Trace Analysis Tools Research Articles

Проблема неопределенности в анализе трасс на основе высокоуровневых моделей в контексте динамической верификации

The article discusses the problem of applying runtime verification to large and complex systems such as general-purpose operating systems. When verifying the security mechanisms of operating systems, modern practices and standards require a formal security policy model (SPM). The SPM must be verified using formal model methods, and it must also be used to verify the completeness and consistency of the operating system’s security mechanisms by confirming compliance with the formal requirements of the SPM. In this case, it is convenient to have a single model suitable for both formal verification and implementation testing. For practical application, it is necessary, on the one hand, to select a subset of model language constructs suitable for both acts, and on the other hand, to develop special techniques for analyzing execution traces that allow to effectively perform thousands of test cases. The article addresses both of these issues. We present an analysis of language constructs that allow us to use the model for both verification and execution trace analysis. We also offer techniques that have been developed to optimize the runtime verification of Linux-based systems. We also implemented the proposed methods in the trace analysis tool prototype.

The first fully optimized and validated SPE-LC-MS/MS method for determination of the new-generation neonicotinoids in surface water samples

Widespread use of the new generation neonicotinoids (NQs) results in their constant inflow to water bodies. Both their persistence in waters and mechanism of action similar to older compounds already banned in the EU raise concerns about potential ecotoxicological effects. Information about presence of the new NQs in the aquatic environment is still sparse, and the consequences for aquatic organisms remain mostly unknown, due to the lack of sensitive and selective analytical tools. Therefore, a method utilizing solid-phase extraction and liquid chromatography-tandem mass spectrometry (SPE-LC-MS/MS) has been developed and optimized, enabling the monitoring of EU-approved NQs: acetamiprid (ACT), sulfoxaflor (SFX) and flupyradifurone (FLU), and common NQ metabolite 6-chloronicotinoic acid (6-CNA) in surface waters. To optimize their extraction from natural water samples, the response surface methodology (RSM) was used. An increase in pH value favored higher absolute recoveries (AR) of ACT, SFX and FLU, while the opposite effect was observed for 6-CNA. Increasing water sample volume had adverse effect on the extraction of all compounds. The optimal conditions for simultaneous extraction of all compounds included the use of Oasis HLB sorbent, 200 mL of a water sample at pH of 4.6, and application of 0.3% HCOOH in acetonitrile as an eluent, allowing to obtain AR values above 80% in most cases. Further increase in pH value had positive impact on extraction effectiveness of ACT, SFX and FLU. The method was subjected to full matrix-matched validation and was proven to be fully reliable for the analysis of ACT, SFX and FLU, while the successful isolation of 6-CNA depends on the matrix composition. Finally, the method was applied to the analysis of NQs in surface water samples, proving its sensitivity and selectivity. It can be easily adapted as a tool for trace analysis of NQs and for NQ-associated risk assessment in aquatic ecosystems.

Lossless compaction of model execution traces

Dynamic verification and validation (V&V) techniques are used to verify and validate the behavior of software systems early in the development process. In the context of model-driven engineering, such behaviors are usually defined using executable domain-specific modeling languages (xDSML). Many V&V techniques rely on execution traces to represent and analyze the behavior of executable models. Traces, however, tend to be overwhelmingly large, hindering effective and efficient analysis of their content. While there exist several trace metamodels to represent execution traces, most of them suffer from scalability problems. In this paper, we present a generic compact trace representation format called generic compact trace metamodel (CTM) that enables the construction and manipulation of compact execution traces of executable models. CTM is generic in the sense that it supports a wide range of xDSMLs. We evaluate CTM on traces obtained from real-world fUML models. Compared to existing trace metamodels, the results show a significant reduction in memory and disk consumption. Moreover, CTM offers a common structure with the aim to facilitate interoperability between existing trace analysis tools.

