DOCSLIB.ORG

Visibility & Control: Addressing Supply Chain Challenges to Trustworthy Software-Enabled Things

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Visibility & Control: Addressing Supply Chain Challenges to Trustworthy Software-Enabled Things Visibility & Control: Addressing Supply Chain Challenges to Trustworthy Software-Enabled Things Robert A. Martin Sr. Secure Software & Technology Prin. Eng. Trust & Assurance Cyber Technologies Dept. Cyber Solutions Technical Center IIC Forum | Long Beach, CA © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Everything is Becoming Software-Enabled and Connected, Either through Task Dependency, Supply Chain, or Information Flow Today Your System is: • attackable or • susceptible to a hazard… We need to be assured When this Other System that not only are our own gets subverted through: systems trustworthy but • an un-patched vulnerability; • a mis-configuration; also everything we • an application weakness; depend upon… • a counterfeit item; • tainted software or hardware; or • the system’s susceptibility to a hazard… © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 How is Software-Enabled and Connected (aka Cyber) Becoming so Pervasive? Context: 1976 Chevy Vega The only software was behind the wheel – no microelectronics. © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Critical Functions Migrated into Software & Microelectronics (SW/HW) Electric throttle valve control © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Control/Communication Transitioned from Point-to-Point Wiring to Network-based Air Anti- Con- Engine Lock dition Control Lighting Power Brakes Locks Dash- board Airbag Trans- Active Power Power mission Suspen- Seats Control sion Win- Air dows Anti- Con- Engine Lock dition Control Lighting Power Brakes CAN Locks CAN CAN CAN Connected Software and HW CAN (microelectronics) High Speed CAN Dash- Low Speed board CAN CAN CAN CAN CAN Power Airbag Trans- Active CAN Seats mission Suspen- Power Control sion Win- dows © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Critical Functions Are Migrating into Connected SW/HW Anti-Lock Brakes Transmission Control Lighting Air Conditioning Power Locks Airbag Power Seats Power Windows Smart Catalytic Converter Beam Shaping Headlights Beam Splitting Headlights © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Multiple Types of Networks Are Appearing © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Many Critical Functions Now Need to be Updated and Sustained… © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 The Connectivity and Complexity of Connected Software-Enabled Systems is Still Expanding Driverless Cars, ADAS, V2V, V2I, Safety © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 All types of Enterprises are Facing these Same Changes… Medical Buildings Aeronautics Manufacturing Energy Shipping Vehicles © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 These Changes Go Well beyond Traditional Information Technology… Water Treatment Status & Health Monitoring Oil & Gas Hydro Power & Dam Mngt Smart Munitions Remote Management © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Secure Behavior Reliable Behavior Safe Behavior MIND THE GAP Resilient Behavior Privacy Expectations © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 – Need Assurance of More Than Security – Need Assured Trustworthy Systems © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Pervasiveness of connected SW & SW-enabled capabilities requires supply chain security skills / new awareness of SW risks IT Risk Operational Risk Loss of data or capability Loss of safety or reliability Loss of property or lives Scratch Built Software Assembled Software Majority of products built with Use of open source and 3rd party libraries, no 3rd Party dependencies modules, frameworks, and services Multi-party software updating/patching Traditional Computers Software Enabled Everything Servers databases Healthcare Implantable Medical Smart Munitions Desktops office apps Aeronautics Smart Manufacturing Intelligent Vehicles Laptops e-mail Smart Energy Water Treatment Intelligent Shipping Tablets browsers Oil & Gas Hydro Power Dam Management Switches Routers