This document discusses reusability, portability, and interoperability in object-oriented analysis and design. It provides examples of deliberate software reuse from companies like Raytheon, Toshiba, NASA, GTE, and Hewlett-Packard that achieved reuse rates from 15-60% and significant cost savings and productivity gains. Barriers to reuse include the "not invented here" attitude and bugs in reused code. The document also discusses achieving portability across platforms and interoperability between programs from different vendors.
This calculator has been developed by me. It gives high precision results which
Normal calculator can not give. It is helpful in calculations for Space technology,
Supercomputers, Nano technology etc. I can give this calculator to interested people.
Software development effort reduction with Co-oplbergmans
This talks explains the motivations for the Co-op technology: what are the challenges it addresses, in particular focusing on reducing accidental complexity, where it comes from, and a general vision on how to resolve it. Then we continue to show practical application of Co-op, including experience figures from large-scale application of a previous generation of this technology. Show a little bit about its realization, and conclude with an evaluation of the technology.
Is Multicore Hardware For General-Purpose Parallel Processing Broken? : NotesSubhajit Sahu
Highlighted notes of article while studying Concurrent Data Structures, CSE:
Is Multicore Hardware For General-Purpose Parallel Processing Broken?
By Uzi Vishkin
Communications of the ACM, April 2014, Vol. 57 No. 4, Pages 35-39
10.1145/2580945
CS266 Software Reverse Engineering (SRE)
Reengineering and Reuse of Legacy Software
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
This calculator has been developed by me. It gives high precision results which
Normal calculator can not give. It is helpful in calculations for Space technology,
Supercomputers, Nano technology etc. I can give this calculator to interested people.
Software development effort reduction with Co-oplbergmans
This talks explains the motivations for the Co-op technology: what are the challenges it addresses, in particular focusing on reducing accidental complexity, where it comes from, and a general vision on how to resolve it. Then we continue to show practical application of Co-op, including experience figures from large-scale application of a previous generation of this technology. Show a little bit about its realization, and conclude with an evaluation of the technology.
Is Multicore Hardware For General-Purpose Parallel Processing Broken? : NotesSubhajit Sahu
Highlighted notes of article while studying Concurrent Data Structures, CSE:
Is Multicore Hardware For General-Purpose Parallel Processing Broken?
By Uzi Vishkin
Communications of the ACM, April 2014, Vol. 57 No. 4, Pages 35-39
10.1145/2580945
CS266 Software Reverse Engineering (SRE)
Reengineering and Reuse of Legacy Software
Teodoro (Ted) Cipresso, teodoro.cipresso@sjsu.edu
Department of Computer Science
San José State University
Spring 2015
Developing Real-Time Systems on Application ProcessorsToradex
Guaranteeing real-time and deterministic behavior on SoC-based systems can be challenging. In this blog post, we offer three approaches to add real-time control to systems that use a SoC running a feature-rich OS such as Linux. https://www.toradex.com/blog/developing-real-time-systems-on-application-processors
Introduction into the problems of developing parallel programsPVS-Studio
As developing parallel software is rather a difficult task at present, the questions of theoretical training of specialists and investigation of methodology of projecting such systems become very urgent. Within the framework of this article we provide historical and technical information preparing a programmer for gaining knowledge in the sphere of developing parallel computer systems.
Development of resource-intensive applications in Visual C++Andrey Karpov
The article will familiarize application developers with tasks given them by the mass introduction of 64-bit multi-core processors symbolizing revolutionary increase of computing power available for an average user. It will also touch upon the problems of effective use of hardware resources for solving everyday applied tasks within the limits of Windows x64 operating system
Evaluation of morden computer & system attributes in ACAPankaj Kumar Jain
Elements of Modern Computers, Architectural
Evolution in computer architecture ,System Attributes to Performance,Clock Rate and CPI,MIPS Rate,Throughput Rate,Implicit Parallelism,Explicit Parallelism, State of computing,
(Costless) Software Abstractions for Parallel ArchitecturesJoel Falcou
Performing large, intensive or non-trivial computing on array like data structures is one of the most common task in scientific computing, video game development and other fields. This matter of fact is backed up by the large number of tools, languages and libraries to perform such tasks. If we restrict ourselves to C++ based solutions, more than a dozen such libraries exists from BLAS/LAPACK C++ binding to template meta-programming based Blitz++ or Eigen. If all of these libraries provide good performance or good abstraction, none of them seems to fit the need of so many different user types.
Moreover, as parallel system complexity grows, the need to maintain all those components quickly become unwieldy. This talk explores various software design techniques - like Generative Programming, MetaProgramming and Generic Programming - and their application to the implementation of a parallel computing librariy in such a way that:
- abstraction and expressiveness are maximized - cost over efficiency is minimized
We'll skim over various applications and see how they can benefit from such tools. We will conclude by discussing what lessons were learnt from this kind of implementation and how those lessons can translate into new directions for the language itself.
Development of resource-intensive applications in Visual C++PVS-Studio
The article will familiarize application developers with tasks given them by the mass introduction of 64-bit multi-core processors symbolizing revolutionary increase of computing power available for an average user. It will also touch upon the problems of effective use of hardware resources for solving everyday applied tasks within the limits of Windows x64 operating system
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...Nicolas Navet
We introduce a novel Model-Driven Development (MDD) flow which aims at more simplicity, more intuitive programming, quicker turnaround time and real-time predictability by leveraging the use of model-interpretation and providing the language abstractions needed to argue about the timing correctness on a high-level. The MDD flow is built around a language called Cyber-Physical Action Language (CPAL).
CPAL serves to describe both the functional behaviour of activities (i.e., the code of the function itself) as well as the functional architecture of the system (i.e., the set of functions, how they are activated, and the data flows among the functions). CPAL is meant to support two use-cases. Firstly, CPAL is a development and design space exploration environment for CPS with main features being the formal description, the editing, graphical representation and simulation of CPS models. Secondly, CPAL is a real-time execution platform. The vision behind CPAL is that a model is executed and verified in simulation mode on a workstation and the same model can be later run on an embedded board with a timing-equivalent run-time time behaviour.
Highlighted notes of article while studying Concurrent Data Structures, CSE:
The Concurrency Challenge
Wen-mei W. Hwu, Kurt Keutzer, Tim Mattson
IEEE Design and Test
The Concurrency Challenge
July-August 2008, pp. 312-320, vol. 25
DOI Bookmark: 10.1109/MDT.2008.110
Wen-mei Hwu is a professor and
the Sanders-AMD Endowed Chair of
Electrical and Computer Engineering
at the University of Illinois at Urbana-
Champaign. His research interests
include architecture and compilation for parallel-
computing systems. He has a BS in electrical
engineering from National Taiwan University, and
a PhD in computer science from the University of
California, Berkeley. He is a Fellow of both the IEEE
and the ACM.
Kurt Keutzer is a professor of
electrical engineering and computer
science at the University of California,
Berkeley and a principal investigator
in UC Berkeley’s Universal Parallel
Computing Research Center. His research focuses
on the design and programming of ICs. He has a BS
in mathematics from Maharishi International University, and an MS a PhD in computer science from
Indiana University, Bloomington. He is a Fellow of the
IEEE and a member of the ACM.
Timothy G. Mattson is a principal
engineer in the Applications Research
Laboratory at Intel. He research inter-
ests focus on performance modeling
for future multicore microprocessors
and how different programming models map onto
these systems. He has a BS in chemistry from the
University of California, Riverside; an MS in chemistry
from the university of California, Santa Cruz; and a PhD in theoretical chemistry from the University of
California, Santa Cruz. He is a member of the
American Association for the Advancement of Sci-
ence (AAAS).
https://ieeexplore.ieee.org/document/4584454
Atmel - Next-Generation IDE: Maximizing IP Reuse [WHITE PAPER]Atmel Corporation
Atmel® Studio 6 is the integrated development platform (IDP) for developing and debugging Atmel ARM® Cortex™-M and Atmel AVR® microcontroller- (MCU-) based applications. The Atmel Studio 6 IDP gives you a seamless and easy-to-use environment to write, build and debug your applications written in C/C++ or assembly code.
Atmel Studio 6 is free of charge and is integrated with the Atmel Software Framework (ASF)—a large library of free source code with 1,600 ARM and AVR project examples. ASF strengthens the IDP by providing, in the same environment, access to ready-to-use code that minimizes much of the low-level design required for projects. Use the IDP for our wide variety of AVR and ARM Cortex-M processor-based MCUs, including our broadened portfolio of Atmel SAM3 ARM Cortex-M3 and M4 Flash devices.
With the introduction of Atmel Gallery and Atmel Spaces, Atmel Studio 6 further simplifies embedded MCU designs to reduce development time and cost. Atmel Gallery is an online apps store for development tools and embedded software. Atmel Spaces is a cloud-based collaborative development workspace allowing you to host software and hardware projects targeting Atmel MCUs.
For more information, please visit http://www.atmel.com/Microsite/atmel_studio6.
Follow along on Twitter at http://www.twitter.com/Atmel and 'Like' Atmel on Facebook at http://www.facebook.com/atmelcorporation.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Developing Real-Time Systems on Application ProcessorsToradex
Guaranteeing real-time and deterministic behavior on SoC-based systems can be challenging. In this blog post, we offer three approaches to add real-time control to systems that use a SoC running a feature-rich OS such as Linux. https://www.toradex.com/blog/developing-real-time-systems-on-application-processors
Introduction into the problems of developing parallel programsPVS-Studio
As developing parallel software is rather a difficult task at present, the questions of theoretical training of specialists and investigation of methodology of projecting such systems become very urgent. Within the framework of this article we provide historical and technical information preparing a programmer for gaining knowledge in the sphere of developing parallel computer systems.
Development of resource-intensive applications in Visual C++Andrey Karpov
The article will familiarize application developers with tasks given them by the mass introduction of 64-bit multi-core processors symbolizing revolutionary increase of computing power available for an average user. It will also touch upon the problems of effective use of hardware resources for solving everyday applied tasks within the limits of Windows x64 operating system
Evaluation of morden computer & system attributes in ACAPankaj Kumar Jain
Elements of Modern Computers, Architectural
Evolution in computer architecture ,System Attributes to Performance,Clock Rate and CPI,MIPS Rate,Throughput Rate,Implicit Parallelism,Explicit Parallelism, State of computing,
(Costless) Software Abstractions for Parallel ArchitecturesJoel Falcou
Performing large, intensive or non-trivial computing on array like data structures is one of the most common task in scientific computing, video game development and other fields. This matter of fact is backed up by the large number of tools, languages and libraries to perform such tasks. If we restrict ourselves to C++ based solutions, more than a dozen such libraries exists from BLAS/LAPACK C++ binding to template meta-programming based Blitz++ or Eigen. If all of these libraries provide good performance or good abstraction, none of them seems to fit the need of so many different user types.
Moreover, as parallel system complexity grows, the need to maintain all those components quickly become unwieldy. This talk explores various software design techniques - like Generative Programming, MetaProgramming and Generic Programming - and their application to the implementation of a parallel computing librariy in such a way that:
- abstraction and expressiveness are maximized - cost over efficiency is minimized
We'll skim over various applications and see how they can benefit from such tools. We will conclude by discussing what lessons were learnt from this kind of implementation and how those lessons can translate into new directions for the language itself.
Development of resource-intensive applications in Visual C++PVS-Studio
The article will familiarize application developers with tasks given them by the mass introduction of 64-bit multi-core processors symbolizing revolutionary increase of computing power available for an average user. It will also touch upon the problems of effective use of hardware resources for solving everyday applied tasks within the limits of Windows x64 operating system
Lean Model-Driven Development through Model-Interpretation: the CPAL design ...Nicolas Navet
We introduce a novel Model-Driven Development (MDD) flow which aims at more simplicity, more intuitive programming, quicker turnaround time and real-time predictability by leveraging the use of model-interpretation and providing the language abstractions needed to argue about the timing correctness on a high-level. The MDD flow is built around a language called Cyber-Physical Action Language (CPAL).
CPAL serves to describe both the functional behaviour of activities (i.e., the code of the function itself) as well as the functional architecture of the system (i.e., the set of functions, how they are activated, and the data flows among the functions). CPAL is meant to support two use-cases. Firstly, CPAL is a development and design space exploration environment for CPS with main features being the formal description, the editing, graphical representation and simulation of CPS models. Secondly, CPAL is a real-time execution platform. The vision behind CPAL is that a model is executed and verified in simulation mode on a workstation and the same model can be later run on an embedded board with a timing-equivalent run-time time behaviour.
Highlighted notes of article while studying Concurrent Data Structures, CSE:
The Concurrency Challenge
Wen-mei W. Hwu, Kurt Keutzer, Tim Mattson
IEEE Design and Test
The Concurrency Challenge
July-August 2008, pp. 312-320, vol. 25
DOI Bookmark: 10.1109/MDT.2008.110
Wen-mei Hwu is a professor and
the Sanders-AMD Endowed Chair of
Electrical and Computer Engineering
at the University of Illinois at Urbana-
Champaign. His research interests
include architecture and compilation for parallel-
computing systems. He has a BS in electrical
engineering from National Taiwan University, and
a PhD in computer science from the University of
California, Berkeley. He is a Fellow of both the IEEE
and the ACM.
Kurt Keutzer is a professor of
electrical engineering and computer
science at the University of California,
Berkeley and a principal investigator
in UC Berkeley’s Universal Parallel
Computing Research Center. His research focuses
on the design and programming of ICs. He has a BS
in mathematics from Maharishi International University, and an MS a PhD in computer science from
Indiana University, Bloomington. He is a Fellow of the
IEEE and a member of the ACM.
Timothy G. Mattson is a principal
engineer in the Applications Research
Laboratory at Intel. He research inter-
ests focus on performance modeling
for future multicore microprocessors
and how different programming models map onto
these systems. He has a BS in chemistry from the
University of California, Riverside; an MS in chemistry
from the university of California, Santa Cruz; and a PhD in theoretical chemistry from the University of
California, Santa Cruz. He is a member of the
American Association for the Advancement of Sci-
ence (AAAS).
https://ieeexplore.ieee.org/document/4584454
Atmel - Next-Generation IDE: Maximizing IP Reuse [WHITE PAPER]Atmel Corporation
Atmel® Studio 6 is the integrated development platform (IDP) for developing and debugging Atmel ARM® Cortex™-M and Atmel AVR® microcontroller- (MCU-) based applications. The Atmel Studio 6 IDP gives you a seamless and easy-to-use environment to write, build and debug your applications written in C/C++ or assembly code.
Atmel Studio 6 is free of charge and is integrated with the Atmel Software Framework (ASF)—a large library of free source code with 1,600 ARM and AVR project examples. ASF strengthens the IDP by providing, in the same environment, access to ready-to-use code that minimizes much of the low-level design required for projects. Use the IDP for our wide variety of AVR and ARM Cortex-M processor-based MCUs, including our broadened portfolio of Atmel SAM3 ARM Cortex-M3 and M4 Flash devices.
With the introduction of Atmel Gallery and Atmel Spaces, Atmel Studio 6 further simplifies embedded MCU designs to reduce development time and cost. Atmel Gallery is an online apps store for development tools and embedded software. Atmel Spaces is a cloud-based collaborative development workspace allowing you to host software and hardware projects targeting Atmel MCUs.
For more information, please visit http://www.atmel.com/Microsite/atmel_studio6.
Follow along on Twitter at http://www.twitter.com/Atmel and 'Like' Atmel on Facebook at http://www.facebook.com/atmelcorporation.
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf91mobiles
91mobiles recently conducted a Smart TV Buyer Insights Survey in which we asked over 3,000 respondents about the TV they own, aspects they look at on a new TV, and their TV buying preferences.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Jeffrey Haguewood
Sidekick Solutions uses Bonterra Impact Management (fka Social Solutions Apricot) and automation solutions to integrate data for business workflows.
We believe integration and automation are essential to user experience and the promise of efficient work through technology. Automation is the critical ingredient to realizing that full vision. We develop integration products and services for Bonterra Case Management software to support the deployment of automations for a variety of use cases.
This video focuses on the notifications, alerts, and approval requests using Slack for Bonterra Impact Management. The solutions covered in this webinar can also be deployed for Microsoft Teams.
