Pub Date : 2011-01-01DOI: 10.3929/ETHZ-A-007313685
A. Friedli
The C2Eiffel framework [1] translates C source code to Eiffel source code. It aims to generate code that looks natural to a programmer such that it is readable and maintainable. While this is already the case for most parts of common C programs, there are areas for improvements. External C functions are currently wrapped in the generated Eiffel code since the used libraries are not translated. In this thesis I will replace some standard and often used C functions by the corresponding Eiffel equivalents. In the attempt to replace standard C string functions I will also try to replace the current translation of C strings to integer arrays with native Eiffel strings. I will also remove jump statements like break that are often used in C programs but are not available in Eiffel. This will increase the readability of the code compared to the current implementation that emulates the jump mechanism in Eiffel and produces hard to read code.
{"title":"Fine-grained aspects of automatic refactoring in C2Eiffel","authors":"A. Friedli","doi":"10.3929/ETHZ-A-007313685","DOIUrl":"https://doi.org/10.3929/ETHZ-A-007313685","url":null,"abstract":"The C2Eiffel framework [1] translates C source code to Eiffel source code. It aims to generate code that looks natural to a programmer such that it is readable and maintainable. While this is already the case for most parts of common C programs, there are areas for improvements. External C functions are currently wrapped in the generated Eiffel code since the used libraries are not translated. In this thesis I will replace some standard and often used C functions by the corresponding Eiffel equivalents. In the attempt to replace standard C string functions I will also try to replace the current translation of C strings to integer arrays with native Eiffel strings. I will also remove jump statements like break that are often used in C programs but are not available in Eiffel. This will increase the readability of the code compared to the current implementation that emulates the jump mechanism in Eiffel and produces hard to read code.","PeriodicalId":10841,"journal":{"name":"CTIT technical reports series","volume":"25 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87832455","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-01-01DOI: 10.3929/ETHZ-A-007313560
G. Fourny, D. Florescu, Donald Kossmann, Markos Zaharioudakis
With sinking storage costs, it becomes more and more feasible, and popular, to retain past versions of documents and data. While undoing changes is worthy, this becomes even more valuable if the data is queryable. Nowadays, there are two widespread version control paradigms: document versioning (SVN, git, etc.) and versioned databases. The former handles any kind of document, even binary, but only sees lines of text, so that the query capability is limited. The latter provide ne-grained temporal query capabilities on highly structured data - but storing everything in a relational database is not desirable. The goal of this paper is to provide a unied framework for eciently versioning, querying and updating not only data and documents, but also, inbetween, any kind of semi-structured information, like XML.We start with the XQuery programming language and meticulously extend its data model, its syntax and its processing model to make it seamlessly time-aware. We provide data structures and algorithms for the ecient implementation of such a versioning system. Finally, we show that there is no signicant performance loss for traditional queries when enriching an existing engine with versioning capabilities.
{"title":"A Time Machine for XML","authors":"G. Fourny, D. Florescu, Donald Kossmann, Markos Zaharioudakis","doi":"10.3929/ETHZ-A-007313560","DOIUrl":"https://doi.org/10.3929/ETHZ-A-007313560","url":null,"abstract":"With sinking storage costs, it becomes more and more feasible, and popular, to retain past versions of documents and data. While undoing changes is worthy, this becomes even more valuable if the data is queryable. Nowadays, there are two widespread version control paradigms: document versioning (SVN, git, etc.) and versioned databases. The former handles any kind of document, even binary, but only sees lines of text, so that the query capability is limited. The latter provide ne-grained temporal query capabilities on highly structured data - but storing everything in a relational database is not desirable. The goal of this paper is to provide a unied framework for eciently versioning, querying and updating not only data and documents, but also, inbetween, any kind of semi-structured information, like XML.We start with the XQuery programming language and meticulously extend its data model, its syntax and its processing model to make it seamlessly time-aware. We provide data structures and algorithms for the ecient implementation of such a versioning system. Finally, we show that there is no signicant performance loss for traditional queries when enriching an existing engine with versioning capabilities.","PeriodicalId":10841,"journal":{"name":"CTIT technical reports series","volume":"17 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87191815","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-01-01DOI: 10.3929/ETHZ-A-006903018
Ioannis T. Kassios, Peter Müller
Delegation is a very common programming idiom, whereby a task is carried out by a statically unknown part of the program. Delegation enhances the modularity and the extensibility of a program, and, for that reason, is the main ingredient of many important design patterns. Unfortunately, delegation complicates specification and verification: the programmer must either rely on unsuitably weak specifications imposed by behavioral subtyping, or compromise automation by resorting to higherorder logic. In this paper, we present an expressive specification and verification methodology, in which partial correctness reasoning about delegation can be carried out in first order logic, using automated SMT solvers.
