Price/college
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fall-2024: commit

Browse Source
This commit is contained in:
Price Hiller 2024-10-20 15:48:32 -05:00
parent f8a86f1557
commit 7a816664b2
Signed by: Price
GPG Key ID: C3FADDE7A8534BEB
5 changed files with 777 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

169
Fall-2024/CS-3113/Assignments/2-Audit-Checklist/Checklist.typ Normal file
View File

@ -0,0 +1,169 @@
#show link: set text(blue)
#set page(margin: (y: .5in))
#set text(font: "Calibri", size: 12pt)
#let solve(solution) = [
#let solution = align(
center,
block(
inset: 5pt,
stroke: blue + .3pt,
fill: rgb(0, 149, 255, 15%),
radius: 4pt,
)[#align(left)[#solution]],
)
#solution
]
#align(
center,
block(
inset: 10pt,
width: 100%,
stroke: blue + 1pt,
fill: rgb(0, 149, 255, 15%),
radius: 4pt,
text(rgb(0, 149, 255), size: 1.5em, [= Orion Technologies\ Cybersecurity Compliance Checklist]),
),
)
#align(center)[#box(
inset: 5pt,
radius: 4pt,
width: 60%,
stroke: green + .5pt,
fill: rgb(0, 200, 100, 15%),
text(green, [== Identify (9 Questions)]),
)]
#align(center, line(length: 80%, stroke: green))
#table(
inset: (
x: 15pt,
),
columns: (auto, auto),
table.header(
[*Questions*],
[*Response (Yes, No, Short Answer)*],
),
[Do you utilize session locks when a user is away from a computer and if so, is the lock triggered by a timer or proximity?],
[],
[Do you conduct background checks on new employees?], [],
[Do you require employees to sign an acceptable use policy for computer systems?],
[],
[Do you have a bring your own device policy?], [],
[Do you have a badge in system to enter any physical office?], [],
[Are there any shared accounts used by multiple employees?], [],
[Do you require individual accounts for each employee?], [],
[Do any non-IT of your users to have admin on their computers?], [],
[Do you have centralized control over all your computers? (If you don't know, answer no.)],
[],
)
#align(center)[#box(
inset: 5pt,
radius: 4pt,
width: 60%,
stroke: green + .5pt,
fill: rgb(0, 200, 100, 15%),
text(green, [== Protect (16 Questions)]),
)]
#align(center, line(length: 80%, stroke: green))
#table(
inset: (
x: 15pt,
),
columns: (auto, auto),
table.header(
[*Questions*],
[*Response (Yes, No, Short Answer)*],
),
[Do you conduct any computer system or cybersecurity awareness training for employees?],
[],
[Can a single employee both initiate and approve a transaction?], [],
[Do you enforce a minimum password complexity for accounts?], [],
[Are you using a password manager to manage logins for websites and services?],
[],
[Do you use two factor authentication (2FA/MFA) for all logins?], [],
[If a password change occurs, do you allow users to reuse old password?], [],
[When a user updates their password, do you check it against commonly known vulnerable passwords? (e.g. against https://haveibeenpwned.com/)],
[],
[Do you use surge protectors and uninterruptible power supplies (UPS)?], [],
[Do you regularly update your software and operating systems?], [],
[Do you use full disk encryption on computer systems?], [],
[Do you change the default passwords for WiFi or other networks?], [],
[Do you enable guest networks?], [],
[Do you use a virtual private network (VPN) for out of office connections?],
[],
[Have you set up any email filtering (e.g. checking for spam)?], [],
[Do you block any websites?], [],
[When you dispose of a system, do you ensure the data is securely wiped?], [],
)
#align(center)[#box(
inset: 5pt,
radius: 4pt,
width: 60%,
stroke: green + .5pt,
fill: rgb(0, 200, 100, 15%),
text(green, [== Detect (8 Questions)]),
)]
#align(center, line(length: 80%, stroke: green))
#table(
inset: (
x: 15pt,
),
columns: (auto, auto),
table.header(
[*Questions*],
[*Response (Yes, No, Short Answer)*],
),
[Do you utilize anti-virus programs?], [],
[Do you use a firewall with an Intrusion Detection System (IDS)?], [],
[How often do you audit existing user accounts? (Never, Daily, Weekly, Monthly, Other)],
[],
[Are running regular vulnerability scans? (e.g. using #link("https://www.tenable.com/products/nessus", "Nessus"))],
[],
[Do you collect any logs?], [],
[If you do collect logs, do you monitor them?], [],
[If you do collect logs, how long do you retain them?], [],
[Do you conduct any audits for unusual employee behaviors? (e.g. regularly logging in outside of business hours)],
)
#align(center)[#box(
inset: 5pt,
radius: 4pt,
width: 60%,
stroke: green + .5pt,
fill: rgb(0, 200, 100, 15%),
text(green, [== Respond & Recover (7 Questions)]),
