Dynamic Trace-Based Data Dependency Analysis for Parallelization of C Programs

Writing parallel code is traditionally considered a difficult task, even when it is tackled from the beginning of a project. In this paper, we demonstrate an innovative toolset that faces this challenge directly. It provides the software developers with profile data and directs them to possible top-level, pipeline-style parallelization opportunities for an arbitrary sequential C program. This approach is complementary to the methods based on static code analysis and automatic code rewriting and does not impose restrictions on the structure of the sequential code or the parallelization style, even though it is mostly aimed at coarse-grained task-level parallelization. The proposed toolset has been utilized to define parallel code organizations for a number of real-world representative applications and is based on and is provided as free source

AndroShield:automated Android applications vulnerability detection, a hybrid static and dynamic analysis approach

The security of mobile applications has become a major research field which is associated with a lot of challenges. The high rate of developing mobile applications has resulted in less secure applications. This is due to what is called the “rush to release” as defined by Ponemon Institute. Security testing—which is considered one of the main phases of the development life cycle—is either not performed or given minimal time; hence, there is a need for security testing automation. One of the techniques used is Automated Vulnerability Detection. Vulnerability detection is one of the security tests that aims at pinpointing potential security leaks. Fixing those leaks results in protecting smart-phones and tablet mobile device users against attacks. This paper focuses on building a hybrid approach of static and dynamic analysis for detecting the vulnerabilities of Android applications. This approach is capsuled in a usable platform (web application) to make it easy to use for both public users and professional developers. Static analysis, on one hand, performs code analysis. It does not require running the application to detect vulnerabilities. Dynamic analysis, on the other hand, detects the vulnerabilities that are dependent on the run-time behaviour of the application and cannot be detected using static analysis. The model is evaluated against different applications with different security vulnerabilities. Compared with other detection platforms, our model detects information leaks as well as insecure network requests alongside other commonly detected flaws that harm users’ privacy. The code is available through a GitHub repository for public contribution

An Animation Framework for Improving the Comprehension of TinyOS Programs

To meet the increasing demand for monitoring of the physical world, there has been an increase in the development of wireless sensor network applications. The TinyOS platform has emerged as a de facto standard for developing these applications. The platform offers a number of advantages, with its support for concurrency, power-efficient operation, and resource-constrained hardware chief among them. However, the benefits come at a price. Even without the TinyOS platform, the inherent parallel and distributed nature of these applications makes it difficult for developers to reason about program behavior. Further, the TinyOS programming model adopts asynchronous, split-phase execution semantics. Developers must explicitly manage program control state across event-handlers, components, and devices. This makes the design, debugging, and comprehension of these programs even more difficult. In this work, we describe an animation framework for TinyOS programs, designed to enhance the comprehension of their runtime behavior. The framework enables application developers to specify, in the form of an XML configuration file, the runtime elements to be captured within a given system and the manner in which those elements should be displayed. The resulting visualization presents an animated play-back sequence of the events that occurred during execution. The framework also provides a visual representation that connects causally-related events in a distributed network. We describe the design and implementation of the animation framework and present an analysis of the runtime overhead it introduces

Interactive Trace-Based Analysis Toolset for Manual Parallelization of C Programs

Massive amounts of legacy sequential code need to be parallelized to make better use of modern multiprocessor architectures. Nevertheless, writing parallel programs is still a difficult task. Automated parallelization methods can be effective both at the statement and loop levels and, recently, at the task level, but they are still restricted to specific source code constructs or application domains. We present in this article an innovative toolset that supports developers when performing manual code analysis and parallelization decisions. It automatically collects and represents the program profile and data dependencies in an interactive graphical format that facilitates the analysis and discovery of manual parallelization opportunities. The toolset can be used for arbitrary sequential C programs and parallelization patterns. Also, its program-scope data dependency tracing at runtime can complement the tools based on static code analysis and can also benefit from it at the same time. We also tested the effectiveness of the toolset in terms of time to reach parallelization decisions and of their quality. We measured a significant improvement for several real-world representative applications

Exploring Eye Tracking Data on Source Code via Dual Space Analysis

Eye tracking is a frequently used technique to collect data capturing users\u27 strategies and behaviors in processing information. Understanding how programmers navigate through a large number of classes and methods to find bugs is important to educators and practitioners in software engineering. However, the eye tracking data collected on realistic codebases is massive compared to traditional eye tracking data on one static page. The same content may appear in different areas on the screen with users scrolling in an Integrated Development Environment (IDE). Hierarchically structured content and fluid method position compose the two major challenges for visualization. We present a dual-space analysis approach to explore eye tracking data by leveraging existing software visualizations and a new graph embedding visualization. We use the graph embedding technique to quantify the distance between two arbitrary methods, which offers a more accurate visualization of distance with respect to the inherent relations, compared with the direct software structure and the call graph. The visualization offers both naturalness and readability showing time-varying eye movement data in both the content space and the embedded space, and provides new discoveries in developers\u27 eye tracking behaviors. Adviser: Hongfeng Y

Coherent tool support for design-space exploration

Embedded Systems Innovation by TNO developed three generic tools to improve industrial applicability. POOSL provides an integrated editing, debugging and validating environment for system modelling, combined with a simulator. TRACE is a tool for visualizing quantitative analysis results. Design Framework (DF) aims for system architecting including architectural views, work flow support and the link of architectural reasoning to concrete modeling activities and artifacts. However, there is no integrated environment to support these three tools to work together. This project proposes a prototype to demonstrate cooperation between the three generic tools as an integrated environment for design-space exploration. The report describes the process that was applied to the new integrated environment, Exploration Experiment (EE). EE provides a platform to define an experiment by specifying a sequence of a model and executors. From DF, the user can execute a defined experiment and get the execution results automatically. In addition to the development of EE, this report also includes the process of the development of TRACE extensions. The extensions contain new functionalities of multiple Gantt Chart comparison and design-space visualizations, a standalone application and an executable JAVA Archive file