DOCSLIB.ORG

Hardware Mechanisms for Distributed Dynamic Software Analysis

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Hardware Mechanisms for Distributed Dynamic Software Analysis Hardware Mechanisms for Distributed Dynamic Software Analysis by Joseph Lee Greathouse A dissertation submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy (Computer Science and Engineering) in The University of Michigan 2012 Doctoral Committee: Professor Todd M. Austin, Chair Professor Scott Mahlke Associate Professor Robert Dick Associate Professor Jason Nelson Flinn c Joseph Lee Greathouse All Rights Reserved 2012 To my parents, Gail and Russell Greathouse. Without their support throughout my life, I would never have made it this far. ii Acknowledgments First and foremost, I must thank my advisor, Professor Todd Austin, for his help and guid- ance throughout my graduate career. I started graduate school with the broad desire to “research computer architecture,” but under Professor Austin’s watch, I have been able to hone this into work that interests us both and has real applications. His spot-on advice about choosing topics, performing research, writing papers, and giving talks has been an invaluable introduction to the research world. The members of my committee, Professors Robert Dick, Jason Flinn, and Scott Mahlke, also deserve special gratitude. Their insights, comments, and suggestions have immea- surably improved this dissertation. Together their expertise spans low-level hardware to systems software and beyond. This meant that I needed to ensure that any of my ideas were defensible from all sides. I have been fortunate enough to collaborate with numerous co-authors. I have often published with Professor Valeria Bertacco, who, much like Professor Austin, has given me invaluable advice during my time at Michigan. I am extremely lucky to have had the chance to work closely with Ilya Wagner, David Ramos, and Andrea Pellegrini, all of whom have continued to be good friends even after the high-stress publication process. My other Michigan co-authors are Professor Seth Pettie, Gautam Bhatnagar, Chelsea LeBlanc, Yixin Luo, and Hongyi Xin, each of whom has significantly contributed to my graduate career and whose help I greatly appreciate. I was also fortunate to have spent five months doing research at Intel. This opportunity broadened my research into concurrency bugs and helped break me out of my post-quals slump. Matt Frank, Zhiqiang Ma, and Ramesh Peri were co-authors on the paper that re- sulted from this work, and I heartily thank them for all of their help. I also wish to thank the entire Inspector XE team, whose product was amazing to work with. Matt Braun, especially, was always available to help keep my project moving forward. Matt Frank also aided me immensely when I was an undergraduate at the University of Illinois. He and Professors Sanjay Patel and Donna Brown were instrumental in convincing me to go to graduate school in the first place. I am certain that their recommendation letters iii were the main reason I was admitted into Michigan. I am also thankful to Nick Carter, who was a faculty member at UIUC at the time, for allowing me to do research with his group during my senior year. I failed completely at the tasks he assigned me, but it was an incomparable learning experience. I doubt I would have been able to complete this dissertation without the support of the other graduate students in my lab. I’m extremely lucky to have had such amazing people in close proximity, which has really proven to me the power of a good group of motivated people. Thanks to all of you for being great: Bill Arthur, Adam Bauserman, Kai-hui Chang, Debapriya Chatterjee, Jason Clemons, Kypros Constantinides, Shamik Ganguly, Jeff Hao, Andrew Jones, Rawan Khalek, Shashank Mahajan, Biruk Mammo, Jinsub Moon, Andreas Moustakas, Ritesh Parikh, Robert Perricone, Steve Plaza, Shobana Sudhakar, and Dan Zhang. There are also loads of people in the department that have been an inspiration. Michi- gan’s CSE program is strong because of people like you: Professor Tom Wenisch, Timur Alperovich, Bashar Al-Rawi, Hector´ Garcia, Anthony Gutierrez, Jin Hu, Anoushe Jamshidi, Daya Khudia, Dave Meisner, Jarrod Roy, Korey Sewell, and Ken Zick. I think it’s also important to acknowledge everyone who has volunteered to help out with the ACAL reading group. Andrew DeOrio deserves special thanks for putting up with me as a labmate for five years and as a roommate for