)]
#align(center, line(length: 80%, stroke: green))
#table(
inset: (
x: 15pt,
),
columns: (auto, auto),
table.header(
[*Questions*],
[*Response (Yes, No, Short Answer)*],
),
[Do you have a plan in the case of a Cybersecurity incident?], [],
[Do you create complete backups?], [],
[Do you currently have any type of cyber insurance?], [],
[If you do create backups, do you encrypt them?], [],
[If you do create backups, how often? (Daily, Weekly Monthly)], [],
[If you do create backups, do you keep at least *3* copies, on at least *2* different media types (e.g. a hard drive and a tape drive), and at least *1* copy offsite (outside your office)?],
[],
[If you do create backups, do you test restoring from those backups?], [],
)

73
Fall-2024/CS-3113/Assignments/2-Audit-Checklist/Handout.typ Normal file
View File

@ -0,0 +1,73 @@
#set text(font: "Calibri", size: 14pt)
#align(horizon)[
#align(
center,
block(
inset: 10pt,
width: 100%,
stroke: blue + 1pt,
fill: rgb(0, 149, 255, 15%),
radius: 4pt,
text(
rgb(0, 149, 255),
size: 1.5em,
[= Orion Technologies\ Cybersecurity Assessment],
),
),
)
_Audit your cybersecurity stance to enhance security, improve compliance, and manage risks throughout your organization_
== Why undertake an assessment?
- Build a clear picture of cybersecurity rirks to your organization
- Enhance current security posture against any potential threats
- Increase compliance with federal and industry requirements
- Improve your organization's relisiency in the face of any cyber incidents
== Jump In
The Orion Technologies Security assessment provides an approach based on industry best practice and federal guidelines to enhance your organizations' security through our four identified security functions: Identify, Protect, Detect, and Respond & Recover.
After an analysis of any existing policies and security programs you may have in place, we'll develop a new security policy in line with your needs and resources. We'll evaluate user account management, user training, responding to incidents, and more.
== Our Model
Our model focuses on practical applications for small businesses based on best practices from NISTIR 7621 honed by our industry experience. We evaluate four core security functions applicable to all small businesses as shown in the diagram below. Our model is intended to be reliable and cost effective for you to employ.
== Why Orion Technologies
We have deep experience with small business cybersecurity threats and the ecosystem around them. We understand that not all small businesses may be able to dedicate large amounts of resources to cybersecurity. Orion Technologies focuses on the here and now, what is practical, we ensure small businesses are prepared for handling the current and future cyber threats that they may face.
]
#pagebreak()
#align(horizon)[
== Overview
#block(
inset: 5pt,
stroke: blue + .3pt,
fill: rgb(0, 149, 255, 15%),
radius: 4pt,
)[
First we'll start by agreeing on the scope of your new policies. We want what your organization's resources can reasonably support, practical is best.
After, we'll begin by reviewing any existing security policies and practices your organization may have in place. During this process we'll focus on our checklist, looking for anything out of compliance. Our primary goal is identifying security holes within your organization and determining what is in scope for your needs.
Once your existing policies and stance isk nown, we'll begin a proper audit, checking your organization for anything missed during the policy review. When finished, we'll reporty back to you with any identified problems and discuss remediation plans to improve your security stance.
Next, we'll work with you to begin implementation of the new framework as well as remediating problems found during our audit.
Finally, we'll create comprehensive documentation and give final recommendations to assist you w
]
= Goals
- *Tailor a new set of Cybersecurity Policies*. After the audit, we'll work with you to build a new framework in line with NISTIR 7621 to improve your top level understanding of your security stance.
- *Audit*. We'll help you go through and understand your organization's current cybersecurity stance. We'll identify problem areas and create remediation plans to enahance security and reduce risk in line with your objectives.
- *Implement the Policies.* Once you're ready, we'll assist in implenting the new framework, ensuring all items identified in the audit are remediated according to plan.
