Search results for: code source certification
6081 Development of Open Source Geospatial Certification Model Based on Geospatial Technology Competency Model
Authors: Tanzeel Ur Rehman Khan, Franz Josef Behr, Phillip Davis
Abstract:
Open source geospatial certifications are needed in geospatial technology education and industry sector. In parallel with proprietary software, free and open source software solutions become important in geospatial technology research and play an important role for the growth of the geospatial industry. ESRI, GISCI (GIS Certification Institute), ASPRS (American Society of Photogrammetry and remote sensing), and Meta spatial are offering certifications on proprietary and open source software. These are portfolio and competency based certifications depending on GIS Body of Knowledge (Bok). The analysis of these certification approaches might lead to the discovery of some gaps in them and will open a new way to develop certifications related to the geospatial open source (OS). This new certification will investigate the different geospatial competencies according to open source tools that help to identify geospatial professionals and strengthen the geospatial academic content. The goal of this research is to introduce a geospatial certification model based on geospatial technology competency model (GTCM).The developed certification will not only incorporate the importance of geospatial education and production of the geospatial competency-based workforce in universities and companies (private or public) as well as describe open source solutions with tools and technology. Job analysis, market analysis, survey analysis of this certification opens a new horizon for business as well.Keywords: geospatial certification, open source, geospatial technology competency model, geoscience
Procedia PDF Downloads 5676080 UNIX Source Code Leak: Evaluation and Feasible Solutions
Authors: Gu Dongxing, Li Yuxuan, Nong Tengxiao, Burra Venkata Durga Kumar
Abstract:
Since computers are widely used in business models, more and more companies choose to store important information in computers to improve productivity. However, this information can be compromised in many cases, such as when it is stored locally on the company's computers or when it is transferred between servers and clients. Of these important information leaks, source code leaks are probably the most costly. Because the source code often represents the core technology of the company, especially for the Internet companies, source code leakage may even lead to the company's core products lose market competitiveness, and then lead to the bankruptcy of the company. In recent years, such as Microsoft, AMD and other large companies have occurred source code leakage events, suffered a huge loss. This reveals to us the importance and necessity of preventing source code leakage. This paper aims to find ways to prevent source code leakage based on the direction of operating system, and based on the fact that most companies use Linux or Linux-like system to realize the interconnection between server and client, to discuss how to reduce the possibility of source code leakage during data transmission.Keywords: data transmission, Linux, source code, operating system
Procedia PDF Downloads 2736079 Multisignature Schemes for Reinforcing Trust in Cloud Software-As-A-Service Services
Authors: Mustapha Hedabou, Ali Azougaghe, Ahmed Bentajer, Hicham Boukhris, Mourad Eddiwani, Zakaria Igarramen
Abstract:
Software-as-a-service (SaaS) is emerging as a dominant approach to delivering software. It encompasses a range of business, technical opportunities, issue, and challenges. Trustiness in the cloud services regarding the security and the privacy of the delivered data is the most critical issue with the SaaS model. In this paper, we survey the security concerns related to the SaaS model, and we propose the design of a trusted SaaS model that gives users more confidence into SaaS services by leveraging a trust in a neutral source code certifying authority. The proposed design is based on the use of the multisignature mechanism for signing the source code of the application service. In our model, the cloud provider acts as a root of trust by ensuring the integrity of the application service when it was running on its platform. The proposed design prevents insider attacks from tampering with application service before and after it was launched in a cloud provider platform.Keywords: cloud computing, SaaS Platform, TPM, trustiness, code source certification, multi-signature schemes
Procedia PDF Downloads 2766078 Challenge and Benefits of Adoption ISO 9001 Certification in Algerian Agribusiness
Authors: Nouara Boulfoul, Fatima Brabez
Abstract:
This article presents the status of ISO 9001: 2000 certification in some agro-food companies in Algeria. The article discusses challenges and contributions of certification as perceived by quality managers as well as the difficulties encountered during certification. It also provides the recommendations of these managers for companies that have a certification project. The results show that the top three reasons for adopting ISO 9001: 2000 certification are building a better organization, reducing the costs of non-compliance and meeting customer expectations. The contributions are of an external nature (recognition, brand image, extension of markets, etc.) but also of an internal nature (improvement of the organization, etc.). The recommendations mainly concern management motivation, staff awareness and involvement and compliance with the requirements of the standard.Keywords: quality management, certification, ISO 9001: 2000, food companies
