1,786 research outputs found
An automated approach for finding variable-constant pairing bugs
Named constants are used heavily in operating systems code, both as internal flags and in interactions with devices. Decision making within an operating system thus critically depends on the correct usage of these values. Nevertheless, compilers for the languages typically used in implementing operating systems provide little support for checking the usage of named constants. This affects correctness, when a constant is used in a context where its value is meaningless, and software maintenance, when a constant has the right value for its usage context but the wrong name. We propose a hybrid program-analysis and data-mining based approach to identify the uses of named constants and to identify anomalies in these uses. We have applied our approach to a recent version of the Linux kernel and have found a number of bugs affecting both correctness and software maintenance. Many of these bugs have been validated by the Linux developers
Automatic Repair of Buggy If Conditions and Missing Preconditions with SMT
We present Nopol, an approach for automatically repairing buggy if conditions
and missing preconditions. As input, it takes a program and a test suite which
contains passing test cases modeling the expected behavior of the program and
at least one failing test case embodying the bug to be repaired. It consists of
collecting data from multiple instrumented test suite executions, transforming
this data into a Satisfiability Modulo Theory (SMT) problem, and translating
the SMT result -- if there exists one -- into a source code patch. Nopol
repairs object oriented code and allows the patches to contain nullness checks
as well as specific method calls.Comment: CSTVA'2014, India (2014
STANSE: Bug-finding Framework for C Programs
Regular paper accepted at the MEMICS 2011 workshop. The paper deals with static analysis. It also describes a framework and tool called Stanse
A Framework for Exploiting Emergent Behaviour to capture 'Best Practice' within a Programming Domain
Inspection is a formalised process for reviewing an artefact in software engineering.
It is proven to significantly reduce defects, to ensure that what is delivered is what is
required, and that the finished product is effective and robust.
Peer code review is a less formal inspection of code, normally classified as
inadequate or substandard Inspection. Although it has an increased risk of not
locating defects, it has been shown to improve the knowledge and programming
skills of its participants.
This thesis examines the process of peer code review, comparing it to Inspection,
and attempts to describe how an informal code review can improve the knowledge
and skills of its participants by deploying an agent oriented approach.
During a review the participants discuss defects, recommendations and solutions, or
more generally their own experience. It is this instant adaptability to new
11
information that gives the review process the ability to improve knowledge. This
observed behaviour can be described as the emergent behaviour of the group of
programmers during the review.
The wider distribution of knowledge is currently only performed by programmers
attending other reviews. To maximise the benefits of peer code review, a
mechanism is needed by which the findings from one team can be captured and
propagated to other reviews / teams throughout an establishment.
A prototype multi-agent system is developed with the aim of capturing the emergent
properties of a team of programmers. As the interactions between the team members
is unstructured and the information traded is dynamic, a distributed adaptive system
is required to provide communication channels for the team and to provide a
foundation for the knowledge shared. Software agents are capable of adaptivity and
learning. Multi-agent systems are particularly effective at being deployed within
distributed architectures and are believed to be able to capture emergent behaviour.
The prototype system illustrates that the learning mechanism within the software
agents provides a solid foundation upon which the ability to detect defects can be
learnt. It also demonstrates that the multi-agent approach is apposite to provide the
free flow communication of ideas between programmers, not only to achieve the
sharing of defects and solutions but also at a high enough level to capture social
information. It is assumed that this social information is a measure of one element of
the review process's emergent behaviour.
The system is capable of monitoring the team-perceived abilities of programmers,
those who are influential on the programming style of others, and the issues upon
III
which programmers agree or disagree. If the disagreements are classified as
unimportant or stylistic issues, can it not therefore be assumed that all agreements
are concepts of "Best Practice"?
The conclusion is reached that code review is not a substandard Inspection but is in
fact complementary to the Inspection model, as the latter improves the process of
locating and identifying bugs while the former improves the knowledge and skill of
the programmers, and therefore the chance of bugs not being encoded to start with.
The prototype system demonstrates that it is possible to capture best practice from a
review team and that agents are well suited to the task. The performance criteria of
such a system have also been captured.
The prototype system has also shown that a reliable level of learning can be attained
for a real world task. The innovative way of concurrently deploying multiple agents
which use different approaches to achieve the same goal shows remarkable
robustness when learning from small example sets.
The novel way in which autonomy is promoted within the agents' design but
constrained within the agent community allows the system to provide a sufficiently
flexible communications structure to capture emergent social behaviour, whilst
ensuring that the agents remain committed to their own goals
Evolutionary computing driven search based software testing and correction
For a given program, testing, locating the errors identified, and correcting those errors is a critical, yet expensive process. The field of Search Based Software Engineering (SBSE) addresses these phases by formulating them as search problems. This dissertation addresses these challenging problems through the use of two complimentary evolutionary computing based systems. The first one is the Fitness Guided Fault Localization (FGFL) system, which novelly uses a specification based fitness function to perform fault localization. The second is the Coevolutionary Automated Software Correction (CASC) system, which employs a variety of evolutionary computing techniques to perform testing, correction, and verification of software. In support of the real world application of these systems, a practitioner\u27s guide to fitness function design is provided. For the FGFL system, experimental results are presented that demonstrate the applicability of fitness guided fault localization to automate this important phase of software correction in general, and the potential of the FGFL system in particular. For the fitness function design guide, the performance of a guide generated fitness function is compared to that of an expert designed fitness function demonstrating the competitiveness of the guide generated fitness function. For the CASC system, results are presented that demonstrate the system\u27s abilities on a series of problems of both increasing size as well as number of bugs present. The system presented solutions more than 90% of the time for versions of the programs containing one or two bugs. Additionally, scalability results are presented for the CASC system that indicate that success rate linearly decreases with problem size and that the estimated convergence rate scales at worst linearly with problem size --Abstract, page ii
STATIC AND DYNAMIC ANALYSES FOR PROTECTING THE JAVA SOFTWARE EXECUTION ENVIRONMENT
In my thesis, I present three projects on which I have worked during my Ph.D. studies. All of them focus on software protection in the Java environment with static and dynamic techniques for control-flow and data-dependency analysis. More specifically, the first two works are dedicated to the problem of deserialization of untrusted data in Java. In the first, I present a defense system that was designed for protecting the Java Virtual Machine, along with the results that were obtained. In the second, I present a recent research project that aims at automatic generation of deserialization attacks, to help identifying them and increasing protection. The last discussed work concerns another branch of software protection: the authentication on short-distance channels (or the lack thereof) in Android APKs. In said work, I present a tool that was built for automatically identifying the presence of high-level authentication in Android apps. I thoroughly discuss experiments, limitations and future work for all three projects, concluding with general principles that bring these works together, and can be applied when facing related security issues in high-level software protection
Exploring formal verification methodology for FPGA-based digital systems.
Abstract Not Provide
- …