Dynamic Analysis Techniques for Effective and Efficient Debugging

Debugging is a tedious and time-consuming process for software developers. Therefore, providing effective and efficient debugging tools is essential for improving programmer productivity. Existing tools for debugging suffer from various drawbacks -- general-purpose debuggers provide little guidance for the programmers in locating the bug source while specialized debuggers require knowledge of the type of bug encountered. This dissertation makes several advances in debugging leading to effective, efficient, and extensible framework for interactive debugging of singlethreaded programs and deterministic debugging of multithreaded programs.This dissertation presents the Qzdb debugger for singlethreaded programs that raises the abstraction level of debugging by introducing high-level and powerful state alteration and state inspection capabilities. Case studies on 5 real reported bugs in 5 popular real programs demonstrate its effectiveness. To support integration of specialized debugging algorithms into Qzdb, anew approach for constructing debuggers is developed that employs declarative specification of bug conditions and their root causes, and automatic generation of debugger code. Experiments show that about 3,300 lines of C code are generated automatically from only 8 lines of specification for 6 memory bugs. Thanks to the effective generated bug locators, for the 8 real-worlds bugs we have applied our approach to, users have to examine just 1 to 16 instructions. To reduce the runtime overhead of dynamic analysis used during debugging, relevant input analysis is developed and employed to carry out input simplification and execution simplification which reduce the length of analyzed execution by reducing the input size and limiting the analysis to subset of the execution. Experiments show that relevant input analysis based input simplification algorithm is both efficient and effective -- it only requires 11% to 21% test runs of that needed by standard delta debugging algorithm and generates even smaller inputs.Finally, to demonstrate that the above approach can also be used for debugging multithreaded programs, this dissertation presents DrDebug, a deterministic and cyclic debugging framework. DrDebug allows efficient debugging by tailoring the scope of replay to a buggy execution region and an execution slice of a buggy region. Case studies of real reported concurrency bugs show that the buggy execution region size is less than 1 million instructions and the lengths of buggy execution region and execution slice are less than 15% and 7% of the total execution respectively

Firmware Counterfeiting and Modification Attacks on Programmable Logic Controllers

Recent attacks on industrial control systems (ICSs), like the highly publicized Stuxnet malware, have perpetuated a race to the bottom where lower level attacks have a tactical advantage. Programmable logic controller (PLC) firmware, which provides a software-driven interface between system inputs and physically manifested outputs, is readily open to modification at the user level. Current efforts to protect against firmware attacks are hindered by a lack of prerequisite research regarding details of attack development and implementation. In order to obtain a more complete understanding of the threats posed by PLC firmware counterfeiting and the feasibility of such attacks, this research explores the vulnerability of common controllers to intentional firmware modifications. After presenting a general analysis process that takes advantage of various techniques and methodologies applied to similar scenarios, this work derives the firmware update validation method used for the Allen-Bradley ControlLogix PLC. A proof of concept demonstrates how to alter a legitimate firmware update and successfully upload it to a ControlLogix L61. Possible mitigation strategies discussed include digitally signed and encrypted firmware as well as preemptive and post-mortem analysis methods to provide protection. Results of this effort facilitate future research in PLC firmware security through direct example of firmware counterfeiting

ObLog: the combination of object-oriented and logic programming

Object-oriented programming has often been advocated as a means of improving and enhancing the facilities provided by a given programming environment. This thesis is concerned with an examination of the benefits of providing object-oriented facilities in the Logic programming language - Prolog. We consider these benefits from two different perspectives, specifically examining what benefits Prolog can gain from objects, and conversely, what benefits object-oriented programming can gain from Prolog. A previously proposed model of object execution in Prolog was used as the basis of this research. In implementing this proposal we have critically examined how well the model supports the principles of object-oriented programming, and in those areas which we consider deficient, identified alternatives for improving the model which have subsequently been implemented for the purposes of assessment. The name we have selected for our augmented system is ObLog, drawn from Ob(jects) in (Pro)log. We critically examine the suitability of ObLog in terms of object-oriented programming by implementing a series of example applications based on a Block World specification. The thesis concludes by proposing some areas in which further research might usefully be conducted