Microgrids Smart Cities Building Management Autonomous Systems © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 For Software-Enabled IIoT Version Control is Crucial Tracking details for SW & HW components Services • SW & HW Part numbers/names • SW & HW versions • Libraries & Frameworks Used • Tool Chain Used/Flags/Options Applications • Languages & versions used Source Code Operating System Libraries & Firmware Frameworks Compilers MicroElectronics Language Specifications © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 The Supply Chain for Software-Enabled Capabilities is Opaque Tier 4 Manufacturer/ ? Supplier ? ? ? ? Tier 2 Manufacturer/ Tier 3 Manufacturer/ Tier 4 Manufacturer/ ? Customer Supplier Supplier Supplier ? Tier 3 Manufacturer/ Supplier Contractor ? Tier 2 Manufacturer/ ? Integrating Supplier Manufacturer/ US ? Supplier Tier 3 Manufacturer/ Global ? Supplier Tier 2 Manufacturer/ Tier 2 Manufacturer/ Foreign Supplier Supplier Off-shore Foreign Supplier Location Software COTS US Foreign Developers Supplier Reuse Acquire Develop Outsource In-house ? ? ? ? ? © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Market Transparency through “Software Bill of Materials” • Third party components are a known systemic risk. • Transparency can drive tools and behavior to document risk, support mitigations, and drive better SW development practices. • NTIA at Commerce launched an open, community-driven, cross- sector “multistakeholder process” to promote software component transparency. • Understand the problem and define basics of SBOM • Develop use cases across sectors on how such data can be used, today and in the future. • Guidance on how to use existing standards to implement SBOM • Software ID tags (SWID) • Software Package Data Exchange (SPDX) • First phase deliverable mid-November 2019 • More info or to join: [email protected] © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 NTIA Transparency Phase 1 Final Products © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Lowering Adoption Hurdles for SBOMs • Water • Agriculture and Food • Public Health • Energy • Telecommunications • Transportation • Banking and Finance • Chemical Industry • Key Assets • Postal and Shipping End Users in Industry, Government, and Commerce • Medical Devices • Merchandise • Automobiles • Trains • Vessels/Boats • Building Mngt Sys • Software Product & Service Suppliers INTEGRATED DEVELOPMENT CLOUD TOOLS ENVIRONMENTS (IDES) Tool-to-Tool FRAMEWORKS BUILD CHOREOGRAPHY SOURCE CODE & SBOM Exchange PACKAGE Standard effort REPOSITORIES SOFTWARE COMPOSITION ANALYSIS Tools & Capabilities for Software © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 Ecosystem of SW Development, Integration, and Management Tools Vulnerability Information Licensing Package Repos Information (Public & Private) Test Source Code Repos (Public & Private) Operations Build choreography Software Composition Analysis Capabilities Developer “Desktops” © 2019 The MITRE Corporation. All rights reserved. Approved for Public Release; Distribution Unlimited. Case No: 19-01876-24 SW Development, Integration, and Management Tools Source Code & Package Repositories Amazon ECR, Assembla, Azure Container Registry, Beanstalk, Bitbucket, Codebase, Docker, GitHub, GitLab, Glitch, Google Container Registry, JFrog Artifactory, JFrog Xray, inedo, Kubernetes, Launchpad, Maven, Nexus (Sonatype), Phabricator, ProjectLocker, Repository Hosting, Savannah, SourceForge, SourceRepo, Subversion, and Unfuddle Build & Build Choreography Capabilities Ansible, Autorabit, Bamboo, Bitrise, Buildkite, Buildroot, CircleCI, CMake, CruiseControl, Final builder, GCC, Gitlab CI, GoCD, Integrity, Jenkins, Strider CD, TeamCity, Terraform, Travis CI, Urbancode, and Vagrant Developer Desktops (Embedded, Web, Cloud, Desktops/Servers) IDEs: Android Studio, AppCode, Atom, BlueJ, CLion, Cloud9 IDE, Code Blocks, CodeCharge Studio, CodeLobster, CodePen, DataGrip, Eclipse, GoLand, IDLE, IntelliJ IDEA, LINX, Microsoft Visual Studio, Software Composition Analysis: MPLAB, NetBeans, PhpStorm, Pycharm, Rider, RubyMine, Spiralogics Application Architecture, Black Duck Software Composition Analysis (Synopsys), WebStorm, Xcode, and Zend Studio CAST Highlight (CAST Software), Finate