Efficient Methods for Trace Analysis Parallelization

Tracing provides a low-impact, high-resolution way to observe the execution of a system. As the amount of parallelism in traced systems increases, so does the data generated by the trace. Most trace analysis tools work in a single thread, which hinders their performance as the scale of data increases. In this paper, we explore parallelization as an approach to speedup system trace analysis. We propose a solution which uses the inherent aspects of the CTF trace format to create balanced and parallelizable workloads. Our solution takes into account key factors of parallelization, such as good load balancing, low synchronization overhead and an efficient resolution of data dependencies. We also propose an algorithm to detect and resolve data dependencies during trace analysis, with minimal locking and synchronization. Using this approach, we implement three different trace analysis programs: event counting, CPU usage analysis and I/O usage analysis, to assess the scalability in terms of parallel efficiency. The parallel implementations achieve parallel efficiency above 56% with 32 cores, which translates to a speedup of 18 times the serial speed, when running the parallel trace analyses and using trace data stored on consumer-grade solid state storage devices. We also show the scalability and potential of our approach by measuring the effect of future improvements to trace decoding on parallel efficiency.

Fabrication of graphene oxide incorporated polymer monolithic fiber as solid phase microextraction device for determination of organophosphate esters in soil samples

A novel solid phase microextraction fiber named graphene oxide incorporated poly acrylamide-ethylene glycol dimethacrylate (GO-poly AM-EDGMA) monolithic fiber has been successfully prepared in a fused silica capillary tube (250 μm, i.d.) via thermally initiated polymerization using acrylamide (AM) as the monomer, ethylene glycol dimethacrylate (EGDMA) as the crosslinker, dimethylformamide dispersed by GO as porogens, and then obtained by removing 1 cm wall from one end of the fused silica capillary tube. The fiber has large surface area (536 m2 g−1), pore capacity (0.694 cm3 g−1) good thermal stability (up to 320 ℃), long service life and good reproducibility (RSD ＜5% throughout 110 times) which facilitated for high throughput headspace solid phase microextraction (HS-SPME) coupled to gas chromatograph (GC) analysis. The HS-SPME/GC method using the new fiber was evaluated by the determination of five organophosphate esters (OPEs) in soil samples coupled to flame photometric detector (FPD). The proposed HS-SPME-GC/FPD method yielded satisfactory limits of quantification (0.03 ng g−1∼0.24 ng g−1); linearity (≥0.99), good intra- and inter-day precision expressed as relative standard deviations for a single fiber were in the range of 5.2–9.0% and 4.8–9.0%, respectively, and fiber-to-fiber reproducibility was in the range of 5.9–9.7%. The method was applied for the analysis of OPEs in environmental soil samples and the relative recoveries were found to be in the range from 80.1 to 105.6%. Based on these features, the new fiber has great potential for widespread use as a high throughput trace analysis tool.

Differential interference contrast-photothermal microscopy in nanospace: impacts of systematic parameters.

Differential interference contrast-photothermal microscopy (DIC-PTM), as a promising tool for trace analysis of nonfluorescent compounds, suffered low sensitivity in nanospace especially for aqueous samples, due to the poor thermophysical property of water and the unoptimised configuration. To improve its performance, a five-layer DIC-PTM model is built and influences of different parameters on the photothermal signal are investigated. The initial phase shift φ0 between two branches of the probe beam is found to be a key factor determining the detection sensitivity and response linearity: at a large φ0 (≤π/2) both a high sensitivity and a good linearity can be achieved, while a high signal-to-noise ratio occurs at a small φ0 . The steady-state photothermal phase shift φdc has little impact on the linearity, which, however, is greatly influenced by the range of periodic photothermal phase shift φac . By introducing two coatings into a nanospace to confine the photothermal effect within and around the sample, the sensitivity can be enhanced from a few times to over 100 times. On an optimised DIC-PTM configuration and chip structure, detection limit down to 10-3 cm-1 (or 40 molecules in a detection volume of 0.2 fL) was achieved in a 300-nm-thick nanospace. This work paves a way for optimising the DIC-PTM and chip structure for sensitive detection of analytes in nanospaces.

