Fuzz testing is a widely adopted technique for uncovering bugs and security vulnerabilities in embedded firmware.However,many embedded systems heavily rely on peripherals,rendering conventional fuzzing techniques inef...Fuzz testing is a widely adopted technique for uncovering bugs and security vulnerabilities in embedded firmware.However,many embedded systems heavily rely on peripherals,rendering conventional fuzzing techniques ineffective.When peripheral responses are missing or incorrect,fuzzing a firmware may crash or exit prematurely,significantly limiting code coverage.While prior re-hosting approaches have made progress in simulating Memory-Mapped Input/Output(MMIO)and interrupt-based peripherals,they either ignore Direct Memory Access(DMA)or handle it oversimplified.In this work,we present ADFEmu,a novel automated firmware re-hosting framework that enables effective fuzzing of DMA-enabled firmware.ADFEmu integrates concolic execution with large language models(LLMs)to semantically emulate DMA operations and synthesize peripheral input sequences intelligently.Specifically,it learns DMA transfer patterns from the firmware’s context and employs guided symbolic execution to explore deeper and more diverse execution paths.This approach allows firmware to operate stably without hardware dependencies while achieving higher fidelity in emulation.Evaluated on real-world embedded firmware samples,ADFEmu achieves a 100%re-hosting success rate,improves total execution path exploration by 5.31%,and triggers more crashes compared to the state-of-the-art.These results highlight ADFEmu’s effectiveness in overcoming long-standing limitations of DMA emulation and its potential to advance automated vulnerability discovery in peripheral-rich embedded environments.展开更多
With the rapid development of digital technologies such as big data,cloud computing,and the Internet of Things(loT),data security and privacy protection have become the core challenges facing modern computing systems....With the rapid development of digital technologies such as big data,cloud computing,and the Internet of Things(loT),data security and privacy protection have become the core challenges facing modern computing systems.Traditional security mechanisms are difficult to effectively deal with advanced adversarial attacks due to their reliance on a centralized trust model.In this context,the Trusted Execution Environment(TEE),as a hardware-enabled secure isolation technology,offers a potential solution to protect sensitive computations and data.This paper systematically discusses TEE's technical principle,application status,and future development trend.First,the underlying architecture of TEE and its core characteristics,including isolation,integrity,and confidentiality,are analyzed.Secondly,practical application cases of TEE in fields such as finance,the IoT,artificial intelligence,and privacy computing are studied.Finally,the future development direction of TEE is prospected.展开更多
Code obfuscation is a crucial technique for protecting software against reverse engineering and security attacks.Among various obfuscation methods,opaque predicates,which are recognized as flexible and promising,are w...Code obfuscation is a crucial technique for protecting software against reverse engineering and security attacks.Among various obfuscation methods,opaque predicates,which are recognized as flexible and promising,are widely used to increase control-flow complexity.However,traditional opaque predicates are increasingly vulnerable to Dynamic Symbolic Execution(DSE)attacks,which can efficiently identify and eliminate them.To address this issue,this paper proposes a novel approach for anti-DSE opaque predicates that effectively resists symbolic execution-based deobfuscation.Our method introduces two key techniques:single-way function opaque predicates,which leverage hash functions and logarithmic transformations to prevent constraint solvers from generating feasible inputs,and path-explosion opaque predicates,which generate an excessive number of execution paths,overwhelming symbolic execution engines.To evaluate the effectiveness of our approach,we implemented a prototype obfuscation tool and tested it against prominent symbolic execution engines.Experimental results demonstrate that our approach signifi-cantly increases resilience against symbolic execution attacks while maintaining acceptable performance overhead.This paper provides a robust and scalable obfuscation technique,contributing to the enhancement of software protection strategies in adversarial environments.展开更多
As mobile edge computing continues to develop,the demand for resource-intensive applications is steadily increasing,placing a significant strain on edge nodes.These nodes are normally subject to various constraints,fo...As mobile edge computing continues to develop,the demand for resource-intensive applications is steadily increasing,placing a significant strain on edge nodes.These nodes are normally subject to various constraints,for instance,limited processing capability,a few energy sources,and erratic availability being some of the common ones.Correspondingly,these problems require an effective task allocation algorithmto optimize the resources through continued high system performance and dependability in dynamic environments.This paper proposes an improved Particle Swarm Optimization technique,known as IPSO,for multi-objective optimization in edge computing to overcome these issues.To this end,the IPSO algorithm tries to make a trade-off between two important objectives,which are energy consumption minimization and task execution time reduction.Because of global optimal position mutation and dynamic adjustment to inertia weight,the proposed optimization algorithm can effectively distribute tasks among edge nodes.As a result,it reduces the execution time of tasks and energy consumption.In comparative assessments carried out by IPSO with benchmark methods such as Energy-aware Double-fitness Particle Swarm Optimization(EADPSO)and ICBA,IPSO provides better results than these algorithms.For the maximum task size,when compared with the benchmark methods,IPSO reduces the execution time by 17.1%and energy consumption by 31.58%.These results allow the conclusion that IPSO is an efficient and scalable technique for task allocation at the edge environment.It provides peak efficiency while handling scarce resources and variable workloads.展开更多