three. We started at nearly the same time and are finishing at nearly the same time, even if our day-to-day schedules almost never overlap. My friends in Illinois were also a big help in making it through this process. Paul Mathewson, especially, kept me focused on things besides engineering (and let me crash on his couch during my internship). Dan Bassett and Dan Baker both kept me grounded in reality in their own ways. Finally, my family is the biggest reason that I’ve been able to do this work. Without their constant support throughout childhood, college, and graduate school, I would’ve stopped a hundred times along the way. My parents and grandparents have always encouraged me in any decision I’ve made. I couldn’t ask for anything more. iv Table of Contents Dedication ....................................... ii Acknowledgments ................................... iii List of Tables ...................................... viii List of Figures ..................................... ix Abstract ......................................... xi Chapter 1 Introduction ...............................1 1.1 Complexity Causes Software Errors . .2 1.2 Hardware Plays a Role in the Problem . .4 1.3 Attempts to Alleviate the Problem . .7 1.4 Analysis Yields Better Software . .8 1.4.1 Static Software Analysis . .8 1.4.2 Dynamic Software Analysis . .9 1.5 Contributions of this Work . 12 Chapter 2 Distributed Dynamic Dataflow Analysis ................ 15 2.1 Introduction to Sampling . 16 2.1.1 Sampling for Performance Analysis . 17 2.1.2 Sampling for Assertion Checking . 17 2.1.3 Sampling for Concurrency Tests . 18 2.1.4 Sampling for Dynamic Dataflow Analyses . 18 2.2 Background . 20 2.2.1 Dynamic Dataflow Analysis . 20 2.2.2 Demand-Driven Dataflow Analysis . 23 2.2.3 The Deficiencies of Code-Based Sampling . 23 2.3 Effectively Sampling Dataflow Analyses . 25 2.3.1 Definition of Performance Overhead . 28 2.3.2 Overhead Control . 29 2.3.3 Variable Probability of Stopping Analysis . 31 2.4 Prototype System Implementation . 34 v 2.4.1 Enabling Efficient User Interaction . 36 2.5 Experimental Evaluation . 37 2.5.1 Benchmarks and Real-World Vulnerabilities . 38 2.5.2 Controlling Dataflow Analysis Overheads . 40 2.5.3 Accuracy of Sampling Taint Analysis . 43 2.5.4 Exploring Fine-Grained Performance Controls . 46 2.6 Chapter Conclusion . 49 Chapter 3 Testudo: Hardware-Based Dataflow Sampling ............ 50 3.1 Limitations of Software Sampling . 51 3.2 Hardware-Based Dynamic Dataflow Analysis . 53 3.2.1 Limitations of Hardware DDA . 55 3.2.2 Contributions of this Chapter . 56 3.3 Hardware for Dataflow Sampling . 57 3.3.1 Baseline Support for Dataflow Analysis . 58 3.3.2 Limiting Overheads with a Sample Cache . 59 3.3.3 Intra-flow Selection Policy . 61 3.3.4 Inter-flow Selection Policy . 61 3.3.5 Testudo Sampling Example . 62 3.4 An Analytical Model of Dataflow Coverage . 63 3.4.1 Analytical Model Overview . 63 3.4.2 Analytical Model Derivation . 64 3.4.3 On the Relation to the Coupon Collector’s Problem . 65 3.5 Experimental Evaluation . 66 3.5.1 System Simulation Framework . 66 3.5.2 Taint Analysis Coverage and Performance . 68 3.5.3 Worst Case Analytical Bounds . 70 3.5.4 Beyond Taint Analysis . 71 3.5.5 Sample Cache Hardware Overheads . 71 3.6 Chapter Conclusion . 73 Chapter 4 Demand-Driven Data Race Detection ................. 75 4.1 Introduction . 76 4.1.1 Contributions of this Chapter . 77 4.2 Data Race Detection Background . 79 4.3 Demand-Driven Data Race Detection . 80 4.3.1 Unsynchronized Sharing Causes Races . 81 4.3.2 Performing Race Detection When Sharing Data . 82 4.4 Monitoring Data Sharing in Hardware . 84 4.4.1 Cache Events . 85 4.4.2 Performance Counters . 87 4.5 Demand-Driven Race Detector Design . 88 4.6 Experimental Evaluation . 90 4.6.1 Experimental Setup . 90 4.6.2 Performance Improvement . 92 vi 4.6.3 Accuracy of Demand-Driven Data Race Detection . 95 4.6.4 Races Missed by the Demand-Driven Data Race Detector . 96 4.6.5 Observing more W!W Data Sharing . 97 4.6.6 Negating the Limited Cache Size . 97 4.7 Related Work . 98 4.7.1 Data Race Detection . 98 4.7.2 Software Acceleration Methods . 99 4.7.3 Hardware Race Detection . 100 4.7.4 Observing Hardware Events . 100 4.8 Chapter Conclusion . 101 Chapter 5 Hardware Support for Unlimited Watchpoints ............ 103 5.1 Introduction . 103 5.1.1 Contributions of This Chapter . 105 5.2 Fast Unlimited Watchpoints . 107 5.2.1 Existing HW Watchpoint Support . 107 5.2.2 Unlimited Watchpoint Requirements . 