DCatch

In big data and cloud computing era, reliability of distributed systems is extremely important. Unfortunately, distributed concurrency bugs, referred to as DCbugs, widely exist. They hide in the large state space of distributed cloud systems and manifest non-deterministically depending on the timing of distributed computation and communication. Effective techniques to detect DCbugs are desired. This paper presents a pilot solution, DCatch, in the world of DCbug detection. DCatch predicts DCbugs by analyzing correct execution of distributed systems. To build DCatch, we design a set of happens-before rules that model a wide variety of communication and concurrency mechanisms in real-world distributed cloud systems. We then build runtime tracing and trace analysis tools to effectively identify concurrent conflicting memory accesses in these systems. Finally, we design tools to help prune false positives and trigger DCbugs. We have evaluated DCatch on four representative open-source distributed cloud systems, Cassandra, Hadoop MapReduce, HBase, and ZooKeeper. By monitoring correct execution of seven workloads on these systems, DCatch reports 32 DCbugs, with 20 of them being truly harmful.

DCatch

In big data and cloud computing era, reliability of distributed systems is extremely important. Unfortunately, distributed concurrency bugs, referred to as DCbugs, widely exist. They hide in the large state space of distributed cloud systems and manifest non-deterministically depending on the timing of distributed computation and communication. Effective techniques to detect DCbugs are desired. This paper presents a pilot solution, DCatch, in the world of DCbug detection. DCatch predicts DCbugs by analyzing correct execution of distributed systems. To build DCatch, we design a set of happens-before rules that model a wide variety of communication and concurrency mechanisms in real-world distributed cloud systems. We then build runtime tracing and trace analysis tools to effectively identify concurrent conflicting memory accesses in these systems. Finally, we design tools to help prune false positives and trigger DCbugs. We have evaluated DCatch on four representative open-source distributed cloud systems, Cassandra, Hadoop MapReduce, HBase, and ZooKeeper. By monitoring correct execution of seven workloads on these systems, DCatch reports 32 DCbugs, with 20 of them being truly harmful.

Application of dispersive liquid–liquid microextraction followed by gas chromatography/mass spectrometry as effective tool for trace analysis of organochlorine pesticide residues in honey samples

A dispersive liquid–liquid microextraction (DLLME) method followed by gas chromatography/mass spectrometry (GC/MS) was applied for the trace determination of organochlorine pesticides in honey samples. The type and volume of organic extraction and disperser solvents, pH, effect of added salt content and centrifuging time and speed were optimized to find the appropriate extraction conditions. In DLLME, 30 µL of 1,2-dibromomethane (serving as extractant) and 1.5 mL of acetonitrile (serving as disperser) were applied. The limit of detection (3 s) and limit of quantification (10 s) for all the analytes of interest (organochlorine pesticides) varied from 0.004 to 0.07 and from 0.02 to 0.3 ng g−1, respectively. The extraction recovery ranged from 91 to 100 %, and the enrichment factors ranged from 171 to 199. The relative standard deviation was <6 % for intraday (n = 6) and <8 % interday (n = 4) measurements. The proposed DLLME–GC/MS method was confirmed to be fast, simple to perform, friendly to environment and suitable for analysis of organochlorine pesticide residues at trace levels in honey samples.

Pyrolysis–gas chromatography–mass spectrometry with electron-ionization or resonance-enhanced-multi-photon-ionization for characterization of polycyclic aromatic hydrocarbons in the Baltic Sea

Polycyclic aromatic hydrocarbons (PAH), as a part of dissolved organic matter (DOM), are environmental pollutants of the marine compartment. This study investigates the origin of PAH, which is supposed to derive mainly from anthropogenic activities, and their alteration along the salinity gradient of the Baltic Sea. Pyrolysis in combination with gas chromatography and two mass selective detectors in one measurement cycle are utilized as a tool for an efficient trace analysis of such complex samples, by which it is possible to detect degradation products of high molecular structures. Along the north–south transect of the Baltic Sea a slightly rising trend for PAH is visible. Their concentration profiles correspond to the ship traffic as a known anthropogenic source, underlined by the value of special isomer ratios such as phenanthrene and anthracene (0.31–0.45) or pyrene and fluoranthene (0.44–0.53). The detection of naphthalene and the distribution of its alkylated representatives support this statement.