Service-Oriented Ad Hoc Grid Computing

Subject of this thesis are the design and implementation of an ad hoc Grid infrastructure. The vision of an ad hoc Grid further evolves conventional service-oriented Grid systems into a more robust, more flexible and more usable environment that is still standards compliant and interoperable with other Grid systems. A lot of work in current Grid middleware systems is focused on providing transparent access to high performance computing (HPC) resources (e.g. clusters) in virtual organizations spanning multiple institutions. The ad hoc Grid vision presented in this thesis exceeds this view in combining classical Grid components with more flexible components and usage models, allowing to form an environment combining dedicated HPC-resources with a large number of personal computers forming a "Desktop Grid". Three examples from medical research, media research and mechanical engineering are presented as application scenarios for a service-oriented ad hoc Grid infrastructure. These sample applications are also used to derive requirements for the runtime environment as well as development tools for such an ad hoc Grid environment. These requirements form the basis for the design and implementation of the Marburg ad hoc Grid Environment (MAGE) and the Grid Development Tools for Eclipse (GDT). MAGE is an implementation of a WSRF-compliant Grid middleware, that satisfies the criteria for an ad hoc Grid middleware presented in the introduction to this thesis. GDT extends the popular Eclipse integrated development environment by components that support application development both for traditional service-oriented Grid middleware systems as well as ad hoc Grid infrastructures such as MAGE. These development tools represent the first fully model driven approach to Grid service development integrated with infrastructure management components in service-oriented Grid computing. This thesis is concluded by a quantitative discussion of the performance overhead imposed by the presented extensions to a service-oriented Grid middleware as well as a discussion of the qualitative improvements gained by the overall solution. The conclusion of this thesis also gives an outlook on future developments and areas for further research. One of these qualitative improvements is "hot deployment" the ability to install and remove Grid services in a running node without interrupt to other active services on the same node. Hot deployment has been introduced as a novelty in service-oriented Grid systems as a result of the research conducted for this thesis. It extends service-oriented Grid computing with a new paradigm, making installation of individual application components a functional aspect of the application. This thesis further explores the idea of using peer-to-peer (P2P networking for Grid computing by combining a general purpose P2P framework with a standard compliant Grid middleware. In previous work the application of P2P systems has been limited to replica location and use of P2P index structures for discovery purposes. The work presented in this thesis also uses P2P networking to realize seamless communication accross network barriers. Even though the web service standards have been designed for the internet, the two-way communication requirement introduced by the WSRF-standards and particularly the notification pattern is not well supported by the web service standards. This defficiency can be answered by mechanisms that are part of such general purpose P2P communication frameworks. Existing security infrastructures for Grid systems focus on protection of data during transmission and access control to individual resources or the overall Grid environment. This thesis focuses on security issues within a single node of a dynamically changing service-oriented Grid environment. To counter the security threads arising from the new capabilities of an ad hoc Grid, a number of novel isolation solutions are presented. These solutions address security issues and isolation on a fine-grained level providing a range of applicable basic mechanisms for isolation, ranging from lightweight system call interposition to complete para-virtualization of the operating systems

PECCit: An Omniscient Debugger for Web Development

Debugging can be an extremely expensive and time-consuming task for a software developer. To find a bug, the developer typically needs to navigate backwards through infected states and symptoms of the bug to find the initial defect. Modern debugging tools are not designed for navigating back-in-time and typically require the user to jump through hoops by setting breakpoints, re-executing, and guessing where errors occur. Omniscient debuggers offer back-in-time debugging capabilities to make this task easier. These debuggers trace the program allowing the user to navigate forwards and backwards through the execution, examine variable histories, and visualize program data and control flow. Presented in this thesis is PECCit, an omniscient debugger designed for backend web development. PECCit traces web frameworks remotely and provides a browser-based IDE to navigate through the trace. The user can even watch a preview of the web page as it\u27s being built line-by-line using a novel feature called capturing. To evaluate, PECCit was used to debug real-world problems provided by users of two Content Management Systems: WordPress and Drupal. In these case studies, PECCit\u27s features and debugging capabilities are demonstrated and contrasted with standard debugging techniques

Acquisition and Forensic Analysis of Volatile Data Stores

The advent of more witted threats against typical computer systems demonstrates a need for forensic analysis of memory-resident data in addition to the conventional static analysis common today. Some tools are starting to become available to duplicate various types of volatile data stores. Once the data store has been duplicated, current forensic procedures have no vector for extrapolating further information from the duplicate. This thesis is focused on providing the groundwork for performing forensic investigations on the data that is typically stored in a volatile data store, such as system RAM, while creating as small an impact as possible to the state of a system. It is intended that this thesis will give insight to obtaining more post incident response information along with a smaller impact to potential evidence when compared to typical incident response procedures

Visual Debugging of Object-Oriented Systems with the Unified Modeling Language

The Department of Defense (DoD) is developing a Joint Battlespace Infosphere, linking a large number of data sources and user applications. Debugging and analysis tools are required to aid in this process. Debugging of large object-oriented systems is a difficult cognitive process that requires understanding of both the overall and detailed behavior of the application. In addition, many such applications linked through a distributed system add to this complexity. Standard debuggers do not utilize visualization techniques, focusing mainly on information extracted directly from the source code. To overcome this deficiency, this research designs and implements a methodology that enables developers to analyze, troubleshoot and evaluate object-oriented systems using visualization techniques. It uses the standard UML class diagram coupled with visualization features such as focus+context, animation, graph layout, color encoding and filtering techniques to organize and present information in a manner that facilitates greater program and system comprehension. Multiple levels of abstraction, from low-level details such as source code and variable information to high-level structural detail in the form of a UML class diagram are accessible along with views of the program s control flow. The methods applied provide a considerable improvement (up to 1110%) in the number of classes that can be displayed in a set display area while still preserving user context and the semantics of UML, thus maintaining system understanding. Usability tests validated the application in terms of three criteria software visualization, debugging, and general system usability

Integrated testing and verification system for research flight software design document

The NASA Langley Research Center is developing the MUST (Multipurpose User-oriented Software Technology) program to cut the cost of producing research flight software through a system of software support tools. The HAL/S language is the primary subject of the design. Boeing Computer Services Company (BCS) has designed an integrated verification and testing capability as part of MUST. Documentation, verification and test options are provided with special attention on real time, multiprocessing issues. The needs of the entire software production cycle have been considered, with effective management and reduced lifecycle costs as foremost goals. Capabilities have been included in the design for static detection of data flow anomalies involving communicating concurrent processes. Some types of ill formed process synchronization and deadlock also are detected statically