108 5.2.3 Efficient Watchpoint Hardware . 110 5.3 Watchpoint Applications . 117 5.3.1 Dynamic Dataflow Analysis . 117 5.3.2 Deterministic Concurrent Execution . 119 5.3.3 Data Race Detection . 120 5.4 Experimental Evaluation . 121 5.4.1 Experimental Setup . 121 5.4.2 Results for Taint Analysis . 124 5.4.3 Results for Deterministic Execution . 126 5.4.4 Results for Data Race Detection . 127 5.4.5 Experimental Takeaways . 128 5.5 Related Work . 129 5.5.1 Memory Protection Systems . 129 5.5.2 Other Uses for Watchpoints . 131 5.6 Chapter Conclusion . 132 Chapter 6 Conclusion ................................ 134 6.1 Thesis Summary . 135 6.2 Future Research Directions . 136 6.3 Conclusion . 137 Bibliography ...................................... 138 vii List of Tables Table 2.1 Overheads from a Selection of Dynamic Analyses .
Load more

Recommended publications
  • Simics* Model Library for Eagle Stream Simulation Environment
    Simics* Model Library for Eagle Stream Simulation Environment Release Notes May 2020 Revision V0.6.00 Intel Confidential Notice: This document contains information on products in the design phase of development. The information here is subject to change without notice. Do not finalize a design with this information. Intel technologies’ features and benefits depend on system configuration and may require enabled hardware, software, or service activation. Learn more at intel.com, or from the OEM or retailer. No computer system can be absolutely secure. Intel does not assume any liability for lost or stolen data or systems or any damages resulting from such losses. You may not use or facilitate the use of this document in connection with any infringement or other legal analysis concerning Intel products described herein. You agree to grant Intel a non-exclusive, royalty-free license to any patent claim thereafter drafted which includes subject matter disclosed herein. No license (express or implied, by estoppel or otherwise) to any intellectual property rights is granted by this document. The products described may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request. This document contains information on products, services and/or processes in development. All information provided here is subject to change without notice. Contact your Intel representative to obtain the latest Intel product specifications and roadmaps. Intel disclaims all express and implied warranties, including without limitation, the implied warranties of merchantability, fitness for a particular purpose, and non-infringement, as well as any warranty arising from course of performance, course of dealing, or usage in trade.
    [Show full text]
  • Users As Co-Designers of Software-Based Media: the Co-Construction of Internet Relay Chat
    Users as Co-Designers of Software-Based Media: The Co-Construction of Internet Relay Chat Guillaume Latzko-Toth Université Laval AbsTrAcT While it has become commonplace to present users as co-creators or “produsers” of digital media, their participation is generally considered in terms of content production. The case of Internet Relay Chat (IRC) shows that users can be fully involved in the design process, a co-construction in the sense of Science and Technology Studies (STS): a collective, simultaneous, and mutual construction of actors and artifacts. A case study of the early de - velopment of two IRC networks sheds light on that process and shows that “ordinary users” managed to invite themselves as co-designers of the socio-technical device. The article con - cludes by suggesting that IRC openness to user agency is not an intrinsic property of software- based media and has more to do with its architecture and governance structure. Keywords Digital media; Communication technology; Co-construction; Design process; Ordinary user résumé Il est devenu banal de présenter l’usager comme cocréateur ou « produtilisateur » des médias numériques, mais sa participation est généralement envisagée comme une production de contenus. Le cas d’IRC (Internet Relay Chat) montre que les usagers des médias à support logiciel peuvent s’engager pleinement dans le processus de conception, une co-construction au sens des Science and Technology Studies : une construction collective, simultanée et mutuelle des acteurs et des artefacts. Une étude de cas portant sur le développement de deux réseaux IRC éclaire ce processus et montre que les « usagers ordinaires » sont parvenus à s’inviter comme co-concepteurs du dispositif.
