Abstraction-carrying code: a model for mobile code safety

Proof-Carrying Code (PCC) is a general approach to mobile code safety in which programs are augmented with a certificate (or proof). The intended benefit is that the program consumer can locally validate the certificate w.r.t. the "untrustcd" program by means of a certificate checker a process which should be much simpler, efficient, and automatic than generating the original proof. The practical uptake of PCC greatly depends on the existence of a variety of enabling technologies which allow both proving programs correct and replacing a costly verification process by an efficient checking proceduri on th( consumer side. In this work we propose Abstraction- Carrying Code (ACC), a novel approach which uses abstract interpretation as enabling technology. We argue that the large body of applications of abstract interpretation to program verification is amenable to the overall PCC scheme. In particular, we rely on an expressive class of safely policies which can be defined over different abstract domains. We use an abstraction (or abstract model) of the program computed by standard static analyzers as a certificate. The validity of the abstraction on ihe consumer side is checked in a single pass by a very efficient and specialized abstract-interpreter. We believe that ACC brings the expressiveness, flexibility and automation which is inherent in abstract interpretation techniques to the area of mobile code safety.

Steps Ahead in the Few-Group CRoss-Section Library Generation at the Pin Level

There exists an interest in performing pin-by-pin calculations coupled with thermal hydraulics so as to improve the accuracy of nuclear reactor analysis. In the framework of the EU NURISP project, INRNE and UPM have generated an experimental version of a few group diffusion cross sections library with discontinuity factors intended for VVER analysis at the pin level with the COBAYA3 code. The transport code APOLLO2 was used to perform the branching calculations. As a first proof of principle the library was created for fresh fuel and covers almost the full parameter space of steady state and transient conditions. The main objective is to test the calculation schemes and post-processing procedures, including multi-pin branching calculations. Two library options are being studied: one based on linear table interpolation and another one using a functional fitting of the cross sections. The libraries generated with APOLLO2 have been tested with the pin-by-pin diffusion model in COBAYA3 including discontinuity factors; first comparing 2D results against the APOLLO2 reference solutions and afterwards using the libraries to compute a 3D assembly problem coupled with a simplified thermal-hydraulic model.

Automatic Inference of Determinacy and Mutual Exclusion for Logic Programs Using Mode and Type Analyses

We propose an analysis for detecting procedures and goals that are deterministic (i.e., that produce at most one solution at most once),or predicates whose clause tests are mutually exclusive (which implies that at most one of their clauses will succeed) even if they are not deterministic. The analysis takes advantage of the pruning operator in order to improve the detection of mutual exclusion and determinacy. It also supports arithmetic equations and disequations, as well as equations and disequations on terms,for which we give a complete satisfiability testing algorithm, w.r.t. available type information. Information about determinacy can be used for program debugging and optimization, resource consumption and granularity control, abstraction carrying code, etc. We have implemented the analysis and integrated it in the CiaoPP system, which also infers automatically the mode and type information that our analysis takes as input. Experiments performed on this implementation show that the analysis is fairly accurate and efficient.

Physical data acquisition and PWM signal generation using a microcontroller allowing control for DC motor rotation speed