Load more

Recommended publications
  • Said GUERRAB
    Said GUERRAB CONTACT 404-5100 Boulevard Pie IX E-mail: [email protected] H1X 2B6 Website: www.sguerrab-developper.com Montreal (QC) Phone: 438-935-8707 SUMMARY 05 years of experience designing and developing websites. Bilingual French-English. Implementation of numerous IT projects within the school. Design and implementation of websites in PHP, MySQL, JSP, HTML5, CSS3, Sass, Less, Stylus, and JavaScript, Bootstrap, D3.js, MVC framworks (PHP Laravel), Photoshop... Web project management (specifications, deadlines, risks management...). Audio editing, video editing, and graphic design. SEO for websites Autonomous, organized, have a team spirit, available, highly motivated, adaptable to new situations, can work under pressure. TECHNICAL Operating Systems: Windows, Linux , Mac OS X SKILLS Programming Languages: Java, JSP, Ruby, Cobol, VB.NET, C++, PHP, HTML/CSS, JavaScript Markup Languages:JSON, YAML, XML CSS Preprocessors: Sass CSS, Stylus CSS, Less CSS Editors & IDEs: Eclipse, PHPStorm, NetBeans, RubyMine, Sublime Text… Version Control Systems: GIT, Github, Bitbucket, SVN Frameworks & libraries: Laravel, JQuery, Bootstrap, D3.js... CMS: Drupal, Joomla, WordPress Server management: Apache, Tomcat, Glassfish, CPanel, DNS Database: Oracle SQL, PL/SQL, SQL Server, MySQL, Access. Office Applications:Excel, Word, Powerpoint and LibreOffice suite Other software: Microsoft Project, Microsoft Visio, Oracle Forms, Oracle Reports Graphism: Photoshop, The Gimp, Illustrator, Inkscape et InDesign. Maintening:Software (installation and updating). PROFESSIONAL Identify the needs of clients. SKILLS Analyze specifications of the website. Establish a site plan with the design of each page. Choosing tools for the development of the site . Coordinate the collection and the organization of information to include on the site. Collaborate in the definition of the architecture of the site and the choice of navigation scenarios.
    [Show full text]
  • MEMORIA FINAL De Proyectos De Innovación 2016-17 Universidad De Zaragoza
    MEMORIA FINAL de Proyectos de Innovación 2016-17 Universidad de Zaragoza 1 - Identificación del proyecto Código Título PIIDUZ_16_270 Estudio y diseño de una plataforma común de trabajo para la mejora del aprendizaje en el Grado en Ingeniería Informática 2 - Coordinadores del proyecto Cooordinador 1 Don Darío Suárez Gracia Correo Electrónico [email protected] Departamento Informática e Ingeniería de Sistemas Centro Escuela de Ingeniería y Arquitectura 3 - Resumen del proyecto Para el alumnado de ingeniería informática es importante tener una visión global de todos los niveles que forman los sistemas informáticos. La compartimentalización en asignaturas hace que en las mismas se trabaje normalmente en uno o dos niveles de abstracción, por lo que la visión global y transversal entre niveles a veces se pierde. La abstracción es un mecanismo mediante el cual la complejidad de un sistema informático es estratificada en niveles. Cada nivel define un interfaz de interacción con sus niveles vecinos ocultando al resto su implementación. Las asignaturas enseñan muy bien los interfaces y su implementación subyacente pero no las interacciones con el resto de los niveles. Este proyecto pretende romper esta tendencia. Para ello, se estudiará el modo de establecer una plataforma común de trabajo, y su respectivo material, con el objetivo de utilizarlo en múltiples asignaturas y dotar al alumnado de la visión global y transversal de los sistemas informáticos. 4 - Participantes en el proyecto Nombre y apellidos Correo Electrónico Departamento Centro/Institución Don José Luis Briz Velasco [email protected] Informática e Ingeniería de Escuela de Ingeniería y Sistemas Arquitectura Don Víctor Viñals Yúfera [email protected] Informática e Ingeniería de Escuela de Ingeniería y Sistemas Arquitectura Don Rubén Gran Tejero [email protected] Informática e Ingeniería de Escuela de Ingeniería y Sistemas Arquitectura Don Jesus Javier Resano Ezcaray [email protected] Informática e Ingeniería de Escuela de Ingeniería y Sistemas Arquitectura Doña María Villaroya Gaudó Maria.Villarroya@unizar.
