Automated Generation and Integration of AUTOSAR ECU Configurations

Automotive Open System Architecture (AUTOSAR) is a system-level standard that is formed by the worldwide partnership of the automotive manufacturers and suppliers who are working together to develop a standardized Electrical and Electronic(E/E) framework and architecture for automobiles. The AUTOSAR methodology has two main activities: system configuration and the Electronic Control Unit (ECU) configuration. The system configuration is the mapping of the software components to the ECUs based on the system requirements. The ECU configuration process is an important part of the ECU software integration and generation. ECU specific information is extracted from the system configuration description and all the necessary information for the implementation such as tasks, scheduling, assignments of the runnables to tasks and configuration of the Basic Software (BSW) modules, are performed. This activity allows the ECU to modify the configuration parameters based on the vendor-specific requirements. Due to the high complexity and redundancy of this process, it has to be supported by different tool-related editors that can automatically generate source files like *.c and *.h for the configuration. In this thesis, we propose a method to automate the ECU configuration process for AUTOSAR. We use configuration templates written in xtend programming language along with a BSW generator tool developed at APAG Elektronik. This tool can extract the configuration parameters and automatically generate the required ECU module configuration. The Watchdog module will be used as an example to generate and integrate the ECU configuration. This enables the seamless generation of the software configurations from the system level requirements to the software implementation and therefore ensures consistency, correctness, cost efficiency and reduces the work done by the developer to generate the configuration

Practical aspects of FaaS applications' migration

With the huge variety of available FaaS platforms in cloud and self-hosted environments the idea of migrating function applications from one provider to another is becoming a important consideration. This work investigates the challenges developers encounter when manually migrating applications between Amazon Web Services, Microsoft Azure and IBM Cloud regarding the efforts needed to migrate the functions and the services. This work also proposes a simple approach to reduce the coupling between the function application and the cloud provider by externalizing the business logic into a serparate, completely vendor independant, package. We see that this approach reduces the efforts needed to migrate the source code to another provider but it does not reduce the effort of migrating the functions configuration and services. We see that the efforts for migration are not only affected by the migration of the source code but also by the migration of the services, especially in self-hosted environments. There developers also have to find a proper substitution of the service for their use-case.Bei der Vielzahl der verfügbaren FaaS-Plattformen in Cloud- und selbst gehosteten Umgebungen wird die Idee der Migration von Funktionsanwendungen von einem Anbieter zum anderen immer wichtiger. Diese Arbeit untersucht die Herausforderungen, denen Entwickler bei der manuellen Migration von Anwendungen zwischen Amazon Web Services, Microsoft Azure und IBM Cloud hinsichtlich des Aufwands für die Migration der Funktionen und Dienste begegnen. Diese Arbeit schlägt auch einen einfachen Ansatz vor, um die Kopplung zwischen der Funktionsanwendung und dem Cloud-Provider zu reduzieren, indem die Geschäftslogik in ein separates, völlig herstellerunabhängiges Paket ausgelagert wird. Wir sehen, dass dieser Ansatz den Aufwand für die Migration des Quellcodes zu einem anderen Anbieter reduziert, aber nicht den Aufwand für die Migration der Funktionskonfiguration und der Dienste. Wir sehen, dass die Bemühungen um die Migration nicht nur von der Quellcode-Migration, sondern auch von der Migration der Dienste, insbesondere in selbst gehosteten Umgebungen, beeinflusst werden. Dort müssen Entwickler auch einen geeigneten Ersatz für den Dienst in ihren Anwendungsfall finden