El objetivo de este proyecto es diseñar un sistema capaz de controlar la velocidad de rotación de un motor DC en función del valor de temperatura obtenido de un sensor. Para ello se generará con un microcontrolador una señal PWM, cuyo ciclo de trabajo estará en función de la temperatura medida. En lo que respecta a la fase de diseño, hay dos partes claramente diferenciadas, relativas al hardware y al software. En cuanto al diseño del hardware puede hacerse a su vez una división en dos partes. En primer lugar, hubo que diseñar la circuitería necesaria para adaptar los niveles de tensión entregados por el sensor de temperatura a los niveles requeridos por ADC, requerido para digitalizar la información para su posterior procesamiento por parte del microcontrolador. Por tanto hubo que diseñar capaz de corregir el offset y la pendiente de la función tensión-temperatura del sensor, a fin de adaptarlo al rango de tensión requerido por el ADC. Por otro lado, hubo que diseñar el circuito encargado de controlar la velocidad de rotación del motor. Este circuito estará basado en un transistor MOSFET en conmutación, controlado mediante una señal PWM como se mencionó anteriormente. De esta manera, al variar el ciclo de trabajo de la señal PWM, variará de manera proporcional la tensión que cae en el motor, y por tanto su velocidad de rotación. En cuanto al diseño del software, se programó el microcontrolador para que generase una señal PWM en uno de sus pines en función del valor entregado por el ADC, a cuya entrada está conectada la tensión obtenida del circuito creado para adaptar la tensión generada por el sensor. Así mismo, se utiliza el microcontrolador para representar el valor de temperatura obtenido en una pantalla LCD. Para este proyecto se eligió una placa de desarrollo mbed, que incluye el microcontrolador integrado, debido a que facilita la tarea del prototipado. Posteriormente se procedió a la integración de ambas partes, y testeado del sistema para comprobar su correcto funcionamiento. Puesto que el resultado depende de la temperatura medida, fue necesario simular variaciones en ésta, para así comprobar los resultados obtenidos a distintas temperaturas. Para este propósito se empleó una bomba de aire caliente. Una vez comprobado el funcionamiento, como último paso se diseñó la placa de circuito impreso. Como conclusión, se consiguió desarrollar un sistema con un nivel de exactitud y precisión aceptable, en base a las limitaciones del sistema. SUMMARY: It is obvious that day by day people’s daily life depends more on technology and science. Tasks tend to be done automatically, making them simpler and as a result, user life is more comfortable. Every single task that can be controlled has an electronic system behind. In this project, a control system based on a microcontroller was designed for a fan, allowing it to go faster when temperature rises or slowing down as the environment gets colder. For this purpose, a microcontroller was programmed to generate a signal, to control the rotation speed of the fan depending on the data acquired from a temperature sensor. After testing the whole design developed in the laboratory, the next step taken was to build a prototype, which allows future improvements in the system that are discussed in the corresponding section of the thesis.

Reduced certificates for abstraction-carrying code

Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certifícate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixedpoint) abstraction to the code consumer is that its validity is checked in a single pass of an abstract interpretation-based checker. A main challenge is to reduce the size of certificates as much as possible while at the same time not increasing checking time. We introduce the notion of reduced certifícate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certifícate in a single pass. Based on this notion, we instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker. We also provide a correct checking algorithm together with sufficient conditions for ensuring its completeness. The experimental results within the CiaoPP system show that our proposal is able to greatly reduce the size of certificates in practice.

Abstraction-carrying code

Proof-Carrying Code (PCC) is a general approach to mobile code safety in which programs are augmented with a certifícate (or proof). The practical uptake of PCC greatly depends on the existence of a variety of enabling technologies which allow both to prove programs correct and to replace a costly verification process by an efñcient checking procedure on the consumer side. In this work we propose Abstraction-Carrying Code (ACC), a novel approach which uses abstract interpretation as enabling technology. We argüe that the large body of applications of abstract interpretation to program verification is amenable to the overall PCC scheme. In particular, we rely on an expressive class of safety policies which can be defined over different abstract domains. We use an abstraction (or abstract model) of the program computed by standard static analyzers as a certifícate. The validity of the abstraction on the consumer side is checked in a single-pass by a very efficient and specialized abstract-interpreter. We believe that ACC brings the expressiveness, flexibility and automation which is inherent in abstract interpretation techniques to the área of mobile code safety. We have implemented and benchmarked ACC within the Ciao system preprocessor. The experimental results show that the checking phase is indeed faster than the proof generation phase, and that the sizes of certificates are reasonable.

On abstraction-carrying code and certificate-size reduction

Abstraction-Carrying Code (ACC) is a framework for mobile code safety in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certificate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixed-point) abstraction to the code consumer is that its validity is checked in a single pass (i.e., one iteration) of an abstract interpretation-based checker. A main challenge to make ACC useful in practice is to reduce the size of certificates as much as possible, while at the same time not increasing checking time. Intuitively, we only include in the certificate the information which the checker is unable to reproduce without iterating. We introduce the notion of reduced certifícate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certificate in a single pass. Based on this notion, we show how to instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker.