    [Show full text]
  • Taming Javascript with Cloud9 IDE: a Tale of Tree Hugging
    Taming JavaScript with Cloud9 IDE: a Tale of Tree Hugging Zef Hemel (@zef) .js browser.js db.js server.js *.js ~140,000 Tooling matters JavaScript Developer HTML CSS JavaScript HTML5 Client CSS3 JavaScript HTML5 Client CSS3 JavaScript Node.js Server Redis HTML5 Client CSS3 JavaScript XMLHttpRequest HTML5 WebSockets Node.js Server Redis Sidebar Sidebar Sidebar Sidebar Sidebar Sidebar Sidebar Sidebar ~240,000 Component Systems Decoupling Message Queues Tooling matters especially for JavaScript Unleash the awesome power of... tatic program analysis Iterating using undeclared variable Warning: you are in an anonymous inner function with its own “this” pointer Did you mean “length”? “The most important thing I have done as a programmer in recent years is to aggressively pursue static code analysis.” John Carmack How? Parse Analyze Code Parser AST Abstract Syntax Tree Op a * 10 Parser “*” Var Num “a” “10” Zeon Narcissus UglifyJS language.js Esprima performance (speed/memory) AST datastructure traversal tools performance (speed/memory) AST datastructure traversal tools JavaScript specific treehugger.js “The JQuery of AST analysis.” treehugger.js Generic AST Data structure treehugger.js Generic AST Data structure treehugger.js Generic Traversals Generic AST Data structure DSL with Pattern Matching treehugger.js Generic Traversals Generic AST Data structure DSL with Language- Pattern Specific Parsers Matching treehugger.js Generic Traversals Generic AST Data structure DSL with Language- Pattern Specific Parsers Matching treehugger.js JavaScript (UglifyJS-based) Generic Traversals Generic AST Data structure DSL with Language- Pattern Specific Parsers Matching treehugger.js JavaScript (UglifyJS-based) Generic Traversals Op a * 10 “*” Var Num “a” “10” Op Op("*", Var("a"), “*” Var Num Num("10")) “a” “10” Op ATerm Op("*", Var("a"), “*” Var Num Num("10")) “a” “10” Constructors Var(_) Lists [_, _] Strings "hello" Placeholders x let’s play What can you do with it? Low-level tooling Intelligent code completion Complex refactoring Cloud Big data What if..
    [Show full text]
  • Overall Features Performance Price
    Scan this code for more info. To download a barcode app, SMS <f2k> to 56677 from a mobile phone with Internet access and camera. SMARTPHONE JOLLA Experience a different way of operating a smartphone without any home or back button — Ashok Pandey to operate, but those who are upgrading to taste the new flavor may struggle a little. At the start, it asks to setup your account and then, it guides you how to use the phone. The first screen reminded us of BB 10 OS. Since there is no Home button, you’ll have to learn a lot of gestures, shortcuts and cues. Sailfish OS sup- ports Android apps and games, and most apps run smoothly. Although there is no issue with Android apps and games on Jolla, but with third party apps like facebook you will find some functionality and notification differences, as Price: `15,490 they are not integrated with the system. Feels good and runs smooth: Jolla has 4.5-inch qHD (960x450p) display, though we were expecting a 720p display, yet screen has good viewing angles. The display is average to use in direct sunlight. It is backed by a 1.4GHz dual-core processor, 1GB RAM and 16 GB internal memory (13.7 GB available to the user) expandable via microSD card. Navigating the phone was quite easy, and launching and switching between apps was smooth. It is equipped with 8 MP rear camera with LED flash that captures quality images in day- light with decent color reproduction. The cam- here are many smartphone manufacturers era comes with several settings for the flash, and OS platforms available in the market.
