1,625 research outputs found
06472 Abstracts Collection - XQuery Implementation Paradigms
From 19.11.2006 to 22.11.2006, the Dagstuhl Seminar 06472 ``XQuery Implementation Paradigms'' was held in the International Conference and Research Center (IBFI), Schloss Dagstuhl. During the seminar, several participants presented their current research, and ongoing work and open problems were discussed. Abstracts of the presentations given during the seminar as well as abstracts of seminar results and ideas are put together in this paper. The first section describes the seminar topics and goals in general. Links to extended abstracts or full papers are provided, if available
Higher-Order Attribute Semantics of Flat Declarative Languages
A technique is described that provides a convenient instrument for implementation of semantics of simple declarative languages called flat languages. Semantics of a specification is defined in the paper as a set of programs derivable for solvable goals. We introduce higher-order attribute models that include more control information than conventional attribute models and explain the algorithm for dynamic evaluation of attributes on these models. A visual tool CoCoViLa is briefly described as an instrument for implementing attribute semantics of flat languages
Polymorphism and Type Inference in Database Programming
The polymorphic type system of ML can be extended in two ways that make it appropriate as the basis of a database programming language. The first is an extension to the language of types that captures the polymorphic nature of field selection; the second is a technique that generalizes relational operators to arbitrary data structures. The combination provides a statically typed language in which relational databases may be cleanly represented as typed structures. As in ML types are inferred, which relieves the programmer of making the rather complicated type assertions that may be required to express the most general type of a program that involves field selection and generalized relational operators.
It is also possible to use these ideas to implement various aspects of object-oriented databases. By implementing database objects as reference types and generating the appropriate views - sets of structures with identity - we can achieve a degree of static type checking for object-oriented databases. Moreover it is possible to exploit the type system to check the consistency of object-oriented classes (abstract data types with inheritance). A prototype language based on these ideas has been implemented. While it lacks some important practical features, it demonstrates that a wide variety of database structures can be cleanly represented in a polymorphic programming language
Search based software engineering: Trends, techniques and applications
© ACM, 2012. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version is available from the link below.In the past five years there has been a dramatic increase in work on Search-Based Software Engineering (SBSE), an approach to Software Engineering (SE) in which Search-Based Optimization (SBO) algorithms are used to address problems in SE. SBSE has been applied to problems throughout the SE lifecycle, from requirements and project planning to maintenance and reengineering. The approach is attractive because it offers a suite of adaptive automated and semiautomated solutions in situations typified by large complex problem spaces with multiple competing and conflicting objectives.
This article provides a review and classification of literature on SBSE. The work identifies research trends and relationships between the techniques applied and the applications to which they have been applied and highlights gaps in the literature and avenues for further research.EPSRC and E
Prototyping Formal System Models with Active Objects
We propose active object languages as a development tool for formal system
models of distributed systems. Additionally to a formalization based on a term
rewriting system, we use established Software Engineering concepts, including
software product lines and object orientation that come with extensive tool
support. We illustrate our modeling approach by prototyping a weak memory
model. The resulting executable model is modular and has clear interfaces
between communicating participants through object-oriented modeling.
Relaxations of the basic memory model are expressed as self-contained variants
of a software product line. As a modeling language we use the formal active
object language ABS which comes with an extensive tool set. This permits rapid
formalization of core ideas, early validity checks in terms of formal invariant
proofs, and debugging support by executing test runs. Hence, our approach
supports the prototyping of formal system models with early feedback.Comment: In Proceedings ICE 2018, arXiv:1810.0205
Trustworthy Refactoring via Decomposition and Schemes: A Complex Case Study
Widely used complex code refactoring tools lack a solid reasoning about the
correctness of the transformations they implement, whilst interest in proven
correct refactoring is ever increasing as only formal verification can provide
true confidence in applying tool-automated refactoring to industrial-scale
code. By using our strategic rewriting based refactoring specification
language, we present the decomposition of a complex transformation into smaller
steps that can be expressed as instances of refactoring schemes, then we
demonstrate the semi-automatic formal verification of the components based on a
theoretical understanding of the semantics of the programming language. The
extensible and verifiable refactoring definitions can be executed in our
interpreter built on top of a static analyser framework.Comment: In Proceedings VPT 2017, arXiv:1708.0688
Automating Seccomp Filter Generation for Linux Applications
Software vulnerabilities in applications undermine the security of
applications. By blocking unused functionality, the impact of potential
exploits can be reduced. While seccomp provides a solution for filtering
syscalls, it requires manual implementation of filter rules for each individual
application. Recent work has investigated automated approaches for detecting
and installing the necessary filter rules. However, as we show, these
approaches make assumptions that are not necessary or require overly
time-consuming analysis.
In this paper, we propose Chestnut, an automated approach for generating
strict syscall filters for Linux userspace applications with lower requirements
and limitations. Chestnut comprises two phases, with the first phase consisting
of two static components, i.e., a compiler and a binary analyzer, that extract
the used syscalls during compilation or in an analysis of the binary. The
compiler-based approach of Chestnut is up to factor 73 faster than previous
approaches without affecting the accuracy adversely. On the binary analysis
level, we demonstrate that the requirement of position-independent binaries of
related work is not needed, enlarging the set of applications for which
Chestnut is usable. In an optional second phase, Chestnut provides a dynamic
refinement tool that allows restricting the set of allowed syscalls further. We
demonstrate that Chestnut on average blocks 302 syscalls (86.5%) via the
compiler and 288 (82.5%) using the binary-level analysis on a set of 18 widely
used applications. We found that Chestnut blocks the dangerous exec syscall in
50% and 77.7% of the tested applications using the compiler- and binary-based
approach, respectively. For the tested applications, Chestnut prevents
exploitation of more than 62% of the 175 CVEs that target the kernel via
syscalls. Finally, we perform a 6 month long-term study of a sandboxed Nginx
server
Polymorphism and Inference in Database Programming
The polymorphic type system of ML can be extended in two ways to make it the appropriate basis of a database programming language. The first is an extension to the language of types that captures the polymorphic nature of field selection; the second is a technique that generalizes relational operators to arbitrary data structures. The combination provides a statically typed language in which relational databases may be cleanly represented as typed structures. As in ML types are inferred, which relieves the programmer of making the rather complicated type assertions that may be required to express the most general type of a program that involving field selection and generalized relational operators. These extensions may also be used to provide static polymorphic typechecking in object-oriented languages and databases. A problem that arises with object-oriented databases is the apparent need for dynamic typechecking when dealing with queries on heterogeneous collections of objects. An extension of the type system needed for generalized relational operations can also be used for manipulating collections of dynamically typed values in a statically typed language. A prototype language based on these ideas has been implemented. While it lacks a proper treatment of persistent data, it demonstrates that a wide variety of database structures can be cleanly represented in a polymorphic programming language
- …