Abstraction carrying code and resource-awareness

Proof-Carrying Code (PCC) is a general approach to mobile code safety in which the code supplier augments the program with a certifícate (or proof). The intended benefit is that the program consumer can locally validate the certifícate w.r.t. the "untrusted" program by means of a certifícate checker—a process which should be much simpler, eíñcient, and automatic than generating the original proof. Abstraction Carrying Code (ACC) is an enabling technology for PCC in which an abstract model of the program plays the role of certifícate. The generation of the certifícate, Le., the abstraction, is automatically carried out by an abstract interpretation-based analysis engine, which is parametric w.r.t. different abstract domains. While the analyzer on the producer side typically has to compute a semantic fixpoint in a complex, iterative process, on the receiver it is only necessary to check that the certifícate is indeed a fixpoint of the abstract semantics equations representing the program. This is done in a single pass in a much more efficient process. ACC addresses the fundamental issues in PCC and opens the door to the applicability of the large body of frameworks and domains based on abstract interpretation as enabling technology for PCC. We present an overview of ACC and we describe in a tutorial fashion an application to the problem of resource-aware security in mobile code. Essentially the information computed by a cost analyzer is used to genérate cost certificates which attest a safe and efficient use of a mobile code. A receiving side can then reject code which brings cost certificates (which it cannot validate or) which have too large cost requirements in terms of computing resources (in time and/or space) and accept mobile code which meets the established requirements.

Reduced certificates for abstraction-carrying code

Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certifícate and its generation is carried out automatically by a fixed-point analyzer. The advantage of providing a (fixed-point) abstraction to the code consumer is that its validity is checked in a single pass (i.e., one iteration) of an abstract interpretation-based checker. A main challenge to make ACC useful in practice is to reduce the size of certificates as much as possible while at the same time not increasing checking time. The intuitive idea is to only include in the certifícate information that the checker is unable to reproduce without iterating. We introduce the notion of reduced certifícate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the full certifícate in a single pass. Based on this notion, we instrument a generic analysis algorithm with the necessary extensions in order to identify information which can be reconstructed by the single-pass checker. Finally, we study what the effects of reduced certificates are on the correctness and completeness of the checking process. We provide a correct checking algorithm together with sufficient conditions for ensuring its completeness. Our ideas are illustrated through a running example, implemented in the context of constraint logic programs, which shows that our approach improves state-of-the-art techniques for reducing the size of certificates.

Certificate size reduction in abstraction-carrying code

Abstraction-Carrying Code (ACC) has recently been proposed as a framework for mobile code safety in which the code supplier provides a program together with an abstraction (or abstract model of the program) whose validity entails compliance with a predefined safety policy. The abstraction plays thus the role of safety certificate and its generation is carried out automatically by a fixpoint analyzer. The advantage of providing a (fixpoint) abstraction to the code consumer is that its validity is checked in a single pass (i.e., one iteration) of an abstract interpretation-based checker. A main challenge to make ACC useful in practice is to reduce the size of certificates as much as possible while at the same time not increasing checking time. The intuitive idea is to only include in the certificate information that the checker is unable to reproduce without iterating. We introduce the notion of reduced certificate which characterizes the subset of the abstraction which a checker needs in order to validate (and re-construct) the fall certificate in a single pass. Based on this notion, we instrument a generic analysis algorithm with the necessary extensions in order to identify the information relevant to the checker. Interestingly, the fact that the reduced certificate omits (parts of) the abstraction has implications in the design of the checker. We provide the sufficient conditions which allow us to ensure that 1) if the checker succeeds in validating the certificate, then the certificate is valid for the program (correctness) and 2) the checker will succeed for any reduced certificate which is valid (completeness). Our approach has been implemented and benchmarked within the CiaoPP system. The experimental results show t h a t our proposal is able to greatly reduce the size of certificates in practice. To appear in Theory and Practice of Logic Programming (TPLP).

Influence of loudspeaker directivity on the measurement uncertainty of the acoustic testing of facades.

