DSL Domain specific language. Presentation show what is DSL and what is not. Shown a simple trick to convert internal DSL into Externals. Real external DSL example shown (How to deal with regular expression complexity).
This is what we will do when we attend the workshop around 10 days in department of electronic and telecommunication engineering, King Mongkut's University of Technology Thonburi. This PBL is associated between KMUTT and SIT(Shibaura Institute of Technology)
Our life is shaped by rapid technology and how technology will develop is gaining importance. Writing clean code is one of the most important parts of this work; the original name of "Clean Code" concept, considered as a kind of art of programming and scripting. Addressing this issue will be examined through the practical examples and we will discuss how to be a better software developer.
This presentation shows the concept of a Domain Specific Language in Ruby. A language that aims to solve specific problems, as opposed to general purpose languages that are used to software development in general. A simple syntax language, so natural to read, write and above all things, be easy to understand both for the computer as a human being. Expressing yourself in a language means that the point on semantic is more important to solve specific problems than to their interpreter to know what is going on.
This is what we will do when we attend the workshop around 10 days in department of electronic and telecommunication engineering, King Mongkut's University of Technology Thonburi. This PBL is associated between KMUTT and SIT(Shibaura Institute of Technology)
Our life is shaped by rapid technology and how technology will develop is gaining importance. Writing clean code is one of the most important parts of this work; the original name of "Clean Code" concept, considered as a kind of art of programming and scripting. Addressing this issue will be examined through the practical examples and we will discuss how to be a better software developer.
This presentation shows the concept of a Domain Specific Language in Ruby. A language that aims to solve specific problems, as opposed to general purpose languages that are used to software development in general. A simple syntax language, so natural to read, write and above all things, be easy to understand both for the computer as a human being. Expressing yourself in a language means that the point on semantic is more important to solve specific problems than to their interpreter to know what is going on.
Explanation of what DSLs are with slight shift towards MPS.
Slides from my talk at Deutsche Bank.
There is nothing particulary new in these slides, there are mostly based on Martin Fowler talks and book (http://www.martinfowler.com/dslwip/).
Simplicity, ease of use, clean syntax and clear semantics are the characteristics of a good DSL that enable the users to focus on the problem. It is non-trivial to define, develop and maintain a DSL, especially using traditional compiler techniques. The Ruby programming language solves this issue to a certain extent.
Topics Covered
* Fundamentals of DSLs.
* Introduction of Ruby features for writing DSLs.
* Writing a DSL - The speakers' experience, with examples.
* Challenges and Issues.
Speaker Profiles:
Harshal Hayatnagarkar is a researcher at Tata Research Development and Design Centre, Pune (a division of TCS) with many years of experience in writing large-scale trading systems, DSLs and high performance machine learning systems. Currently he is writing a DSL for information visualization using Ruby.
Rohan Kini: is a Senior Developer at ThoughtWorks. He has been working with Ruby since 2005 on one of the earliest Ruby projects in India. He specializes in development of large-scale, web-based applications and scripting languages.
External or internal domain-specific languages (DSLs) or (fluent)
APIs? Whoever you are – a developer or a user of a DSL –
you usually have to choose side; you should not! What about
metamorphic DSLs that change their shape according to your
needs? Our 4-years journey of providing the "right" support
(in the domain of feature modeling), led us to develop an external
DSL, different shapes of an internal API, and maintain
all these languages. A key insight is that there is no one-size-fits-
all solution or no clear superiority of a solution compared
to another. On the contrary, we found that it does make sense
to continue the maintenance of an external and internal DSL.
Based on our experience and on an analysis of the DSL engineering
field, the vision that we foresee for the future of
software languages is their ability to be self-adaptable to the
most appropriate shape (including the corresponding integrated
development environment) according to a particular
usage or task. We call metamorphic DSL such a language,
able to change from one shape to another shape.
The talk has been presented at SPLASH conference in Portland (USA), Onward! Essays track.
Paper is here: https://hal.archives-ouvertes.fr/hal-01061576/fr
Web based tool for domain specific modeling PG Scholar
Embed r emoting,
Fully source code generation.
