System Bits: Nov. 19

A more practical cloak of invisibility; waste not want not for programmers.


Practical Invisibility
Anyone who has read Harry Potter or watched Star Trek knows how powerful invisibility can be—at least in science fiction or the world of magic. But now, two researchers in The Edward S. Rogers Sr. Department of Electrical & Computer Engineering at the University of Toronto have demonstrated an effective invisibility cloak that is thin, scalable and adaptive to different types and sizes of objects.

“We’ve taken an electrical engineering approach, but that’s what we are excited about,” says Eleftheriades. “It’s very practical.”

Picture a mailbox sitting on the street. When light hits the mailbox and bounces back into your eyes, you see the mailbox. When radio waves hit the mailbox and bounce back to your radar detector, you detect the mailbox. Eleftheriades and Selvanyagam’s system wraps the mailbox in a layer of tiny antennas that radiate a field away from the box, canceling out any waves that would bounce back. In this way, the mailbox becomes undetectable to radar.

“We’ve demonstrated a different way of doing it,” says Eleftheriades. “It’s very simple: instead of surrounding what you’re trying to cloak with a thick metamaterial shell, we surround it with one layer of tiny antennas, and this layer radiates back a field that cancels the reflections from the object.”

Their experimental demonstration effectively cloaked a metal cylinder from radio waves using one layer of loop antennas. The system can be scaled up to cloak larger objects using more loops, and Eleftheriades says the loops could become printed and flat, like a blanket or skin. Currently the antenna loops must be manually attuned to the electromagnetic frequency they need to cancel, but in future they could function both as sensors and active antennas, adjusting to different waves in real time, much like the technology behind noise-canceling headphones.

Throwing Code Away
Most of the time we are thankful for compilers that throw away dead code, but there are times when this may not be such a good thing. A group at MIT’s Computer Science and Artificial Intelligence Lab (CSAIL) has created a system they call Stack, which will automatically scan programmer’s code to avoid compilers from tossing bits of code that might not appear essential. Stack could prevent loss of code that is vital for security purposes. Most compilers streamline the code they produce, modifying algorithms specified by programmers so that they’ll run more efficiently.

Sometimes that means simply discarding lines of code that appear to serve no purpose. But as it turns out, compilers can be overaggressive, dispensing not only with functional code but also with code that actually performs vital security checks.

As strange as it may seem to nonprogrammers — or people whose only experience with coding is on small, tightly managed projects — large commercial programs are frequently full of instructions that will never be executed, known as “dead code.” When hundreds of developers are working on an application with millions of lines of code that have been continually revised for decades, one of them may well end up inserting a seemingly innocuous condition that ensures that a function thousands of lines away, written by someone else, never gets executed. Dead code is ubiquitous, and compilers should remove it.

Problems arise when compilers also remove code that leads to “undefined behavior.” “For some things this is obvious,” says Frans Kaashoek, the Charles A. Piper Professor in the Department of Electrical Engineering and Computer Science (EECS). “If you’re a programmer, you should not write a statement where you take some number and divide it by zero. You never expect that to work. So the compiler will just remove that. It’s pointless to execute it anyway, because there’s not going to be any sensible result.”

The C programming language has a lot of subtle corners to the language specification, and there are things that are undefined behavior that most programmers don’t realize are undefined behavior. A classic example, explains Xi Wang, a graduate student in EECS, is the assumption that if a program attempts to store too large a number at a memory location reserved for an integer, the computer will lop off the bits that don’t fit. “In machines, integers have a limit,” Wang says. “Whenever you exceed that limit, the input value basically wraps around to a smaller value.”
Wang, along with his fellow EECS professors Nickolai Zeldovich and Armando Solar-Lezama, combed through the C language specifications and identified every undefined behavior that they imagined a programmer might ever inadvertently invoke. Stack, in effect, compiles a program twice: once just looking to excise dead code, and a second time to excise dead code and undefined behavior. Then it identifies all the code that was cut the second time but not the first and warns the programmer that it could pose problems.

The MIT researchers tested their system on several open-source programs. In one case, the developers of a program that performs database searches refused to believe that their code had bugs, even after they’d examined the instructions flagged by Stack. “Xi sent them a one-line SQL statement that basically crashed their [application], by exploiting their ‘correct’ code,” Kaashoek says.

Mattias Engdegård, an engineer at Intel, is one of the developers who found Stack online and already has applied it to his company’s code. “Stack is very carefully designed to have a very low false-positive ratio,” Engdegård says. Nonetheless, “it found some errors that no other static-analysis tool had found before,” he says, resulting in “one or two dozens of instances of code changes.”