One of the most significant aspects of a building?s acoustic behavior is the airborne sound insulation of the room façades, since this determines the protection of its inhabitants against environmental noise. For this reason, authorities in most countries have established in their acoustic regulations for buildings the minimum value of sound insulation that must be respected for façades. In order to verify compliance with legal requirements it is usual to perform acoustic measurements in the finished buildings and then compare the measurement results with the established limits. Since there is always a certain measurement uncertainty, this uncertainty must be calculated and taken into account in order to ensure compliance with specifications. The most commonly used method for measuring sound insulation on façades is the so-called Global Loudspeaker Method, specified in ISO 140-5:1998. This method uses a loudspeaker placed outside the building as a sound source. The loudspeaker directivity has a significant influence on the measurement results, and these results may change noticeably by choosing different loudspeakers, even though they all fulfill the directivity requirements of ISO 140-5. This work analyzes the influence of the loudspeaker directivity on the results of façade sound insulation measurement, and determines its contribution to measurement uncertainty. The theoretical analysis is experimentally validated by means of an intermediate precision test according to ISO 5725-3:1994, which compares the values of sound insulation obtained for a façade using various loudspeakers with different directivities. Keywords: Uncertainty, Façade, Insulation

Ultraintense Lasers Applied to Laser Fusion Material Testing: Production of Ions, X rays and Neutrons

The ability of ultraintese lasers to create short pulses of energetic particles and high fluences is addressed as a solution to reproduce ion and X-ray ICF bursts for the characterization and validation of plasma facing components. The possibility of using a laser neutron source for material testing will also be discussed.

A new generation of real-time systems in the JET tokamak

Recently a new recipe for developing and deploying real-time systems has become increasingly adopted in the JET tokamak. Powered by the advent of x86 multi-core technology and the reliability of the JET’s well established Real-Time Data Network (RTDN) to handle all real-time I/O, an official Linux vanilla kernel has been demonstrated to be able to provide realtime performance to user-space applications that are required to meet stringent timing constraints. In particular, a careful rearrangement of the Interrupt ReQuests’ (IRQs) affinities together with the kernel’s CPU isolation mechanism allows to obtain either soft or hard real-time behavior depending on the synchronization mechanism adopted. Finally, the Multithreaded Application Real-Time executor (MARTe) framework is used for building applications particularly optimised for exploring multicore architectures. In the past year, four new systems based on this philosophy have been installed and are now part of the JET’s routine operation. The focus of the present work is on the configuration and interconnection of the ingredients that enable these new systems’ real-time capability and on the impact that JET’s distributed real-time architecture has on system engineering requirements, such as algorithm testing and plant commissioning. Details are given about the common real-time configuration and development path of these systems, followed by a brief description of each system together with results regarding their real-time performance. A cycle time jitter analysis of a user-space MARTe based application synchronising over a network is also presented. The goal is to compare its deterministic performance while running on a vanilla and on a Messaging Real time Grid (MRG) Linux kernel.