Every body can find appropriate DSML anytime on the cloud,
It requires less effort fewer low-level details to specify a given system.
The goal of this presentation is to help novice metadevelopers with development of domain specific languages (DSLs). To this end, a number of paradigms, techniques and guidelines are introduced.
This presentation was given during DSML Design Workshop at the PPL2010 conference that took place on November 17 & 18 at Océ R&D, Venlo, NL.
Invited Talk at Summer School on Semantic Web, Bertinoro, 2015
Abstract:
Two decades ago one has discussed how to build seamless digital workflows
such that the medium for data in a workflow would not switch between paper, fax, phone,
and digital, because each transcription from one to another medium would
be laborious and cost-inefficient. Thus, the issue was avoiding *medium discontinuities*.
Today, we have all-digital data workflows, but we have still plenty of *semantic discontinuities*.
In this talk, I want first to describe reasons for this discontinuities including: autonomy of
data providers, need for agility and flexibility, or decentralized organizations in
the world-wide data spaces.
Then I want to describe several semantics discontinuities and some efforts to
ameliorate them by:
1. Semantic programming (Horizontal workflow paradigm)
2. Core ontologies (Vertical workflow paradigm)
3. Semantic data production and consumption (Sticky semantics)
All too often front-end JavaScript code has been considered a second class citizen, and when treated without due care and attention it can be buggy and hard to maintain. This attitude is changing though, and thanks to the rapid growth in popularity of JavaScript as a first-class language, there is a large and expanding ecosystem of tools that a developer should know to make their client-side code as “clean” as the rest of their stack.
This talk aims to introduce and discuss how to implement modularisation, functional idioms and testing in JavaScript in an idiomatic way, to allow you to code JavaScript to a higher quality and, ultimately, more sustainably.
Building DSLs: Marriage of High Essence and Groovy MetaprogrammingSkills Matter
DSLs or Domain Specific Languages focus on a domain or a particular problem. They serve as an effective human-machine interaction tool as they're highly expressive. Their scope is fairly focused and that keeps them simple and small from the user's point of view. However, designing and implementing DSLs is not easy. Typically this involves steep learning curve and difficult parsing techniques. This is where Groovy comes in. You can take advantage of the flexible syntax of Groovy and it's metaprogramming capability to create what are called internal DSLs, that is, DSLs hosted using a higher level language.
In this fast paced highly interactive presentation you will start out learning the characteristics and types of DSLs. Then you will learn about the challenges in designing DSLs and deep dive into Groovy features that can ease the pain of implementing DSLs. Then, using some live coding, Venkat will show you how to create and implement internal DSLs using Groovy. Along the way you'll learn some tricks to facilitate desirable syntax for your DSL.
In this deck I describe twenty best practices for using external DSLs to develop software (also know as Model-Driven Development). The best practices are based on my personal experience, but they are also rated based on feedback I received from a number of colleagues to express the level of confidence experts have in the particular best practice.
The slides cover three main aspects: language definition, model processing as well as process and organizational issues. Examples include the importance of notations, viewpoints and partitioning, the role of constraints, model transformations and testing as well as some thoughts on documentation, reviews and project roles.
Putting twenty best practices into 5.000 words of course results in each best practice being quite brief. However, it also means each is highly condensed and to the point. I believe the slides remind developers of most of the critical aspects of using DSLs, and it can serve as a checklist when starting an MD* project.
DSL Construction with Ruby - ThoughtWorks Masterclass Series 2009Harshal Hayatnagarkar
Ruby language is an attractive choice for constructing internal domain-specific languages. Living true to the quote of Bjarne Stroustrup "Library Design is Language Design, and Library Design is Language Design", a good design in Ruby can be warped into a good DSL without much efforts.
Unleash the full potential of BDD concepts while overcoming SpecFlow's limitations through innovative C# techniques. In the first part of the presentation, discover how to remain fully immersed in the C# environment while incorporating BDD principles seamlessly into your workflow. The second part unveils a revolutionary idea to transform real plain English into executable code for a truly dynamic BDD experience. Harness the power of BDD and explore undiscovered realms of software development!
