Ismael Ripoll 
Category: Assistant Professor (Titular de Universidad)
Phone: +34 963 879 218 / Internal: 79218 / Fax+34 963 877 579
Email: iripoll@upv.es
Location: Room 3N12, Building 1G, Universitat Politècnica de València.
  • Security
  • Hyper-Periods
  • Dynamic memory
  • Scheduling
Research is both: fun and useful !
Accepted CVEs
CVE Product Description Vulnerability/Weakness CVSS
v2.0 v3.0
CVE-2016-4484 Cryptsetup(Initrd) Incorrect error handling Not failing securely 7.2 6.8
CVE-2016-3672 Linux kernel Disable ASLR ASLR Weakness 4.6 7.8
CVE-2015-8370 GRUB2 Integer overflow IX Jornadas STIC CCN-CERT 6.9
CVE-2015-1593 Linux Kernel Integer overflow Reduced randomised range 5.0
CVE-2015-1574 Email Android Denial of Service Incorrect headers handling 5.0
CVE-2013-6825 DCMTK Root privilege escalation Drop privileges failed 7.2
CVE-2013-4788 Glibc Weak pointer protection Improper Input Validation 5.1
CVE-2013-6876 s3dvt Root shell (I) Drop privileges failed N.A.
CVE-2014-1226 s3dvt Root shell (II) Drop privileges failed N.A.
CVE-2014-5439 sniffit Root shell Stack buffer overflow N.A.
Other Security Issues
Product Description Vulnerability/Weakness
Linux kernel Reduced mmap entropy Improper mask manipulation
Glibc Bypass pointer guard Improper Input Validation
Linux Kernel AMD Bulldozer ASLR Reduced randomization
Bash Root shell Drop privileges failed
Bash Crash Improper input handling
More...?

The dynamic memory allocation (malloc/free) is a technique widely used since the very beginning of the computer science. It was deeply studied during the 60 and 70, mainly with the intention to address the fragmentation problem. Later the goal was to speed-up the temporal cost of the operations (allocate and de-allocate). Despite the many research efforts, it is still an open problem that is waiting to be better settled.

A mayor breakthrough was achieved a few years ago: the design of the TLSF (Two Level Segregate Fit) allocator. It is a fast, constant time allocator with a very low fragmentation.

Basically, there are two problems regarding dynamic memory: fragmentation and temporal efficiency. There exists many misconceptions around DMA, one of them was that lower fragmentation can be achieved by more complex and costly algorithms. For example it is generally accepted that the policy "best-fit" causes less fragmentation, but it is not true!.

More...?

The question to answer is: Given a periodic task set. Is it feasible?

This problem is the first issue that must be addressed if we want to use the EDF in a real-time system. Once we know how to analyse the schedulability of a basic task set, then it is possible to extend the solution to include more restrictions like precedence constrains between tasks, context switch overhead, or mutual exclusive resources.

The first solution to this problem was propossed in 200? by San joy Barhua. Three years latter I proposed another solution based on a completely different property. This new solution paved the way for the optimal aperiodic service for EDF.

More...?

First of all: What is the hyper-period?: The hyper-period is the smallest interval of time after which the periodic patterns of all the tasks are repeated. It is typically defined as the LCM (least common multiple) of the periods of the tasks (in a periodic task system).

A small hyper-period value has several applications in several fields of real-time scheduling:

  • lowering complexity in table driven schedulers,
  • reducing search space in model checking analysis,
  • generating synthetic workload for statistical analysis of real-time scheduling algorithms, etc.

There is little room form improvements when using the mathematical definition of hyper-period, it is like trying to reduce the result of 5 * 5 because you think that 25 is too big

But what would occur if the periods were not an integer number but defined as a range of valid values. That is, a period is defined as a nominal value and a tolerance. In fact, this is the normal way of dealing with the physical magnitudes commonly used by engineers and physics.

What is , is that with this "engineering" definition of period, it is possible to exponentially reduce the value of the resulting hyper-period.

More...?
Teaching Currently I'm teaching:
  • Gestión de Incidentes de Ciberseguridad (GIC, MUCC)
  • Ciberseguridad (CIB, MUIINF)
Previous classes:
  • Seguridad Web (SEW, GII)
  • Hacking Ético (HET, GII)
  • Data Analysis In Security (DAS, GCD)
  • Seguridad en los Sistemas Informáticos (SSI, GII)
  • Disenyo de Sistemas Operativos (DSO)
Miscelanea
  Home