; R(A+3)=R(A) }*/
OP_FORPREP,/* A sBx R(A)-=R(A+2); pc+=sBx */
OP_TFORLOOP,/* A C R(A+3), ... ,R(A+2+C) := R(A)(R(A+1), R(A+2));
if R(A+3) ~= nil then R(A+2)=R(A+3) else pc++ */
OP_SETLIST,/* A B C R(A)[(C-1)*FPF+i] := R(A+i), 1 <= i <= B */
OP_CLOSE,/* A close all variables in the stack up to (>=) R(A)*/
OP_CLOSURE,/* A Bx R(A) := closure(KPROTO[Bx], R(A), ... ,R(A+n)) */
OP_VARARG/* A B R(A), R(A+1), ..., R(A+B-1) = vararg */
2010 2 24
14. NEWTABLE
SELF
ADD
SUB
MUL
DIV
MOD
POW
UNM
NOT
2010 2 24
15. LEN
CONCAT
JMP
EQ
LT
LE
TEST
TESTSET
CALL
TAILCALL
2010 2 24
16. RETURN
FORLOOP for FORPREP
FORPREP for
TFORLOOP for
SETLIST
CLOSE
CLOSURE
VARARG
2010 2 24
17. 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
OP A B C
OP A Bx
OP A sBx
Figure 6: Instruction layout
OP 6bit
function max (a,b)
local m = a 1 MOVE 2 0 0 ; R(2) = R(0)
if b > a then 2 LT 0 0 1 ; R(0) < R(1) ?
m = b
end
3
4
A
JMP
MOVE
1
2 1 0
;
;
8bit
to 5 (4+1)
R(2) = R(1)
return m 5 RETURN 2 2 0 ; return R(2)
end 6 B C 9bit
RETURN 0 1 0 ; return
18bit 7: Bytecode for a Lua function
Figure
Bx(unsigned) or sBx(signed)
a register or a constant (using the representation RK(X) explained above). With
this format, several typical operations in Lua can be coded in a single instruction.
2010 2 24
18. OP A Bx
OP A sBx
Figure 6: Instruction layout
function max (a,b)
local m = a 1 MOVE 2 0 0 ; R(2) = R(0)
if b > a then 2 LT 0 0 1 ; R(0) < R(1) ?
m = b 3 JMP 1 ; to 5 (4+1)
end 4 MOVE 2 1 0 ; R(2) = R(1)
return m 5 RETURN 2 2 0 ; return R(2)
end 6 RETURN 0 1 0 ; return
Figure 7: Bytecode for a Lua function
a register or a constant (using the representation RK(X) explained above). With
this format, several typical operations in Lua can be coded in a single instruction.
For instance, the increment of a local variable, such as a = a + 1, is coded
as ADD x x y, where x represents the register holding the local variable and y
represents the constant 1. An assignment like a = b.f, when both a and b are
local variables, is also coded as the single instruction GETTABLE x y z, where x
is the register for a, y is the register for b, and z is the index of the string
constant "f". (In Lua, the syntax b.f is syntactic sugar for b["f"], that is, b
2010 2 24 indexed by the string "f".)
19. OP A Bx
OP A sBx
Figure 6: Instruction layout
function max (a,b)
local m = a 1 MOVE 2 0 0 ; R(2) = R(0)
if b > a then 2 LT 0 0 1 ; R(0) < R(1) ?
m = b 3 JMP 1 ; to 5 (4+1)
end 4 MOVE 2 1 0 ; R(2) = R(1)
return m 5 RETURN 2 2 0 ; return R(2)
end 6 RETURN 0 1 0 ; return
Figure 7: Bytecode for a Lua function
R(0) == a, R(1) == b
a register or a constant (using the representation RK(X) explained above). With
this format, several typical operations in Lua can be coded in a single instruction.
LT For instance, the increment of a local variable, such as a = a + 1, is coded
as ADD x x y, where x represents the register holding the local variable and y
PC++ JMP
represents the constant 1. An assignment like a = b.f, when both a and b are
local variables, is also coded as the single instruction GETTABLE x y z, where x
OP_LT,/* A B C if ((RK(B) < RK(C)) ~= A) then pc++
is the register for a, y is the register for b, and z is the index of the string
constant "f". (In Lua, the syntax b.f is syntactic sugar for b["f"], that is, b
*/
2010 2 24 indexed by the string "f".)
53. ual machine with the new optimization for arrays can reduce the runnin
up to 40%.
The complete code of Lua 5.0 is available for browsing at Lua’s web site
p://www.lua.org/source/5.0/.
program Lua 4.0 Lua 5’ Lua 5.0
sum (2e7) 1.23 0.54 (44%) 0.54 (44%)
fibo (30) 0.95 0.68 (72%) 0.69 (73%)
ack (8) 1.00 0.86 (86%) 0.88 (88%)
random (1e6) 1.04 0.96 (92%) 0.96 (92%)
sieve (100) 0.93 0.82 (88%) 0.57 (61%)
heapsort (5e4) 1.08 1.05 (97%) 0.70 (65%)
matrix (50) 0.84 0.82 (98%) 0.59 (70%)
re 10: Benchmarks (times in seconds; percentages are relative to Lua 4.0)
Lua
2010 2 24
57. LuaVM
Lua-Alchemy(Lua on Flash)
kahlua(Lua on Java[J2ME])
Yueliang(Lua on Lua)
LuaCLR(Lua on .NET)
Lua2js(Lua on JavaScript)
http://lua-users.org/wiki/
LuaImplementations
2010 2 24
58. The Implementation of Lua 5.0
The Evolution of Lua
A No-Frills Introduction to Lua 5.1 VM
Instructions
Lua lvm.c lopcodes.h
2010 2 24