Integración de baterías en sistemas fotovoltaicos conectados a red

La situación actual del mercado energético en España y el imparable aumento de las tasas por parte de las eléctricas, está fomentando la búsqueda de fuentes de energía alternativas que permitan a la población poder abastecerse de electricidad, sin tener que pagar unos costes tan elevados. Para cubrir esta necesidad, la energía fotovoltaica y sobretodo el autoconsumo con inyección a red o balance neto, está adquiriendo cada vez más importancia dentro del mundo energético. Pero la penetración de esta tecnología en la Red Eléctrica Española tiene un freno, la desconfianza por parte del operador de la red, ya que la fotovoltaica es una fuente de energía intermitente, que puede introducir inestabilidades en el sistema en caso de alta penetración. Por ello se necesita ganar la confianza de las eléctricas, haciendo que sea una energía predecible, que aporte potencia a la red eléctrica cuando se le pida y que opere participando en la regulación de la frecuencia del sistema eléctrico. Para tal fin, el grupo de investigación de Sistemas Fotovoltaicos, perteneciente al IES de la UPM, está llevando a cabo un proyecto de investigación denominado PV CROPS, financiado por la Comisión Europea, y que tiene por objetivo desarrollar estas estrategias de gestión. En este contexto, el objetivo de este Proyecto Fin de Carrera consiste en implementar un Banco de Ensayos con Integración de Baterías en Sistemas FV Conectados a Red, que permita desarrollar, ensayar y validar estas estrategias. Aprovechando la disponibilidad para usar el Hogar Digital, instalado en la EUITT de la UPM, hemos montado el banco de ensayos en un laboratorio contiguo, y así, poder utilizar este Hogar como un caso real de consumos energéticos de una vivienda. Este banco de ensayos permitirá obtener información de la energía generada por la instalación fotovoltaica y del consumo real de la "casa" anexa, para desarrollar posteriormente estrategias de gestión de la electricidad. El Banco de Ensayos está compuesto por tres bloques principales, interconectados entre sí:  Subsistema de Captación de Datos y Comunicación. Encargado de monitorizar los elementos energéticos y de enviar la información recopilada al Subsistema de Control. Formado por analizadores de red eléctrica, monofásicos y de continua, y una pasarela orientada a la conversión del medio físico Ethernet a RS485.  Subsistema de Control. Punto de observación y recopilación de toda la información que proviene de los elementos energéticos. Es el subsistema donde se crearán y se implementarán estrategias de control energético. Compuesto por un equipo Pxie, controlador empotrado en un chasis de gama industrial, y un equipo PC Host, compuesto por una workstation y tres monitores.  Subsistema de Energía. Formado por los elementos que generan, controlan o consumen energía eléctrica, en el Banco de Ensayos. Constituido por una pérgola FV, un inversor, un inversor bidireccional y un bloque de baterías. El último paso ha sido llevar a cabo un Ejemplo de Aplicación Práctica, con el que hemos probado que el Banco de Ensayos está listo para usarse, es operativo y completamente funcional en operaciones de monitorización de generación energética fotovoltaica y consumo energético. ABSTRACT. The current situation of the energetic market in Spain and the unstoppable increase of the tax on the part of the electrical companies, is promoting the search of alternative sources of energy that allow to the population being able to be supplied of electricity, without having to pay so high costs. To meet this need, the photovoltaic power and above all the self-consumption with injection to network, it is increasingly important inside the energetic world. It allows to the individual not only to pay less for the electricity, in addition it allows to obtain benefits for the energy generated in his own home. But the penetration of this technology in the Electrical Spanish Network has an obstacle, the distrust on the part of the operator of the electrical network, due to the photovoltaic is an intermittent source of energy, which can introduce instabilities in the system in case of high penetration. Therefore it´s necessary to reach the confidence of the electricity companies, making it a predictable energy, which provides with power to the electrical network whenever necessary and that operates taking part in the regulation of the frequency of the electric system. For such an end, the group of system investigation Photovoltaic, belonging to the IES of the UPM, there is carrying out a project of investigation named PV CROPS, financed by the European Commission, and that has for aim to develop these strategies of management. In this context, the objective of this Senior Thesis consists in implementing a Bank of Tests with Integration of Batteries in Photovoltaic Systems Connected to Network, which allows developing, testing and validating these strategies. Taking advantage of the availability to use the Digital Home installed in the EUITT of the UPM, we have mounted the bank of tests in a contiguous laboratory to use this Home as a real case of energetic consumptions of a house. This bank of tests will allow obtaining information of the energy generated by the photovoltaic installation and information of the royal consumption of the attached "house", to develop later strategies of management of the electricity. The Bank of Tests is composed by three principal blocks, interconnected each other:  Subsystem of Gathering of data and Communication. In charge of monitoring the energetic elements and sending the information compiled to the Subsystem of Control. Formed by power analyzers, AC and DC, and a gateway for the conversion of the Ethernet physical medium to RS485.  Subsystem of Control. Point of observation and compilation of all the information that comes from the energetic elements. It is the subsystem where there will be created and there will be implemented strategies of energetic control. Composed of a Pxie, controller fixed in an industrial range chassis, and a PC Host, formed by a workstation and three monitors.  Subsystem of Energy. Formed by the elements of generating, controlling or consuming electric power, in the Bank of Tests. Made of photovoltaic modules, an inverter, a twoway inverter and a batteries block. The last step has been performing an Example of Practical Application we have proved that the Bank of Tests is ready to be used, it´s operative and fully functional in monitoring operations of energetic photovoltaic generation and energetic consumption.