Revealing the challenges of low template DNA analysis with the prototype Ion AmpliSeq™ Identity panel v2.3 on the PGM™ Sequencer

Forensic scientists frequently have to deal with the analysis of challenging sources of DNA such as degraded and low template DNA (LtDNA). The capacity to genotype difficult biological traces has been facilitated by emerging technologies. Massive parallel sequencing (MPS) on microchip among other technologies promises high sensitivity and discrimination power. In this study we evaluated the combined use of the Quantifiler® Trio DNA Quantification Kit with the prototype Ion AmpliSeq™ Identity panel v2.3 and PGM™ platform in LtDNA samples. Coverage, allele balance, allele drop-out/in, consistency and variance were assessed. Overall, the results showed a great level of performance and consistency in terms of genotyping capability even under the most challenging conditions, making it possible to obtain consistent SNP profiles with 31pg of DNA and partial informative profiles with as little as 5pg or with severely degraded DNA. In addition, we demonstrated that the stochastic effects observed in some samples are due to the amplification of the library rather than sequencing.Based on our data, we proposed general recommendations for the analysis of casework samples starting from the use of quantification data, which proved to be critical in deciding whether to process the samples via STR (short tandem repeat) analysis or SNP MPS.In our experience, the use of the prototype Ion AmpliSeq™ Identity panel v2.3 has revealed a new applicable solution for processing LtDNAs. This approach provides users with an additional tool for analysis of traces that either would not give informative results with conventional STR-based techniques.

Hyphenation of capillary high-performance ion-exchange chromatography with mass spectrometry using sheath-flow electrospray ionization.

Mass spectrometry (MS) is an attractive method for extending capillary-size ion chromatography (cHPIC) to create a valuable technique for speciation analysis. For hyphenation, the aqueous effluent of cHPIC has to be transformed into a volatile mixture for MS while preserving analytical concentrations as well as peak shapes during transfer from cHPIC to MS. Finally, the approach should technically be flexible and easy-to-use. A combination of cHPIC and sheath-flow electrospray ionization (ESI)-MS offers to solve all these challenges. cHPIC/sheath-flow-ESI-TOFMS was used in this study for the speciation analysis of various arsenic model compounds. These model compounds were analyzed with different hyphenation setups and configurations of cHPIC/MS and their respective assets and drawbacks were examined and discussed. The parameters (flow rate and composition of sheath liquid) of sheath-flow ESI and their influence on the performance of the spray and the sensitivity of the detector were investigated and compared with those of sheathless ESI. Using an injection valve to couple cHPIC and MS was found to be the best method for hyphenation, since it constitutes a flexible and dead-volume-free approach. The investigation of sheath-flow ESI revealed that the flow rate of the sheath liquid has to resemble the flow rate of the IC effluent to ensure a stable spray and that a composition of 2-propanol/water/ammonia at 50:50:0.2 (v/v/v) suits most applications without unilaterally promoting the sensitivity for either organic or inorganic compounds. The optimized setup and conditions were successfully applied to the analysis of a mixture of important arsenic species and used to determine limits of detection of organic and inorganic arsenic species (3.7 µg L(-1) elemental arsenic). A method for cHPIC/sheath-flow-ESI-MS was developed. The method was shown to be a valuable tool for speciation and trace analysis. It features no dead volume, fast transfer from IC to MS, only minimal peak-widening, high reproducibility, and the ability to fine-tune the ESI spray for higher sensitivity and stability by adjusting the composition of the sheath-liquid.

Laser-processed Nanostructures of Metallic Substrates for Surface- Enhanced Raman Spectroscopy

Surface-enhanced Raman spectroscopy (SERS) is rapidly emerging as a powerful analytical tool for trace analysis of metallic substrates. While innovative numerical applications of SERS have been developed, it is still a challenge to fabricate cost-effective and reproducible metallic substrates for SERS probes. Laser processing, especially using ultrafast pulsed laser, can address this issue owing to their high quality processing. Herein, we investigate critical technical requirements and the latest advancements in laser-processing substrates for SERS, while highlighting several diverse applications. In light of its powerful enhancement of Raman scattering, SERS will remain an exciting research area for highly sensitive, resolved analysis into the foreseeable future.

