Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a unive ....Effective software vulnerability detection for web services. This project aims to design and implement new and better methods to find vulnerabilities in software services delivered over the web or through the cloud, as well as methods for proving the absence of certain types of vulnerability. So-called injection attacks are pervasive and generally considered the most important security threat on today's Internet. The programming languages used for software services tend to use strings as a universal data structure, which unfortunately makes it hard to separate trusted code from untrusted user-provided data. This project intends to develop novel program analysis tools and string constraint solvers, and employ these tools to support sophisticated automated reasoning about string manipulating software.Read moreRead less
An extensible framework for analysis of Java language-based security conformance. Java is a programming language and platform running on 3 billion devices. While Java provides a sandbox-based security architecture within the Java Class Library to protect systems from untrusted code downloaded from Internet, it cannot defend against implementation bugs that occur in the Java Class Library. The goal of this project is to provide a formal model of the Java security architecture, which can be used b ....An extensible framework for analysis of Java language-based security conformance. Java is a programming language and platform running on 3 billion devices. While Java provides a sandbox-based security architecture within the Java Class Library to protect systems from untrusted code downloaded from Internet, it cannot defend against implementation bugs that occur in the Java Class Library. The goal of this project is to provide a formal model of the Java security architecture, which can be used by program analysers to identify faulty or insufficient security checks in the Java Class Library that may lead to the sandbox being bypassed.Read moreRead less
Dataparallel Programming for Multicore Processors. The proposed project will contribute to the development of frontier technologies to help build Australian industries. The project is designed to unlock significant performance improvements with current and future multicore (processor) computer architectures. This potential performance improvement can be achieved with parallel programming models. This is crucial for ICT applications in performance hungry areas, such as biotechnology, finance, mul ....Dataparallel Programming for Multicore Processors. The proposed project will contribute to the development of frontier technologies to help build Australian industries. The project is designed to unlock significant performance improvements with current and future multicore (processor) computer architectures. This potential performance improvement can be achieved with parallel programming models. This is crucial for ICT applications in performance hungry areas, such as biotechnology, finance, multi-media, and 'info-tainment'. The project will also provide research training and increase local expertise in parallel programming for multicore processors, an area that is quickly growing in importance.Read moreRead less
Design and Formal Verification of Control and Data Acquisition Protocols. This research will develop new specification and verification techniques for remote control protocols, used among interconnected sites in supply utilities such as electricity grids, based on a proven formal methods technology. These protocols are used in the monitoring of data from remote sites, and the transmission of control commands to such sites from a central location. Benefits to the industrial partner include increa ....Design and Formal Verification of Control and Data Acquisition Protocols. This research will develop new specification and verification techniques for remote control protocols, used among interconnected sites in supply utilities such as electricity grids, based on a proven formal methods technology. These protocols are used in the monitoring of data from remote sites, and the transmission of control commands to such sites from a central location. Benefits to the industrial partner include increased assurance that their control technology does correctly realise the adopted protocols. Assurance of correctness is significant in that incorrect protocol implementation may cause errant operation of equipment, and lead to economic and environmental damage.Read moreRead less
High Performance Runtimes for Next Generation Languages. X10 is a type-safe, memory-safe programming language. This project will help make X10 a viable choice for secure software on the next generation of computer architectures. The proposed project will contribute to a better understanding of the fundamental processes that advance knowledge and facilitate the development of technological innovations (a research priority goal). By addressing a key emerging problem and consolidating Australian- ....High Performance Runtimes for Next Generation Languages. X10 is a type-safe, memory-safe programming language. This project will help make X10 a viable choice for secure software on the next generation of computer architectures. The proposed project will contribute to a better understanding of the fundamental processes that advance knowledge and facilitate the development of technological innovations (a research priority goal). By addressing a key emerging problem and consolidating Australian-based expertise in this area, the project will also enhance Australia’s capacity in frontier technologies research.Read moreRead less
Applying the Lessons of the Virtual Battlefield to Financial Modelling - Investigating Innovative use of Distributed Simulation. The development of Distributed Simulations is recognised as an increasingly important part of training, scientific modelling and acquisitions in the defense community. While the benefits of simulation are well understood the actual development costs and complexity remain prohibitive, requiring expert programming skills and training. These limitations are greatly impedi ....Applying the Lessons of the Virtual Battlefield to Financial Modelling - Investigating Innovative use of Distributed Simulation. The development of Distributed Simulations is recognised as an increasingly important part of training, scientific modelling and acquisitions in the defense community. While the benefits of simulation are well understood the actual development costs and complexity remain prohibitive, requiring expert programming skills and training. These limitations are greatly impeding the wider adoption of simulation in the broader business community.
To address these issues this proposal investigates the means of applying simulation technologies to a domain in which user-configurable desktop tools, such as spreadsheets and word processors, are more the norm - for example financial modelling.
We aim to extend the development of tools and techniques that support the desktop use of simulation and to assess the relative merits of these approaches. Our eventual goal is to provide approachable simulation services, without adversely compromising their inherent power, to a far wider range of application domains.
Read moreRead less