Procedia PDF Downloads 2286077 Calculation of Detection Efficiency of Horizontal Large Volume Source Using Exvol Code
Authors: M. Y. Kang, Euntaek Yoon, H. D. Choi
Abstract:
To calculate the full energy (FE) absorption peak efficiency for arbitrary volume sample, we developed and verified the EXVol (Efficiency calculator for EXtended Voluminous source) code which is based on effective solid angle method. EXVol is possible to describe the source area as a non-uniform three-dimensional (x, y, z) source. And decompose and set it into several sets of volume units. Users can equally divide (x, y, z) coordinate system to calculate the detection efficiency at a specific position of a cylindrical volume source. By determining the detection efficiency for differential volume units, the total radiative absolute distribution and the correction factor of the detection efficiency can be obtained from the nondestructive measurement of the source. In order to check the performance of the EXVol code, Si ingot of 20 cm in diameter and 50 cm in height were used as a source. The detector was moved at the collimation geometry to calculate the detection efficiency at a specific position and compared with the experimental values. In this study, the performance of the EXVol code was extended to obtain the detection efficiency distribution at a specific position in a large volume source.Keywords: attenuation, EXVol, detection efficiency, volume source
Procedia PDF Downloads 1856076 Analyzing the Impact of Code Commenting on Software Quality
Authors: Thulya Premathilake, Tharushi Perera, Hansi Thathsarani, Tharushi Nethmini, Dilshan De Silva, Piyumika Samarasekara
Abstract:
One of the most efficient ways to assist developers in grasping the source code is to make use of comments, which can be found throughout the code. When working in fields such as software development, having comments in your code that are of good quality is a fundamental requirement. Tackling software problems while making use of programs that have already been built. It is essential for the intention of the source code to be made crystal apparent in the comments that are added to the code. This assists programmers in better comprehending the programs they are working on and enables them to complete software maintenance jobs in a more timely manner. In spite of the fact that comments and documentation are meant to improve readability and maintainability, the vast majority of programmers place the majority of their focus on the actual code that is being written. This study provides a complete and comprehensive overview of the previous research that has been conducted on the topic of code comments. The study focuses on four main topics, including automated comment production, comment consistency, comment classification, and comment quality rating. One is able to get the knowledge that is more complete for use in following inquiries if they conduct an analysis of the proper approaches that were used in this study issue.Keywords: code commenting, source code, software quality, quality assurance
Procedia PDF Downloads 866075 Simulation of 140 Kv X– Ray Tube by MCNP4C Code
Authors: Amin Sahebnasagh, Karim Adinehvand, Bakhtiar Azadbakht
Abstract:
In this study, we used Monte Carlo code (MCNP4C) that is a general method, for simulation, electron source and electric field, a disc source with 0.05 cm radius in direct of anode are used, radius of disc source show focal spot of x-ray tube that here is 0.05 cm. In this simulation, anode is from tungsten with 18.9 g/cm3 density and angle of anode is 180. we simulated x-ray tube for 140 kv. For increasing of speed data acquisition we use F5 tally. With determination the exact position of F5 tally in program, outputs are acquired. In this spectrum the start point is about 0.02 Mev, the absorption edges are about 0.06 Mev and 0.07 Mev and average energy is about 0.05 Mev.Keywords: x-spectrum, simulation, Monte Carlo, MCNP4C code
Procedia PDF Downloads 6466074 Assessment of the Impact of Social Compliance Certification on Abolition of Forced Labour and Discrimination in the Garment Manufacturing Units in Bengaluru: A Perspective of Women Sewing Operators
Authors: Jonalee Das Bajpai, Sandeep Shastri
Abstract:
The Indian Textile and Garment Industry is one of the major contributors to the country’s economy. This industry is also one of the largest labour intensive industries after agriculture and livestock. This Indian garment industry caters to both the domestic and international market. Although this industry comes under the purview of Indian Labour Laws and other voluntary work place standards yet, this industry is often criticized for the undue exploitation of the workers. This paper explored the status of forced labour and discrimination at work place in the garment manufacturing units in Bengaluru. This study is conducted from the perspective of women sewing operators as majority of operators in Bengaluru are women. The research also explored to study the impact of social compliance certification in abolishing forced labour and discrimination at work place. Objectives of the Research: 1. To study the impact of 'Social Compliance Certification' on abolition of forced labour among the women workforce. 