cto

Pandemic slams Asia's factories, activity hits financial crisis lows

Asia's factory activity was ravaged in April, business surveys showed Monday, and the outlook dimmed further as government restrictions on movement to contain the coronavirus outbreak froze global production and slashed demand.




cto

A Glimpse Of Actor Devika Bhise's Fun-Filled Udaipur Wedding. Watch

While Devika Bhise had earlier delighted fans by sharing a few snaps from the wedding day and pre-wedding functions on Instagram, designer Anita Dongre took to Instagram this morning to give them...




cto

RBI extends ECB window for Civil Aviation Sector

RBI extends window for External Commercial Borrowings (ECB) for Civil Aviation Sector




cto

RBI has appointed Three New Executive Directors

Reserve Bank of India has appointed Three New Executive Directors




cto

Indian Govt to inject $1.13 billion in Public sector Banks

Indian Govt to inject 69.90 billion rupees ($1.13 billion) in Nine Public sector Banks




cto

RBI revises Priority Sector Lending Guidelines for Banks

RBI revises Priority Sector Lending Guidelines for Banks




cto

Selection of non-executive chairmen for public sector banks

Govt starts selection of non-executive chairmen for public sector banks




cto

Major Public Sector banks report decline in profits

Major Indian Public Sector Banks report decline in the profits




cto

Hiring in banking sector to go up to 25% this year

Hiring in banking sector is expected to go up to 25% this year




cto

~$CPIL$360259$title$textbox$Zoetis Names New Member of Board of Directors$/CPIL$~




cto

Hundreds exposed to gas after deadly leak at Indian chemical factory

Gas from LG Polymers plant in Andhra Pradesh leaked into nearby homes while families slept

At least 11 people have been killed and hundreds more taken to hospital after a gas leak at a chemical factory in south-east India.

A plastics plant owned by South Korea’s LG Corp started leaking styrene into the surrounding residential area at about 3am on Thursday. Some people were enveloped as they slept, while others collapsed in the streets as they tried to flee the area on the outskirts of the coastal city of Visakhapatnam.

Related: 'Bhopal’s tragedy has not stopped': the urban disaster still claiming lives 35 years on

Continue reading...




cto

Ohio State settles for $41M over doctor's abuse

Ohio State will pay about $41 million to settle a dozen lawsuits by 162 men alleging decades-old sexual abuse and mistreatment by a team doctor, Richard Strauss.




cto

[Haskell Indians] Haskell Basketball Clenches Victory Over Northern New Mexico College At ...




cto

Ricardo Brennand, Brazilian Entrepreneur and Collector, Dies at 92

He amassed a vast trove of art and artifacts and built a castle-like repository so the public could see it, partly because his family wasn’t happy with his collecting.




cto

DAC 2015: Lip-Bu Tan, Cadence CEO, Sees Profound Changes in Semiconductors and EDA

As a leading venture capitalist in the electronics technology, as well as CEO of Cadence, Lip-Bu Tan has unique insights into ongoing changes that will impact EDA providers and users. Tan shared some of those insights in a “fireside chat” with Ed Sperling, editor in chief of Semiconductor Engineering, at the Design Automation Conference (DAC 2015) on June 9.

Topics of this discussion included industry consolidation, the need for more talent and more startups, Internet of Things (IoT) opportunities and challenges, the shift from ICs to full product development, and the challenges of advanced nodes. Following are some excerpts from this conversation, held at the DAC Pavilion theater on the exhibit floor.

 

Ed Sperling (left) and Lip-Bu Tan (right) discuss trends in semiconductors and EDA

Q: As you look out over the semiconductor and EDA industries these days, what worries you most?

Tan: At the top of my list is all the consolidation that is going on. Secondly, chip design complexity is increasing substantially. Time-to-market pressure is growing and advanced nodes have challenges.

The other thing I worry about is that we need to have more startups. There’s a lot of innovation that needs to happen. And this industry needs more top talent. At Cadence, we have a program to recruit over 10% of new hires every year from college graduates. We need new blood and new ideas.

Q: EDA vendors were acquiring companies for many years, but now the startups are pretty much gone. Where does the next wave of innovation come from?