Cube data model for multilevel statistics computation of live execution traces

SummaryExecution trace logs are used to analyze system run‐time behaviour and detect problems. Trace analysis tools usually read the input logs and gather either a detailed or brief summary of them to later process and inspect in the analysis steps. However, continuous and lengthy trace streams contained in the live tracing mode make it difficult to indefinitely record all events or even a detailed summary of the whole stream. This situation is further complicated when the system aims to compare different parts of the trace and provide a multilevel and multidimensional analysis. This paper presents an architecture with corresponding data structures and algorithms to process stream events, generate an adequate summary—detailed enough for recent data and succinct enough for old data—and organize them to enable an efficient multilevel and multidimensional analysis, similar to online analytical processing analyses in the database applications. The proposed solution arranges data in a compact manner using interval forms and enables the range queries for any arbitrary time durations. Because this feature makes it possible to compare of different system parameters in different time areas, it significantly influences the system's ability to provide a comprehensive trace analysis. Although the Linux operating system trace logs are used to evaluate the solution, we propose a generic architecture that can be used to summarize various types of stream data. Copyright © 2014 John Wiley &amp; Sons, Ltd.

Silver nanoparticles doped agarose disk: Highly sensitive surface-enhanced Raman scattering substrate for in situ analysis of ink dyes

Raman spectroscopy is a preferred analytical tool for forensic trace analysis due to its non-invasive nature. This technique has been utilized in examination of organic colorants present in fibers and ink, but high fluorescent nature of these compounds is a problem. In the present study, silver-doped agarose gel disk, having property of quenching fluorescence and enhancing Raman signals, is found to be effective as surface-enhanced Raman scattering (SERS) substrates for analysis of rhodamine 6G (Rh 6G) and crystal violet (CV) dyes. As-prepared and well characterized by UV, TEM-EDAX and XRD techniques, the investigated silver-doped agarose gel disk proves to have minimal invasive as confirmed by the ATR-FTIR method and effective for in situ SERS analysis of blue and red ballpoint ink. The disk is stable upon storage and hence can be re-used and re-examined. The present method offers new possibilities in trace forensic analysis with minimal destruction.

Diazotization-coupling reaction-based selective determination of nitrite in complex samples using shell-isolated nanoparticle-enhanced Raman spectroscopy

A simple, rapid and selective method based on diazotization-coupling reaction for determination of nitrite ion in complex samples using shell-isolated nanoparticle-enhanced Raman spectroscopy (SHINERS) was developed. Based on diazotization-coupling reaction, nitrite was transformed into azo dye, which has strong SHINERS activity. Subsequently the concentration of nitrite ion can be determined indirectly from the SHINERS of azo dye. The SHINERS active substrate was composed of gold nanoparticle as core with an ultrathin silica shell having pinhole on the surface. Various factors that influence reaction and SHINERS intensity were investigated. Under the optimal conditions, the linearity was observed in the range of 0.5–6.0mgL−1 with good correlation coefficient (r2>0.9793). The relative standard deviations (RSDs) for five replicate measurements were less than 14.5%. The limit of detections of the method (S/N=3) were 0.07, 0.08 and 0.10mgL−1 at 1137, 1395 and 1432cm−1, respectively, without sample preconcentration. The selectivity of the proposed method was also tested. The performance of SHINERS to determine the concentration of nitrite in food, biological and environmental samples was evaluated. The results indicate that SHINERS shows great potential as a useful analytical tool for trace analysis of nitrite in real samples. This proposed method provides a practical protocol for determination of compounds with weak Raman response, and can be expanded for the indirect detection of iodate ion, phenols and aromatic amines.

Gas chromatography–triple quadrupole tandem mass spectrometry: a powerful tool for the (ultra)trace analysis of multiclass environmental contaminants in fish and fish feed

A new method for rapid determination of 73 target organic environmental contaminants including 18 polychlorinated biphenyls, 16 organochlorinated pesticides, 14 brominated flame retardants and 25 polycyclic aromatic hydrocarbons in fish and fish feed using gas chromatography coupled with triple quadrupole tandem mass spectrometry (GC-MS/MS) was developed and validated. GC-MS/MS in electron ionization mode was shown to be a powerful tool for the (ultra)trace analysis of multiclass environmental contaminants in complex matrices, providing measurements with high selectivity and sensitivity. Another positive aspect characterizing the newly developed method is a substantial simplification of the sample preparation, which was achieved by an ethyl acetate QuEChERS (quick, easy, cheap, effective, rugged and safe) based extraction followed by silica minicolumn clean-up. With use of this sample preparation approach the sample laboratory throughput was increased not only because six samples may be prepared in approximately 1 h, but also because all the above-mentioned groups of contaminants can be determined in a single GC-MS/MS run. Under the optimized conditions, the recoveries of all target analytes in both matrices were within the range from 70 to 120% and the repeatabilities were 20% or less. The method quantification limits were in the range from 0.005 to 1 μg kg(-1) and from 0.05 to 10 μg kg(-1) for fish muscle tissue and fish feed, respectively. The developed method was successfully applied to the determination of halogenated persistent organic pollutants and polycyclic aromatic hydrocarbons in fish and fish feed samples.