Role-Based Access-Control for Databases

Liikudes üha enam paberivaba ari suunas, hoitakse üha enam tundlikku informatsiooni andmebaasides. Sellest tulenevalt on andmebaasid ründajatele väärtuslik sihtmärk. Levinud meetod andmete kaitseks on rollipõhine ligipääsu kontroll (role-based access control), mis piirab süsteemi kasutajate õiguseid vastavalt neile omistatud rollidele. Samas on turvameetmete realiseerimine arendajate jaoks aeganõudev käsitöö, mida teostatakse samaaegselt rakenduse toimeloogika realiseerimisega. Sellest tulenevalt on raskendatud turva vajaduste osas kliendiga läbirääkimine projekti algfaasides. See omakorda suurendab projekti reaalsete arenduskulude kasvamise riski, eriti kui ilmnevad turvalisuse puudujäägid realisatsioonis. Tänapäeva veebirakendustes andmebaasi ühenduste puulimine (connec-tion pooling ), kus kasutatakse üht ja sama ühendust erinevate kasutajate teenindamiseks, rikub vähima vajaliku õiguse printsiipi. Kõikidel ühendunud kasutajatel on ligipääs täpselt samale hulgale andmetele, mille tulemusena võib lekkida tundlik informatsioon (näiteks SQLi süstimine (SQL injection ) või vead rakenduses). Lahenduseks probleemile pakume välja vahendid rollipõhise ligipääsu kontorolli disainimiseks tarkvara projekteerimise faasis. Rollipõhise ligipääsu kontorolli modelleerimiseks kasutame UML'i laiendust SecureUML. Antud mudelist on võimalik antud töö raames valminud vahenditega genereerida koodi, mis kontrollib ligipääsu õiguseid andmebaasi tasemel. Antud madaltasemekontroll vähendab riski, et kasutajad näevad andmeid, millele neil ligipääsu õigused puuduvad. Antud töös läbiviidud uuring näitas, et mudelipõhine turvalisuse arendamise kvaliteet on kõrgem võrreldes programmeerijate poolt kirjutatud koodiga. Kuna turvamudel on loodud projekteerimise faasis on selle semantiline täielikkus ja korrektsus kõrge, millest tulenevalt on seda kerge lugeda ja muuta ning seda on lihtsam kasutada arendajate ja klientide vahelises suhtluses.With the constant march towards a paperless business environment, database systems are increasingly being used to hold more and more sensitive information. This means they present an increasingly valuable target for attackers. A mainstream method for information system security is Role-based Access Control (RBAC), which restricts system access to authorised users. However the implementation of the RBAC policy remains a human intensive activity, typically, performed at the implementation stage of the system development. This makes it difficult to communicate security solutions to the stakeholders earlier and raises the system development cost, especially if security implementation errors are detected. The use of connection pooling in web applications, where all the application users connect to the database via the web server with the same database connection, violates the the principle of minimal privilege. Every connected user has, in principle, access to the same data. This may leave the sensitive data vulnerable to SQL injection attacks or bugs in the application. As a solution we propose the application of the model-driven development to define RBAC mechanism for data access at the design stages of the system development. The RBAC model created using the SecureUML approach is automatically translated to source code, which implements the modelled security rules at the database level. Enforcing access-control at this low level limits the risk of leaking sensitive data to unauthorised users. In out case study we compared SecureUML and the traditional security model, written as a source code, mixed with business logic and user-interface statements. The case study showed that the model-driven security development results in significantly better quality for the security model. Hence the security model created at the design stage contains higher semantic completeness and correctness, it is easier to modify and understand, and it facilitates a better communication of security solutions to the system stakeholders than the security model created at the implementation stage