    [Show full text]
  • The Copyright Crusade
    The Copyright Crusade Abstract During the winter and spring of 2001, the author, chief technology officer in Viant's media and entertainment practice, led an extensive inqUiry to assess the potential impact of extant Internet file-sharing capabilities on the business models of copyright owners and holders. During the course of this project he and his associates explored the tensions that exist or may soon exist among peer-to-peer start-ups, "pirates" and "hackers," intellectual property companies, established media channels, and unwitting consumers caught in the middle. This research report gives the context for the battleground that has emerged, and calls upon the players to consider new, productive solutions and business models that support profitable, legal access to intellectual property via digital media. by Andrew C Frank. eTO [email protected] Viant Media and Entertainment Reinhold Bel/tIer [email protected] Aaron Markham [email protected] assisted by Bmre Forest ~ VI ANT 1 Call to Arms Well before the Internet. it was known that PCs connected to two-way public networks posed a problem for copyright holders. The problem first came to light when the Software Publishers Association (now the Software & Information Industry Association), with the backing of Microsoft and others, took on computer Bulletin Board System (BBS) operators in the late 1980s for facilitating trade in copyrighted computer software, making examples of "sysops" (as system operators were then known) by assisting the FBI in orchestrat­ ing raids on their homes. and taking similar legal action against institutional piracy in high profile U.S. businesses and universities.' At the same time.
    [Show full text]
  • Case Studies: Memory Behavior of Multithreaded Multimedia and AI Applications
    Case Studies: Memory Behavior of Multithreaded Multimedia and AI Applications Lu Peng*, Justin Song, Steven Ge, Yen-Kuang Chen, Victor Lee, Jih-Kwon Peir*, and Bob Liang * Computer Information Science & Engineering Architecture Research Lab University of Florida Intel Corporation {lpeng, peir}@cise.ufl.edu {justin.j.song, steven.ge, yen-kuang.chen, victor.w.lee, bob.liang}@intel.com Abstract processor operated as two logical processors [3]. Active threads on each processor have their own local states, Memory performance becomes a dominant factor for such as Program Counter (PC), register file, and today’s microprocessor applications. In this paper, we completion logic, while sharing other expensive study memory reference behavior of emerging components, such as functional units and caches. On a multimedia and AI applications. We compare memory multithreaded processor, multiple active threads can be performance for sequential and multithreaded versions homogenous (from the same application), or of the applications on multithreaded processors. The heterogeneous (from different independent applications). methodology we used including workload selection and In this paper, we investigate memory-sharing behavior parallelization, benchmarking and measurement, from homogenous threads of emerging multimedia and memory trace collection and verification, and trace- AI workloads. driven memory performance simulations. The results Two applications, AEC (Acoustic Echo Cancellation) from the case studies show that opposite reference and SL (Structure Learning), were examined. AEC is behavior, either constructive or disruptive, could be a widely used in telecommunication and acoustic result for different programs. Care must be taken to processing systems to effectively eliminate echo signals make sure the disruptive memory references will not [4].