C# String Intern function. In this presentation, we will explore the C# string intern function, a powerful feature that optimizes memory usage and improves performance in .NET applications. We will discuss the concept of string interning, its benefits, and how the intern function works within the context of C# programming. By understanding this function, developers can effectively enhance their applications' efficiency and ensure optimal utilization of resources. Join us as we delve into the world of string interning, including real-world examples and best practices for implementing this powerful feature in your C# projects.
Explanation of what DSLs are with slight shift towards MPS.
Slides from my talk at Deutsche Bank.
There is nothing particulary new in these slides, there are mostly based on Martin Fowler talks and book (http://www.martinfowler.com/dslwip/).
Simplicity, ease of use, clean syntax and clear semantics are the characteristics of a good DSL that enable the users to focus on the problem. It is non-trivial to define, develop and maintain a DSL, especially using traditional compiler techniques. The Ruby programming language solves this issue to a certain extent.
Topics Covered
* Fundamentals of DSLs.
* Introduction of Ruby features for writing DSLs.
* Writing a DSL - The speakers' experience, with examples.
* Challenges and Issues.
Speaker Profiles:
Harshal Hayatnagarkar is a researcher at Tata Research Development and Design Centre, Pune (a division of TCS) with many years of experience in writing large-scale trading systems, DSLs and high performance machine learning systems. Currently he is writing a DSL for information visualization using Ruby.
Rohan Kini: is a Senior Developer at ThoughtWorks. He has been working with Ruby since 2005 on one of the earliest Ruby projects in India. He specializes in development of large-scale, web-based applications and scripting languages.
External or internal domain-specific languages (DSLs) or (fluent)
APIs? Whoever you are – a developer or a user of a DSL –
you usually have to choose side; you should not! What about
metamorphic DSLs that change their shape according to your
needs? Our 4-years journey of providing the "right" support
(in the domain of feature modeling), led us to develop an external
DSL, different shapes of an internal API, and maintain
all these languages. A key insight is that there is no one-size-fits-
all solution or no clear superiority of a solution compared
to another. On the contrary, we found that it does make sense
to continue the maintenance of an external and internal DSL.
Based on our experience and on an analysis of the DSL engineering
field, the vision that we foresee for the future of
software languages is their ability to be self-adaptable to the
most appropriate shape (including the corresponding integrated
development environment) according to a particular
usage or task. We call metamorphic DSL such a language,
able to change from one shape to another shape.
The talk has been presented at SPLASH conference in Portland (USA), Onward! Essays track.
Paper is here: https://hal.archives-ouvertes.fr/hal-01061576/fr
Web based tool for domain specific modeling PG Scholar
Embed r emoting,
Fully source code generation.
Every body can find appropriate DSML anytime on the cloud,
It requires less effort fewer low-level details to specify a given system.
The goal of this presentation is to help novice metadevelopers with development of domain specific languages (DSLs). To this end, a number of paradigms, techniques and guidelines are introduced.
This presentation was given during DSML Design Workshop at the PPL2010 conference that took place on November 17 & 18 at Océ R&D, Venlo, NL.
Invited Talk at Summer School on Semantic Web, Bertinoro, 2015
Abstract:
Two decades ago one has discussed how to build seamless digital workflows
such that the medium for data in a workflow would not switch between paper, fax, phone,
and digital, because each transcription from one to another medium would
be laborious and cost-inefficient. Thus, the issue was avoiding *medium discontinuities*.
Today, we have all-digital data workflows, but we have still plenty of *semantic discontinuities*.
In this talk, I want first to describe reasons for this discontinuities including: autonomy of
data providers, need for agility and flexibility, or decentralized organizations in
the world-wide data spaces.