    [Show full text]
  • Rapid Development
    REVIEWS Zend Studio 4 Exploring the Zend Studio 4 developer environment RAPID DEVELOPMENT PHP experts consider Zend Studio the most mature and feature-rich IDE for PHP. The latest version offers enhanced database manip- ulation and other improvements. We’ll put the Zend Studio IDE through its paces and show you how you can use it to speed up PHP development. BY CARSTEN MÖHRKE he choice of an integrated devel- opment environment is often a Tmatter of taste. Many PHP devel- opers prefer text editors like Emacs or Vim. Developers who favor a more inte- grated approach have several choices in the Linux world. The free Quanta Plus IDE, the closed source Maguma environ- ment, and even Eclipse (with the right Zend Studio has set of plug-ins) are all genuine alterna- the reputation of being tives to an editor. For PHP developers, one of the most mature and pow- erful IDEs. version that disables so many useful Zend Studio Personal Edition Zend Studio is the brainchild of Isra- features it is not really worth the effort The following features are not available el’s Zend Software, a vendor that prefers (see the box titled “Zend Studio Personal in Zend Studio Personal Edition: to be known as “The PHP Company.” Edition”). Older versions often suffered from per- • Profiler Installation • Code Analyzer formance problems or instability, but the • CVS support latest version, Zend Studio 4, is an After downloading and unpacking the extremely powerful and stable developer 47MByte archive, you can launch the • Inspectors environment. Zend Studio is neither installation program directly.
    [Show full text]
  • Fira Code: Monospaced Font with Programming Ligatures
    Personal Open source Business Explore Pricing Blog Support This repository Sign in Sign up tonsky / FiraCode Watch 282 Star 9,014 Fork 255 Code Issues 74 Pull requests 1 Projects 0 Wiki Pulse Graphs Monospaced font with programming ligatures 145 commits 1 branch 15 releases 32 contributors OFL-1.1 master New pull request Find file Clone or download lf- committed with tonsky Add mintty to the ligatures-unsupported list (#284) Latest commit d7dbc2d 16 days ago distr Version 1.203 (added `__`, closes #120) a month ago showcases Version 1.203 (added `__`, closes #120) a month ago .gitignore - Removed `!!!` `???` `;;;` `&&&` `|||` `=~` (closes #167) `~~~` `%%%` 3 months ago FiraCode.glyphs Version 1.203 (added `__`, closes #120) a month ago LICENSE version 0.6 a year ago README.md Add mintty to the ligatures-unsupported list (#284) 16 days ago gen_calt.clj Removed `/**` `**/` and disabled ligatures for `/*/` `*/*` sequences … 2 months ago release.sh removed Retina weight from webfonts 3 months ago README.md Fira Code: monospaced font with programming ligatures Problem Programmers use a lot of symbols, often encoded with several characters. For the human brain, sequences like -> , <= or := are single logical tokens, even if they take two or three characters on the screen. Your eye spends a non-zero amount of energy to scan, parse and join multiple characters into a single logical one. Ideally, all programming languages should be designed with full-fledged Unicode symbols for operators, but that’s not the case yet. Solution Download v1.203 · How to install · News & updates Fira Code is an extension of the Fira Mono font containing a set of ligatures for common programming multi-character combinations.
    [Show full text]
  • Cloud Based Integrated Development Environment for Android Devices
    Special Issue - 2015 International Journal of Engineering Research & Technology (IJERT) ISSN: 2278-0181 NCRTS-2015 Conference Proceedings Cloud based Integrated Development Environment for Android Devices Prof Manjunath R.1 Arunjith C.2 Head of Department Computer Science & Engineering Computer Science & Engineering City Engineering College City Engineering College Bangalore, India Bangalore, India Abstract—Integrated Development Environment is an integration of complete tool suites for software application which provides facilities to programmer for development and the development of language-specific software development such as code completing and fixing, editor services took a tremendous effort for the current source code editing and management, automated testing, generation of IDEs such as Eclipse and Visual Studio. etc. Software is rapidly moving from the desktop to the Web. The Web provides a generic user interface that This paper discusses the implementation of Web allows ubiquitous access, instant collaboration, integration Based Integrated Development Environment (IDE) for with other online services, and avoids installation and Android Devices with the different languages to code, configuration on desktop computers. Moving IDEs to the compile and run the code. The Web Based IDE will allow Web is not just a matter of porting desktop IDEs, a easy development and testing of applications. The users fundamental reconsideration of the IDE architecture is have the privilege to register on to the system write, save necessary in order to realize the full potential that the and manage programs online. After the language is combination of modern IDEs and the Web can offer. chosen by the user the request is forwarded to the This paper discusses implementation of Web based IDE respective compiler.