Persistence deployment automation

La ciberseguretat és un camp que cada cop té més importància, ja que any rere any creix el nombre de ciberatacs a tota mena d'organitzacions. Atès que l'impacte d'aquests atacs és cada vegada més gran (la qual cosa es tradueix en majors pèrdues per a les grans empreses), és fonamental invertir en equips, eines, personal i/o serveis de seguretat per estar el més protegits possible davant de tota mena de ciberamenaces. Dos dels serveis de ciberseguretat més comuns són les avaluacions de seguretat als equips d'usuari i a les xarxes, on es posen a prova els programes antimalware contractats pel client, davant diferents tècniques utilitzades en atacs reals, com les classificades com a \textit{persistència}: procediments per tornar a executar un fitxer o una comanda, o per tornar a establir la comunicació amb un servidor remot, després de que l'ordinador s'hagi reiniciat o de que el procés hagi finalitzat. Durant les intrusions, entenent "intrusió" com un atac que ha aconseguit accedir a ordinadors de la xarxa interna d'alguna empresa, les tècniques de persistència són crucials, donat que perdre la connexió amb l'equip compromès podria posar en risc tot l'operatiu. Aquest projecte recopila informació sobre els diferents mètodes per desplegar persistència tant a diversos sistemes operatius (Windows i Linux) com en serveis (com el de Directori Actiu), centrant-se en les tècniques més usades als atacs d'avui dia. Aquesta informació també es troba a Internet, però està dispersa i de vegades escrita en un llenguatge molt tècnic, fent-ne difícil la seva comprensió. A més, s'ha desenvolupat una eina d'automatització per poder fer el desplegament de la persistència de forma ràpida i senzilla. Aquesta eina es compon de diversos scripts, adaptats a diferents sistemes operatius, i pot resultar molt útil quan es realitzen les avaluacions de seguretat esmentades anteriorment. En resum, l'objectiu final d'aquest projecte és posar a disposició una gran quantitat de recursos que poden ser emprats durant les auditories de seguretat, per ajudar a identificar millor els problemes de seguretat dels equips, i aconseguir així sistemes millor protegits.Cybersecurity is a field that is becoming more important over time, as the number of cyberattacks on all kinds of organizations is growing every year. Since the impact of those attacks increases in time (which translates into greater losses to big companies), it is essential to invest in security equipment, tools, people and/or services in order to be as protected as possible against all kinds of cyber threats. Two of the most common cybersecurity services are endpoint and network security evaluations, where professionals test a company's antimalware software against different techniques used in real-life attacks, like the ones classified as \textit{persistence}: procedures to re-execute a file or a command, or to reconnect with controlled servers, following reboots or process terminations. Persistence techniques are used regularly because they are crucial in most intrusions (when an attack has succeeded in accessing internal computers of an enterprise), since losing connection with the compromised machine can make the whole operation fail. This project collects information about different ways of deploying persistence in diverse operating systems (both Windows and Linux) and services (Active Directory), focusing on the most used in recent attacks. This information is already on the Internet, but it is scattered and sometimes written in overly technical language, making it difficult to understand. Additionally, an automation tool is developed to deploy persistence easily and faster on computers. This tool is composed of several scripts, depending on the base operating system, and could be very useful when performing the aforementioned security evaluations. In short, the final goal of this project is to make lots of resources available that can be used during security assessments, to help identify flaws and thus achieve better protected systems

Deep Just-In-Time Inconsistency Detection Between Comments and Source Code

Natural language comments convey key aspects of source code such as implementation, usage, and pre- and post-conditions. Failure to update comments accordingly when the corresponding code is modified introduces inconsistencies, which is known to lead to confusion and software bugs. In this paper, we aim to detect whether a comment becomes inconsistent as a result of changes to the corresponding body of code, in order to catch potential inconsistencies just-in-time, i.e., before they are committed to a code base. To achieve this, we develop a deep-learning approach that learns to correlate a comment with code changes. By evaluating on a large corpus of comment/code pairs spanning various comment types, we show that our model outperforms multiple baselines by significant margins. For extrinsic evaluation, we show the usefulness of our approach by combining it with a comment update model to build a more comprehensive automatic comment maintenance system which can both detect and resolve inconsistent comments based on code changes.Comment: Accepted in AAAI 202

A Decade of Code Comment Quality Assessment: A Systematic Literature Review

Code comments are important artifacts in software systems and play a paramount role in many software engineering (SE) tasks related to maintenance and program comprehension. However, while it is widely accepted that high quality matters in code comments just as it matters in source code, assessing comment quality in practice is still an open problem. First and foremost, there is no unique definition of quality when it comes to evaluating code comments. The few existing studies on this topic rather focus on specific attributes of quality that can be easily quantified and measured. Existing techniques and corresponding tools may also focus on comments bound to a specific programming language, and may only deal with comments with specific scopes and clear goals (e.g., Javadoc comments at the method level, or in-body comments describing TODOs to be addressed). In this paper, we present a Systematic Literature Review (SLR) of the last decade of research in SE to answer the following research questions: (i) What types of comments do researchers focus on when assessing comment quality? (ii) What quality attributes (QAs) do they consider? (iii) Which tools and techniques do they use to assess comment quality?, and (iv) How do they evaluate their studies on comment quality assessment in general? Our evaluation, based on the analysis of 2353 papers and the actual review of 47 relevant ones, shows that (i) most studies and techniques focus on comments in Java code, thus may not be generalizable to other languages, and (ii) the analyzed studies focus on four main QAs of a total of 21 QAs identified in the literature, with a clear predominance of checking consistency between comments and the code. We observe that researchers rely on manual assessment and specific heuristics rather than the automated assessment of the comment quality attributes

解析回避機能を持つマルウェアの解析手法: テイント伝播によるアプローチ

早大学位記番号:新8140早稲田大