Using remote method invocation (RMI) and a distributed object-oriented technique, this paper presents a systematic approach to developing a manufacturing execution system (MES) framework, which is open, modularized, d...Using remote method invocation (RMI) and a distributed object-oriented technique, this paper presents a systematic approach to developing a manufacturing execution system (MES) framework, which is open, modularized, distributed, configurable, interoperable and maintainable. Moreover, the design patterns for the framework .are developed and a variety of functional components are designed by inheriting appropriate patterns. And then an application is constructed by invoking corresponding methods of related components. An MES system implementing the framework and design patterns can be facilely integrated with other manufacturing applications, such as enterprise resource planning (ERP) and floor control system (FCS) .展开更多
Aiming at the problem that only some types of SPARQL ( simple protocal and resource description framework query language) queries can be answered by using the current resource description framework link traversal ba...Aiming at the problem that only some types of SPARQL ( simple protocal and resource description framework query language) queries can be answered by using the current resource description framework link traversal based query execution (RDF-LTE) approach, this paper discusses how the execution order of the triple pattern affects the query results and cost based on concrete SPARQL queries, and analyzes two properties of the web of linked data, missing backward links and missing contingency solution. Then three heuristic principles for logic query plan optimization, namely, the filtered basic graph pattern (FBGP) principle, the triple pattern chain principle and the seed URIs principle, are proposed. The three principles contribute to decrease the intermediate solutions and increase the types of queries that can be answered. The effectiveness and feasibility of the proposed approach is evaluated. The experimental results show that more query results can be returned with less cost, thus enabling users to develop the full potential of the web of linked data.展开更多
In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case select...In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case selection method for web application regression testing based on the control flow graph.This method is safe enough to the test case selection.On the base of features of request sequence in web application,the minimization technique and the priority of test cases are taken into consideration in the process of execution of test cases in regression testing for web application.The improved greedy algorithm is also raised resulting in optimization of execution of test cases.The experiments indicate that the number of test cases which need to be retested is reduced,and the efficiency of execution of test cases is also improved.展开更多
The extended enterprise is formed according to the philosophy of dispersednetworked manufacturing. Manufacturing execution system (MES) can close the information gap whichexists between device control system and produ...The extended enterprise is formed according to the philosophy of dispersednetworked manufacturing. Manufacturing execution system (MES) can close the information gap whichexists between device control system and production information management system. The functions andthe web-based architecture of the MES in the extended enterprise are introduced. Using thecooperating system models of object-oriented and distributed agents and CORBA, all objects keep touniform interface standards and are easily inserted to object request broker. The utilization ofdistributed MES in extended enterprise can adapt fast change of manufacturing environment andresource. It also can improve the independent management capability of manufacturing cell and theenterprise response capability to global economic competition.展开更多
The management and control of material flow forms the core of manufacturing execution systems (MES) in the petrochemical industry. The bottleneck in the application of MES is the ability to match the material-flow m...The management and control of material flow forms the core of manufacturing execution systems (MES) in the petrochemical industry. The bottleneck in the application of MES is the ability to match the material-flow model with the production processes. A dynamic material-flow model is proposed in this paper after an analysis of the material-flow characteristics of the production process in a petrochemical industry. The main material-flow events are described, including the movement, storage, shifting, recycling, and elimination of the materials. The spatial and temporal characters of the material-flow events are described, and the material-flow model is constructed. The dynamic material-flow model introduced herein is the basis for other subsystems in the MES. In addition, it is the subsystem with the least scale in MES. The dynamic-modeling method of material flow has been applied in the development of the SinoMES model. It helps the petrochemical plant to manage the entire flow information related to tanks and equipments from the aspects of measurement, storage, movement, and the remaining balance of the material. As a result, it matches the production process by error elimination and data reconciliation. In addition, it facilitates the integration of application modules into the MES and guarantees the potential development of SinoMES in future applications.展开更多
