Cryptographic bill of materials (CBOM—also cryptography bill of materials) is a structured inventory of all cryptographic assets present in a software, firmware, device, or system. It enumerates algorithms (and parameters such as key sizes and modes), cryptographic libraries or modules, digital certificates, keys and related material, and protocols in use, and maps their relationships to the components that implement or invoke them. CBOMs are used to improve security analysis, compliance, and cryptographic agility, and are increasingly referenced in guidance for post‑quantum cryptography (PQC) migration. == Definition and scope == A CBOM inventories cryptographic primitives and materials—such as encryption and signature algorithms (with specific variants and modes), key sizes, cryptographic libraries/modules, digital certificates (e.g., X.509), keys and other related cryptographic material, and security protocols (e.g., TLS, IPsec). It also documents dependencies (for example, an application uses an algorithm provided by a library; a protocol uses several algorithms) and can capture certificate lifecycles, cryptographic module certifications (e.g., FIPS 140‑3), and policy conformance metadata. In common practice, a CBOM may be embedded within an SBOM format (such as CycloneDX) or exported as a separate, linked artifact. === Typical CBOM fields === The exact schema varies by implementation, but common fields are summarized below (see CycloneDX CBOM guide and NIST SP 1800‑38B). == Relation to SBOM == A CBOM is complementary to, but distinct from, a software bill of materials (SBOM). Whereas an SBOM lists software components and their versions, a CBOM focuses specifically on the cryptography present and how it is configured and used. For example, an SBOM might enumerate inclusion of a library such as OpenSSL, while the CBOM would identify which algorithms and parameters that library enables (e.g., RSA‑2048, ECDH P‑256, AES‑GCM) and list relevant keys and certificates. The pairing enables both supply‑chain transparency and cryptographic transparency. == History == The term and practice emerged in the early–mid 2020s alongside software‑supply‑chain transparency and PQC planning. The OWASP CycloneDX standard introduced native CBOM support (v1.6 and later), modeling algorithms, keys, certificates, and protocols as first‑class “cryptographic assets” and providing dependency semantics (uses/implements) between software and cryptography. Open tooling from industry and researchers (e.g., IBM's CBOMkit and related generators/viewers) appeared to automate discovery and representation of cryptographic use in the CycloneDX CBOM schema. == Regulatory and policy context == In the United States, policy has emphasized cryptographic inventories as a prerequisite to PQC migration. The White House's National Security Memorandum 10 (2022) directed a government‑wide transition to quantum‑resistant cryptography; the Office of Management and Budget's M‑23‑02 (November 2022) operationalized this by requiring agencies to submit a prioritized inventory of cryptographic systems (with algorithm and key details) by 4 May 2023 and annually thereafter, and tasked CISA/NSA/NIST to develop automated discovery and inventory strategies. A 2024 Office of the National Cyber Director report reiterated that a “comprehensive cryptographic inventory” is the baseline for PQC planning and must be maintained iteratively with both automated and manual discovery. NIST's NCCoE practice guide (SP 1800‑38B, preliminary draft) provides concrete methods for cryptographic discovery and documentation across enterprises, aligning with CBOM‑style representations. CISA later published a strategy to migrate federal agencies to automated cryptography discovery and inventory tools to support continuous reporting. Separately, NSA, CISA, and NIST issued joint guidance encouraging all organisations to prepare cryptographic inventories and roadmaps for PQC, beyond government environments. == Role in quantum readiness and cryptographic agility == Because large‑scale quantum computing