Interested in deploying notification automations for Bonterra Impact Management? Contact us at sales@sidekicksolutionsllc.com to discuss next steps.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Search and Society: Reimagining Information Access for Radical FuturesBhaskar Mitra
The field of Information retrieval (IR) is currently undergoing a transformative shift, at least partly due to the emerging applications of generative AI to information access. In this talk, we will deliberate on the sociotechnical implications of generative AI for information access. We will argue that there is both a critical necessity and an exciting opportunity for the IR community to re-center our research agendas on societal needs while dismantling the artificial separation between the work on fairness, accountability, transparency, and ethics in IR and the rest of IR research. Instead of adopting a reactionary strategy of trying to mitigate potential social harms from emerging technologies, the community should aim to proactively set the research agenda for the kinds of systems we should build inspired by diverse explicitly stated sociotechnical imaginaries. The sociotechnical imaginaries that underpin the design and development of information access technologies needs to be explicitly articulated, and we need to develop theories of change in context of these diverse perspectives. Our guiding future imaginaries must be informed by other academic fields, such as democratic theory and critical theory, and should be co-developed with social science scholars, legal scholars, civil rights and social justice activists, and artists, among others.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
2. Why Reinvent the Wheel?
Portability: Easier to move an existing
product to a new platform than to
rewrite it for the new platform.
Reuse: Using part of one product when
building a new product.
Can reuse code, designs, documentation
Accidental reuse
Deliberate reuse
3. Deliberate Reuse
Code written for reuse will likely be
More robust
Better documented
More thoroughly tested
Have a uniform style (maintenance easier)
More expensive
May never be reused…
4. Why So Little Software Reuse?
“Every new machine is different.”
Rewrite multiplication and other math routines,
I/O, function calling, everything.
But most new machines today reuse an
existing instruction set.
So build and reuse a basic API (basic
operating system calls, like Win32)
We do reuse function and class libraries.
5. Why So Little Software Reuse?
On average, only 15% of any software
product does something new (Capers
Jones).
Examples of 40% reuse have been
reported.
Why doesn’t everyone reach this level?
6. Why So Little Software Reuse?
Not invented here syndrome. Solution?
Reused bugs are still bugs. Solution?
How to find the right component to reuse?
Solution?
Reuse is expensive. Solution?
Legal issues with contract software. Solution?
COTS software isn’t source code. Solution?
?? Kangaroos and Stinger missiles ??
7. Case Study: Raytheon, 1976
Study if deliberate reuse of designs and code
possible.
5000 COBOL programs examined; conclude
business programs have only six basic
actions:
Sort data
Edit/manipulate data
Combine data
Explode data
Update data
Report on data
8. Raytheon Study Results
Identified 3200 reusable functional
modules (sequential update, edit
routine, tax computation,…)
New apps have 60% reuse rate
More reliable, less testing
Added to a program using copy (like
import or #include)
Shorter code, easier maintenance
9. Raytheon Study Results
Identified COBOL
program logic
structures (like
sequential update)
Functionality is
inserted (from the
library modules) COBOL
logic
structure
Library
10. Raytheon Study Results
7 years later, logic structures reused 5500
times.
60% of code inserted into logic structures
came from library.
50% increase in productivity.
Hoped for 70% reduction in maintenance
costs.
Maintenance data never collected; division
closed…
11. Case Study: Toshiba, 1985…
Industrial process control software, for
Electric power networks
Nuclear power generation
Factory automation
Traffic control
2300 technical & managerial folks
Very serious production management!
12. Toshiba: Measurements
60% FORTRAN, 20% assembler-like,
20% other.
Productivity measured in equivalent
assembler source lines.
One line of 3GL = 4 EASL.
Output in 1985: 7.2 million EASL.
Projects: 1M to 21M EASL
13. Toshiba: Measurements
Waterfall model, productivity measured in
EASL, by project and by programmer.
Productivity gains 8-9% per year.
Fault rate by programmer; expected to
decrease yearly (no numbers given).
Reuse:
Documentation: 32%
Design: 33%
Code: 48%
14. Toshiba: Reuse
All “accidental”
Designs, spec, contracts, manuals…
Committee selects components to enter
“software components database,”
keyword indexed.
Statistics kept on every aspect of reuse.
15. NASA Software
25 products studied, ground support for
unmanned missions.
3,000 to 112,000 lines of source code.
7188 component modules, classified
Group 1: reused with no changes
Group 2: reused with slight revisions
Group 3: reused with major revisions
Group 4: developed from scratch
16. NASA
2954 FORTRAN components examined in
detail.
Group 1: 28%
Group 2: 10%
Group 3: 7%
Reused modules were small, well
documented, simple interfaces, little I/O,
terminal nodes in a module interconnection
diagram.
17. GTE Data Services
Management incentives for reuse: $50-
$100 paid for module accepted for
possible reuse; royalties too.
Managers’ budgets increased when
their projects showed high reuse levels.
Reuser of the Month award!
18. GTE
1988: 14% reuse, saved $1M.
1989: 20% reuse
…
1993: predicted 50% reuse, predicted $10M
savings
Reuse library: 190 components in 1988, 128
in 1990.
Emphasis on large modules: 10,000 lines or
more.
19. Hewlett-Packard
Manufacturing productivity section:
Fault rate for new code: 4.1 per KLOC
Fault rate for reused code: 0.9 per KLOC
Overall fault rate dropped to 2.0 per KLOC
Program cost $1M, saved $4.1M
Technical Graphics division:
A single product - 20,000 lines of C - developed
over 3 years, then reused many times.
Productivity up 40%, delivery time down 24%
20. European Space Agency
In 1996, ESA launches first Ariane 5
rocket.
A software fault caused it to crash 37
seconds into its flight ($500M loss).
The cause: attempt to convert 64-bit
integer into 16-bit unsigned integer.
An Ada exception occurred, but no
exception handler.
21. ESA
Why no exception handler?
To save space, conversions that “couldn’t
possibly result in overflow” weren’t given
handlers.
The code was 10 years old, from Ariane 4.
The troublesome (!) conversion was
checked for Ariane 4, but not for Ariane 5.
Moral: retest reused code when used in a
new context!
22. Design Reuse
Think of a library as a set of related reusable
routines (e.g., C standard library, Java AWT).
If the library is O-O, these can really be
reusable designs.
Choose the class you want to use, then reuse that
class and the entire design above it in the class
hierarchy.
Here, the designer is responsible for the logic
that glues the reused parts together.
23. Design Reuse
An application framework incorporates
the control logic of the design.
The designer reuses the framework,
plugging application-specific operations.
Examples:
Application classes in MFC
Classes for ATM software
25. Reuse and Maintenance
Suppose 40% reuse of the entire
product.
Suppose 3/4 of the reused components
are used unchanged.
Activity % of total cost over
product lifetime
% savings over product
Lifetime due to reuse
Development
Maintenance
33%
67%
9.3%
17.9%
26. Portability
Cutting costs:
Write a product so that can be run on
multiple platforms
Sell the product for multiple platforms
But the biggest issue is that clients
change hardware every 4 years or so.
A product is portable if it’s less
expensive to adapt rather than rewrite.
27. Hardware Incompatibilities
Different character codes (ASCII, EBCDIC,
unicode)
Different formatting conventions (Mac vs. PC)
Different byte sizes/word lengths
There is an economic incentive for some of
this.
A program that runs on an IBM System 360
machine built in 1964 will run on an S/390
built in 2001 (bit won’t run on a Sun
machine!).
28. Other Incompatibilities
Differences in job control language
Virtual memory vs. overlays
How big is an int? If you assume 32 bits, you
can’t port to a 16 bit machine.
Does a compiler for the target machine exist?
Has the source platform’s compiler been
“enhanced”?
Is there really a language standard?
29. Why Portability?
How many platform/OS combinations
will you want to move to? Maybe not
many right now, but:
Software has a longer life than hardware
A business may buy upwardly compatible
hardware, or it may not.
30. Achieving Portability
Write in a standard high-level language
But what about portable system
software? Ex: localization of UNIX
Originally 10,000 lines of code
The kernal (1000 lines) written in
assembler.
9000 lines in C, 1000 lines machine
dependent.
31. Interoperability
Think of a word processor document that
includes a table of numbers, taken from a
spreadsheet program.
How can the numbers be kept consistent as
they change?
One way would be to have the word
processor invoke the spreadsheet program.
Interoperability: the mutual cooperation of
object code from different vendors, running
on different platforms.
32. COM
Started as object linking and embedding
(OLE), to do the word processor/spreadsheet
thing.
Became Component Object Model, then
ActiveX
COM specifies a common mechanism for
interprocess communication, through a
component library.
COM components have public interfaces.
33. CORBA
Uses an object request broker (ORB)
This is middleware
Independent of the communications
mechanism between platforms
Several different implementations
Much simpler than COM (what wouldn’t
be?)