Current orchestration and choreography process engines only serve with dedicate process languages.To solve these problems,an Event-driven Process Execution Model(EPEM) was developed.Formalization and mapping principle...Current orchestration and choreography process engines only serve with dedicate process languages.To solve these problems,an Event-driven Process Execution Model(EPEM) was developed.Formalization and mapping principles of the model were presented to guarantee the correctness and efficiency for process transformation.As a case study,the EPEM descriptions of Web Services Business Process Execution Language(WS-BPEL) were represented and a Process Virtual Machine(PVM)-OncePVM was implemented in compliance with the EPEM.展开更多
In order to effectively detect and analyze the backdoors this paper introduces a method named Backdoor Analysis based on Sensitive flow tracking and Concolic Execution(BASEC).BASEC uses sensitive flow tracking to ef...In order to effectively detect and analyze the backdoors this paper introduces a method named Backdoor Analysis based on Sensitive flow tracking and Concolic Execution(BASEC).BASEC uses sensitive flow tracking to effectively discover backdoor behaviors, such as stealing secret information and injecting evil data into system, with less false negatives. With concolic execution on predetermined path, the backdoor trigger condition can be extracted and analyzed to achieve high accuracy. BASEC has been implemented and experimented on several software backdoor samples widespread on the Internet, and over 90% of them can be detected. Compared with behavior-based and system-call-based detection methods, BASEC relies less on the historical sample collections, and is more effective in detecting software backdoors, especially those injected into software by modifying and recompiling source codes.展开更多
The first floating platform concept design work for South China Sea is undergoing in DMAR's office now. This tension leg platform has potential to become the first advanced floating production platform project. Pr...The first floating platform concept design work for South China Sea is undergoing in DMAR's office now. This tension leg platform has potential to become the first advanced floating production platform project. Project execution is always a challenge for floating system. This paper focuses on the critical elements of project execution for tension leg platform,and studies potential implications to future oil and gas exploration in South China Sea. There are many factors affecting successful execution of floating system project,including technical issues, engineering management,interface management,etc. There are also failure examples of project execution in the industry. The author has participated 28 large detailed projects and has gained extensive experience on floating projects,with ample hands-on project experiences. A detailed tension leg platform project study example and discussions in depth are presented for future project execution in China deepwater development.展开更多
基金funded by the Science and Technology Project of State Grid Jiangsu Electric Power Company Ltd.,grant number J2024169.
文摘Fuzz testing is a widely adopted technique for uncovering bugs and security vulnerabilities in embedded firmware.However,many embedded systems heavily rely on peripherals,rendering conventional fuzzing techniques ineffective.When peripheral responses are missing or incorrect,fuzzing a firmware may crash or exit prematurely,significantly limiting code coverage.While prior re-hosting approaches have made progress in simulating Memory-Mapped Input/Output(MMIO)and interrupt-based peripherals,they either ignore Direct Memory Access(DMA)or handle it oversimplified.In this work,we present ADFEmu,a novel automated firmware re-hosting framework that enables effective fuzzing of DMA-enabled firmware.ADFEmu integrates concolic execution with large language models(LLMs)to semantically emulate DMA operations and synthesize peripheral input sequences intelligently.Specifically,it learns DMA transfer patterns from the firmware’s context and employs guided symbolic execution to explore deeper and more diverse execution paths.This approach allows firmware to operate stably without hardware dependencies while achieving higher fidelity in emulation.Evaluated on real-world embedded firmware samples,ADFEmu achieves a 100%re-hosting success rate,improves total execution path exploration by 5.31%,and triggers more crashes compared to the state-of-the-art.These results highlight ADFEmu’s effectiveness in overcoming long-standing limitations of DMA emulation and its potential to advance automated vulnerability discovery in peripheral-rich embedded environments.
文摘With the rapid development of digital technologies such as big data,cloud computing,and the Internet of Things(loT),data security and privacy protection have become the core challenges facing modern computing systems.Traditional security mechanisms are difficult to effectively deal with advanced adversarial attacks due to their reliance on a centralized trust model.In this context,the Trusted Execution Environment(TEE),as a hardware-enabled secure isolation technology,offers a potential solution to protect sensitive computations and data.This paper systematically discusses TEE's technical principle,application status,and future development trend.First,the underlying architecture of TEE and its core characteristics,including isolation,integrity,and confidentiality,are analyzed.Secondly,practical application cases of TEE in fields such as finance,the IoT,artificial intelligence,and privacy computing are studied.Finally,the future development direction of TEE is prospected.