High throughput sample preparation in combination with gas chromatography coupled to triple quadrupole tandem mass spectrometry (GC–MS/MS): A smart procedure for (ultra)trace analysis of brominated flame retardants in fish

In this study, gas chromatography (GC) coupled to triple quadrupole tandem mass spectrometry (MS/MS) operated in electron ionisation mode (EI) has been shown to be an effective tool for the (ultra)trace analysis of several representative brominated flame retardants (BFRs) including polybrominated diphenyl ethers (PBDEs), pentabromotoluene (PBT), pentabromoethylbenzene (PBEB), etc. in complex food and environmental matrices. Using this type of instrumentation, improved selectivity and sensitivity of the instrumental analysis was achieved. In addition to GC–MS/MS (EI), a GC–MS method employing QqQ as a single quadrupole in negative chemical ionisation (NCI) mode was also developed, as this technique might be preferred for those compounds where EI did not provide suitable (intensive enough) mass transitions (e.g., decabromodiphenyl ethane). Following the development of the GC–MS/MS method, a substantial simplification of the sample preparation method was achieved by employing an ethyl acetate QuEChERS-based extraction followed by silica minicolumn clean-up. Using this novel approach, six samples may be prepared in approx. one hour, thus significant time savings were achieved compared to routinely used methods. In addition, the method employs the reduced amounts of organic solvent and other chemicals. Under the optimised conditions, recoveries of all target analytes using both GC–MS/MS (EI) and GC–MS (NCI) were within the range of 70–119% and repeatabilities of the analytical procedure were ≤16% at all three spiking levels (0.1, 1 and 5μgkg–1). Regarding quantification limits (LOQs), as expected, a single quadruple operated in NCI provided significantly lower LOQs compared to EI. However, using the triple quadrupole mass analyser, comparable LOQs were achieved for both methods (0.005–1μgkg−1 and 0.005–0.1μgkg−1 for GC–MS/MS (EI) and GC–MS (NCI), respectively). Moreover, when highly selective mass transitions in GC–MS/MS (EI) were used for identification and quantification, a significant decrease of problematic interferences was observed compared to NCI where most of the compounds were quantified according to the less selective m/z 79 corresponding to a bromine atom.

Libtrace

This paper introduces libtrace, an open-source software library for reading and writing network packet traces. Libtrace offers performance and usability enhancements compared to other libraries that are currently used. We describe the main features of libtrace and demonstrate how the libtrace programming API enables users to easily develop portable trace analysis tools without needing to consider the details of the capture format, file compression or intermediate protocol headers. We compare the performance of libtrace against other trace processing libraries to show that libtrace offers the best compromise between development effort and program run time. As a result, we conclude that libtrace is a valuable contribution to the passive measurement community that will aid the development of better and more reliable trace analysis and network monitoring tools.

An adaptive single-well stochastic resonance algorithm applied to trace analysis of clenbuterol in human urine.

Based on the theory of stochastic resonance, an adaptive single-well stochastic resonance (ASSR) coupled with genetic algorithm was developed to enhance the signal-to-noise ratio of weak chromatographic signals. In conventional stochastic resonance algorithm, there are two or more parameters needed to be optimized and the proper parameters values were obtained by a universal searching within a given range. In the developed ASSR, the optimization of system parameter was simplified and automatic implemented. The ASSR was applied to the trace analysis of clenbuterol in human urine and it helped to significantly improve the limit of detection and limit of quantification of clenbuterol. Good linearity, precision and accuracy of the proposed method ensure that it could be an effective tool for trace analysis and the improvement of detective sensibility of current detectors.