Digital innovation is the source of competitiveness and value creation for many types of businesses. The universal desire for rapid digital innovation demands efficient reuse of software code building blocks, which has increased the dependence upon open source and third-party libraries and tools that comprise the software supply chain. Adversaries have moved from finding and exploiting vulnerabilities in end products to a new generation of supply chain attacks where attackers aggressively implant malicious code directly into artifacts in the supply chain and find their way into build and deployment pipelines. Digital innovation depends upon confidence in the software supply chain. As such, our research will enable the following vision:The software industry can rapidly innovate with confidence in the security of their software supply chain.The challenge of software supply chain security has recently received significant interest from industry and government. However, discussions with key stakeholders indicate that the state-of-the-art is preliminary, motivating scientific research to address the underlying fundamental challenges that will limit the practical success of existing approaches. We tackle the challenges of secure software supply chain through three thrusts: prevention, detection, and response, with an explicit objective of moving toward preventing security failures. For each thrust, we consider five hard security problems: (1) Scalability and Composability, such as detecting malicious commits and hardening containers; (2) Policy-governed Secure Collaboration, such as effective use of Software Bill of Materials; (3) Predictive Security Metrics, such as measuring the exploitability of vulnerabilities; (4) Resilient Architectures, such as isolation and sandboxing of components; and (5) Human Behavior, such as studying how to make software developers make more secure decisions. The project will impact the software industry by engaging with current industry players/community, enabling their participation in our research thrusts. Additionally, the project will involve educating the next generation of engineers to eradicate software supply chain security issues and training current employees to make them aware of these issues to help reduce them.
Augmented Reality (AR) is a recently emerged technology that leverages advances in computer vision and graphics to superimpose computer-generated images onto the user's view of the real world. AR enables computer-generated objects to appear as if they are physically present in a user's environment. It has spawned a wide variety of applications from product design and modeling to surgical procedures and museums. In this project, we will develop tools and methods to assist AR engineers in building AR applications. Our project is comprised of two main thrusts: (1) AR tooling for prototyping and deployment, and (2) AR application creation in varied environments.
I have a SketchUp Pro 2017 license on my Windows 10 Home and a SketchUp Pro 2016 license on my Windows 8.1. I used to be able to download more than one file per license from 3D Warehouse at the same time. Now I can only download one at a time and I cannot download more than one SketchUp Pro 2017 license... any idea? 827ec27edc