基金supported byOpen Foundation of Key Laboratory of Cyberspace Security,Ministry of Education of China(No.KLCS20240211)Henan Science and Technology Major Project No.241110210100.
文摘Code obfuscation is a crucial technique for protecting software against reverse engineering and security attacks.Among various obfuscation methods,opaque predicates,which are recognized as flexible and promising,are widely used to increase control-flow complexity.However,traditional opaque predicates are increasingly vulnerable to Dynamic Symbolic Execution(DSE)attacks,which can efficiently identify and eliminate them.To address this issue,this paper proposes a novel approach for anti-DSE opaque predicates that effectively resists symbolic execution-based deobfuscation.Our method introduces two key techniques:single-way function opaque predicates,which leverage hash functions and logarithmic transformations to prevent constraint solvers from generating feasible inputs,and path-explosion opaque predicates,which generate an excessive number of execution paths,overwhelming symbolic execution engines.To evaluate the effectiveness of our approach,we implemented a prototype obfuscation tool and tested it against prominent symbolic execution engines.Experimental results demonstrate that our approach signifi-cantly increases resilience against symbolic execution attacks while maintaining acceptable performance overhead.This paper provides a robust and scalable obfuscation technique,contributing to the enhancement of software protection strategies in adversarial environments.
基金supported by the University Putra Malaysia and the Ministry of Higher Education Malaysia under grantNumber:(FRGS/1/2023/ICT11/UPM/02/3).
文摘As mobile edge computing continues to develop,the demand for resource-intensive applications is steadily increasing,placing a significant strain on edge nodes.These nodes are normally subject to various constraints,for instance,limited processing capability,a few energy sources,and erratic availability being some of the common ones.Correspondingly,these problems require an effective task allocation algorithmto optimize the resources through continued high system performance and dependability in dynamic environments.This paper proposes an improved Particle Swarm Optimization technique,known as IPSO,for multi-objective optimization in edge computing to overcome these issues.To this end,the IPSO algorithm tries to make a trade-off between two important objectives,which are energy consumption minimization and task execution time reduction.Because of global optimal position mutation and dynamic adjustment to inertia weight,the proposed optimization algorithm can effectively distribute tasks among edge nodes.As a result,it reduces the execution time of tasks and energy consumption.In comparative assessments carried out by IPSO with benchmark methods such as Energy-aware Double-fitness Particle Swarm Optimization(EADPSO)and ICBA,IPSO provides better results than these algorithms.For the maximum task size,when compared with the benchmark methods,IPSO reduces the execution time by 17.1%and energy consumption by 31.58%.These results allow the conclusion that IPSO is an efficient and scalable technique for task allocation at the edge environment.It provides peak efficiency while handling scarce resources and variable workloads.
基金The National Natural Science Foundation of China (59990470).
文摘Using remote method invocation (RMI) and a distributed object-oriented technique, this paper presents a systematic approach to developing a manufacturing execution system (MES) framework, which is open, modularized, distributed, configurable, interoperable and maintainable. Moreover, the design patterns for the framework .are developed and a variety of functional components are designed by inheriting appropriate patterns. And then an application is constructed by invoking corresponding methods of related components. An MES system implementing the framework and design patterns can be facilely integrated with other manufacturing applications, such as enterprise resource planning (ERP) and floor control system (FCS) .
基金The National Natural Science Foundation of China(No.61070170)the Natural Science Foundation of Higher Education Institutions of Jiangsu Province(No.11KJB520017)Suzhou Application Foundation Research Project(No.SYG201238)
文摘Aiming at the problem that only some types of SPARQL ( simple protocal and resource description framework query language) queries can be answered by using the current resource description framework link traversal based query execution (RDF-LTE) approach, this paper discusses how the execution order of the triple pattern affects the query results and cost based on concrete SPARQL queries, and analyzes two properties of the web of linked data, missing backward links and missing contingency solution. Then three heuristic principles for logic query plan optimization, namely, the filtered basic graph pattern (FBGP) principle, the triple pattern chain principle and the seed URIs principle, are proposed. The three principles contribute to decrease the intermediate solutions and increase the types of queries that can be answered. The effectiveness and feasibility of the proposed approach is evaluated. The experimental results show that more query results can be returned with less cost, thus enabling users to develop the full potential of the web of linked data.