Tan: I’ve been an EDA CEO for the last seven years and I really enjoy it because so much innovation is needed. System providers have very big challenges and very different needs. You have to find the opportunities and go out and provide the solutions.

The opportunities are not just in basic tools. Massive parallelism is critical, and the power challenge is huge. Time to market is critical, and for the IoT companies, cost is going to be critical. If you want to take on some good engineering challenges, this is the most exciting time.

Q: You live two lives—you’re a CEO but you’re also an investor. Where are the investments going these days and where are we likely to see new startups?

Tan: Clearly everybody is chasing the IoT. There is a lot of opportunity in the cloud, in the data center. Also, I’m a big believer in video, so I back companies that are video related. A big area is automotive. ADAS [Advanced Driver Assistance Systems] is a tremendous opportunity.

These companies can help us understand how the industry is transforming, and then we can provide solutions, either in terms of IP, tools, or the PCB. Then we need to connect from the system level down to semiconductors. I think it’s a different way to design.

Q: What happens as we start moving from companies looking to design a semiconductor to system companies who are doing things from the perspective that we have this purpose for our software?

Tan: We are extending from EDA to what we call system design enablement, and we are becoming more application driven. The application at the system level will drive the silicon design. We need to help companies look at the whole system including the power envelope and signal integrity. You don’t want to be in a position where you design a chip all the way to fabrication and then find the power is too high.

We help the customers with hardware/software co-design and co-verification. We have a design suite and a verification suite that can provide customers with high-level abstractions, as well as verify IP blocks at the system level. Then we can break things down to the component level with system constraints in mind, and drive power-aware, system-aware design.

We are starting to move into vertical markets. For example, medical is a tremendous opportunity.

Q: How does this approach change what you provide to customers?

Tan: Every year I spend time meeting with customers. I think it is very important to understand what they are trying to design, and it is also important to know the customer’s customer requirements. We might say, “Wait a minute, for this design you may want to think about power or the library you’re using.” We help them understand what foundry they should use and what process they should use. They don’t view me as a vendorthey view me as a partner.

We also work very closely with our IP and foundry partners. We work as one teamthe ultimate goal is customer success.

Q: Is everybody going to say, FinFETs are beautiful, we’re going to go down to 10nm or 7nmor is it a smaller number of companies who will continue down that path?

Tan: Some of the analog/mixed-signal companies don’t need to go that far. We love those customerswe have close to 50% of that business. But we also have customers in the graphics or processor area who are really pushing the envelope, and need to be in 16nm, 14nm, or 10nm. We work very closely with those guys to make sure they can go into FinFETs.

We always want to work with the customer to make sure they have a first-time silicon success. If you have to do a re-spin, you miss the opportunity and it’s very costly.

Q: There’s a new market that is starting to explodeIoT. How real is that world to you? Everyone talks about large numbers, but is it showing up in terms of tools?

Tan: Everybody is talking about huge profits, but a lot of the time I think it is just connecting old devices that you have. Billions of units, absolutely yes, but if you look close enough the silicon percentage of that revenue is very tiny. A lot of the profit is on the service side. So you really need to look at the service killer app you are trying to provide.

What’s most important to us in the IoT market is the IP business. That’s why we bought Tensilicait’s programmable, so you can find the killer app more quickly. The other challenges are time to market, low power, and low cost.

Q: Where is system design enablement going? Does it expand outside the traditional market for EDA?

Tan: It’s not just about tools. IP is now 11% of our revenue. At the PCB level, we acquired a company called Sigrity, and through that we are able to drive system analysis for power, signal integrity, and thermal. And then we look at some of the verticals and provide modeling all the way from the system level to the component level. We make sure that we provide a solution to the end customer, rather than something piecemeal.

Q: What do you think DAC will look like in five years?

Tan: It’s getting smaller. We need to see more startups and innovative IP solutions. I saw a few here this year, and that’s good. We need to encourage small startups.

Q: Where do we get the people to pull this off? I don’t see too many people coming into EDA.

Tan: I talk to a lot of university students, and I tell them that this small industry is a gold mine. A lot of innovation is needed. We need them to come in [to EDA] rather than join Google or Facebook. Those are great companies, but there is a lot of fundamental physical innovation we need.