    [Show full text]
  • Introduction to Python for IBM I
    Introduction to Python for IBM i Mike Pavlak – IT Strategist [email protected] Agenda ■ A little about Python ■ Why use Python ■ How to install/determine if installed ▶IDE ■ Syntax 101 ▶Variables ▶Strings ▶Functions 2 Acknowledgements ■ Kevin Adler ■ Tony Cairns ■ Jesse Gorzinski ■ Google ■ Memegenerator ■ Corn chips and salsa ■ Parrots ■ And, of course, spam 3 A little about Python What is it, really? ■ General purpose language ■ Easy to get started ■ Simple syntax ■ Great for integrations (glue between systems) ■ Access to C and other APIs ■ Infrastructure first, but applications, too 5 Historically… ■ Python was conceptualized by Guido Van Rossum in the late 1980’s ■ Rossum published the first version of Python code (0.9.0) in February of 1991 at the CWI(Centrum Wiskunde & Informatica) in the Netherlands, Amsterdam ■ Python is derived from the ABC programming language, which is a general purpose language that was also developed at CWI. ■ Rossum chose the name “Python” since he was a fan of Monty Python’s Flying Circus. ■ Python is now maintained by a core development team at the institute, although Rossum still holds a vital role in directing its progress and as leading “commitor”. 6 Python lineage ■ Python 1 – 1994 ■ Python 2 – 2000 (Not dead yet…) ▶2.7 – 2010 ■ Python 3 – 2008 ▶3.5 – 2015 ▶3.6.2 – July 2017 ▶3.7 ➔ ETA July 2018 7 Python 2 or 3? 8 What’s the diff? ■ Example: ▶Python 2 print statement replaced by function ● Python 2 – print “Hello World!” ● Python 3 – print(“Hello World!”) ■ Many more differences, tho…
    [Show full text]
  • PHP Beyond the Web Shell Scripts, Desktop Software, System Daemons and More
    PHP Beyond the web Shell scripts, desktop software, system daemons and more Rob Aley This book is for sale at http://leanpub.com/php This version was published on 2013-11-25 This is a Leanpub book. Leanpub empowers authors and publishers with the Lean Publishing process. Lean Publishing is the act of publishing an in-progress ebook using lightweight tools and many iterations to get reader feedback, pivot until you have the right book and build traction once you do. ©2012 - 2013 Rob Aley Tweet This Book! Please help Rob Aley by spreading the word about this book on Twitter! The suggested hashtag for this book is #phpbeyondtheweb. Find out what other people are saying about the book by clicking on this link to search for this hashtag on Twitter: https://twitter.com/search?q=#phpbeyondtheweb Contents Welcome ............................................ i About the author ...................................... i Acknowledgements ..................................... ii 1 Introduction ........................................ 1 1.1 “Use PHP? We’re not building a website, you know!”. ............... 1 1.2 Are you new to PHP? ................................. 2 1.3 Reader prerequisites. Or, what this book isn’t .................... 3 1.4 An important note for Windows and Mac users ................... 3 1.5 About the sample code ................................ 4 1.6 External resources ................................... 4 1.7 Book formats/versions available, and access to updates ............... 5 1.8 English. The Real English. .............................. 5 2 Getting away from the Web - the basics ......................... 6 2.1 PHP without a web server .............................. 6 2.2 PHP versions - what’s yours? ............................. 7 2.3 A few good reasons NOT to do it in PHP ...................... 8 2.4 Thinking about security ...............................
    [Show full text]
  • Alleviating Merge Conflicts with Fine-Grained Visual Awareness
    Alleviating Merge Conflicts with Fine-grained Visual Awareness Stanislav Levin Amiram Yehudai The Blavatnik School of Computer Science The Blavatnik School of Computer Science Tel Aviv University Tel Aviv University Tel-Aviv, Israel Tel-Aviv, Israel [email protected] [email protected] Abstract—Merge conflicts created by software team members dealing with conflicts, such as the multi-versioning technique working on the same code can be costly to resolve, and adversely described in [9]. Regardless of the method chosen, one thing affect productivity. In this work, we suggest the approach of remains painfully certain - a mishandled merge can lead to a fine-grained merge conflict awareness, where software team members are notified of potential merge conflicts via graphical variety of negative results, ranging from ending up with code decoration of the relevant semantic elements, in near real-time. that generates compilation errors in the shared repository, to an The novelty of this approach is that it allows software developers evident faulty program behavior, or even worse, an inevident to pinpoint the element in conflict, such as a method’s body, faulty program behavior, that will only be discovered later parameter, return value, and so on, promoting communication on, well after the merge activity and its delicate context are a about conflicting changes soon after they take place and on a semantic level. We have also conducted a preliminary qualitative thing of the past. It should be noted that the term merge is used evaluation of our approach, the results of which we report in both for the task of merging conflicting, and non conflicting, this paper.