基金The National Natural Science Foundation of China(No.60503020,60503033,60703086)Opening Foundation of Jiangsu Key Laboratory of Computer Information Processing Technology in Soochow University(No.KJS0714)
文摘In order to improve the efficiency of regression testing in web application,the control flow graph and the greedy algorithm are adopted.This paper considers a web page as a basic unit and introduces a test case selection method for web application regression testing based on the control flow graph.This method is safe enough to the test case selection.On the base of features of request sequence in web application,the minimization technique and the priority of test cases are taken into consideration in the process of execution of test cases in regression testing for web application.The improved greedy algorithm is also raised resulting in optimization of execution of test cases.The experiments indicate that the number of test cases which need to be retested is reduced,and the efficiency of execution of test cases is also improved.
文摘The extended enterprise is formed according to the philosophy of dispersednetworked manufacturing. Manufacturing execution system (MES) can close the information gap whichexists between device control system and production information management system. The functions andthe web-based architecture of the MES in the extended enterprise are introduced. Using thecooperating system models of object-oriented and distributed agents and CORBA, all objects keep touniform interface standards and are easily inserted to object request broker. The utilization ofdistributed MES in extended enterprise can adapt fast change of manufacturing environment andresource. It also can improve the independent management capability of manufacturing cell and theenterprise response capability to global economic competition.
基金the National High Technology Research and Development Program of China (No.2007AA04Z191).
文摘The management and control of material flow forms the core of manufacturing execution systems (MES) in the petrochemical industry. The bottleneck in the application of MES is the ability to match the material-flow model with the production processes. A dynamic material-flow model is proposed in this paper after an analysis of the material-flow characteristics of the production process in a petrochemical industry. The main material-flow events are described, including the movement, storage, shifting, recycling, and elimination of the materials. The spatial and temporal characters of the material-flow events are described, and the material-flow model is constructed. The dynamic material-flow model introduced herein is the basis for other subsystems in the MES. In addition, it is the subsystem with the least scale in MES. The dynamic-modeling method of material flow has been applied in the development of the SinoMES model. It helps the petrochemical plant to manage the entire flow information related to tanks and equipments from the aspects of measurement, storage, movement, and the remaining balance of the material. As a result, it matches the production process by error elimination and data reconciliation. In addition, it facilitates the integration of application modules into the MES and guarantees the potential development of SinoMES in future applications.
文摘Current orchestration and choreography process engines only serve with dedicate process languages.To solve these problems,an Event-driven Process Execution Model(EPEM) was developed.Formalization and mapping principles of the model were presented to guarantee the correctness and efficiency for process transformation.As a case study,the EPEM descriptions of Web Services Business Process Execution Language(WS-BPEL) were represented and a Process Virtual Machine(PVM)-OncePVM was implemented in compliance with the EPEM.
基金Supported in part by the National Natural Science Foundation of China(61272493)the Specialized Research Fund for the Doctoral Program of Higher Education of China(20113402120026)Oversea Academic Training Funds of University of Science and Technology of China
文摘In order to effectively detect and analyze the backdoors this paper introduces a method named Backdoor Analysis based on Sensitive flow tracking and Concolic Execution(BASEC).BASEC uses sensitive flow tracking to effectively discover backdoor behaviors, such as stealing secret information and injecting evil data into system, with less false negatives. With concolic execution on predetermined path, the backdoor trigger condition can be extracted and analyzed to achieve high accuracy. BASEC has been implemented and experimented on several software backdoor samples widespread on the Internet, and over 90% of them can be detected. Compared with behavior-based and system-call-based detection methods, BASEC relies less on the historical sample collections, and is more effective in detecting software backdoors, especially those injected into software by modifying and recompiling source codes.
文摘The first floating platform concept design work for South China Sea is undergoing in DMAR's office now. This tension leg platform has potential to become the first advanced floating production platform project. Project execution is always a challenge for floating system. This paper focuses on the critical elements of project execution for tension leg platform,and studies potential implications to future oil and gas exploration in South China Sea. There are many factors affecting successful execution of floating system project,including technical issues, engineering management,interface management,etc. There are also failure examples of project execution in the industry. The author has participated 28 large detailed projects and has gained extensive experience on floating projects,with ample hands-on project experiences. A detailed tension leg platform project study example and discussions in depth are presented for future project execution in China deepwater development.