Richard Goering

Related Blog Posts

Gary Smith at DAC 2015: How EDA Can Expand Into New Directions

DAC 2015: Google Smart Contact Lens Project Stretches Limits of IC Design

Q&A with Nimish Modi: Going Beyond Traditional EDA




cto

Wally Rhines: Predicting Semiconductor Business Trends After Moore's Law

I recently attended a webinar presented by Wally Rhines about his new book, Predicting Semiconductor Business Trends After Moore's Law . Wally was the CEO of Mentor, as you probably know. Now he...

[[ Click on the title to access the full blog on the Cadence Community site. ]]




cto

Tales from DAC: Semiconductor Design in MY Cloud? It's More Likely Than You Think

Everyone keeps talking about “the cloud” this and “the cloud” that these days—but you’re a semiconductor designer. Everyone keeps saying “the cloud” is revolutionizing all aspects of electronics design—but what does it mean for you? Cadence's own Tom Hackett discussed this in a presentation at the Cadence Theater during DAC 2019.

What people refer to as “the cloud” is commonly divided into three categories: Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and software as a Service (SaaS). With IaaS, you bring your own software—i.e. loading your owned or appropriately licensed tools onto cloud hardware that you rent by the minute. This service is available from providers like Google Cloud Platform, Amazon Web Service, and Microsoft Azure. In PaaS (also available from the major cloud providers), you create your own offering using capabilities and a software design environment provided by the cloud vendor that makes subsequent scaling and distribution really easy because the service was “born in the cloud”.  Lastly, there’s SaaS, where the cloud is used to access and manage functionality and data without requiring users to set up or manage any of the underlying infrastructure used to provide it.  SaaS companies like Workday and Salesforce deliver their value in this manner.  The Cadence Cloud portfolio makes use of both IaaS and SaaS, depending on the customers’ interest.  Cadence doesn’t have PaaS offerings because our customers don’t create their own EDA software from building blocks that Cadence provides.

All of these designations are great, but you’re a semiconductor designer. Presumably you use Workday or some similar software, or have in the past when you were an intern, but what about all of your tools? Those aren’t on the cloud.

Wait—actually, they are.

Using EDA tools in the cloud allows you to address complexity and data explosion issues you would have to simply struggle through before. Since you don’t have to worry about having the compute-power on-site, you can use way more power than you could before. You may be wary about this new generation of cloud-based tools, but don’t worry: the old rules of cloud computing no longer apply. Cloud capacity is far larger than it used to be, and it’s more secure. Updates to scheduling software means that resource competition isn’t as big of a deal anymore. Clouds today have nearly unlimited capacity—they’re so large that you don’t ever need to worry about running out of space.

The vast increase in raw compute available to designers through the cloud makes something like automotive functional safety verification, previously an extremely long verification task, doable in a reasonable time frame. With the cloud, it’s easy to scale the amount of compute you’re using to fit your task—whether it’s an automotive functional safety-related design or a small one.

Nowadays, the Cadence Cloud Portfolio brings you the best and brightest in cloud technology. No matter what your use case is, the Cadence Cloud Portfolio has a solution that works for you. You can even access the Palladium Cloud, allowing you to try out the benefits of an accelerator without having to buy one.

Cloud computing is the future of EDA. See the future here.




cto

ce_tools directory no longer shipped with Specman

Hello All,

starting with version 8.1 the contents of the ce_tools directory will no longer
be shipped with Specman. The directory contains some unsupported AE/R&D
ware and has not been updated for several releases (i.e. most of those old
packages don't work with the latest release).
 
Attached is the contents of this directory. Please read the README before
using any of the packages.


Regards,
-hannes


Originally posted in cdnusers.org by hannes




cto

AoA Audio Extractor 2.3.7 Active-X Overflow

AoA Audio Extractor Basic version 2.3.7 suffers from an overflow vulnerability.





cto

3DEXPERIENCE R2018x FP.2011 Program Directory now available

3DEXPERIENCE R2018x FP.2011 Program Directory now available




cto

3DEXPERIENCE R2019x FD08 (FP.2013) Program Directory now available

3DEXPERIENCE R2019x FD08 (FP.2013) Program Directory is now available online.




cto

Version 5 Program Directories now available

Check out the list of all new Version 5 Program Directories available online!