    [Show full text]
  • Web Development India
    WEB DEVELOPMENT INDIA Similar sites like www.tutorialspoint.com www.w3schools.com www.java2s.com www.tizag.com www.mkyong.com www.codecademy.com www.roseindia.net docs.oracle.com/javase/tutorial/ www.stackoverflow.com tutorials.jenkov.com imp……………………………………………….. http://www.xislegraphix.com/website-types.html http://orthodoxdaily.com/types-of-websites/ http://webstyleguide.com/wsg3/1-process/6-types-of-sites.html http://www.virtualmv.com/wiki/index.php?title=Internet:Types_of_Website http://www.marketingcharts.com/wp/online/which-types-of-websites-do-most-americans-visit- frequently-37970/ http://www.2createawebsite.com/prebuild/website-needs.html http://www.tomakewebsite.com/types-of-websites.html http://one-blog-wonder.tumblr.com/post/29818346464/what-types-of-websites-are-there http://www.roseindia.net/services/webdesigning/corporatewebsitedesign/Different-Kinds-of- Website.shtml http://www.marketingprofs.com/charts/2013/12083/which-types-of-websites-are-visited-most- frequently http://webdesignpeeps.com/types-of-websites/ http://www.webdesignerdepot.com/2011/11/navigation-patterns-for-ten-common-types-of- websites/ http://www.teach-ict.com/gcse_new/software/web_design/miniweb/pg2.htm http://www.methodandclass.com/article/what-are-the-different-types-of-web-site http://www.webmasterview.com/2013/03/three-types-of-website/ http://www.chinkin.com/Web-Design/Types-of-Website http://www.designer-daily.com/8-types-of-sites-you-can-build-with-drupal-13924 http://www.mediatopia.co.uk/types-of-websites .................................................................................WEB
    [Show full text]
  • Miguel Angel Arilla Dueso
    Miguel Angel Arilla Dueso E-mail : [email protected] Website: https://maadsharp.net Phone : +34 628 31 99 17 Address: Barcelona (Spain) Objective Backend developer specialized on .NET solutions, including Xamarin mobile solutions, passionate about agile development and software architecture. My higher grade studies equal a Level 5 of the International Standard Classification of Education (ISCED5) which equates to a HNC qualification in the UK. Work experience Esmonet March 2014 — June 2014 Junior Fullstack Developer Internship to accomplish my studies focused on .NET desktop (WinForms) and Android solutions. EFOR June 2014 — June 2015 Junior Fullstack Developer .NET Developer (4 & 4.5 Frameworks) using the following technologies: - C# - JIRA - Entity Framework - REST/WebServices - ASP.NET MVC Razor - MS SQL Server - TFS - JavaScript/jQuery/Bootstrap/HTML5 and CSS3 - Unity(IoC) - WPF, WinForms - DDD - Office Interop (COM) Egara Optiminn June 2015 — December 2015 Medior Developer &amp; Software Architect Responsible of the company's projects architecture. Maintaining a DDD design in a .NET web framework using technologies like AngularJS, Entity Framework, ASP NET MVC (Razor) and MongoDB. I would highlight the fact that I implemented the MongoDB as our main database for current and future projects. Red Arbor December 2015 — December 2016 Medior Backend Developer Miguel Angel Arilla Dueso 1 Working on an international hight traffic Web application based on WebForms with MySQL and ElasticSearch. I initiated the migration to ASP.NET MVC 5 partially and proposed the use of better software patterns in backend processes. Convidad Software Development January 2017 — September 2017 Medior Backend Developer Working on a high security environment related to online banking and document processing.
    [Show full text]