threatens widely used public‑key algorithms (e.g., RSA, ECC), organisations are planning multi‑year transitions to post-quantum cryptography. CBOMs enable that planning by identifying where quantum‑vulnerable algorithms appear, prioritising high‑impact systems, and tracking replacements over time. A machine‑readable CBOM also supports cryptographic agility and incident response: if an algorithm, library, or certificate lifecycle becomes non‑compliant or vulnerable, the CBOM indicates which products and systems are affected and where mitigations must be applied first. == Standards and tooling == CycloneDX (OWASP): Native CBOM modelling (v1.6+) for algorithms, certificates, keys/related material, and protocols, with dependency semantics and examples. The project publishes a CBOM guide and use‑case profiles (e.g., certificate and algorithm inventories). NIST NCCoE SP 1800‑38 series: Practice guides for PQC migration include enterprise cryptographic discovery methods that produce CBOM‑like inventories and integrate multiple discovery tools. Government automation initiatives: Following M‑23‑02, CISA issued a strategy to migrate to automated cryptography discovery and inventory tools to support agency reporting and continuous inventory management. Open‑source and vendor tools: IBM's CBOMkit and related components generate, analyse, and visualise CBOMs; the IBM CBOM specification work was upstreamed into CycloneDX 1.6. === Data model and interchange (example) === CycloneDX provides machine‑readable encodings (JSON/XML) for CBOM content. The example below (subset) shows an application depending on a crypto library that provides the AES‑256‑GCM algorithm, and the application also depends on a leaf X.509 certificate. See the CycloneDX CBOM guide, JSON reference, and the “Implementation details” use‑case for the semantics of `dependsOn` and `provides`. == Relationship to cybersecurity supply chain initiatives == CBOMs complement SBOM‑focused supply‑chain transparency introduced by U.S. Executive Order 14028 and NTIA/NIST SBOM work. SBOMs document software components; CBOMs add detail on embedded cryptography to support risk management, policy compliance (e.g., disallowing deprecated algorithms), and PQC transition planning.
Toy problem
In scientific disciplines, a toy problem or a puzzlelike problem is a problem that is not of immediate scientific interest, yet is used as an expository device to illustrate a trait that may be shared by other, more complicated, instances of the problem, or as a way to explain a particular, more general, problem solving technique. A toy problem is useful to test and demonstrate methodologies. Researchers can use toy problems to compare the performance of different algorithms. They are also good for game designing. For instance, while engineering a large system, the large problem is often broken down into many smaller toy problems which have been well understood in detail. Often these problems distill a few important aspects of complicated problems so that they can be studied in isolation. Toy problems are thus often very useful in providing intuition about specific phenomena in more complicated problems. As an example, in the field of artificial intelligence, classical puzzles, games and problems are often used as toy problems. These include sliding-block puzzles, N-Queens problem, missionaries and cannibals problem, tic-tac-toe, chess, Tower of Hanoi and others.
Attribute–value system
An attribute–value system is a basic knowledge representation framework comprising a table with columns designating "attributes" (also known as "properties", "predicates", "features", "dimensions", "characteristics", "fields", "headers" or "independent variables" depending on the context) and "rows" designating "objects" (also known as "entities", "instances", "exemplars", "elements", "records" or "dependent variables"). Each table cell therefore designates the value (also known as "state") of a particular attribute of a particular object. == Example of attribute–value system == Below is a sample attribute–value system. It represents 10 objects (rows) and five features (columns). In this example, the table contains only integer values. In general, an attribute–value system may contain any kind of data, numeric or otherwise. An attribute–value system is distinguished from a simple "feature list" representation in that each feature in an attribute–value system may possess a range of values (e.g., feature P1 below, which has domain of {0,1,2}), rather than simply being present or absent (Barsalou & Hale 1993). == Other terms used for "attribute–value system" == Attribute–value systems are pervasive throughout many different literatures, and have been discussed under many different names: Flat data Spreadsheet Attribute–value system (Ziarko & Shan 1996) Information system (Pawlak 1981) Classification system (Ziarko 1998) Knowledge representation system (Wong & Ziarko 1986) Information table (Yao & Yao 2002)
ProVisual Engine
The ProVisual Engine is an AI-powered imaging system developed by Samsung Electronics for mobile devices. It was introduced in 2024 with the Galaxy S24 series as a component of Samsung's Galaxy AI ecosystem, providing advanced image processing to enhance image quality in photography and videography. == Overview == The ProVisual Engine processes images using adaptive scene recognition, real-time optimization, and advanced image processing. It adjusts color accuracy, dynamic range, and noise levels, providing both automated and manual controls to accommodate various user preferences. == Features == The ProVisual Engine encompasses several features. === Quad Tele System === The Quad Tele System features 2x, 3x, 5x, and 10x optical zoom, supported by digital processing to enhance zoom clarity and detail. It incorporates Image Signal Processing (ISP) to refine detail retention, reduce noise, and enhance image clarity at different zoom levels while minimizing distortion. === Nightography === Nightography utilizes noise reduction techniques and advanced sensor technology to enhance low-light photography. By adjusting exposure and minimizing motion blur, the system helps produce more precise and more detailed images in dark environments for both photos and videos. === Generative Edit === Generative Edit allows for object removal, background expansion, and intelligent resizing. It reconstructs missing areas by filling backgrounds and completing cut-off objects, adjusting composition while preserving image integrity and refinement. === Expert RAW === Expert RAW allows users to capture RAW images directly from the camera app for advanced shooting and editing. It includes HDR (High Dynamic Range) support to enhance detail and dynamic range. The ProVisual Engine utilizes multi-frame processing to generate RAW images with increased clarity and depth for post-processing. === Enhance-X and Camera Shift === Enhance-X is an AI-based image processing tool that applies upscaling, noise reduction, and sharpening. Its Camera Shift feature adjusts the perceived camera height by modifying framing and proportions. A recent update extended support to human and pet images. == Compatible devices == As of 2025, the ProVisual Engine is available on the following devices: === Galaxy S series === Galaxy S26 Series (Galaxy S26, S26+. S26 Ultra) Galaxy S25 Series (Galaxy S25, S25+, S25 Edge, S25 Ultra, S25 FE) Galaxy S24 Series (Galaxy S24, S24+, S24 Ultra) === Galaxy Z series === Galaxy Z Fold 7 Galaxy Z Flip 7, Z Flip 7 FE Galaxy Z Fold 6 Galaxy Z Flip 6 === Galaxy Tab S series === Galaxy Tab S10 series (Tab S10+, Tab S10 Ultra) Galaxy Tab S9 series (Tab S9, Tab S9+, Tab S9 Ultra) === Galaxy Z series === Galaxy Z Fold 7, Z Flip 7, Z Flip 7 FE Galaxy Z Fold 6, Z Flip 6 === Galaxy Tab S series === Galaxy Tab S10 series (Tab S10+, Tab S10 Ultra) Galaxy Tab S9 series (Tab S9, Tab S9+, Tab S9 Ultra) Note: Quad Tele System refers to the multi-telephoto setup (2×, 3×, 5×, 10×) available only on the Ultra models (S24 Ultra and S25 Ultra). Note: On Galaxy Tab models, only Enhance-X editing features are supported; the Expert RAW camera app is not available.