  • Program Directory and Release Notes
  • V5

cto

3DEXPERIENCE R2020x FD02 (FP.2014) Program Directory now available

3DEXPERIENCE R2020x FD02 (FP.2014) Program Directory now available




cto

3DEXPERIENCE R2017x FP.2016 Program Directory now available

3DEXPERIENCE R2017x FP.2016 Program Directory is now available online.





cto

DevExpress ASP.NET File Manager 13.2.8 Directory Traversal

DevExpress ASP.NET File Manager versions 10.2 through 13.2.8 suffer from a directory traversal vulnerability.





cto

Sky File 2.1.0 Cross Site Scripting / Directory Traversal

Sky File version 2.1.0 for iOS suffers from cross site scripting and directory traversal vulnerabilities.




cto

Huawei HG255 Directory Traversal

This Metasploit module exploits a directory traversal in Huawei HG255.




cto

DotNetNuke CMS 9.4.4 Zip Directory Traversal

DotNetNuke CMS version 9.4.4 suffers from zip split issue where a directory traversal attack can be performed to overwrite files or execute malicious code.




cto

PHPKB Multi-Language 9 Authenticated Directory Traversal

PHPKB Multi-Language 9 suffers from an authenticated directory traversal vulnerability.




cto

Jinfornet Jreport 15.6 Directory Traversal

Jinfornet Jreport version 15.6 suffers from an unauthenticated directory traversal vulnerability.




cto

Joomla Fabrik 3.9.11 Directory Traversal

Joomla Fabrik component version 3.9.11 suffers from a directory traversal vulnerability.




cto

Zen Load Balancer 3.10.1 Directory Traversal

Zen Load Balancer version 3.10.1 suffers from a directory traversal vulnerability. This finding was originally discovered by Cody Sixteen.




cto

TVT NVMS 1000 Directory Traversal

TVT NVMS 1000 suffers from a directory traversal vulnerability.




cto

Booked Scheduler 2.7.7 Directory Traversal

Booked Scheduler version 2.7.7 suffers from an authenticated directory traversal vulnerability.




cto

PHP Hosting Directory 2.0 Insecure Cookie

PHP Hosting Directory version 2.0 suffers from an insecure cookie vulnerability that allows for administrative bypass.




cto

PHPDirector 0.30 Insecure Cookie Handling

PHPDirector version 0.30 suffers from an insecure cookie handling vulnerability that allows for privilege escalation.




cto

Gigamon GigaVUE 5.5.01.11 Directory Traversal / File Upload

Gigamon GigaVUE version 5.5.01.11 suffers from directory traversal and file upload with command execution vulnerabilities. Gigamon has chosen to sunset this product and not offer a patch.




cto

Easy Transfer 1.7 Cross Site Scripting / Directory Traversal

Easy Transfer version 1.7 for iOS suffers from cross site scripting and directory traversal vulnerabilities.





cto

Yes, You Can Remotely Hack Factory, Building Site Cranes. Wait, What?





cto

Active Directory DCSync

This is a whitepaper that discusses using DCSync to pull password hashes from a domain controller.




cto

Verodin Director Web Console 3.5.4.0 Password Disclosure

Verodin Director Web Console version 3.5.4.0 remote authenticated password disclosure proof of concept exploit.




cto

Cisco UCS Director Unauthenticated Remote Code Execution

The Cisco UCS Director virtual appliance contains two flaws that can be combined and abused by an attacker to achieve remote code execution as root. The first one, CVE-2019-1937, is an authentication bypass, that allows the attacker to authenticate as an administrator. The second one, CVE-2019-1936, is a command injection in a password change form, that allows the attacker to inject commands that will execute as root. This module combines both vulnerabilities to achieve the unauthenticated command injection as root. It has been tested with Cisco UCS Director virtual machines 6.6.0 and 6.7.0. Note that Cisco also mentions in their advisory that their IMC Supervisor and UCS Director Express are also affected by these vulnerabilities, but this module was not tested with those products.






cto

HP Data Protector Encrypted Communication Remote Command Execution

This Metasploit module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executing the payload with Microsoft PowerShell so will only work against Windows Vista or newer. Tested against Data Protector 9.0 installed on Windows Server 2008 R2.