{"title":"Modular Specification and Verification of Delegation with SMT Solvers","authors":"Ioannis T. Kassios, Peter Müller","doi":"10.3929/ETHZ-A-006903018","DOIUrl":"https://doi.org/10.3929/ETHZ-A-006903018","url":null,"abstract":"Delegation is a very common programming idiom, whereby a task is carried out by a statically unknown part of the program. Delegation enhances the modularity and the extensibility of a program, and, for that reason, is the main ingredient of many important design patterns. Unfortunately, delegation complicates specification and verification: the programmer must either rely on unsuitably weak specifications imposed by behavioral subtyping, or compromise automation by resorting to higherorder logic. In this paper, we present an expressive specification and verification methodology, in which partial correctness reasoning about delegation can be carried out in first order logic, using automated SMT solvers.","PeriodicalId":10841,"journal":{"name":"CTIT technical reports series","volume":"59 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80326971","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-01-01DOI: 10.3929/ETHZ-A-006935587
A. Feldmann, P. Widmayer
The bisection problem asks for a partition of the n vertices of a graph into two sets of size at most dn/2e, so that the number of edges connecting the two sets is minimised. A grid graph is a finite connected subgraph of the infinite two-dimensional grid. It is called solid if it has no holes. Papadimitriou and Sideri [7] gave an O(n) time algorithm to solve the bisection problem on solid grid graphs. We propose a novel approach that exploits structural properties of optimal cuts within a dynamic program. We show that our new technique leads to an O(n)
{"title":"An O(n^4) time algorithm to compute the bisection width of solid grid graphs","authors":"A. Feldmann, P. Widmayer","doi":"10.3929/ETHZ-A-006935587","DOIUrl":"https://doi.org/10.3929/ETHZ-A-006935587","url":null,"abstract":"The bisection problem asks for a partition of the n vertices of a graph into two sets of size at most dn/2e, so that the number of edges connecting the two sets is minimised. A grid graph is a finite connected subgraph of the infinite two-dimensional grid. It is called solid if it has no holes. Papadimitriou and Sideri [7] gave an O(n) time algorithm to solve the bisection problem on solid grid graphs. We propose a novel approach that exploits structural properties of optimal cuts within a dynamic program. We show that our new technique leads to an O(n)","PeriodicalId":10841,"journal":{"name":"CTIT technical reports series","volume":"74 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74473357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-01-01DOI: 10.3929/ETHZ-A-006517565
Herbert E. Bruderer
{"title":"Konrad Zuse und die Schweiz","authors":"Herbert E. Bruderer","doi":"10.3929/ETHZ-A-006517565","DOIUrl":"https://doi.org/10.3929/ETHZ-A-006517565","url":null,"abstract":"","PeriodicalId":10841,"journal":{"name":"CTIT technical reports series","volume":"25 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88833389","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2011-01-01DOI: 10.3929/ETHZ-A-006775802
S. Mödersheim
We formally investigate the relationship between several models that are widely used in protocol verification, namely variants of the inductive model of message traces inspired by Paulson’s approach, and models based on rewriting. More precisely, we prove several overapproximation relationships between models, i.e. that one model allows strictly more traces or reachable states than the other. This is common in verification: often an over-approximation is easier to prove correct than the original model, and proving the over-approximation is safe implies that the original model is safe—provided that the models are indeed in an overapproximation relation. We also show that some over-approximations are not sound with respect to authentication goals. The precise formal account that we give on the relation of the models allows us to correct the situation.
