• Volume 31,Issue 6,2020 Table of Contents
    Select All
    Display Type: |
    • >Special Issue's Articles
    • Towards Modeling and Simulating Behavior of CPS Based on SHML

      2020, 31(6):1587-1599. DOI: 10.13328/j.cnki.jos.005993

      Abstract (2840) HTML (2968) PDF 1.70 M (5659) Comment (0) Favorites

      Abstract:Cyber-Physical systems (CPS) is a unified entity that deeply integrates computing processes and physical processes. It is a next-generation intelligent system integrating computing, communication, and control. It is widely used in various applications. The dynamic behavior of CPS is always hybrid and stochastic. Modeling and simulating the behaviors of CPS is crucial for developing high-quality CPS. However, it is still lack of domain modeling approach for CPS supporting the construction of CPS domain models and simulation techniques to simulate CPS domain models. To address these issues, this study proposes a domain-specific modeling language for CPS named SHML to support modeling the behaviors of CPS. Firstly, the metamodel of SHML is defined as the abstract grammar according to the domain knowledge of CPS. Moreover, the concrete syntax and the operational semantics are also given. Secondly, based on the GEMOC studio framework, the graphical modeling tool of SHML is implemented. In addition GEMOC sequential execution engine and Scilab engine that can simulate continuous behavior are integrated, which supports the simulating hybrid behavior of CPS. The proposed wrok provides a domain modeling and simulation approach for CPS, which provides an effective approach and tool to support the modeling and simulation for CPS.

    • Detecting and Preventing Dangling Pointers

      2020, 31(6):1600-1618. DOI: 10.13328/j.cnki.jos.005994

      Abstract (3085) HTML (2788) PDF 2.07 M (8809) Comment (0) Favorites

      Abstract:Due to rapid technology advance, cyber-physical system (CPS) plays increasingly important rules in society, such as power system and railway system. However, if these systems are attacked, it would be a serious problem for the world even threats human lives. Dangling pointers is such kind of software defects and can lead to use-after-free and double-free vulnerabilities, which can be leveraged by attackers. So far, only a few approaches have been proposed to protect against dangling pointers, while most of them suffer from high overhead. This paper study proposes a lightweight approach, named DangDone, to detect dangling pointers dynamically. Built upon the root cause of a dangling pointer, i.e., a pointer and its aliases are not nullified but the memory area they point to is deallocated. DangDone first detects dangling pointers by static analysis and fuzzing. Based on the result, DangDone realizes the detection by inserting an intermediate pointer between the pointers (i.e., a pointer and its aliases) and the memory area they point to. Hence, nullifying the intermediate pointer will nullify the pointer and its aliases, which causes crash when encountering use-after-free or double-free. Experimental results have demonstrated that DangDone introduces negligible runtime overhead (i.e., around 1% on average) on SPEC CPU benchmark and is able to protect 11 real-world use-after-free or double-free vulnerabilities. The evaluation demonstrates the efficiency and effectiveness of DangDone.

    • Towards Software Architecture and Accompanying Behavior Mechanism of Autonomous Robotic Control Software Based on Multi-agent System

      2020, 31(6):1619-1637. DOI: 10.13328/j.cnki.jos.005996

      Abstract (3198) HTML (3727) PDF 2.19 M (7207) Comment (0) Favorites

      Abstract:Autonomous robot is a kind of complex cyber-physical system controlled by software. To support robots to operate in open environment in an effective and cooperative way is a great challenge for the researches and practices of control software of autonomous robot (CSAR). Adopting organization theory, this paper presents a multi-agent software architecture MaRSA (multi-agent robotic software architecture) that takes structure-in-5 organization style for CSAR. The software components of plan, dispatch, and execute behaviors of robot are independently encapsulated and explicitly separated, which lays architecture foundation for the flexible cooperation and continuous interactions among these components. The paper further proposes an accompanying behavior mechanism to enrich the interactions of observation actions and task actions, defines three kinds of accompanying relationships on the causality, temporal, and on-demand viewpoints, as well as designs a two-step dynamic decision algorithm DAAB (decision algorithm of accompanying behaviors) for planning accompanying behaviors. Two experiments are conducted in simulation robot environment and the real robot environment respectively, and the results show that comparing with the reactive behavior planning algorithm and BDI-based probabilistic planning algorithm, the proposed algorithm DAAB can produce plans that operate in open environment with high efficiency and low efforts to accomplish tasks.