    [Show full text]
  • Automotive Solutions Brochure
    WIND RIVER AUTOMOTIVE SOLUTIONS The Software-Enabled Automobile Simplifying the Connected Car Software is a key differentiating factor for today’s automakers. It is critical to harnessing the opportunities of autonomous driving, creating the connected car, delivering unique driving and infotainment experiences, ensuring all-around safety, and generating new revenue streams from innovative applications. But automotive software is becoming increasingly complex, because it must Tackle complexity, increase support greater functionality to meet consumer expectations, address competitive pressures, integrate predictability, reduce costs, disparate platforms, and adapt quickly to the ever-accelerating rate of technological change, while maintaining compliance with safety and security requirements and remaining within cost targets. and speed time-to-production Software complexity, in turn, slows time-to-production and increases development costs, creating a for your automotive projects vicious cycle. with Wind River. For example, a high-end modern car has more than 100 million lines of code, 145 actuators, over 4,000 signals, 75 sensors, and more than 70 on-board computers analyzing 25 GB of data per hour. In addition, the car might have as many as 100 different electronic control units (ECUs) managing both safety-critical and non-safety-critical functions. The more complex systems become, the higher the risk that functions will interfere with each other or that one or more systems will fail. Connected cars provide a further example: employing V2X communications, they will be able to An experienced software integrator such as Wind River® can help automotive original equipment alert each other and the infrastructure to road hazards or impending collisions. But as cars become manufacturers (OEMs) and their Tier 1 suppliers manage complexity, alleviate risk, increase more dependent on wireless connectivity, both within the vehicles and externally, they become predictability, and shorten development time.
    [Show full text]
  • The Complete Solutions Guide for Every Linux/Windows System Administrator!
    Integrating Linux and Windows Integrating Linux and Windows By Mike McCune Publisher : Prentice Hall PTR Pub Date : December 19, 2000 ISBN : 0-13-030670-3 • Pages : 416 The complete solutions guide for every Linux/Windows system administrator! This complete Linux/Windows integration guide offers detailed coverage of dual- boot issues, data compatibility, and networking. It also handles topics such as implementing Samba file/print services for Windows workstations and providing cross-platform database access. Running Linux and Windows in the same environment? Here's the comprehensive, up-to-the-minute solutions guide you've been searching for! In Integrating Linux and Windows, top consultant Mike McCune brings together hundreds of solutions for the problems that Linux/Windows system administrators encounter most often. McCune focuses on the critical interoperability issues real businesses face: networking, program/data compatibility, dual-boot systems, and more. You'll discover exactly how to: Use Samba and Linux to deliver high-performance, low-cost file and print services to Windows workstations Compare and implement the best Linux/Windows connectivity techniques: NFS, FTP, remote commands, secure shell, telnet, and more Provide reliable data exchange between Microsoft Office and StarOffice for Linux Provide high-performance cross-platform database access via ODBC Make the most of platform-independent, browser-based applications Manage Linux and Windows on the same workstation: boot managers, partitioning, compressed drives, file systems, and more. For anyone running both Linux and Windows, McCune delivers honest and objective explanations of all your integration options, plus realistic, proven solutions you won't find anywhere else. Integrating Linux and Windows will help you keep your users happy, your costs under control, and your sanity intact! 1 Integrating Linux and Windows 2 Integrating Linux and Windows Library of Congress Cataloging-in-Publication Data McCune, Mike.
    [Show full text]
  • Wind River Simics
    ™ AN INTEL COMPANY WIND RIVER SIMICS Electronic systems are becoming increasingly complex, with more hardware, more software, and more connectivity. Today’s systems are software intensive, using multiple processor architectures and running complex, multilayered software stacks. With an increasing empha- sis on smart and connected systems, complexity in software and hardware is unavoidable. With more connections comes additional security risk, which needs to be tested thoroughly. Compounding the challenge is the fact that developers have turned to DevOps and con- tinuous development practices to meet customer and company expectations for quick deliveries. Such methodologies rely on fast iterations for test, feedback, and deployment. Collaborative and cross-functional teams need tools to communicate and share a common development baseline. Wind River® Simics® allows developers to have on-demand access to any target system at any time. It enables more efficient collaboration between developers and quality assurance teams. Simics provides an automation API, enabling organizations to reap the business ben- efits of DevOps and continuous development practices to create and deliver better, more secure software, faster—even for complex, embedded, connected, and large IoT systems. DEVELOP SOFTWARE IN A VIRTUAL ENVIRONMENT Simics provides the access, automation, and collaboration required to enable DevOps and continuous development practices. By using virtual platforms and simulation, soft- ware developers can decouple their work from physical hardware and its limitations during development. Access to virtual hardware allows developers to do continuous integration and automated testing much sooner in the development cycle—even before the hardware design is finalized—as well as perform both testing and debugging during design and pro- totyping phases.
    [Show full text]
  • First Steps Simics/GEMS on Ubuntu 7.10
    First Steps Simics/GEMS on Ubuntu 7.10 Author: Aleksandar Vitorovic, [email protected], student of Faculty of Electrical Engineering, University of Belgrade, Serbia This document is not a product of the Multifacet Group. It is a GEMS user contribution, and this document is provided as-is, without warranty or guarantee of any kind, and without support. This document may serve as a useful guide for many users, but is neither tested nor verified by any authors of the GEMS infrastructure. 1 Introduction This tutorial explains basic steps for users to get familiar with GEMS/Simics environment. It is idiot- proof tutorial. Basic think you should know to start simulator is showed. In every fork I decided to choose one option and explain it in detail. For further details and other options you should consult appropriate documentation. In chapter 2 is detailed installation process for GEMS 2.1 and Simics 3.0.30 on Ubuntu 7.10 x86. In chapter 3 is detailed installation process for Simics 2.2.19 on Ubuntu 7.10 x86. In chapter 4 there is different manuals for Frequently used Commands. In chapter 5 we explain how to add benchmark to your target machine and how to start that. In chapter 6 there is list of used references. This tutorial are provided AS IS with NO WARRANTY OF ANY KIND, INCLUDING THE WARRANTY OF DESIGN, MERCHANTIBILITY AND FITNESS FOR A PARTICULAR PURPOSE. 2 GEMS 2.1/Simics 3.0.30 Installation It is possible to install GEMS 2.1 based on Simics 3.0.30 on Ubuntu 7.10 x86 with GCC 4.1.3, although GEMS manufacturers internally work with GCC 3.4.6.
    [Show full text]
  • Partner Directory Wind River Partner Program
    PARTNER DIRECTORY WIND RIVER PARTNER PROGRAM The Internet of Things (IoT), cloud computing, and Network Functions Virtualization are but some of the market forces at play today. These forces impact Wind River® customers in markets ranging from aerospace and defense to consumer, networking to automotive, and industrial to medical. The Wind River® edge-to-cloud portfolio of products is ideally suited to address the emerging needs of IoT, from the secure and managed intelligent devices at the edge to the gateway, into the critical network infrastructure, and up into the cloud. Wind River offers cross-architecture support. We are proud to partner with leading companies across various industries to help our mutual customers ease integration challenges; shorten development times; and provide greater functionality to their devices, systems, and networks for building IoT. With more than 200 members and still growing, Wind River has one of the embedded software industry’s largest ecosystems to complement its comprehensive portfolio. Please use this guide as a resource to identify companies that can help with your development across markets. For updates, browse our online Partner Directory. 2 | Partner Program Guide MARKET FOCUS For an alphabetical listing of all members of the *Clavister ..................................................37 Wind River Partner Program, please see the Cloudera ...................................................37 Partner Index on page 139. *Dell ..........................................................45 *EnterpriseWeb
    [Show full text]
  • Simplify Your Move to Multi-Core with Simulation
    AN INTEL COMPANY Simplify Your Move to Multi-core with Simulation Wind River Simics Is a Key Component in the Science of Multi-core Adoption WHEN IT MATTERS, IT RUNS ON WIND RIVER SIMPLIFY YOUR MOVE TO MULTI-CORE WITH SIMULATION EXECUTIVE SUMMARY It has been almost a decade since Advanced Micro Devices (AMD) proudly proclaimed that multi-core would soon be “the pervasive computing model.” It’s happening, but slowly. Yes, the benefits of multi-core are real. The performance gains, reduction in power consumption, productivity advantages, and potential for consolidation have all been proven. But the added complexity of multi-core system development has slowed adoption. Simulation in general offers a way to accelerate the business benefits of multi-core without further complicating life for development teams. Simulation using Wind River® Simics® makes it possible to overcome the complexities of parallelism while actually simplifying life for developers. Further, Simics makes design, debug, and test of multi-core software more efficient than is possible via traditional methods. This paper shows how simulation solves the problems that have been holding back multi-core adoption, and provides an overview of the capabilities of Simics for multi-core software development. TABLE OF CONTENTS Executive Summary . 2 The Multi-core Advantage . 3 Multi-core Development Challenges . 3 Simulation Advantages for Multi-core Development . 3 Dispelling the Myths About Simulation for Multi-core Development . 5 Myth 1: Simulation is not fast enough . 5 Myth 2: Simulation is not accurate enough . 5 Myth 3: Simulation doesn’t provide debugging capabilities . 5 Myth 4: Simulation doesn’t run real code .