{"title":"On the relationships between models in protocol verification (extended version)","authors":"S. Mödersheim","doi":"10.3929/ETHZ-A-006775802","DOIUrl":"https://doi.org/10.3929/ETHZ-A-006775802","url":null,"abstract":"We formally investigate the relationship between several models that are widely used in protocol verification, namely variants of the inductive model of message traces inspired by Paulson’s approach, and models based on rewriting. More precisely, we prove several overapproximation relationships between models, i.e. that one model allows strictly more traces or reachable states than the other. This is common in verification: often an over-approximation is easier to prove correct than the original model, and proving the over-approximation is safe implies that the original model is safe—provided that the models are indeed in an overapproximation relation. We also show that some over-approximations are not sound with respect to authentication goals. The precise formal account that we give on the relation of the models allows us to correct the situation.","PeriodicalId":10841,"journal":{"name":"CTIT technical reports series","volume":"1 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2011-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91325597","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-11-01DOI: 10.3929/ETHZ-A-006885948
Markus Dahinden, H. Hinterberger
Seit 10 Jahren unterrichtet das Departement Informatik der ETH Zurich rund 600 Studierende der Naturwissenschaften in Informatik computergestutzt. Diese Lehrveranstaltungen werden im Rahmen von Semesterendprufungen oder Sessionsprufungen benotet. Zudem werden formative Lernerfolgskontrollen eingesetzt, um den Lernerfolg zu verfolgen und zu erhohen. Zur Effizienz- und Effektivitatssteigerung fuhren wir seit 2004 diese unbenoteten, formativen Leistungskontrollen am Computer durch. Durch die Entwicklung des neuartigen high-stake Prufungssystems Sioux, welches auf der digitalen Signierung aller Resultate basiert, fuhren wir seit 2009 auch benotete Prufungen am Computer durch. In diesem Bericht beschreiben wir unsere bisher grosste Computer-basierte Leistungskontrolle, welche wir im August 2010 im Rahmen der Basisprufungen der Studiengange Biologie, Pharmazie und Bewegungswissenschaften & Sport mit 269 Studierenden durchgefuhrt haben. Diese wurden in zwei Serien in den offentlichen Computerraumen im Hauptgebaude der ETH Zurich gepruft. Insgesamt standen wahrend der zweimal einstundigen Prufung 18 Personen im Einsatz, welche die rekursfahige Durchfuhrung der Leistungskontrolle garantieren sollten. In diesem Bericht erlautern wir die fur diese Leistungskontrolle notigen Vorabklarungen, die sicherheitsrelevanten Uberlegungen und beschreiben, welche Ablaufstrukturen wir fur diese Leistungskontrolle geschaffen haben. Der Bericht beinhaltet zudem unsere Checklisten und beschreibt das Prufungssystem Sioux sowie die verwendeten Problem-basierten Prufungsfragen.