- *Document*. After implentation, we'll help you create detailed documentation around your new policies for future assessments and security policy updates.
]

223
Fall-2024/CS-3843/Assignments/4/Assignment.typ Normal file
View File

@ -0,0 +1,223 @@
#import "@preview/tablex:0.0.4": tablex, rowspanx, colspanx, hlinex, vlinex
#show link: set text(blue)
#set text(font: "Calibri")
#show raw: set text(font: "Fira Code")
// Thank you to https://github.com/typst/typst/issues/344#issuecomment-2079135253
#let codeblock(
body,
fill: luma(250),
stroke-color: luma(150),
line-nr-color: blue,
caption: none,
) = {
show raw.where(block: true): it => {
block(
fill: fill,
stroke: stroke-color + .1em,
inset: 0.3em,
radius: 0.3em,
grid(
columns: 2,
align: left + top,
column-gutter: 0.2em,
stroke: (x, y) => if x == 0 {
(right: (paint: stroke-color))
},
inset: 0.25em,
..it
.lines
.map(line => (text(line-nr-color, str(line.number)), line.body))
.flatten()
),
)
}
body
}
#set page(margin: (x: .25in, y: .25in))
#let solve(solution) = [
#let solution = align(
center,
block(
inset: 5pt,
stroke: blue + .3pt,
fill: rgb(0, 149, 255, 15%),
radius: 4pt,
)[#align(left)[#solution]],
)
#solution
]
#let note(content) = [
#align(
center,
block(
inset: 5pt,
stroke: luma(20%) + .3pt,
fill: luma(95%),
radius: 4pt,
)[#align(left)[#content]],
)
]
#align(center)[
= CS 3843 Computer Organization
HW 4\
#underline[Price Hiller] *|* #underline[zfp106]
]
#line(length: 100%, stroke: .25pt)
+ Write a function with the following prototype [in C]:
#solve[
```c
/* Determine whether arguments can be added without overflow */
int uadd_ok(unsigned x, unsigned y);
```
This function should return 1 if arguments x and y can be added without causing overflow.
```c
#include <limits.h>
#define WILL_OVERFLOW 0
int uadd_ok(unsigned x, unsigned y) {
if (x > 0 && y > UINT_MAX - x) {
return WILL_OVERFLOW;
}
return !WILL_OVERFLOW;
}
```
#underline[Test Results]
- `UINT_MAX + 1 = OVERFLOW (0)`
- `UINT_MAX + 0 = OK (1)`
]
+ Write a function with the following prototype in C:
```c
/* Determine whether arguments can be added without overflow */
int tadd_ok(int x, int y)
```
This function should return 1 if arguments x and y can be added without causing overflow.
#solve[
```c
#include <limits.h>
#define WILL_OVERFLOW 0
int tadd_ok(int x, int y) {
if ((x > 0 && y > INT_MAX - x) || (x < 0 && y < INT_MIN - x)) {
return WILL_OVERFLOW;
}
return !WILL_OVERFLOW;
}
```
#underline[Test Results]
- `INT_MAX + 1 = OVERFLOW (0)`
- `INT_MAX + 0 = OK (1)`
- `INT_MIN + -1 = UNDERFLOW (0)`
- `INT_MIN + 0 = OK (0)`
]
Note: You need to include the function as part of the whole C program for testing your function. While you write your function, for testing, try out general test cases. Please include your test results and the function as your answer. You don't need to include the whole program. You need to submit a pdf file, not a .c file.
+ Read about this security vulnerability and share your thoughts in one short paragraph.
#block(
inset: 5pt,
stroke: green + .3pt,
fill: rgb(0, 200, 20, 15%),
radius: 4pt,
)[
#align(left)[
In 2002, programmers involved in the FreeBSD open-source operating systems project realized that their implementation of the `getpeername` library function had a security vulnerability. A simplified version of their code went something like this:
#codeblock[
```c
/*
* Illustration of code vulnerability similar to that found in
* FreeBSD's implementation of getpeername()
*/
/* Declaration of library function memcpy */
void *memcpy(void *dest, void *src, size_t n);
/* Kernel memory region holding user-accessible data*/
#define KSIZE 1024
char kbuf[KSIZE];
/* Copy at most maxlen bytes from kernel region to user buffer */
int copy_from_kernel(void *user_dest, int maxlen) {
/* Byte count len is minimum of buffer size and maxlen */
int len = KSIZE < maxlen ? KSIZE : maxlen;
memcpy(user_dest, kbuf, len);
return len;
}
```
\<remaining explanation removed for brevity\>
]
]
]
#solve[
As in all of the security vulnerabilities shown in this homework, they all result from a failure of variance around data types. This bug arose because a clear typing invariant wasn't properly defined, that being that non-negative values are not allowed. More modern languages like Rust can and _do_ validate types at compile time to ensure bugs like these cannot occur within "safe" code. The solution the FreeBSD's folk came up with was to better define the variant as being of `size_t` meaning non-negative values could no longer be passed. These types of bugs are incredibly common in C/C++ code bases unfortunately. A hardened memory allocator like #link("https://llvm.org/docs/ScudoHardenedAllocator.html")[Scudo] also would have reduced the severity of this bug had Scudo existed back in 2002.
]
+ Read about this security vulnerability and share your thoughts in one short paragraph.
#block(
inset: 5pt,
stroke: green + .3pt,
fill: rgb(0, 200, 20, 15%),
radius: 4pt,
)[#align(left)[
In 2002, it was discovered that code supplied by Sun Microsystems to implement the XDR library, a widely used facility for sharing data structures between programs, had a security vulnerability arising from the fact that multiplication can overflow without any notice being given to the program.
Code similar to that containing the vulnerability is shown below:
#codeblock[
```c
/* Illustration of vulnerability similar to that found in
* Sun's XDR library.
*/
void* copy_elements(void *ele_src[], int ele_cnt, size_t ele_size) {
/*
* Allocate buffer for ele_cnt objects, each of ele_size bytes
* and copy from locations designated by ele_src
*/
void *result = malloc(ele_cnt * ele_size);
if (result == NULL)
/* malloc failed */
return NULL;
void *next = result;
int i;
for (i = 0; i < ele_cnt; i++) {
/* Copy object i to destination */
memcpy(next, ele_src[i], ele_size);
/* Move pointer to next memory region */
next += ele_size;
}
return result;
}
```
\<remaining explanation removed for brevity\>
]
]
]
#solve[
This is a more subtle bug. A variance check _still_ could have caught this with better type checking (in fact some modern flags in the LLVM compiler can catch multiplication errors), but the difficulty in creating those bounds for this are significantly more difficult. In all honesty, during my first read through of the code I missed the bug buried there even with being told that there was a bug in the first place. One approach without variant checking that would have avoided the bug would have been to call `malloc` during the loop for each object. There absolutely would've been a performance penalty, but it would have avoided the vulnerability here. A somewhat better solution though, is to do some simple bound checks of course. For example #link("https://github.com/rofl0r/musl/blob/2c124e13bd7941fe0b885eecdc5de6f09aacf06a/src/malloc/calloc.c#L35-L37")[`calloc()` nowadays in the `musl` libc implementation does do multiplication bounding through a simple check].
]
+ Read about this incident of high cost floating-point overflow. Write a short paragraph sharing your thoughts.
#block(
inset: 5pt,
stroke: green + .3pt,
fill: rgb(0, 200, 20, 15%),
radius: 4pt,
)[
#align(left)[
Converting large floating-pointer numbers to integers is a common source of programming errors. Such an error had disastrous consequences for the maiden voyage of the Ariane 5 rocket, on June 4, 1996. Just 37 seconds after liftoff, the rocket veered off its flight path, broke up, and exploded. Communication satellites valued at \$500 million were on board the rocket.
A later investigation [73, 33] showed that the computer controlling the inertial navigation system had sent invalid data to the computer controlling the engine nozzles. Instead of sending flight control information, it had sent a diagnostic bit pattern indicating that an overflow had occurred during the conversion of a 64-bit floating-point number to a 16-bit signed integer.
The value that overflowed measured the horizontal velocity of the rocket, which would be more than five times higher than that achieved by the earlier Ariane 4 rocket. In the design of the Ariane 4 software, they had carefully analyzed the numeric values and determined that the horizontal velocity would never overflow a 16-bit number. Unfortunately, they simply reused this part of the software in the Ariane 5 without checking the assumptions on which it had been based.
]
]
#solve[Firstly, a good criticism to level is the casting to a less precise data type with smaller bounds. I'm not quite sure why there was a decision made to cast down into a 16-bit number instead of working directly with the initial 64-bit number. The only guess I can make is limited memory in the stack, though that seems to be a poor guess. Again though, this is a variance bounding failure! An incredible number of C/C++ errors result from that. Invariants around the horizontal velocity were not clearly defined in the type system so the compiler couldn't do any variance checking and thus the code was allowed to compile with a serious bug in it. Defining clear variants and bounds in type systems would largely avoid the pitfalls here. For this case, outside of variance checking which was less mature in compilers during this incident, some basic bounds checking for the truncation of values would have caught this before blowing up a \$1 billion plus rocket.]

105
Fall-2024/CS-3843/Assignments/5/Assignment.typ Normal file
View File

@ -0,0 +1,105 @@
#import "@preview/tablex:0.0.4": tablex, rowspanx, colspanx, hlinex, vlinex
#show link: set text(blue)
#set text(font: "Calibri")
#show raw: set text(font: "Fira Code")
#set page(margin: (x: .5in, y: .5in))
#let solve(solution) = [
#let solution = align(
center,
block(
inset: 5pt,
stroke: blue + .3pt,
fill: rgb(0, 149, 255, 15%),
radius: 4pt,
)[#align(left)[#solution]],
)
#solution
]
#let note(content) = [
#align(
center,
block(
inset: 5pt,
stroke: luma(20%) + .3pt,
fill: luma(95%),
radius: 4pt,
)[#align(left)[#content]],
)
]
#align(center)[
= CS 3843 Computer Organization
HW 5\
#underline[Price Hiller] *|* #underline[zfp106]
]
#line(length: 100%, stroke: .25pt)
[This is a bonus HW]
\
\
1. The word size is 5 bits. How many integers can you represent with that? What is the range for unsigned integers? What is the range for signed integers?
#solve[
- Can represent $2^5$ integers, or $32$ integers in total.
- Range of unsigned integers: $0 -> 2^(w)-1$, from $0 -> 31$
- Range of signed integers: $-2^(w-1) -> 2^(w-1) - 1$, from $-16 -> 15$
]
2. Show that the negation of Tmin is Tmin. You can pick any Tmin (Tmin for 4-bits, Tmin for 5 bits etc). Also, explain why the negation of Tmin is Tmin. (Hint: "negation" and "not operator" is not the same thing)
#solve[
The negation of a number in 2's complement is as follows:
- ∵ $~x + x ≡ 1111...111 ≡ -1$
- $~x + 1 == -x$
For example, using the negation of $T_(min)$ for a word size of 4 bits:
+ $T_(min_4) = -2^(4-1) = -8$
+ Negate $-8$, binary: $1000$
+
]
3. Suppose that a and b have byte values 0x55 and 0x46, respectively. What will be the value for this expression: a & !b ? What will be the value for this expression: a && ~b?
4. You have two decimal values as 12 and 4. The word size is 5 bits. Perform the 2's complement addition and identify if overflow (positive or negative) happens or not. Mention the final result as well.
#solve[
+ Solve $12 +^t_5 4$
+ Note that $T_(max_5) = 15$
+ Not that $T_(min_5) = -16$
+ Convert $12$ to binary: `01100`
+ Convert $4$ to binary: `00100`
+ Add `01100` $+$ `00100`
+ #table(
stroke: none,
align: right,
[`01100`],
[`+ 00100`],
table.hline(),
[`10000`]
)
+ The most significant bit is $1$, positive overflow has occured
+ Apply 2's complement:
+ Simplify: $16 mod 32$
+ $16 mod 32 = 16$
+ Check bounds, $16 > T_(max_5)$ is True
+ Thus there is a positive overflow
+ Remove all bits beyond the $w - 1$ bit for bounds, where $w - 1 = 4$
+ $16$ to binary is $10000$
+ Remove the bit at $w_5$, $0000$
+ ∴ $12 +^t_5 4 = 0$
]
*You need to explain for each question why you chose True/False as your answer.*
5. If you multiply (-2) with (-2), and the word size is 3-bits, then the final result will be (+4). T/F
#solve[
*False*.