2. To study the impact of 'Social Compliance Certification' on abolition of discrimination at workplace among the women workforce. Sample Size and Data Collection Techniques: The main backbone of the data which is the primary data was collected through a structured questionnaire. The questionnaire attempted to explore the extent of prevalence of forced labour and discrimination against women workers from the perspective of women workers themselves. The sample size for the same was 600 (n) women sewing operators from the garment industry with minimum one year of work experience. Three hundred samples were selected from units with Social Compliance Certification like SA8000, WRAP, BSCI, ETI and so on. Other three hundred samples were selected from units without Social Compliance Certification. Out of these three hundred samples, one hundred and fifty samples were selected from units with Buyer’s Code of Conduct and another one hundred and fifty were from domestic units that do not come under the purview of any such certification. The responses of the survey were further authenticated through on sight visit and personal interactions. Comparative analysis of the workplace environment between units with Social Compliance certification, units with Buyer’s Code of Conduct and domestic units that do not come under the purview of any such voluntary workplace environment enabled to analyze the impact of Social Compliance certification on abolition of workplace environment and discrimination at workplace. Correlation analysis has been conducted to measure the relationship between impact of forced labour and discrimination at workplace on the level of job satisfaction. The result displayed that abolition of forced labour and abolition of discrimination at workplace have a higher level of job satisfaction among the women workers.Keywords: discrimination, garment industry, forced labour, social compliance certification
Procedia PDF Downloads 1946073 Code Embedding for Software Vulnerability Discovery Based on Semantic Information
Authors: Joseph Gear, Yue Xu, Ernest Foo, Praveen Gauravaran, Zahra Jadidi, Leonie Simpson
Abstract:
Deep learning methods have been seeing an increasing application to the long-standing security research goal of automatic vulnerability detection for source code. Attention, however, must still be paid to the task of producing vector representations for source code (code embeddings) as input for these deep learning models. Graphical representations of code, most predominantly Abstract Syntax Trees and Code Property Graphs, have received some use in this task of late; however, for very large graphs representing very large code snip- pets, learning becomes prohibitively computationally expensive. This expense may be reduced by intelligently pruning this input to only vulnerability-relevant information; however, little research in this area has been performed. Additionally, most existing work comprehends code based solely on the structure of the graph at the expense of the information contained by the node in the graph. This paper proposes Semantic-enhanced Code Embedding for Vulnerability Discovery (SCEVD), a deep learning model which uses semantic-based feature selection for its vulnerability classification model. It uses information from the nodes as well as the structure of the code graph in order to select features which are most indicative of the presence or absence of vulnerabilities. This model is implemented and experimentally tested using the SARD Juliet vulnerability test suite to determine its efficacy. It is able to improve on existing code graph feature selection methods, as demonstrated by its improved ability to discover vulnerabilities.Keywords: code representation, deep learning, source code semantics, vulnerability discovery
Procedia PDF Downloads 1616072 The Evaluation Model for the Quality of Software Based on Open Source Code
Authors: Li Donghong, Peng Fuyang, Yang Guanghua, Su Xiaoyan
Abstract:
Using open source code is a popular method of software development. How to evaluate the quality of software becomes more important. This paper introduces an evaluation model. The model evaluates the quality from four dimensions: technology, production, management, and development. Each dimension includes many indicators. The weight of indicator can be modified according to the purpose of evaluation. The paper also introduces a method of using the model. The evaluating result can provide good advice for evaluating or purchasing the software.Keywords: evaluation model, software quality, open source code, evaluation indicator
Procedia PDF Downloads 3906071 Tool for Fast Detection of Java Code Snippets
Authors: Tomáš Bublík, Miroslav Virius
Abstract:
This paper presents general results on the Java source code snippet detection problem. We propose the tool which uses graph and sub graph isomorphism detection. A number of solutions for all of these tasks have been proposed in the literature. However, although that all these solutions are really fast, they compare just the constant static trees. Our solution offers to enter an input sample dynamically with the Scripthon language while preserving an acceptable speed. We used several optimizations to achieve very low number of comparisons during the matching algorithm.Keywords: AST, Java, tree matching, scripthon source code recognition
Procedia PDF Downloads 4266070 Code-Switching and Code Mixing among Ogba-English Bilingual Conversations
Authors: Ben-Fred Ohia
Abstract:
Code-switching and code-mixing are linguistic behaviours that arise in a bilingual situation. They limit speakers in a conversation to decide which code they should use to utter particular phrases or words in the course of carrying out their utterance. Every human society is characterized by the existence of diverse linguistic varieties. The speakers of these varieties at some points have various degrees of contact with the non-speakers of their variety, which one of the outcomes of the linguistic contact is code-switching or code-mixing. The work discusses the nature of code-switching and code-mixing in Ogba-English bilinguals’ speeches. It provides a detailed explanation of the concept of code-switching and code-mixing and explains the typology of code-switching and code-mixing and their manifestation in Ogba-English bilingual speakers’ speeches. The findings reveal that code-switching and code-mixing are functionally motivated and being triggered by various conversational contexts.Keywords: bilinguals, code-mixing, code-switching, Ogba