{"title":"Computer-basierte high-stake Leistungskontrolle mit Sioux","authors":"Markus Dahinden, H. Hinterberger","doi":"10.3929/ETHZ-A-006885948","DOIUrl":"https://doi.org/10.3929/ETHZ-A-006885948","url":null,"abstract":"Seit 10 Jahren unterrichtet das Departement Informatik der ETH Zurich rund 600 Studierende der Naturwissenschaften in Informatik computergestutzt. Diese Lehrveranstaltungen werden im Rahmen von Semesterendprufungen oder Sessionsprufungen benotet. Zudem werden formative Lernerfolgskontrollen eingesetzt, um den Lernerfolg zu verfolgen und zu erhohen. Zur Effizienz- und Effektivitatssteigerung fuhren wir seit 2004 diese unbenoteten, formativen Leistungskontrollen am Computer durch. Durch die Entwicklung des neuartigen high-stake Prufungssystems Sioux, welches auf der digitalen Signierung aller Resultate basiert, fuhren wir seit 2009 auch benotete Prufungen am Computer durch. In diesem Bericht beschreiben wir unsere bisher grosste Computer-basierte Leistungskontrolle, welche wir im August 2010 im Rahmen der Basisprufungen der Studiengange Biologie, Pharmazie und Bewegungswissenschaften & Sport mit 269 Studierenden durchgefuhrt haben. Diese wurden in zwei Serien in den offentlichen Computerraumen im Hauptgebaude der ETH Zurich gepruft. Insgesamt standen wahrend der zweimal einstundigen Prufung 18 Personen im Einsatz, welche die rekursfahige Durchfuhrung der Leistungskontrolle garantieren sollten. In diesem Bericht erlautern wir die fur diese Leistungskontrolle notigen Vorabklarungen, die sicherheitsrelevanten Uberlegungen und beschreiben, welche Ablaufstrukturen wir fur diese Leistungskontrolle geschaffen haben. Der Bericht beinhaltet zudem unsere Checklisten und beschreibt das Prufungssystem Sioux sowie die verwendeten Problem-basierten Prufungsfragen.","PeriodicalId":10841,"journal":{"name":"CTIT technical reports series","volume":"53 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2010-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79943611","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2010-09-01DOI: 10.3929/ETHZ-A-006884775
H. Hinterberger
This report has originally been presented to the Rector of ETH Zurich in March, 2008, as a white paper to discuss issues related to teaching basic competences required for the professional use of computers in the natural sciences at ETH Zurich. It describes how the challenges this raises have uncovered the need for novel approaches to realistically teach the use of computers. The report recounts how, with the support of funds from the Rector, it has been possible to address these problems and at the same time create novel and motivating teaching materials that are also useful in other educational environments. This report has been motivated by four concerns, raised by the teaching issues it discusses: awareness, continuity, synergy, and outreach.
{"title":"Making informatics work for everyone","authors":"H. Hinterberger","doi":"10.3929/ETHZ-A-006884775","DOIUrl":"https://doi.org/10.3929/ETHZ-A-006884775","url":null,"abstract":"This report has originally been presented to the Rector of ETH Zurich in March, 2008, as a white paper to discuss issues related to teaching basic competences required for the professional use of computers in the natural sciences at ETH Zurich. It describes how the challenges this raises have uncovered the need for novel approaches to realistically teach the use of computers. The report recounts how, with the support of funds from the Rector, it has been possible to address these problems and at the same time create novel and motivating teaching materials that are also useful in other educational environments. This report has been motivated by four concerns, raised by the teaching issues it discusses: awareness, continuity, synergy, and outreach.","PeriodicalId":10841,"journal":{"name":"CTIT technical reports series","volume":"336 1","pages":""},"PeriodicalIF":0.0,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80647150","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We show that the way in which permission-based mechanisms are used on today's mobile platforms enables attacks by colluding applications that communicate over overt and covert communication channels. These attacks allow applications to indirectly execute operations that those applications, based on their declared permissions, should not be able to execute. Example operations include disclosure of users private data (e.g., phone book and calendar entries) to remote parties by applications that do not have direct access to such data or cannot directly establish remote connections. We further show that on today’s mobile platforms users are not made aware of possible implications of application collusion--quite the contrary--users are implicitly lead to believe that by approving the installation of each application independently, based on its declared permissions, they can limit the damage that an application can cause. In this work, we show that this is not correct and that application permissions should be displayed to the users differently (e.g., in their aggregated form), reflecting their actual implications. We demonstrate the practicality of application collusion attacks by implementing several applications and example covert channels on an Android platform and an example channel on a Windows Phone 7 platform. We study free applications from the Android market and show that the potential for application collusion is significant. Finally, we discuss countermeasures that can be used to mitigate these attacks.
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: