The US Defense Advanced Projects Agency (DARPA) ran a “Cyber Grand Challenge” in 2016, where automated cyber-attack and cyber-defense systems were pitted against each other to drive progress in autonomous cyber-security. The competition was run on physical computers (obviously), but Simics was used in a parallel flow to check that competitors’ programs were not trying to undermine the infrastructure of the competition rather than compete fairly inside the rules of the competition.
This “vetting” system was explained in a paper from 2018, and I have a blog post up on my Intel Blog about how Simics was used. Overall, the system that was built was very impressive – following the execution of software in a detailed manner to detect if it was trying to break out of the operating system sandbox in which it ran.
The researchers also connected Simics to the HexRays* IDA Pro* Debugger, including the enabling of Simics reverse execution from IDA. It is an excellent example of what you can do given extensible and programmable platforms like Simics (and IDA). In the presentation, the researchers end with a nice slide about “Bring Your Own Simics” 🙂
A blog post from Undo Software informed me that Microsoft has rather quietly released a reverse debugger tool for Windows programs – WinDbg with Time Travel Debug. It is available in the latest preview of WinDbg, as available through the Windows Store, for the most recent Windows 10 versions (Anniversary update or later). According to a CPPcon talk about the tool (Youtube recording of the talk) the technology has a decade-long history internally at Microsoft, but is only now being released to the public after a few years of development. So it is a new old thing 🙂
I have just published a piece about the Intel Excite project on my Software Evangelist blog at the Intel Developer Zone. The Excite project is using a combination of of symbolic execution, fuzzing, and concrete testing to find vulnerabilities in UEFI code, in particular in SMM. By combining symbolic and concrete techniques plus fuzzing, Excite achieves better performance and effect than using either technique alone.
The SiCS Multicore Day took place last week, for the tenth year in a row! It is still a very good event to learn about multicore and computer architecture, and meet with a broad selection of industry and academic people interested in multicore in various ways. While multicore is not bright shiny new thing it once was, it is still an exciting area of research – even if much of the innovation is moving away from the traditional field of making a bunch of processor cores work together, towards system-level optimizations. For the past few years, SiCS has had to good taste to publish all the lectures online, so you can go to their Youtube playlist and see all the talks for free, right now!
IEEE Micro published an article called “Architectural Simulators Considered Harmful”, by Nowatski et al, in the November-December 2015 issue. It is a harsh critique of how computer architecture research is performed today, and its uninformed overreliance on architectural simulators. I have to say I mostly agree with what they say. The article follows in a good tradition of articles from the University of Wisconsin-Madison of critiquing how computer architecture research is performed, and I definitely applaud this type of critique.
Note: This post was caused by listening to an interesting science podcast while thinking about the theories of startups, and the connection might seem a bit odd. Still, I think there is something to be learnt here. End note.
I recently listened to the episode on Bliss, by the Radiolab podcast. As always, Radiolab manages to take a theme and connect all kinds of things to it. In this case, bliss as in happiness turned into Bliss, the man, and his invention of Symbolics. Symbolics was an attempt to create a rational language based on symbols that would not allow the manipulation of human opinion or feeling like regular languages do. It was an attempt to create an antidote to the manipulations of dictators, tricksters, and populists (Bliss himself had been briefly interned in a pre-war German concentration camp, so he definitely knew what words could do). He designed a symbolic writing scheme that was intended to only communicate ideas clearly and unambiguously and with no room for demagogery and oratory. In the end, nobody wanted to use the language for its original purpose.
In the past year, I have started listening to various podcast from the “Skeptic” community. Although much of the discussion tends to center on medicine (because of the sadly enormous market for quackery) and natural science (because the sad fight over evolution), it has made me think and reflect more about the nature of science and publishing. Indeed, it would have been great if this kind of material would have been easily found back when I was doing my PhD.
For some reason, in the past few weeks I have talked to more than a few PhD students and researchers about various ideas. It is striking how often fundamentally very smart people have a problem in articulating just why what they are doing is useful, relevant, and potentially commercially interesting. Of course, we all know that this is hard, and all PhD students get some kind of training in presentation and selling their ideas. It is also unfair to expect a fresh graduate student to be able to put on a show like a Simon Peyton-Jones.
However, this did get me thinking some about the articulation of problems.
I just found “The Toaster Project“, a Royal College of Art project where Thomas Twaites built a simple toaster from scratch. Really from scratch, going all they way back to iron ore and raw petroleum. In the process, he had to smelt ore, create plastic from petroleum, etc. It is a very interesting observation about the immense industrial complexity behind the very simple everyday items of our lives. I also think it has something to tell us computer scientists about abstraction.
For the longest time, the IBM Journal of Research and development, and its entire archive, was online at IBM and for free to access. This publication was, I assume, seen as a way to publicize IBM systems and their research efforts. But now, it has unexplicable gone to a for-pay format. It costs 1500 USD/year to access it, which is pretty steep I think. Compare with sources like the Microprocessor Report, or regular IEEE or ACM memberships. I think this is a really dumb move, and I will miss reading their often quite interesting articles. Who will pay to read only about IBM systems and research?;