Procedia PDF Downloads 1816069 CyberSecurity Malaysia: Towards Becoming a National Certification Body for Information Security Management Systems Internal Auditors
Authors: M. S. Razana, Z. W. Shafiuddin
Abstract:
Internal auditing is one of the most important activities for organizations that implement information security management systems (ISMS). The purpose of internal audits is to ensure the ISMS implementation is in accordance to the ISO/IEC 27001 standard and the organization’s own requirements for its ISMS. Competent internal auditors are the main element that contributes to the effectiveness of internal auditing activities. To realize this need, CyberSecurity Malaysia is now in the process of becoming a certification body that certifies ISMS internal auditors. The certification scheme will assess the competence of internal auditors in generic knowledge and skills in management systems, and also in ISMS-specific knowledge and skills. The certification assessment is based on the ISO/IEC 19011 Guidelines for auditing management systems, ISO/IEC 27007 Guidelines for information security management systems auditing and ISO/IEC 27001 Information security management systems requirements. The certification scheme complies with the ISO/IEC 17024 General requirements for bodies operating certification systems of persons. Candidates who pass the exam will be certified as an ISMS Internal Auditor, whose competency will be evaluated every three years.Keywords: ISMS internal audit, ISMS internal auditor, ISO/IEC 17024, competence, certification
Procedia PDF Downloads 2356068 Developing a Modified Version of KIVA-3V, Enabling Gaseous Injections
Authors: Hossein Keshtkar, Ali Nasiri Toosi
Abstract:
With the growing concerns about gasoline environmental pollution and also the need for a more widely available fuel source, natural gas is finding its way to the automotive engines. But before this could happen industrially, simulations of natural gas direct injection need to take place to maximize and optimize power output. KIVA is one of the most powerful tools when it comes to engine simulation. Widely accepted by both researchers and the industry, KIVA an open-source code, offers great in-depth simulation and analyzation. KIVA can compute complex phenomena’s which can occur inside the chamber before, whilst and after ignition. One downside to KIVA, is its in-capability of simulating gaseous injections, making it useful for only liquidized fuel. In this study, we developed a numerical code, to enable the simulation of gaseous injection within the KIVA code. By introducing our code as a subroutine, we modified the original KIVA program. To ensure the correct application of gaseous fuel injection using our modified KIVA code, we simulated two different cases and compared them with their experimental data. We concluded our modified version of KIVA’s simulation results came in very close to those measured experimentally.Keywords: gaseous injections, KIVA, natural gas direct injection, numerical code, simulation
Procedia PDF Downloads 2866067 Sustainable Tourism Management in Taiwan: Using Certification and KPI Indicators to Development Sustainable Tourism Experiences
Authors: Shirley Kuo
Abstract:
The main purpose of this study is to develop sustainable indicators for Taiwan, and using the Delphi method to find that our tourist areas can progress in a sustainable way. We need a lot of infrastructures and policies to develop tourist areas, and with proper KPI indicators can reduce the destruction of the natural and ecological environment. This study will first study the foreign certification experiences, because Taiwan is currently in the development stage, and then the methodology will explain in-depth interviews using the Delphi method, and then there is discussion about which KPI indicators Taiwan currently needs. In this study current progress is a deep understanding of national sustainable tourism certification and KPI indicators.Keywords: sustainable tourism, certification, KPI indicators, Delphi method
Procedia PDF Downloads 3326066 A Rapid Code Acquisition Scheme in OOC-Based CDMA Systems
Authors: Keunhong Chae, Seokho Yoon
Abstract:
We propose a code acquisition scheme called improved multiple-shift (IMS) for optical code division multiple access systems, where the optical orthogonal code is used instead of the pseudo noise code. Although the IMS algorithm has a similar process to that of the conventional MS algorithm, it has a better code acquisition performance than the conventional MS algorithm. We analyze the code acquisition performance of the IMS algorithm and compare the code acquisition performances of the MS and the IMS algorithms in single-user and multi-user environments.Keywords: code acquisition, optical CDMA, optical orthogonal code, serial algorithm
Procedia PDF Downloads 5406065 Evolving Software Assessment and Certification Models Using Ant Colony Optimization Algorithm
Authors: Saad M. Darwish
Abstract:
Recently, software quality issues have come to be seen as important subject as we see an enormous growth of agencies involved in software industries. However, these agencies cannot guarantee the quality of their products, thus leaving users in uncertainties. Software certification is the extension of quality by means that quality needs to be measured prior to certification granting process. This research participates in solving the problem of software assessment by proposing a model for assessment and certification of software product that uses a fuzzy inference engine to integrate both of process–driven and application-driven quality assurance strategies. The key idea of the on hand model is to improve the compactness and the interpretability of the model’s fuzzy rules via employing an ant colony optimization algorithm (ACO), which tries to find good rules description by dint of compound rules initially expressed with traditional single rules. The model has been tested by case study and the results have demonstrated feasibility and practicability of the model in a real environment.Keywords: software quality, quality assurance, software certification model, software assessment
Procedia PDF Downloads 5246064 Profiling Risky Code Using Machine Learning
Authors: Zunaira Zaman, David Bohannon
Abstract:
This study explores the application of machine learning (ML) for detecting security vulnerabilities in source code. The research aims to assist organizations with large application portfolios and limited security testing capabilities in prioritizing security activities. ML-based approaches offer benefits such as increased confidence scores, false positives and negatives tuning, and automated feedback. The initial approach using natural language processing techniques to extract features achieved 86% accuracy during the training phase but suffered from overfitting and performed poorly on unseen datasets during testing. To address these issues, the study proposes using the abstract syntax tree (AST) for Java and C++ codebases to capture code semantics and structure and generate path-context representations for each function. The Code2Vec model architecture is used to learn distributed representations of source code snippets for training a machine-learning classifier for vulnerability prediction. The study evaluates the performance of the proposed methodology using two datasets and compares the results with existing approaches. The Devign dataset yielded 60% accuracy in predicting vulnerable code snippets and helped resist overfitting, while the Juliet Test Suite predicted specific vulnerabilities such as OS-Command Injection, Cryptographic, and Cross-Site Scripting vulnerabilities. The Code2Vec model achieved 75% accuracy and a 98% recall rate in predicting OS-Command Injection vulnerabilities. The study concludes that even partial AST representations of source code can be useful for vulnerability prediction. The approach has the potential for automated intelligent analysis of source code, including vulnerability prediction on unseen source code. State-of-the-art models using natural language processing techniques and CNN models with ensemble modelling techniques did not generalize well on unseen data and faced overfitting issues. However, predicting vulnerabilities in source code using machine learning poses challenges such as high dimensionality and complexity of source code, imbalanced datasets, and identifying specific types of vulnerabilities. Future work will address these challenges and expand the scope of the research.Keywords: code embeddings, neural networks, natural language processing, OS command injection, software security, code properties
Procedia PDF Downloads 1096063 Static Analysis Deployment Model for Code Quality on Research and Development Projects of Software Development
Authors: Jeong-Hyun Park, Young-Sik Park, Hyo-Teag Jung
Abstract:
This paper presents static analysis deployment model for code quality on R&D Projects of SW Development. The proposed model includes the scope of R&D projects and index for static analysis of source code, operation model and execution process, environments and infrastructure system for R&D projects of SW development. There is the static analysis result of pilot project as case study based on the proposed deployment model and environment, and strategic considerations for success operation of the proposed static analysis deployment model for R&D Projects of SW Development. The proposed static analysis deployment model in this paper will be adapted and improved continuously for quality upgrade of R&D projects, and customer satisfaction of developed source codes and products.Keywords: static analysis, code quality, coding rules, automation tool
Procedia PDF Downloads 5216062 Enhancing Code Security with AI-Powered Vulnerability Detection
Authors: Zzibu Mark Brian
Abstract:
As software systems become increasingly complex, ensuring code security is a growing concern. Traditional vulnerability detection methods often rely on manual code reviews or static analysis tools, which can be time-consuming and prone to errors. This paper presents a distinct approach to enhancing code security by leveraging artificial intelligence (AI) and machine learning (ML) techniques. Our proposed system utilizes a combination of natural language processing (NLP) and deep learning algorithms to identify and classify vulnerabilities in real-world codebases. By analyzing vast amounts of open-source code data, our AI-powered tool learns to recognize patterns and anomalies indicative of security weaknesses. We evaluated our system on a dataset of over 10,000 open-source projects, achieving an accuracy rate of 92% in detecting known vulnerabilities. Furthermore, our tool identified previously unknown vulnerabilities in popular libraries and frameworks, demonstrating its potential for improving software security.Keywords: AI, machine language, cord security, machine leaning
