Get the stories straight from the front line of industrial transformation! Cognite Dev Blog is run and updated by experts at Cognite and our partners in data science, software engineering, cybersecurity and industrial transformation. As a global AI software company we enable the full-scale digital transformation of heavy-asset industries. Our core software product, Cognite Data Fusion (CDF), powers companies with contextualized operational and information technology (OT/IT) data to develop and scale solutions that increase safety, sustainability, and efficiency, and drive revenue. Our partners are some of the world’s biggest players in the energy and technology industries.
Database reliability engineering in asset heavy industries
By Alex Brasetvik, June 26, 2020
Cognite is building out a database reliability engineering team (DBRE) to help tend to our Postgres, Elasticsearch and Kafka clusters — which we expect to have thousands of across dozens of regions and different cloud providers within a few years. We consider DBRE to be a sub-discipline of Site Reliability Engineering that focuses particularly on stateful services.
Reporting a ML job’s failure due to a hard crash, or, how to tell people you have died while working
By Sander Land, June 19, 2020
At Cognite we routinely need to deploy and scale computationally intensive machine learning models for data contextualization, such as entity matching and image recognition. Users submit their jobs through one of our APIs, and then we put the job in a message queue and wait for one of our workers to pick it up.
Pwn2Own or Not2Pwn, Part 2.5: A brief tale of free 0days
By Cim Stordal, June 2, 2020
In our first Pwn2Own blog post, we briefly talked about how we discovered a directory traversal vulnerability in less than 20 minutes after reading one of ZDI’s tweets. In this post, we will dive into the technical details of that vulnerability as well as a second directory traversal vulnerability in the unzipping code.
Designing the Rust Unleash API client
By Robert Collins May 20, 2020
One interesting question that our post about the Unleash API client for Rust provoked is “What were the Rust language specific design considerations?” We think that is a great question and (with the caveat that, as we haven’t released v1.0 yet, the story is perhaps an incomplete answer) one we’re delighted to address.
Introducing a Rust-lang API client for the Unleash API
By Robert Collins, May 12, 2020
Here at Cognite we write services in many different languages. Rust is one of them, which you may have read about in our recent post on 3D model loading. We use the Unleash API to manage feature toggles within our services. Feature toggles permit us to avoid code branching as we build our products. We can have new code disabled until we are ready to launch it, kill it quickly if it misbehaves after launch, expose it to a small group of users for testing, and much more.
Speeding up 3D model loading with Rust and WebAssembly
By Svenn-Arne Dragly, April 30, 2020
Over the past few months, we have been working hard at improving loading times and performance in Reveal, our TypeScript library for viewing 3D models in web applications. Our goal has been to make any model uploaded to Cognite Data Fusion (CDF) visible to users within seconds, and to ensure great performance no matter the size of the model. By streaming data and rewriting our 3D data parsers in Rust and WebAssembly, we have been able to reduce loading times for huge models from minutes to seconds. However, not all file formats turned out to parse faster with our implementation in Rust and WebAssembly — at least not on the first attempt.
InSo Insights: Implementation of a Robust Steady State Detector for Industrial Time Series Data
By Nicholas Calen, April 24, 2020
Disclaimer: This is a math-heavy post. Example code is provided to break down the heavier concepts, but it is helpful to have a basic understanding of probability notation for the modeling sections.
Data quality management and monitoring have become imperative in acquiring optimal data to drive successful models. In the production optimization arm of the Industry Solutions (InSo) team at Cognite, we use data (and lots of it) to drive informed decisions in the oil and gas sector. Cognite Data Fusion (CDF) gives us the freedom that most data science teams don’t have, in that it provides easy access to the resources we need to solve problems that require complex data wrangling quickly.
Is fuzzing Python code worth it? Yes!
By Cim Stordal, April 8, 2020
Unit testing and code review are the most common ways of testing code, but they’re not perfect. The fundamental weakness of these methods is that they rely solely on the developers’ ability to identify and predict problems in code. In other words, the approach is limited by what potential ideas the auditor has for how the code might fail.
Configuring Google Cloud CDN with Terraform
By Matej Snuderl, March 19, 2020
The performance of web applications has increased immensely in recent years. Users now expect the web applications they interact with to load quickly and work smoothly. This is how we supercharge our web applications.
Pwn2Own or Not2Pwn, Part 2
By Fredrik Østrem, Emil Sandstø and Cim Stordal, March 13, 2020
In our previous post, we gave a high-level overview of how we exploited a vulnerability in the Schneider Electric EcoStruxure Operator Terminal Expert, a human machine interface (HMI) configuration software, used to create and modify application for HMI products designed by Schneider Electric. In this part, we’ll cover in depth how we used the fact that we controlled the database, and that Schneider Electric used an outdated version of SQLite, to create a fully working exploit chain. To do this research, we stood on the shoulders of giants, building on this recent blog post by Omer Gull at Check Point Research.
Pwn2Own or Not2Pwn, Part 1
By Fredrik Østrem, Emil Sandstø and Cim Stordal, Februray 17, 2020
For many years industrial equipment and systems were manually monitored and managed by people and had no connection to the outside world or network. Today, as a result of digitalization, the reality is quickly changing. Industrial systems are no longer isolated from the outside world, but integrated into the information and data flows of IT-driven processes. And as industrial equipment and systems get connected, they also expose their vulnerabilities.