]
6. Assume data type int is 32 bits long and uses a two's-complement representation for signed values. The variables are declared and initialized as follows: int x = foo(); /* Arbitrary value */ int y = bar(); /* Arbitrary value */ unsigned ux = x; unsigned uy = y; The following C expression is true (evaluates to 1) for all values of x and y: x+y == uy+ux. Hint: Think about what happens at bit-level T/F
7. Assume variables x, f, and d are of type int, float, and double, respectively. Their values are arbitrary, except that neither f nor d equals +∞, −∞, or NaN. The following C expression is false (evaluates to 1) for all values of f: f == (float)(double) f. T/F
8. Bias is a bias value equal to 2 k-1 1 (127 for single precision and 1023 for double). This yields exponent ranges from 126 to +127 for single precision and 1022 to +1023 for double precision. Here, k is the size of exp bits. T/F
9. When the sign bit is 1, but the other fields are all zeros, we get the value 0.0. T/F
10. Round-to-Even rounding mode is the default rounding mode for most of the machines for floating- point numbers. T/F
11. Assuming the expressions are evaluated when executing a 32-bit program on a machine that uses two's-complement arithmetic See below the expression: -1 < 0U; What is the evaluation for this expression? T/F
12. We can represent -1 in Hex with 0xFFFFFFFF for 32-bits. T/F
13. Assume variables x, f, and d are of type int, float, and double, respectively. Their values are arbitrary, except that neither f nor d equals +∞, −∞, or NaN. For the following C expressions, it will always be true (i.e., evaluate to 1): d*d >= 0.0 T/F

207
Fall-2024/CS-3843/Assignments/6/Assignment.typ Normal file
View File

@ -0,0 +1,207 @@
#show link: set text(blue)
#set text(font: "Calibri")
#show raw: set text(font: "Fira Code")
#set page(margin: (x: .5in, y: .5in))
#let solve(solution) = [
#let solution = align(
center,
block(
inset: 5pt,
stroke: blue + .3pt,
fill: rgb(0, 149, 255, 15%),
radius: 4pt,
)[#align(left)[#solution]],
)
#solution
]
#let solvein(solution) = {
let outset = 3pt
h(outset)
box(
outset: outset,
stroke: blue + .3pt,
fill: rgb(0, 149, 255, 15%),
radius: 4pt,
)[#solution]
}
#let note(content) = [
#align(
center,
block(
inset: 5pt,
stroke: luma(20%) + .3pt,
fill: luma(95%),
radius: 4pt,
)[#align(left)[#content]],
)
]
#align(center)[
= CS 3843 Computer Organization
HW 6\
#underline[Price Hiller] *|* #underline[zfp106]
]
#line(length: 100%, stroke: .25pt)
Note: Handwritten HWs are allowed, but you need to scan it and submit a PDF file. Show your work.
\
\
1. (a) Pick two positive integer numbers. Show that if you multiply them, then you will get a negative integer as your result because of overflow. Therefore, you need to demonstrate what happens when overflow happens with twos complement integer multiplication. You have a 4-bit processor, and the number representation is twos complement.
#solve[
+ First recognize that the max positive value for two's complement in a 4-bit processor is $7$
+ Pick two numbers, say $4$ and $2$
+ Multiply: $4 ⋅ 2 = 8$
+ $8 > 7$, thus we will have an overflow
+ Convert $8$ to binary: $1000$
+ Recognize that $1000$ is $-8$ in binary
+ An overflow has occured, resulting in a value of $-8$ from the multiplication of $4$ and $2$
]
(b) Pick two unsigned integer numbers. Show that if you multiply them, then you will get an unexpected integer as your result because of overflow. Therefore, you need to demonstrate what happens when overflow happens with unsigned integer multiplication. You have a 4-bit processor, and the number representation is unsigned representation.
#solve[
#underline[First way]
+ First recognize that the max value for an unsigned integer in a 4-bit processor is $15$
+ Pick two numbers, say $10$ and $2$
+ Multiply: $10 ⋅ 2 = 20$
+ $20 > 15$, thus we will have an overflow
+ Convert $20$ to binary: $10100$
+ Truncate all bits beyond the 4th bit: $10100$ -> $0100$
+ The value overflows to $4$
#underline[Second way]
+ Use the same two numbers, $10$ and $2$
+ Multiply with a modulo of $16$ this time
+ $(10 ⋅ 2) mod 16 = 20 mod 16 = 4$
+ The value also overflows to $4$
]
2. Let's say we have an 8-bit floating point representation.
The sign bit is in the most significant bit.\
The next four bits are the exponent, with a bias of 7.\
The last three bits are the frac.
(a) Convert the number $4/512$ to binary. Use the denormalized format. Also, use the bias equation for the denormalized form to find the EXP value.