Procedia PDF Downloads 406061 The Translation of Code-Switching in African Literature: Comparing the Two German Translations of Ngugi Wa Thiongo’s "Petals of Blood"
Authors: Omotayo Olalere
Abstract:
The relevance of code-switching for intercultural communication through literary translation cannot be overemphasized. The translation of code-switching and its implications for translations studies have been studied in the context of African literature. In these cases, code-switching was examined in the more general terms of its usage in source text and not particularly in Ngugi’s novels and its translations. In addition, the functions of translation and code-switching in the lyrics of some popular African songs have been studied, but this study is related more with oral performance than with written literature. As such, little has been done on the German translation of code-switching in African works. This study intends to fill this lacuna by examining the concept of code-switching in the German translations in Ngugi’s Petals of Blood. The aim is to highlight the significance of code-switching as a phenomenon in this African (Ngugi’s) novel written in English and to also focus on its representation in the two German translations. The target texts to be used are Verbrannte Blueten and Land der flammenden Blueten. “Abrogration“ as a concept will play an important role in the analysis of the data. Findings will show that the ideology of a translator plays a huge role in representing the concept of “abrogration” in the translation of code-switching in the selected source text. The study will contribute to knowledge in translation studies by bringing to limelight the need to foreground aspects of language contact in translation theory and practice, particularly in the African context. Relevant translation theories adopted for the study include Bandia’s (2008) postcolonial theory of translation and Snell-Hornby”s (1988) cultural translation theory.Keywords: code switching, german translation, ngugi wa thiong’o, petals of blood
Procedia PDF Downloads 956060 Development of a Green Star Certification Tool for Existing Buildings in South Africa
Authors: Bouwer Kleynhans
Abstract:
The built environment is responsible for about 40% of the world’s energy consumption and generates one third of global carbon dioxide emissions. The Green Building Council of South Africa’s (GBCSA) current rating tools are all for new buildings. By far the largest portion of buildings exist stock and therefore the need to develop a certification tool for existing buildings. Direct energy measurement comprises 27% of the total available points in this tool. The aim of this paper is to describe the development process of a green star certification tool for existing buildings in South Africa with specific emphasis on the energy measurement criteria. Successful implementation of this tool within the property market will ensure a reduced carbon footprint of buildings.Keywords: certification tool, development process, energy consumption, green buildings
Procedia PDF Downloads 3236059 JaCoText: A Pretrained Model for Java Code-Text Generation
Authors: Jessica Lopez Espejel, Mahaman Sanoussi Yahaya Alassan, Walid Dahhane, El Hassane Ettifouri
Abstract:
Pretrained transformer-based models have shown high performance in natural language generation tasks. However, a new wave of interest has surged: automatic programming language code generation. This task consists of translating natural language instructions to a source code. Despite the fact that well-known pre-trained models on language generation have achieved good performance in learning programming languages, effort is still needed in automatic code generation. In this paper, we introduce JaCoText, a model based on Transformer neural network. It aims to generate java source code from natural language text. JaCoText leverages the advantages of both natural language and code generation models. More specifically, we study some findings from state of the art and use them to (1) initialize our model from powerful pre-trained models, (2) explore additional pretraining on our java dataset, (3) lead experiments combining the unimodal and bimodal data in training, and (4) scale the input and output length during the fine-tuning of the model. Conducted experiments on CONCODE dataset show that JaCoText achieves new state-of-the-art results.Keywords: java code generation, natural language processing, sequence-to-sequence models, transformer neural networks
Procedia PDF Downloads 2876058 Evaluation of Model-Based Code Generation for Embedded Systems–Mature Approach for Development in Evolution
Authors: Nikolay P. Brayanov, Anna V. Stoynova
Abstract:
Model-based development approach is gaining more support and acceptance. Its higher abstraction level brings simplification of systems’ description that allows domain experts to do their best without particular knowledge in programming. The different levels of simulation support the rapid prototyping, verifying and validating the product even before it exists physically. Nowadays model-based approach is beneficial for modelling of complex embedded systems as well as a generation of code for many different hardware platforms. Moreover, it is possible to be applied in safety-relevant industries like automotive, which brings extra automation of the expensive device certification process and especially in the software qualification. Using it, some companies report about cost savings and quality improvements, but there are others claiming no major changes or even about cost increases. This publication demonstrates the level of maturity and autonomy of model-based approach for code generation. It is based on a real