International Journal of Pattern Recognition and Artificial Intelligence
The International Journal of Pattern Recognition and Artificial Intelligence was founded in 1987 and is published by World Scientific. The journal covers developments in artificial intelligence, and its sub-field, pattern recognition. This includes articles on image and language processing, robotics and neural networks. == Abstracting and indexing == The journal is abstracted and indexed in: SciSearch ISI Alerting Services CompuMath Citation Index Current Contents/Engineering, Computing & Technology Inspec io-port.net Compendex Computer Abstracts
Automated Mathematician
The Automated Mathematician (AM) is one of the earliest successful discovery systems. It was created by Douglas Lenat in Lisp, and in 1977 led to Lenat being awarded the IJCAI Computers and Thought Award. AM worked by generating and modifying short Lisp programs which were then interpreted as defining various mathematical concepts; for example, a program that tested equality between the length of two lists was considered to represent the concept of numerical equality, while a program that produced a list whose length was the product of the lengths of two other lists was interpreted as representing the concept of multiplication. The system had elaborate heuristics for choosing which programs to extend and modify, based on the experiences of working mathematicians in solving mathematical problems. == Controversy == Lenat claimed that the system was composed of hundreds of data structures called "concepts", together with hundreds of "heuristic rules" and a simple flow of control: "AM repeatedly selects the top task from the agenda and tries to carry it out. This is the whole control structure!" Yet the heuristic rules were not always represented as separate data structures; some had to be intertwined with the control flow logic. Some rules had preconditions that depended on the history, or otherwise could not be represented in the framework of the explicit rules. What's more, the published versions of the rules often involve vague terms that are not defined further, such as "If two expressions are structurally similar, ..." (Rule 218) or "... replace the value obtained by some other (very similar) value..." (Rule 129). Another source of information is the user, via Rule 2: "If the user has recently referred to X, then boost the priority of any tasks involving X." Thus, it appears quite possible that much of the real discovery work is buried in unexplained procedures. Lenat claimed that the system had rediscovered both Goldbach's conjecture and the fundamental theorem of arithmetic. Later critics accused Lenat of over-interpreting the output of AM. In his paper Why AM and Eurisko appear to work, Lenat conceded that any system that generated enough short Lisp programs would generate ones that could be interpreted by an external observer as representing equally sophisticated mathematical concepts. However, he argued that this property was in itself interesting—and that a promising direction for further research would be to look for other languages in which short random strings were likely to be useful. == Successor == This intuition was the basis of AM's successor Eurisko, which attempted to generalize the search for mathematical concepts to the search for useful heuristics.
Type–token distinction
The type–token distinction is the difference between a type of objects (analogous to a class) and the individual tokens of that type (analogous to instances). Since each type may be instantiated by multiple tokens, there are generally more tokens than types of an object. For example, the sentence "A rose is a rose is a rose" contains three word types: three word tokens of the type a, two word tokens of the type is, and three word tokens of the type rose. The distinction is important in disciplines such as logic, linguistics, metalogic, typography, and computer programming. == Overview == The type–token distinction separates types (abstract descriptive concepts) from tokens (objects that instantiate concepts). For example, in the sentence "the bicycle is becoming more popular" the word bicycle represents the abstract concept of bicycles and this abstract concept is a type, whereas in the sentence "the bicycle is in the garage", it represents a particular object and this particular object is a token. Similarly, the word type 'letter' uses only four letter types: L, E, T and R. Nevertheless, it uses both E and T twice. One can say that the word type 'letter' has six letter tokens, with two tokens each of the letter types E and T. Whenever a word type is inscribed, the number of letter tokens created equals the number of letter occurrences in the word type. Some logicians consider a word type to be the class of its tokens. Other logicians counter that the word type has a permanence and constancy not found in the class of its tokens. The type remains the same while the class of its tokens is continually gaining new members and losing old members. == Typography == In typography, the type–token distinction is used to determine the presence of a text printed by movable type: The defining criteria which a typographic print has to fulfill is that of the type identity of the various letter forms which make up the printed text. In other words: each letter form which appears in the text has to be shown as a particular instance ("token") of one and the same type which contains a reverse image of the printed letter. == Charles Sanders Peirce == The distinctions between using words as types or tokens were first made by American logician and philosopher Charles Sanders Peirce in 1906 using terminology that he established. Peirce's type–token distinction applies to words, sentences, paragraphs and so on: to anything in a universe of discourse of character-string theory, or concatenation theory. Peirce's original words are the following: A common mode of estimating the amount of matter in a ... printed book is to count the number of words. There will ordinarily be about twenty 'thes' on a page, and, of course, they count as twenty words. In another sense of the word 'word,' however, there is but one word 'the' in the English language; and it is impossible that this word should lie visibly on a page, or be heard in any voice .... Such a ... Form, I propose to term a Type. A Single ... Object ... such as this or that word on a single line of a single page of a single copy of a book, I will venture to call a Token. .... In order that a Type may be used, it has to be embodied in a Token which shall be a sign of the Type, and thereby of the object the Type signifies.