Then I want to describe several semantics discontinuities and some efforts to
ameliorate them by:
1. Semantic programming (Horizontal workflow paradigm)
2. Core ontologies (Vertical workflow paradigm)
3. Semantic data production and consumption (Sticky semantics)
All too often front-end JavaScript code has been considered a second class citizen, and when treated without due care and attention it can be buggy and hard to maintain. This attitude is changing though, and thanks to the rapid growth in popularity of JavaScript as a first-class language, there is a large and expanding ecosystem of tools that a developer should know to make their client-side code as “clean” as the rest of their stack.
This talk aims to introduce and discuss how to implement modularisation, functional idioms and testing in JavaScript in an idiomatic way, to allow you to code JavaScript to a higher quality and, ultimately, more sustainably.
Building DSLs: Marriage of High Essence and Groovy MetaprogrammingSkills Matter
DSLs or Domain Specific Languages focus on a domain or a particular problem. They serve as an effective human-machine interaction tool as they're highly expressive. Their scope is fairly focused and that keeps them simple and small from the user's point of view. However, designing and implementing DSLs is not easy. Typically this involves steep learning curve and difficult parsing techniques. This is where Groovy comes in. You can take advantage of the flexible syntax of Groovy and it's metaprogramming capability to create what are called internal DSLs, that is, DSLs hosted using a higher level language.
In this fast paced highly interactive presentation you will start out learning the characteristics and types of DSLs. Then you will learn about the challenges in designing DSLs and deep dive into Groovy features that can ease the pain of implementing DSLs. Then, using some live coding, Venkat will show you how to create and implement internal DSLs using Groovy. Along the way you'll learn some tricks to facilitate desirable syntax for your DSL.
In this deck I describe twenty best practices for using external DSLs to develop software (also know as Model-Driven Development). The best practices are based on my personal experience, but they are also rated based on feedback I received from a number of colleagues to express the level of confidence experts have in the particular best practice.
The slides cover three main aspects: language definition, model processing as well as process and organizational issues. Examples include the importance of notations, viewpoints and partitioning, the role of constraints, model transformations and testing as well as some thoughts on documentation, reviews and project roles.
Putting twenty best practices into 5.000 words of course results in each best practice being quite brief. However, it also means each is highly condensed and to the point. I believe the slides remind developers of most of the critical aspects of using DSLs, and it can serve as a checklist when starting an MD* project.
DSL Construction with Ruby - ThoughtWorks Masterclass Series 2009Harshal Hayatnagarkar
Ruby language is an attractive choice for constructing internal domain-specific languages. Living true to the quote of Bjarne Stroustrup "Library Design is Language Design, and Library Design is Language Design", a good design in Ruby can be warped into a good DSL without much efforts.
Unleash the full potential of BDD concepts while overcoming SpecFlow's limitations through innovative C# techniques. In the first part of the presentation, discover how to remain fully immersed in the C# environment while incorporating BDD principles seamlessly into your workflow. The second part unveils a revolutionary idea to transform real plain English into executable code for a truly dynamic BDD experience. Harness the power of BDD and explore undiscovered realms of software development!
C# String Intern function. In this presentation, we will explore the C# string intern function, a powerful feature that optimizes memory usage and improves performance in .NET applications. We will discuss the concept of string interning, its benefits, and how the intern function works within the context of C# programming. By understanding this function, developers can effectively enhance their applications' efficiency and ensure optimal utilization of resources. Join us as we delve into the world of string interning, including real-world examples and best practices for implementing this powerful feature in your C# projects.
C# Mash up. Tips and tricks, unusual behavior, strange syntax and more. If you plan to use this for a C# language interview, do it carefully. Here are described extremes and not typical things. And even experienced programmers can tolerate errors here.