live automotive seat heater (ASH) module, developed using The Mathworks, Inc. tools. The model, created with Simulink, Stateflow and Matlab is used for automatic generation of C code with Embedded Coder. To prove the maturity of the process, Code generation advisor is used for automatic configuration. All additional configuration parameters are set to auto, when applicable, leaving the generation process to function autonomously. As a result of the investigation, the publication compares the quality of generated embedded code and a manually developed one. The measurements show that generally, the code generated by automatic approach is not worse than the manual one. A deeper analysis of the technical parameters enumerates the disadvantages, part of them identified as topics for our future work.Keywords: embedded code generation, embedded C code quality, embedded systems, model-based development
Procedia PDF Downloads 2446057 Detecting Heartbeat Architectural Tactic in Source Code Using Program Analysis
Authors: Ananta Kumar Das, Sujit Kumar Chakrabarti
Abstract:
Architectural tactics such as heartbeat, ping-echo, encapsulate, encrypt data are techniques that are used to achieve quality attributes of a system. Detecting architectural tactics has several benefits: it can aid system comprehension (e.g., legacy systems) and in the estimation of quality attributes such as safety, security, maintainability, etc. Architectural tactics are typically spread over the source code and are implicit. For large codebases, manual detection is often not feasible. Therefore, there is a need for automated methods of detection of architectural tactics. This paper presents a formalization of the heartbeat architectural tactic and a program analytic approach to detect this tactic in source code. The experiment of the proposed method is done on a set of Java applications. The outcome of the experiment strongly suggests that the method compares well with a manual approach in terms of its sensitivity and specificity, and far supersedes a manual exercise in terms of its scalability.Keywords: software architecture, architectural tactics, detecting architectural tactics, program analysis, AST, alias analysis
Procedia PDF Downloads 1616056 Modeling of Conjugate Heat Transfer including Radiation in a Kerosene/Air Certification Burner
Authors: Lancelot Boulet, Pierre Benard, Ghislain Lartigue, Vincent Moureau, Nicolas Chauvet, Sheddia Didorally
Abstract:
International aeronautic standards demand a fire certification for engines that demonstrate their resistance. This demonstration relies on tests performed with prototype engines in the late stages of the development. Hardest tests require to place a kerosene standardized flame in front of the engine casing during a given time with imposed temperature and heat flux. The purpose of this work is to provide a better characterization of a kerosene/air certification burner in order to minimize the risks of test failure. A first Large-Eddy Simulation (LES) study of the certification burner permitted to model and simulate this burner, including both adiabatic and Conjugate Heat Transfer (CHT) computations. Carried out on unstructured grids with 40 million tetrahedral cells, using the finite-volume YALES2 code, spray combustion, forced convection on walls and conduction in the solid parts of the burner were coupled to achieve a detailed description of heat transfer. It highlighted the fact that conduction inside the solid has a real impact on the flame topology and the combustion regime. However, in the absence of radiative heat transfer, unrealistic temperature of the equipment was obtained. The aim of the present study is to include the radiative heat transfer in order to reach the same temperature given by experimental measurements. First, various test-cases are conducted to validate the coupling between the different heat solvers. Then, adiabatic case, CHT case, as well as CHT including radiative transfer are studied and compared. The LES model is finally applied to investigate the heat transfer in a flame impaction configuration. The aim is to progress on fire test modeling so as to reach a good confidence level as far as success of the certification test is concerned.Keywords: conjugate heat transfer, fire resistance test, large-eddy simulation, radiative transfer, turbulent combustion
Procedia PDF Downloads 2236055 Software Assessment Using Ant Colony Optimization Algorithm
Authors: Saad M. Darwish
Abstract:
Recently, software quality issues have come to be seen as important subject as we see an enormous growth of agencies involved in software industries. However,these agencies cannot guarantee the quality of their products, thus leaving users in uncertainties. Software certification is the extension of quality by means that quality needs to be measured prior to certification granting process. This research participates in solving the problem of software assessment by proposing a model for assessment and certification of software product that uses a fuzzy inference engine to integrate both of process–driven and application-driven quality assurance strategies. The key idea of the on hand model is to improve the compactness and the interpretability of the model’s fuzzy rules via employing an ant colony optimization algorithm (ACO), which tries to find good rules description by dint of compound rules initially expressed with traditional single rules. The model has been tested by case study and the results have demonstrated feasibility and practicability of the model in a real environment.Keywords: optimization technique, quality assurance, software certification model, software assessment