    • Formalizing Railway Interlocking Domain Specific Language

      2020, 31(6):1638-1653. DOI: 10.13328/j.cnki.jos.005997

      Abstract (2570) HTML (2528) PDF 1.79 M (5425) Comment (0) Favorites

      Abstract:As a core subsystem of the rail transit systems, the formal modeling and analysis of the interlocking system is an important means to ensure its safety. Formalization requires both domain knowledge and formal knowledge. Since formal knowledge is difficult to master, domain experts need the help of formal experts throughout the modeling process. To solve this problem, aiming at the characteristics of fault randomness, real-time behavior, and reusability of components in railway interlocking systems, a specific language IS-DSL is proposed to describe the parameters of specific interlocking system. A formal model of interlocking system is generated automatically based on the stochastic hybrid automata (SHA) templates, to carry out further safety analysis. In this study, the model of interlocking system is analyzed firstly, and the domain specific language is designed according to different cases. Secondly, the templates of the interlocking system model, including environment component templates and controller template are established, and the SHA templates are extracted as examples. Based on these templates, the system model generation process is defined, so that the domain experts can automatically generate the specific SHA model by inputting parameters through the IS-DSL. Finally, the interlocking system of a station is taken as an example to show the generation process. The following accident prediction analysis based on this system model proves the feasibility and effectiveness of the proposed approach.

    • Failure Probabilities Allocation and Safety Assessment Approaches Based on AADL

      2020, 31(6):1654-1671. DOI: 10.13328/j.cnki.jos.005999

      Abstract (2896) HTML (2581) PDF 1.68 M (5864) Comment (0) Favorites

      Abstract:Modern avionics systems are complex safety-critical cyber-physical systems (CPSs). Failure probabilities allocation is the important work for civil airborne systems and equipment during the preliminary system safety assessment process. Architecture analysis and design language (AADL) is suitable for the design and development of avionics systems. It is indispensable to perform failure probabilities allocation and safety assessment for AADL models. This study proposes an AADL-based failure probabilities allocation approach, which considers the design of system architectures, model complexities and severity levels. It allocates failure probabilities to subcomponents as safety requirements. Furthermore, with the integration of the proposed allocation approach and deterministic stochastic Petri-net (DSPN), an AADL-based safety assessment method is proposed. It transforms AADL models to DSPN models to calculate failure probabilities of subcomponents and assesses if subcomponents can satisfy safety requirements, so that an architecture that satisfies safety objectives can be obtained. Finally, the algorithm and the structure of the tool are provided for failure probabilities allocation and safety assessment approaches. By assessing flight control systems, it is demonstrated that proposed approaches can effectively perform failure probabilities allocation and safety assessment.

    • Event-triggering Secure Control of Markov Jump Cyber-Pysical Systems Under Mode- dependent Denial of Service Attacks

      2020, 31(6):1672-1680. DOI: 10.13328/j.cnki.jos.006000

      Abstract (2548) HTML (2782) PDF 942.57 K (5044) Comment (0) Favorites

      Abstract:This study investigates the secure control problem of Markov jump cyber-physical systems (CPS) under mode-dependent denial of service (DoS) attacks. A novel mode-dependent event-triggering strategy is adopted to reduce the network resource consumptions. In particular, the DoS attacks are supposed to be mode-dependent for more practical applications. The Lyapunov-Krasovskii functional method is utilized to establish the sufficient conditions such that the resulting closed-loop system can be uniformly ultimately bounded under DoS attacks. Furthermore, the desired secure controller can be designed in terms of matrix techniques. Finally, an illustrative example is presented to demonstrate the effectiveness of the theoretical method.

    • >Review Articles
    • Survey of Dynamic Analysis Based Program Invariant Synthesis Techniques

      2020, 31(6):1681-1702. DOI: 10.13328/j.cnki.jos.006014

      Abstract (4298) HTML (3823) PDF 488.04 K (8005) Comment (0) Favorites

      Abstract:Program invariants are important properties of software, which play important roles in many software research fields, such as verification, debugging, and testing. Since the end of 20th century, research on dynamic analysis based program invariant synthesis has become a hot topic in related research areas and made remarkable progress. This paper collects 90 related papers to survey researches within this topic. To dynamically synthesize invariants is the key problem of this field. An abstract framework, “learner-oracle”, is proposed to model and subsume synthesis approaches. In general, the synthesis approaches can be classified into four types, i.e. pattern enumeration based approaches, numerical calculation based approaches, statistical learning based approaches, and symbolic execution based approaches. Furthermore, important applications are discussed of dynamic invariants in software engineering and software verification. Then, important subject programs and synthesis tools are briefly summarized. Finally, the remaining opportunities are presented and a conclusion is reached.

    • Design Pattern Detection Approach Based on Stacked Generalization

      2020, 31(6):1703-1722. DOI: 10.13328/j.cnki.jos.005847

      Abstract (1616) HTML (1492) PDF 2.54 M (4257) Comment (0) Favorites

      Abstract:Design pattern detection plays an important role in understanding and maintaining software system. With the purpose of identifying variants of design pattern efficiently and improving the accuracy of design pattern detection, an approach of design pattern detection based on stacked generalization in combination with object-oriented software metrics and pattern micro-structures is proposed in this study. Applying some typical machine learning algorithms, the approach trains a metric classifier and a micro-structure classifier for each design pattern, after which a stacked classifier is further trained and constructed on the predictive values of the two classifiers and some related object modeling features. To evaluate the proposed approach, a prototype tool, namely OOSdpd, is developed to detect design pattern instances from Java bytecode files of a system. The experiments on several classic open source projects are carried out, such as JUnit etc., and the proposed approach is compared with two existing tools. Experiments prove the effectiveness of the proposed approach in terms of improving the accuracy and recall rate of design pattern detection.

    • >Review Articles
    • Research Progress on Cross-domain Text Sentiment Classification

      2020, 31(6):1723-1746. DOI: 10.13328/j.cnki.jos.006029

      Abstract (3999) HTML (5241) PDF 1.75 M (9708) Comment (0) Favorites

      Abstract:As an important research topic in social media text sentiment analysis, cross-domain text sentiment classification aims to use the source domain resources or model transfer to serve the target domain text sentiment classification task, which can effectively solve the problem of insufficient data marking in specific domains. In order to solve the problem of cross-domain sentiment adaptation, this article summarizes the existing studies of cross-domain sentiment classification from three perspectives, i.e., (1) it can be divided into transductive and inductive cross-domain sentiment classification methods according to whether there is labeled data in the target domain; (2) it can be divided into instance transferring based, feature transferring based, model or parameters transferring based, sentiment dictionary based, joint sentiment topic based, and graph model based methods according to different sentiment adaption strategies; (3) it can also be divided into single-source domain and multi-source domains of cross-domain sentiment classification according to the number of available source domains. In addition, it is also introduced that a new approach of deep transfer learning to solve cross-domain sentiment classification problems, and summarize its latest research results in cross-domain sentiment classification. Finally, the challenges are combined with key issues of current cross-domain sentiment classification technology and further study directions are pointed out.

    • Chinese Sentence-Level Lip Reading Based on End-to-End Model

      2020, 31(6):1747-1760. DOI: 10.13328/j.cnki.jos.005709

      Abstract (2199) HTML (2553) PDF 1.67 M (5007) Comment (0) Favorites

      Abstract:In recent years, with the widely application of deep learning, lip reading recognition technology has achieved rapid development. Different from traditional methods, lip reading recognition methods based on the deep learning usually use the neural network model both for the feature extraction and comprehension. According to the characteristics of Chinese language, a two-step end-to-end architecture is implemented, in which two deep neural network modules are applied to perform the recognition of picture-to-pinyin (P2P) and pinyin-to-hanzi (P2CC) respectively. After the two modules are trained with convergence, they are then jointly optimized to improve the overall performance. Due to the lack of Chinese lip reading dataset, the 6-month daily news broadcasts are collected from China Central Television (CCTV), and they are semi-automatically labelled into a 20.95 GB dataset CCTVDS with 14 975 samples. In addition, the supplementary dataset with 269 558 samples are collected during the pre-training of P2CC. According to experimental results trained on the CCTVDS, the proposed ChLipNet can achieve 45.7% sentence-level and 58.5% Pinyin-level accuracies. In addition, ChLipNet can not only accelerate training, reduce overfitting, but also overcome syntactic ambiguity in the recognition of Chinese language.

    • >Review Articles
    • Differential Privacy under Continual Observation

      2020, 31(6):1761-1785. DOI: 10.13328/j.cnki.jos.006042

      Abstract (3521) HTML (4210) PDF 773.79 K (7597) Comment (0) Favorites

      Abstract:With the development of information technologies and Internet of things (IoT) technologies,there are more and more scenarios under continual monitoring, such as transportation monitoring, disease monitoring, smart infrastructure etc. In these scenarios, how to protect the privacy of continuous sharing data is facing major challenges. Differential privacy is arigorous and provable privacy definition. Earlier research on differential privacy has focused on “one-shot” release on a static dataset. However, differential privacy under continual observation focuses on the continuous computationon the dynamic dataset. Now it has become one of the research hotspots. This study surveys the state-of-the-art techniqueson differential privacy under continual observation, and focuses on summarizing existing schemes that provide event-levelprivacy, user-levelprivacy, and w-event privacy. Following a comprehensive comparison and analysis of existing techniques, further research prospectsare put forward.

    • Community Aware MSN Routing Scheme Based on ICN Architecture

      2020, 31(6):1786-1801. DOI: 10.13328/j.cnki.jos.005708

      Abstract (1638) HTML (1793) PDF 1.87 M (3447) Comment (0) Favorites

      Abstract:MSN (mobile social network) realizes message delivery by leveraging social relationships of mobile users via cooperation forwarding of nodes. However, with the coming of the big data era, MSN should satisfy the daily increasing content (e.g., video) requests of the mobile users. Considering that ICN (information-centric networking) supports mobility natively, in this study, a community aware routing scheme in MSN is proposed, which is based on ICN architecture. In interest decision, the proposed interest distance metrics among users are calculated based on the interest preferences of users, which are obtained from the content name of the requests of nodes. Then, nodes are detected into interest communities based on the interest distances, and interest packets are routed based on these detected interest communities. In data decision, the proposed encounter regularity metrics are calculated according to the history encounter information of nodes. Then, based on the encounter regularities, nodes are detected into social communities, and data packets are routed based on these detected social communities. Meanwhile, the proposed routing scheme optimizes content caching of nodes based on the detected interest communities and social communities, in order to satisfy the future content requests rapidly. By comparing with the existed schemes on packet delivery, average hops, average delay and network overhead, simulation experiments show that the proposed scheme is feasible and effective.

    • Node Degree Estimation and Static Game Forwarding Strategy Based Routing Protocol for Ad Hoc Networks

      2020, 31(6):1802-1816. DOI: 10.13328/j.cnki.jos.005703

      Abstract (4874) HTML (1084) PDF 1.60 M (4148) Comment (0) Favorites

      Abstract:To alleviate the broadcast storm problem caused by broadcasting the route request packets in the route discovery process, a node degree estimation and static game forwarding based routing protocol (NGRP) for ad hoc networks is proposed. NGRP adopts the idea of piecewise function to estimate the node degree when the nodes are in center, borderline and corner area respectively, which avoids unnecessary overhead caused by broadcasting Hello message periodically. NGRP applies the static game forwarding strategy to forward the route request packets, where the number of participating wireless nodes is the node degree and the strategy set is forwarding and not forwarding. According to Nash equilibrium, the forwarding probability can be calculated. NGRPP reduces the redundant retransmission and the chance of the contention and collision among neighboring nodes in the networks, increases the efficiency of the route request packets forwarding. The simulation results demonstrate preliminarily that NGRP improves the packet delivery fraction and throughput, reduces the normalized routing load and normalized MAC load, which all compare with AODV+FDG, AODV with Hello and AODV without Hello.

    • CP-ABE Scheme with Fast Decryption for Public Cloud

      2020, 31(6):1817-1828. DOI: 10.13328/j.cnki.jos.005704

      Abstract (1849) HTML (2023) PDF 1.29 M (4392) Comment (0) Favorites

      Abstract:Most of existing CP-ABE (ciphertext-policy attribute-based encryption) schemes have such problems as over-computation and a long calculation time in decryption, which make them difficult to be applied and implemented. To solve this problem, the computation outsourcing is introduced into the design of CP-ABE scheme, a Spark-platform-based CP-ABE scheme with fast decryption for public cloud is proposed. In this scheme, the decryption parallelization algorithm is designed based on the decryption feature of CP-ABE, with which, decryption at both leaf node and root node with over-computation is parallelized. Then, the parallelization tasks are handed over to the Spark cluster. The computation outsourcing makes the most decryption computation done by cloud servers, while the user client only needs an exponential operation, and parallelization greatly improves the speed of decryption. Security analysis shows that the proposed scheme can fight against chosen plaintext attack under both the generic group model and the random oracle model.