Photo with Fun. Фото и развлечения на лето в одной презентации. Если после просмотра вы задумаетесь над тем что фотография - это весело и интересно, то цель презентации достигнута. Презентация была показана на вечеринке Печа-Куча, Новосибирск 4 июня 2014
Climate Impact of Software Testing at Nordic Testing DaysKari Kakkonen
My slides at Nordic Testing Days 6.6.2024
Climate impact / sustainability of software testing discussed on the talk. ICT and testing must carry their part of global responsibility to help with the climat warming. We can minimize the carbon footprint but we can also have a carbon handprint, a positive impact on the climate. Quality characteristics can be added with sustainability, and then measured continuously. Test environments can be used less, and in smaller scale and on demand. Test techniques can be used in optimizing or minimizing number of tests. Test automation can be used to speed up testing.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Le nuove frontiere dell'AI nell'RPA con UiPath Autopilot™UiPathCommunity
In questo evento online gratuito, organizzato dalla Community Italiana di UiPath, potrai esplorare le nuove funzionalità di Autopilot, il tool che integra l'Intelligenza Artificiale nei processi di sviluppo e utilizzo delle Automazioni.
📕 Vedremo insieme alcuni esempi dell'utilizzo di Autopilot in diversi tool della Suite UiPath:
Autopilot per Studio Web
Autopilot per Studio
Autopilot per Apps
Clipboard AI
GenAI applicata alla Document Understanding
👨🏫👨💻 Speakers:
Stefano Negro, UiPath MVPx3, RPA Tech Lead @ BSP Consultant
Flavio Martinelli, UiPath MVP 2023, Technical Account Manager @UiPath
Andrei Tasca, RPA Solutions Team Lead @NTT Data
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
SAP Sapphire 2024 - ASUG301 building better apps with SAP Fiori.pdfPeter Spielvogel
Building better applications for business users with SAP Fiori.
• What is SAP Fiori and why it matters to you
• How a better user experience drives measurable business benefits
• How to get started with SAP Fiori today
• How SAP Fiori elements accelerates application development
• How SAP Build Code includes SAP Fiori tools and other generative artificial intelligence capabilities
• How SAP Fiori paves the way for using AI in SAP apps
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
The Metaverse and AI: how can decision-makers harness the Metaverse for their...Jen Stirrup
The Metaverse is popularized in science fiction, and now it is becoming closer to being a part of our daily lives through the use of social media and shopping companies. How can businesses survive in a world where Artificial Intelligence is becoming the present as well as the future of technology, and how does the Metaverse fit into business strategy when futurist ideas are developing into reality at accelerated rates? How do we do this when our data isn't up to scratch? How can we move towards success with our data so we are set up for the Metaverse when it arrives?
How can you help your company evolve, adapt, and succeed using Artificial Intelligence and the Metaverse to stay ahead of the competition? What are the potential issues, complications, and benefits that these technologies could bring to us and our organizations? In this session, Jen Stirrup will explain how to start thinking about these technologies as an organisation.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
zkStudyClub - Reef: Fast Succinct Non-Interactive Zero-Knowledge Regex ProofsAlex Pruden
This paper presents Reef, a system for generating publicly verifiable succinct non-interactive zero-knowledge proofs that a committed document matches or does not match a regular expression. We describe applications such as proving the strength of passwords, the provenance of email despite redactions, the validity of oblivious DNS queries, and the existence of mutations in DNA. Reef supports the Perl Compatible Regular Expression syntax, including wildcards, alternation, ranges, capture groups, Kleene star, negations, and lookarounds. Reef introduces a new type of automata, Skipping Alternating Finite Automata (SAFA), that skips irrelevant parts of a document when producing proofs without undermining soundness, and instantiates SAFA with a lookup argument. Our experimental evaluation confirms that Reef can generate proofs for documents with 32M characters; the proofs are small and cheap to verify (under a second).
Paper: https://eprint.iacr.org/2023/1886
12. DSL PROS & CONS
PROS
• Close focus on the domain area
– Own abstractions
– Specialized Syntax (till to jargon
words)
– Tweaked errors handling
– Specific tools
CONS
• Lack of support for common things,
such as math expressions
• We need to study it
• No one wants to study bad DSLs
28. REQUIREMENTS
• Write complex regular expressions
• Reuse regular expression parts in other regular expressions
• Test regular expressions and theirs parts
34. THE END. TO BE CONTINUE
Author: Dmitry Dorogoy
Emaii: dorogoj (dog) live.ru
https://dimonsmart.wordpress.com/
https://twitter.com/dimonsmart
https://www.facebook.com/DimonSmart
Editor's Notes
DSL – Domain Specific Language. Another words – language specifically designed for specific scope.
