Explore the vast range of titles available.

In this paper, we propose a Linux-based operating system, namely, DicomOS, tailored for medical imaging and enhanced interoperability, addressing user-friendly functionality and the main critical needs in radiology workflows. Traditional operating systems in clinical settings face limitations, such as fragmented software ecosystems and platform-specific restrictions, which disrupt collaborative workflows and hinder diagnostic efficiency. Built on Ubuntu 22.04 LTS, DicomOS integrates essential DICOM functionalities directly into the OS, providing a unified, cohesive platform for image visualization, annotation, and sharing. Methods include custom configurations and the development of graphical user interfaces (GUIs) and command-line tools, making them accessible to medical professionals and developers. Key applications such as ITK-SNAP and 3D Slicer are seamlessly integrated alongside specialized GUIs that enhance usability without requiring extensive technical expertise. As preliminary work, DicomOS demonstrates the potential to simplify medical imaging workflows, reduce cognitive load, and promote efficient data sharing across diverse clinical settings. However, further evaluations, including structured clinical tests and broader deployment with a distributable ISO image, must validate its effectiveness and scalability in real-world scenarios. The results indicate that DicomOS provides a versatile and adaptable solution, supporting radiologists in routine tasks while facilitating customization for advanced users. As an open-source platform, DicomOS has the potential to evolve alongside medical imaging needs, positioning it as a valuable resource for enhancing workflow integration and clinical collaboration.

Docker has gained significant popularity in recent years. With the introduction of Docker Desktop for Windows and macOS, there is a need to determine the impact of the operating system on the performance of the Docker platform. This paper aims to investigate the performance of Docker containers based on the operating system. One of the fundamental goals of this study is to conduct a comprehensive analysis of the Docker architecture. This technology utilizes Linux kernel virtualization mechanisms such as namespaces and cgroups. Upon analyzing the distribution of Docker Desktop for Windows and Docker Desktop for macOS, it was discovered that running the Docker environment on these requires a lightweight virtual machine that emulates the Linux system. This information suggests that the additional virtualization layer may hinder the performance of non-Linux operating systems hosting Docker containers. The paper presents a performance test of the Docker runtime on Linux, Microsoft Windows, and macOS. The test evaluated specific aspects of operating system performance on a MacBook computer with an ×86/64 processor architecture. The experiment carried out examined the performance in terms of CPU speed, I/O speed, and network throughput. This test measured the efficiency of software that utilizes various system resources.

Accurately evaluating multi-core embedded systems remains a major challenge, as existing benchmarking methods and tools fail to reproduce realistic workloads with inter-core contentions. This study introduces a benchmark framework for Linux-based embedded systems that integrates a synthetic task-set generation model capable of reproducing both computational and contention characteristics observed in real-world applications. Applying this benchmark to three Linux kernel variants on a 16-core embedded platform, we have identified distinct scalability patterns and contention sensitivities among kernel configurations. The results mainly demonstrate the framework’s capability to reveal performance characteristics under Linux, but the proposed methodology itself has high portability and extendability by design to support various multi-core platforms including the RTOS-based ones.

Master the design and structure of Linux storage stack and explore its sophisticated architecture Purchase of the print or Kindle book includes a free PDF eBook Key Features Explore the virtual file system (VFS) and how it serves as an abstraction layer for the actual file systemUnderstand how the block layer acts as an intermediary between file systems and physical storageDiscover the physical layout and protocols linked with storage media Book Description The Linux storage stack serves as a prime example of meticulously coordinated layers. Embark on a journey through the kernel code with Architecture and Design of the Linux Storage Stack, crafted for anyone seeking in-depth knowledge about the layered design of Linux storage and its landscape. You’ll explore the Linux storage stack and its various concepts. You’ll unlock the secrets of the virtual filesystem and the actual filesystem and the differences in their implementation, the role of the block layer, the Multi-Queue and Device Mapper frameworks, I/O schedulers, physical storage layout, and how to analyze all the layers in the storage stack. By the end of this book, you’ll be acquainted with how a simple I/O request from a process travels down through all the layers and ends up in physical storage. What you will learn Understand the role of the virtual filesystemExplore the different flavors of Linux filesystems and their key conceptsManage I/O operations to and from block devices using the block layerDeep dive into the Small Computer System Interface (SCSI) subsystem and the layout of physical devicesGauge I/O performance at each layer of the storage stackDiscover the best storage practices Who this book is for This book is for system and storage administrators, engineers, linux professionals, linux community in general, and anyone looking to expand their understanding of Linux and its storage landscape. Prior knowledge of Linux operating system is a must.

As robotic systems such as autonomous cars and delivery drones assume greater roles and responsibilities within society, the likelihood and impact of catastrophic software failure within those systems is increased. To aid researchers in the development of new methods to measure and assure the safety and quality of robotics software, we systematically curated a dataset of 221 bugs across 7 popular and diverse software systems implemented via the Robot Operating System (ROS). We produce historically accurate recreations of each of the 221 defective software versions in the form of Docker images, and use a grounded theory approach to examine and categorize their corresponding faults, failures, and fixes. Finally, we reflect on the implications of our findings and outline future research directions for the community.

Fuzz testing plays a key role in improving Linux kernel security, but large-scale fuzzing often generates a high number of crash reports, many of which are redundant. These duplicated reports burden triage efforts and delay the identification of truly impactful bugs. Syzkaller, a widely used kernel fuzzer, clusters crashes using instruction pointers and sanitizer metadata. However, this heuristic may misgroup distinct issues or split similar ones caused by the same root cause. To address this, we present ECHO, a lightweight call stack-based deduplication tool that analyzes structural similarity among kernel stack traces. By computing the longest common subsequence (LCS) between normalized call stacks, ECHO groups semantically related crashes and improves post-fuzzing analysis. We integrate ECHO into the Syzkaller fuzzing workflow and use it to prioritize inputs that trigger deeper, previously untested kernel paths. Evaluated across multiple Linux kernel versions, ECHO improves average code coverage by 15.2% and discovers 20 previously unknown bugs, all reported to the Linux kernel community. Our results highlight that stack-aware crash grouping not only streamlines triage, but also enhances fuzzing efficiency by guiding seed selection toward unexplored execution paths.

Backgroud CRISPR/Cas is an efficient genome editing system that has been widely used for functional genetic studies and exhibits high potential in biomedical translational applications. Indel analysis has thus become one of the most common practices in the lab to evaluate DNA editing events generated by CRISPR/Cas. Several indel analysis tools have been reported, however, it is often required that users have certain bioinformatics training and basic command-line processing capability. Results Here, we developed CRISPR-GRANT, a stand-alone graphical CRISPR indel analysis tool, which could be easily installed for multi-platforms, including Linux, Windows, and macOS. CRISPR-GRANT offered a straightforward GUI by simple click-and-run for genome editing analysis of single or pooled amplicons and one-step analysis for whole-genome sequencing without the need of data pre-processing, making it ideal for novice lab scientists. Moreover, it also exhibited shorter run-time compared with tools currently available. Conclusion Therefore, CRISPR-GRANT is a valuable addition to the current CRISPR toolkits that significantly lower the barrier for wet-lab researchers to conduct indel analysis from large NGS datasets. CRISPR-GRANT binaries are freely available for Linux (above Ubuntu 16.04), macOS (above High Sierra 10.13) and Windows (above Windows 7) at https://github.com/fuhuancheng/CRISPR-GRANT . CRISPR-GRANT source code is licensed under the GPLv3 license and free to download and use.

Internet of Things Operating Systems (IoT OSs) run, manage and control IoT devices. Therefore, it is important to secure the source code for IoT OSs, especially if they are deployed on devices used for human care and safety. In this paper, we report the results of our investigations of the security status and the presence of security vulnerabilities in the source code of the most popular open source IoT OSs. Through this research, three Static Analysis Tools (Cppcheck, Flawfinder and RATS) were used to examine the code of sixteen different releases of four different C/C++ IoT OSs, with 48 examinations, regarding the presence of vulnerabilities from the Common Weakness Enumeration (CWE). The examination reveals that IoT OS code still suffers from errors that lead to security vulnerabilities and increase the opportunity of security breaches. The total number of errors in IoT OSs is increasing from version to the next, while error density, i.e., errors per 1K of physical Source Lines of Code (SLOC) is decreasing chronologically for all IoT Oss, with few exceptions. The most prevalent vulnerabilities in IoT OS source code were CWE-561, CWE-398 and CWE-563 according to Cppcheck, (CWE-119!/CWE-120), CWE-120 and CWE-126 according to Flawfinder, and CWE-119, CWE-120 and CWE-134 according to RATS. Additionally, the CodeScene tool was used to investigate the development of the evolutionary properties of IoT OSs and the relationship between them and the presence of IoT OS vulnerabilities. CodeScene reveals strong positive correlation between the total number of security errors within IoT OSs and SLOC, as well as strong negative correlation between the total number of security errors and Code Health. CodeScene also indicates strong positive correlation between security error density (errors per 1K SLOC) and the presence of hotspots (frequency of code changes and code complexity), as well as strong negative correlation between security error density and the Qualitative Team Experience, which is a measure of the experience of the IoT OS developers.

Cyberattacks, especially attacks that exploit operating system vulnerabilities, have been increasing in recent years. In particular, if administrator privileges are acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and cause serious damage. In this paper, we propose an additional kernel observer (AKO) that prevents privilege escalation attacks that exploit operating system vulnerabilities. We focus on the fact that a process privilege can be changed only by specific system calls. AKO monitors privilege information changes during system call processing. If AKO detects a privilege change after system call processing, whereby the invoked system call does not originally change the process privilege, AKO regards the change as a privilege escalation attack and applies countermeasures against it. AKO can therefore prevent privilege escalation attacks. Introducing the proposed method in advance can prevent this type of attack by changing any process privilege that was not originally changed in a system call, regardless of the vulnerability type. In this paper, we describe the design and implementation of AKO for Linux x86 64-bit. Moreover, we show that AKO can be expanded to prevent the falsification of various data in the kernel space. Then, we present an expansion example that prevents the invalidation of Security-Enhanced Linux. Finally, our evaluation results show that AKO is effective against privilege escalation attacks, while maintaining low overhead.

The proliferation of Internet of Things (IoT) devices on Linux platforms has heightened concerns regarding vulnerability to malware attacks. This paper introduces a novel approach to investigating the behavior of Linux IoT malware by examining syscalls and library syscall wrappers extracted through static analysis of binaries, as opposed to the conventional method of using dynamic analysis for syscall extraction. We rank and categorize Linux system calls based on their security significance, focusing on understanding malware intent without execution. Feature analysis of the assigned syscall categories and risk ranking is conducted with statistical tests to validate their effectiveness and reliability in differentiating between malware and benign binaries. Our findings demonstrate that potential threats can be reliably identified with an F1 score of 96.86%, solely by analyzing syscalls and library syscall wrappers. This method can augment traditional static analysis, providing an effective preemptive measure to enhance Linux malware analysis. This research highlights the importance of static analysis in strengthening IoT systems against emerging malware threats.