    • Improved Dynamic Cube Attack on Reduced MORUS

      2020, 31(6):1829-1838. DOI: 10.13328/j.cnki.jos.005806

      Abstract (1369) HTML (1225) PDF 973.57 K (3138) Comment (0) Favorites

      Abstract:MORUS is a third-round candidate authenticated cipher of CAESAR designed by H. Wu et al. Dynamic cube attack presented by Itai Dinur et al. recovers the secret key of a cryptosystem by exploiting distinguishers given by cube testers. This study proposes an improved dynamic cube attack by optimizing standard of choosing cubes and method of recovering secret expressions. Based on which, a technique is presented for recovering crucial secret expressions preferentially with high successful rate. Then, MORUS of reduced to 5 steps is attacked utilizing improved dynamic cube attack, and the key of 128-bit is recovered with data complexity of O(295.05) and the successful rate of 92% at least.

    • Applying Probabilistic Model Checking to the Quantitative Verification of Task Scheduling for Cloud Rendering System

      2020, 31(6):1839-1859. DOI: 10.13328/j.cnki.jos.005641

      Abstract (1588) HTML (1324) PDF 2.38 M (3361) Comment (0) Favorites

      Abstract:Cloud rendering has been widely used as a new computing architecture for the industries of film, television and animation. However, it is different from traditional methods, such as the render farm and rental market, which can provide a variety of rendering software in the cloud to recede workloads based on cloud infrastructures. In general, task executions and resource operations of task scheduling are transparent to the user. This requires that the cloud rendering system should have the intelligent ability to perform the optimal resources scheduling and multi-terminal tasks management. Thus, the reliability of the cloud rendering system is a core research problem. To this end, the probabilistic model checking technology is employed to carry out the quantitative verification and performance evaluation of the cloud rendering process focusing on task scheduling. First, the rendering service failure will cause stochastic exceptions and instruction errors when cloud rendering is working, i.e., damaged files and task timeout. To this end, the DTMC-based probabilistic model is proposed to formalize the file preparation module, resource request module, and rendering task execution module. Second, considering QoS attributes, nine types of reliability property are introduced to quantitatively verify the cloud rendering system, based on which PCTL is used to describe the verification formula to execute the supporting tool PRISM. Finally, the feasibility and effectiveness of proposed method are demonstrated by case study and experiments, especially the performance of task scheduling can be guaranteed by system recovery and task switching according to the quantitative result generated from formal verifications. Therefore, the proposed method can improve the reliability of the cloud rendering system.

    • Heuristic Based Resource Provisioning Approach for Big Data Analytics in Cloud Environment

      2020, 31(6):1860-1874. DOI: 10.13328/j.cnki.jos.005710

      Abstract (2026) HTML (1430) PDF 1.94 M (4487) Comment (0) Favorites

      Abstract:It is a big challenge to pick up the best cloud configuration for recurring big data analytics jobs running in clouds. Prior efforts may get in a sub-optimal configuration due to a broad spectrum of cloud configurations with a few test runs, such as CherryPick. RP-CH, presented in this paper, is a resource provisioning system that leverages heuristic rules based on classification information to identify the optimal cloud configuration for big data analytics jobs, while the insight is classifying a job by comparing its resource preference and usage information with other jobs. Then, heuristic rules are used to distinguish bad samples from good ones in Bayesian optimization algorithm. The experiments on HiBench and SparkBench in Aliyun ECS show that the performance of job has been improved by 58% in average comparing with CherryPick, meanwhile the resource cost has been reduced by 44% in average.

