Policy Enforcement with Proactive Libraries

Software libraries implement APIs that deliver reusable functionalities. To correctly use these functionalities, software applications must satisfy certain correctness policies, for instance policies about the order some API methods can be invoked and about the values that can be used for the parameters. If these policies are violated, applications may produce misbehaviors and failures at runtime. Although this problem is general, applications that incorrectly use API methods are more frequent in certain contexts. For instance, Android provides a rich and rapidly evolving set of APIs that might be used incorrectly by app developers who often implement and publish faulty apps in the marketplaces. To mitigate this problem, we introduce the novel notion of proactive library, which augments classic libraries with the capability of proactively detecting and healing misuses at run- time. Proactive libraries blend libraries with multiple proactive modules that collect data, check the correctness policies of the libraries, and heal executions as soon as the violation of a correctness policy is detected. The proactive modules can be activated or deactivated at runtime by the users and can be implemented without requiring any change to the original library and any knowledge about the applications that may use the library. We evaluated proactive libraries in the context of the Android ecosystem. Results show that proactive libraries can automati- cally overcome several problems related to bad resource usage at the cost of a small overhead.Comment: O. Riganelli, D. Micucci and L. Mariani, "Policy Enforcement with Proactive Libraries" 2017 IEEE/ACM 12th International Symposium on Software Engineering for Adaptive and Self-Managing Systems (SEAMS), Buenos Aires, Argentina, 2017, pp. 182-19

Process Calculi Abstractions for Biology

Several approaches have been proposed to model biological systems by means of the formal techniques and tools available in computer science. To mention just a few of them, some representations are inspired by Petri Nets theory, and some other by stochastic processes. A most recent approach consists in interpreting the living entities as terms of process calculi where the behavior of the represented systems can be inferred by applying syntax-driven rules. A comprehensive picture of the state of the art of the process calculi approach to biological modeling is still missing. This paper goes in the direction of providing such a picture by presenting a comparative survey of the process calculi that have been used and proposed to describe the behavior of living entities. This is the preliminary version of a paper that was published in Algorithmic Bioprocesses. The original publication is available at http://www.springer.com/computer/foundations/book/978-3-540-88868-

Integration of Cost andWork Breakdown Structures in the Management of Construction Projects

Scope management allows project managers to react when a project underperforms regarding schedule, budget, and/or quality at the execution stage. Scope management can also minimize project changes and budget omissions, as well as improve the accuracy of project cost estimates and risk responses. For scope management to be effective, though, it needs to rely on a robust work breakdown structure (WBS). A robust WBS hierarchically and faithfully reflects all project tasks and work packages so that projects are easier to manage. If done properly, the WBS also allows meeting the project objectives while delivering the project on time, on budget, and with the required quality. This paper analyzes whether the integration of a cost breakdown structure (CBS) can lead to the generation of more robust WBSs in construction projects. Over the last years, some international organizations have standardized and harmonized different cost classification systems (e.g., ISO 12006-2, ISO 81346-12, OmniClass, CoClass, UniClass). These cost databases have also been introduced into building information modeling (BIM) frameworks. We hypothesize that in BIM environments, if these CBSs are used to generate the project WBS, several advantages are gained such as sharper project definition. This enhanced project definition reduces project contradictions at both planning and execution stages, anticipates potential schedule and budget deviations, improves resource allocation, and overall it allows a better response to potential project risks. The hypothesis that the use of CBSs can generate more robust WBSs is tested by the response analysis of a questionnaire survey distributed among construction practitioners and project managers. By means of structural equation modeling (SEM), the correlation (agreement) and perception differences between two 250-respondent subsamples (technical project staff vs. project management staff) are also discussed. Results of this research support the use of CBSs by construction professionals as a basis to generate WBSs for enhanced project management (PM)

Application-Layer Connector Synthesis

International audienceThe heterogeneity characterizing the systems populating the Ubiquitous Computing environment prevents their seamless interoperability. Heterogeneous protocols may be willing to cooperate in order to reach some common goal even though they meet dynamically and do not have a priori knowledge of each other. Despite numerous e orts have been done in the literature, the automated and run-time interoperability is still an open challenge for such environment. We consider interoperability as the ability for two Networked Systems (NSs) to communicate and correctly coordinate to achieve their goal(s). In this chapter we report the main outcomes of our past and recent research on automatically achieving protocol interoperability via connector synthesis. We consider application-layer connectors by referring to two conceptually distinct notions of connector: coordinator and mediator. The former is used when the NSs to be connected are already able to communicate but they need to be speci cally coordinated in order to reach their goal(s). The latter goes a step forward representing a solution for both achieving correct coordination and enabling communication between highly heterogeneous NSs. In the past, most of the works in the literature described e orts to the automatic synthesis of coordinators while, in recent years the focus moved also to the automatic synthesis of mediators. Within the Connect project, by considering our past experience on automatic coordinator synthesis as a baseline, we propose a formal theory of mediators and a related method for automatically eliciting a way for the protocols to interoperate. The solution we propose is the automated synthesis of emerging mediating connectors (i.e., mediators for short)

Vetting undesirable behaviors in android apps with permission use analysis

Android platform adopts permissions to protect sensitive resources from untrusted apps. However, after permissions are granted by users at install time, apps could use these permissions (sensitive resources) with no further restrictions. Thus, recent years have witnessed the explosion of undesirable behaviors in Android apps. An important part in the defense is the accurate analysis of Android apps. However, traditional syscall-based analysis techniques are not well-suited for Android, because they could not capture critical interactions between the application and the Android system. This paper presents VetDroid, a dynamic analysis platform for reconstructing sensitive behaviors in Android apps from a novel permission use perspective. VetDroid features a systematic frame-work to effectively construct permission use behaviors, i.e., how applications use permissions to access (sensitive) system resources, and how these acquired permission-sensitive resources are further utilized by the application. With permission use behaviors, security analysts can easily examine the internal sensitive behaviors of an app. Using real-world Android malware, we show that VetDroid can clearly reconstruct fine-grained malicious behaviors to ease malware analysis. We further apply VetDroid to 1,249 top free apps in Google Play. VetDroid can assist in finding more information leaks than TaintDroid [24], a state-of-the-art technique. In addition, we show howwe can use VetDroid to analyze fine-grained causes of information leaks that TaintDroid cannot reveal. Finally, we show that VetDroid can help identify subtle vulnerabilities in some (top free) applications otherwise hard to detect

Ontology mapping by concept similarity

This paper presents an approach to the problem of mapping ontologies. The motivation for the research stems from the Diogene Project which is developing a web training environment for ICT professionals. The system includes high quality training material from registered content providers, and free web material will also be made available through the project's "Web Discovery" component. This involves using web search engines to locate relevant material, and mapping the ontology at the core of the Diogene system to other ontologies that exist on the Semantic Web. The project's approach to ontology mapping is presented, and an evaluation of this method is described