    [Show full text]
  • Análisis Forense De Sistemas GNU/Linux, Unix David Dittrich
    Análisis Forense de Sistemas GNU/Linux, Unix David Dittrich [email protected] Ervin Sarkisov [email protected] Copyright David Dittrich, Ervin Sarkisov. Se otorga permiso para copiar, distribuir y/o modificar este documento bajo los términos de la Licencia de Documentación Libre GNU, Versión 1.1 o cualquier otra versión posterior publicada por la Free Software Foundation. Puede consultar una copia de la licencia en: http://www.gnu.org/copyleft/fdl.html Miles servidores corporativos están siendo comprometidos diariamente, Gbytes de información privilegiada se transfieren cada día por los los canales de comunicación, las corporaciones informan de miles y millones de pérdidas. La mayoría de las investigaciones de casos similares, estén realizadas por parte de las empresas especializadas o por parte de las agencias gubernamentales, precisan un estudio forense previo para recoger todas las pruebas encontradas en los equipos y determinar los factores claves para reconstruir los hechos transcurridos, antes, durante y a posteriori del posible acceso no autorizado al sistema. Todo ese trabajo puede ser complicado por múltiples razones, siendo una analogía directa la ciencia forense tradicional en los casos criminales, dónde la escena del crimen es el servidor comprometido y cualquier equivocación o descuido puede causar la pérdida de información vital que podría desvelar algún hecho importante sobre el "la víctima", el "criminal", el "objetivo" o el "móvil". Los intrusos permanentemente mejoran sus técnicas, sean de acceso, ocultación de pruebas o de eliminación de huellas, siendo difícil, o en algunos casos imposible de reconstruir el 100% de los eventos ocurridos. Los forenses de hace varios años tienen dificultades adaptándose a las nuevas técnicas ya que no solo son necesarios los conocimientos de la materia sino experiencia en campos que tienen bastante poco que ver con la ciencia forense - ingeniería inversa, criptografía, programación en lenguajes de bajo nivel.
    [Show full text]
  • Software Development for Parallel and Multi-Core Processing
    3 Software Development for Parallel and Multi-Core Processing Kenn R. Luecke The Boeing Company USA 1. Introduction The embedded software industry wants microprocessors with increased computing functionality that maintains or reduces space, weight, and power (SWaP). Single core processors were the key embedded industry solution between 1980 and 2000 when large performance increases were being achieved on a yearly basis and were fulfilling the prophecy of Moore’s Law. Moore’s Law states that “the number of transistors that can be placed inexpensively on an integrated circuit doubles approximately every two years.”1 With the increased transistors, came microprocessors with greater computing throughput while space, weight and power were decreasing. However, this ‘free lunch’ did not last forever.2 The additional power required for greater performance improvements became too great starting in 2000. Hence, single core microprocessors are no longer an optimal solution. Although, distributed and parallel programming solutions provide greater throughput, these solutions unfortunately increase SWaP. The most likely solution is multi-core processors which have been introduced into the embedded processor markets. Most microprocessor manufacturers have converted from developing single core processors to multi-core processors. With this conversion, the prophecy of Moore’s Law is still being achieved. See Figure 1 and notice how the single core processors are not keeping pace with the multi-core processors. Multi-core processors increase throughput while maintaining or reducing SWaP for embedded environments which make them a good hardware solution for the aerospace industry. Intel, in particular, has estimated that by 2011, 95% of all the processors it ships will contain a multi-core design.
    [Show full text]