    • Container Image Deduplication Method Based on Chunking Reuse of Multi-versions

      2020, 31(6):1875-1888. DOI: 10.13328/j.cnki.jos.005816

      Abstract (1738) HTML (1521) PDF 1.40 M (3624) Comment (0) Favorites

      Abstract:Container encapsulates the application, the supporting software, and the operating system libraries as an image. The application is updated through publishing a newer image version. That would lead a certain degree of duplications between the neighboring versions. The loading process of container image is time-consuming and delays the starting time of a container from milliseconds to seconds or minutes. Reusing the same data of previous versions can help to reduce the loading time. The layered loading and inheritance features adopted by container can help to reuse the supporting software and the operating system libraries effectively in image loading. However, reusing the application data is currently not supported. This study proposed a container image loading methodology based on chunking reuse of older versions to improve the image loading performance. A boundary matching based chunking method was used to divide the image layers into fine-gained data chunk, the chunk hash value was used as the unique identification fingerprint. The B-tree was used to find the same blocks and the same blocks were reused to speed up the loading process. Experimental results show that the proposed method can improve 5.8X container image loading speed.

    • Resource-Constrained Serial Task Offload Strategy in Mobile Edge Computing

      2020, 31(6):1889-1908. DOI: 10.13328/j.cnki.jos.005705

      Abstract (2280) HTML (1417) PDF 2.77 M (5175) Comment (0) Favorites

      Abstract:The continuous integration of cloud computing and mobile Internet promotes the generation and development of mobile cloud computing (MCC), but it is difficult to meet the demand for bandwidth and delay of terminal applications. Mobile edge computing (MEC) provides computing and storage capabilities at the edge of the user's network. By computing offloading, the terminal task is migrated to the edge server for execution, which can effectively reduce application delay and conserve terminal energy consumption. However, this has certain limitations in practical applications for existing works that focus on a single mobile terminal and assume the server's resources are sufficient for task offloading on MEC environment. This study focuses on the task offloading problem under the resource-constrained MEC environment and proposes a multi-user serial task dynamic offloading strategy (MSTDOS). The strategy uses the completion time of the application and the energy consumption of the mobile terminal as evaluation indicators, follows the principle of first come first served, uses a chemical reaction optimization algorithm to solve, while can make a near-optimal offloading strategy for the application by consider the interactionamong multiple terminals and dynamically adjust the selection decision. Simulation results show that MSTDOS strategy can achieve better application performance than existing algorithms.

    • Wear Attacks and Defense Mechanisms for Persistent In-memory File Systems

      2020, 31(6):1909-1929. DOI: 10.13328/j.cnki.jos.005706

      Abstract (1576) HTML (1501) PDF 2.31 M (3771) Comment (0) Favorites

      Abstract:Recently, many new persistent in-memory file systems are proposed to exploit the advantages of non-volatile memory (NVM), such as low latency and byte-addressability. As a result, the performance of the persistent in-memory file systems is greatly improved by optimizing the I/O stack and data consistency mechanisms. Nevertheless, existing persistent in-memory file systems ignores the limited write endurance of NVM, which can easily lead to the wear out of NVM. This study first explores wear attacks using the common file system operations to wear out the underlying NVM devices of persistent in-memory file systems. The effectiveness of the wear attacks is proved by experiments in PMFS, a real persistent in-memory file system. Then, in order to prevent NVM from malicious wear attacks, this study proposes a persistent in-memory file system wear defense (PFWD) strategy, which includes inode virtualization, super block migration, data page wear-leveling, and file index structure migration, to protect all the data structures of file systems that may be exploited by wear attacks. Experimental results show that PFWD can effectively prevent NVM from wear attacks and improve the stability of the storage system.

Current Issue


Volume , No.

Table of Contents

Archive

Volume

Issue

联系方式
  • 《Journal of Software 》
  • 主办单位:Institute of Software, CAS, China
  • 邮编:100190
  • 电话:010-62562563
  • 电子邮箱:jos@iscas.ac.cn
  • 网址:https://www.jos.org.cn
  • 刊号:ISSN 1000-9825
  •           CN 11-2560/TP
  • 国内定价:70元
You are the firstVisitors
Copyright: Institute of Software, Chinese Academy of Sciences Beijing ICP No. 05046678-4
Address:4# South Fourth Street, Zhong Guan Cun, Beijing 100190,Postal Code:100190
Phone:010-62562563 Fax:010-62562533 Email:jos@iscas.ac.cn
Technical Support:Beijing Qinyun Technology Development Co., Ltd.

Beijing Public Network Security No. 11040202500063