Unlike most general-purpose programming languages that are familiar to all, specialized languages have a very narrow focus.
The simplest examples of DSL are:
SQL - a database-specific language,
Air tickets search-search language, etc.
Often, the desire to create a specific tool for a specific area results in the construction of a graphic editor to indicate connections and relationships. In many cases, this approach is very good, but not at all.
Sometimes the desire to add a little graphics to something very similar to the general purpose language begins to compete with common sense. Notice how much more complex the definition of a simple condition has become.
If you decided to implement DSL in your project. It must be profitable. In other words do not do graphical DSL only because other do it.
In case shown – the graphical representation is a complete disaster. It not only make a mess but is consume more space then direct English condition (if then else).
Simple off topic. Do you know why Microsoft tiles menu with life tiles is not always good idea?
IMHO the main disadvantage is impossibility to remember application icon. For example for photos application. Why I remember this?
The graphical representation for DSL not always a bad idea. But remember the goal of this presentation. One of possible goals is simple presentation for complicated things.
Have you ever seen a wall near a database developer? What is on that wall? A database diagram!
And database developer could always remember where Clients database located. Developer used his visual memory and imagination to visualize a huge database structure. And in this case graphical representation – is a deal. But! One simple thought. What happened if you rearrange tables on this DB diagram and put it back to the wall?
But in some cases, visualization can be useful. For example, to show high-level diagrams, or algorithms block-scheme.
Another very good example of DSL – is graphical and text combined DSL.
It looks like a “visual sugar” but I think it’s more then just a sugar. This algorithm representation change the way of thinking about algorithm.
Try to imagine this example without images. Is it the same DSL? I suppose – no.
Often DSL is not just a language, but a language tied to a specific development environment. For example, it is very convenient to use the programming language to debug electrical circuits, with hints about the pin assignment. But does the diagram in the middle make the language clearer than the text?
And next discussion point – what do you think about complexity? Is it easier to support both text and graphical representation then only one of them?
And what about equivalence? Is it always possible to represent graphically any program text and vice versa?
Speaking about different DSL representations it is impossible not to mention the need to transform between representations. And some development environments provide this function. Usually this is only a one way road. May be many of you remember html file and browser window. This is a good example of one way transformation between text and graphical represntations.
A very good example of DSL is the language of graph description.
Don't think it's a very primitive language. At due diligence, it will be very powerful tool.
Cons and pros. I hope all points is clear enough.
I want you to focus on “support for common things”
This is a screenshot of the very popular graphic editor - CorelDraw.
Note how easy it is to divide page size by 2. This is the same as fold paper sheet.
Or add 10 mm to a page border. It’s sometime needed for magazine prepress operations.
You also could easily transform between different units of measurement and do simple mathematical operations.
And Yes! It's a small, but very powerful and useful DSL.
An internal DSL is a DSL based on a general purpose programming language. In fact, it is just a very well-designed library, which hides language specific details and show domain specific object and functions to the user. it's not a 100% accurate description but for now it’s ok.
Let's take an example of how you can implement a small piece of internal DSL.
As an example, let's take the graph description language.
Let's describe the classes in our subject area. Vertex. It’ll be described only with Label just for simplicity.
Graph edges. We assume that our graph is oriented. So we describe edges as From and To vertex, and edge style.
For simplicity we treat Style just as string.
And now let’s apply the popular builder pattern.
In our case, it fits just perfect.
For those who are not familiar with the pattern - pay attention to class return types.
I used two approaches here for demonstrate both.
In the first case, the class returns itself.
And in the second case, the class returns another builder-class.
The second builder contains the edge creation features. And the latest function sets the edge style and returns the previous builder.
This function could be spited into two. One sets the style and the other completes the edge creation and returns the previous builder.
As a result, we created a graph using syntax specifically focused on graph creation.
Let’s review graph creation syntax. You could hardly find C# here. It looks like special graph creation language,
Of course we see a typical C# function chain syntax. But show this to your school geometry teacher. I expect everything will be understandable.