#note[
+ Firstly, to simplify, we can recognize that $4/512 = 1/128 = 2^(-7)$
+ $1/128$ in binary: $0.00000001$
+ Denormalized representation: $0.000000001$
+ $"EXP" = -7 + 7 = 0000$
+ Sign bit: $0$
+ Exponent: $0000$
+ Fraction: $100$
+ #solvein[`0 0000 100`]
_I am really, REALLY, hoping the above is correct. This stuff kinda hurts._
]
(b) Convert the number $221.0$ to binary. Use the normalized format. Also, use the bias equation for the normalized form to find the EXP value.
#note[
+ Convert $221$ to binary: `11011101`
+ Normalize: $221.0 = 1.1011 101$
+ Exponent: $7 + 7 -> 14 -> 1110$
+ Round: $1.011$
+ #solvein[`0 1110 011`]
]
3. [Show your work] We have two integer numbers, $x=-8, y=-5$. First represent them in two's complement form, then perform addition. Try to find if overflow happens or not. Try to detect what type (positive or negative) of overflow happens. You have a 4-bit processor.
#note[
#align(center)[#table(
columns: (auto, auto, auto, auto),
stroke: none,
align: center,
[$x$], [$y$], [$x + y$], [$x +^t_4 y$],
table.hline(),
[$-8$], [$-5$], [$-13$], solvein[$3$],
[$[1000]$], [$[1011]$], [$[10011]$], solvein[$[0011]$],
table.hline(),
)
#solvein[A negative overflow occurred.]
#note[Alternatively, instead of bit fiddling: $(-8 + -5) "mod" 4 = #solvein[3]$]
By the way, this problem is in the Lecture 6 slides.
]
]
4. Convert 16-bit binary versions of $2_("ten")$ and $-2_("ten")$ to 32-bit binary numbers. Both of the numbers are in two's complement representation. Show your work.
#solve[
#underline[Working $2_("ten")$]
+ Convert $2$ to binary: $0010$
+ Pad the most significant bit length of 16-bits
+ `00000000 00000010`
+ Since $2$ is shockingly _still_ positive, we can pad those zeroes out to 32-bits
+ `00000000 00000000 00000000 00000010`
]
#solve[
#underline[Working $-2_("ten")$ :(]
+ Convert $-2$ to two's complement binary: $0010$
+ Negate $0010 -> 1101$
+ Add $1$: $1101 + 1 = 1110$
+ Pad the most significant bit for the desired bit length of 16-bits
+ `11111111 11111110`
+ Now pad out to 32-bits
+ `11111111 11111111 11111111 11111110`
]
5. [Show your work] Negate $2_("ten")$, first you need to convert this two's complement integer number into 32-bits binary and then do the negation. Show that the result is $-2_("ten")$.
#solve[
+ $2_10$ to binary, $2_10 -> 2_8$
+ `00000000 00000000 00000000 00000010`
+ Negate `00000000 00000000 00000000 00000010`:
#table(
stroke: none,
align: right,
[`~ 00000000 00000000 00000000 00000010`],
table.hline(),
[`11111111 11111111 11111111 11111101`]
)
+ Add `1`: `11111111 11111111 11111111 11111101` $+$ `1`
+ `11111111 11111111 11111111 11111110`
+ `11111111 11111111 11111111 11111110` is $-2$
+ ∴ Negation of $2_8$ is $-2_8$
]
6. [Show your work] What is the decimal value of this 32-bit two's complement number? `11111111 11111111 11111111 11111100`#sub("two")
#note[
There's _two_ ways of going about this.
#underline[The first and lazier way is to just write a C program:]
```c
#include <stdint.h>
#include <stdio.h>
int main(void)
{
int32_t num = 0b11111111111111111111111111111100;
printf("%d\n", num);
}
```
Which yields our decimal answer to be #solvein[$-4$].
#underline[And then there's the likely _intended_ way of doing this by hand:]
+ Firstly, recongnized that we have a negative number because the first bit is `1`.
+ Now we flip all the bits, `~11111111 11111111 11111111 11111100`
#table(
stroke: none,
align: right,
[`~ 11111111 11111111 11111111 11111100`],
table.hline(),
[`00000000 00000000 00000000 00000011`]
)
+ Add $1$: `00000000 00000000 00000000 00000011 + 1 = 00000000 00000000 00000000 00000110`
+ Now convert `00000000 00000000 00000000 00000110` to decimal, which yields $4$
+ Remember that we had a _*negative*_ number, so multiply by $-1$: $4 ⋅-1 = -4$
+ #solvein[We get $-4$]
]