Procedia PDF Downloads 4876054 Feature Engineering Based Detection of Buffer Overflow Vulnerability in Source Code Using Deep Neural Networks
Authors: Mst Shapna Akter, Hossain Shahriar
Abstract:
One of the most important challenges in the field of software code audit is the presence of vulnerabilities in software source code. Every year, more and more software flaws are found, either internally in proprietary code or revealed publicly. These flaws are highly likely exploited and lead to system compromise, data leakage, or denial of service. C and C++ open-source code are now available in order to create a largescale, machine-learning system for function-level vulnerability identification. We assembled a sizable dataset of millions of opensource functions that point to potential exploits. We developed an efficient and scalable vulnerability detection method based on deep neural network models that learn features extracted from the source codes. The source code is first converted into a minimal intermediate representation to remove the pointless components and shorten the dependency. Moreover, we keep the semantic and syntactic information using state-of-the-art word embedding algorithms such as glove and fastText. The embedded vectors are subsequently fed into deep learning networks such as LSTM, BilSTM, LSTM-Autoencoder, word2vec, BERT, and GPT-2 to classify the possible vulnerabilities. Furthermore, we proposed a neural network model which can overcome issues associated with traditional neural networks. Evaluation metrics such as f1 score, precision, recall, accuracy, and total execution time have been used to measure the performance. We made a comparative analysis between results derived from features containing a minimal text representation and semantic and syntactic information. We found that all of the deep learning models provide comparatively higher accuracy when we use semantic and syntactic information as the features but require higher execution time as the word embedding the algorithm puts on a bit of complexity to the overall system.Keywords: cyber security, vulnerability detection, neural networks, feature extraction
Procedia PDF Downloads 916053 BodeACD: Buffer Overflow Vulnerabilities Detecting Based on Abstract Syntax Tree, Control Flow Graph, and Data Dependency Graph
Authors: Xinghang Lv, Tao Peng, Jia Chen, Junping Liu, Xinrong Hu, Ruhan He, Minghua Jiang, Wenli Cao
Abstract:
As one of the most dangerous vulnerabilities, effective detection of buffer overflow vulnerabilities is extremely necessary. Traditional detection methods are not accurate enough and consume more resources to meet complex and enormous code environment at present. In order to resolve the above problems, we propose the method for Buffer overflow detection based on Abstract syntax tree, Control flow graph, and Data dependency graph (BodeACD) in C/C++ programs with source code. Firstly, BodeACD constructs the function samples of buffer overflow that are available on Github, then represents them as code representation sequences, which fuse control flow, data dependency, and syntax structure of source code to reduce information loss during code representation. Finally, BodeACD learns vulnerability patterns for vulnerability detection through deep learning. The results of the experiments show that BodeACD has increased the precision and recall by 6.3% and 8.5% respectively compared with the latest methods, which can effectively improve vulnerability detection and reduce False-positive rate and False-negative rate.Keywords: vulnerability detection, abstract syntax tree, control flow graph, data dependency graph, code representation, deep learning
Procedia PDF Downloads 1706052 Dido: An Automatic Code Generation and Optimization Framework for Stencil Computations on Distributed Memory Architectures
Authors: Mariem Saied, Jens Gustedt, Gilles Muller
Abstract:
We present Dido, a source-to-source auto-generation and optimization framework for multi-dimensional stencil computations. It enables a large programmer community to easily and safely implement stencil codes on distributed-memory parallel architectures with Ordered Read-Write Locks (ORWL) as an execution and communication back-end. ORWL provides inter-task synchronization for data-oriented parallel and distributed computations. It has been proven to guarantee equity, liveness, and efficiency for a wide range of applications, particularly for iterative computations. Dido consists mainly of an implicitly parallel domain-specific language (DSL) implemented as a source-level transformer. It captures domain semantics at a high level of abstraction and generates parallel stencil code that leverages all ORWL features. The generated code is well-structured and lends itself to different possible optimizations. In this paper, we enhance Dido to handle both Jacobi and Gauss-Seidel grid traversals. We integrate temporal blocking to the Dido code generator in order to reduce the communication overhead and minimize data transfers. To increase data locality and improve intra-node data reuse, we coupled the code generation technique with the polyhedral parallelizer Pluto. The accuracy and portability of the generated code are guaranteed thanks to a parametrized solution. The combination of ORWL features, the code generation pattern and the suggested optimizations, make of Dido a powerful code generation framework for stencil computations in general, and for distributed-memory architectures in particular. We present a wide range of experiments over a number of stencil benchmarks.Keywords: stencil computations, ordered read-write locks, domain-specific language, polyhedral model, experiments
Procedia PDF Downloads 129