It's all good, but it was an internal DSL.
Of course, this syntax is nice to use. And now you could create any graphs with simple builder syntax.
Next goal is search through the graph.
In other word let’s try to give uses a function to search through the already created graph without digging into C# programming environment.
And now you can do a simple but very spectacular trick!
NB! We just switch a target goal just for demo. Similar trick could be used for graph creation.
First thing we need is a System.Linq.Dynamic nuget package
And now look how we could use an internal and external DSL side by side.
In the first example we filter vertices by Key which contains the letter ‘e’.
Our Graph class contains vertices dictionary, so we use Key.
It’s easy to get rid of this just by exposing a Vertices collection with a specially designed public property.
And look at the second example.
We simulate user input as the userInput variable. And this variable contains exactly the same expression we used in the first code part.
And final action – we compare these two approaches results and get exactly the same vertices.
At that moment I’m very close to my presentation goal. If you are dreaming about giving your users the ability to write some queries by themselves. Just try to give them MVP (minimal valuable product). I showed you how easily it could be done. My solution is not for a public and production, but its very fast and simple for in-house implementation and for research.
You should not dive into external dsl implementation without a detailed research!
In case you start thinking about sql injection or something similar, the mentioned Linq.Dynamic library gives you a solution with passing parameters into the query as parameters and not as part of string. If you are interested – just take a look.
And now you are ready to hear the truth about a big, “real” DSL,
It’s really complicated. It’s true.
And at the same time it’s very interesting. Just for example take a look at the screenshot. You can see a C# based library with a beautiful name Irony.
And at the left window you can see a simple C# program. At the right window you can find a parsing tree for this program, It seems big, but if you carefully look through line by line you will find it easy to understand. At the first sight it’s a bit verbose. But it only depends on the grammar complexity and variability. Your own grammar may look more simple.
My presentation’s goal is not to dive deep into real grammars and parsers. I just want to inspire you to look at DSL’s and try.
Now it’s time to show you a real and sophisticated DSL sample.
This sample is a visual regular expression editor with Black Jack and own regular expression syntax!
Let me explain the initial requirements.
First of all we need to test a regular expression against a list of samples. Both positive and negative samples.
We might want to extend these samples by some expressions just for exploration without marking them as positive or negative.
Second, we need building blocks for composing complex regular expressions. And we would like to test these building blocks separately.
Let me describe an regular expression part syntax. It is a declaration with name and regular expression text.
Note that I use a freeform expression format that allows me to arrange regular expression by lines and provide comments for separate lines if needed.
On the slide I declare two building blocks. The first is for Number named (try to guess ) Number, And the second one is for event name having two forms. Short form ”DevDay” or long form “DeveloperDay”.
At this moment I have only building blocks. My next step is to compose a whole regular expression.
Just for a simple demonstration I suppose that we want to match number and event name or name and number. Pay your attention at the screenshot. It looks quite simple and readable.
At this moment my regular expression syntax is more powerful than many others. But where is a Black Jack?
Now it’s time to add a syntax for testing the regular expressions. A good example of syntax extension is embedding tests into the syntax. The Accept keyword is for texts that must be matched.
Reject - for texts that should not be matched. And Sample – for a text we just want to track for curiosity.
It looks like a real black jack. And now it is time for …. Another black jack
We want more than just to see our tests status. We also want to see the exact matched text. Cool? If not, we can even see a predicted execution time and the complexity of the resulted regular expression.
By the way, there can be some pathological regular expressions that perform very slowly and with a significant memory consumption. And the difference between normal and pathological regular expressions may be just with one symbol! So it’s important to not only know the matching status but also the matching speed.
Speed? You should note how I measure the matching speed only for short samples. It’s useful for edge cases. But what about a normal flow?
It’s my DSL and I can improve it! Testing speed of the short samples is a good idea but we can do even better. I’ve added a testing against some typical patterns, English text, Numbers (spreadsheet simulation), mixed text and numbers and something close to random binary file.
Feel free to contact me. If I’m not answering just try twitter