Debugging of Web Applications with Web-TLR

Web-TLR is a Web verification engine that is based on the well-established Rewriting Logic--Maude/LTLR tandem for Web system specification and model-checking. In Web-TLR, Web applications are expressed as rewrite theories that can be formally verified by using the Maude built-in LTLR model-checker. Whenever a property is refuted, a counterexample trace is delivered that reveals an undesired, erroneous navigation sequence. Unfortunately, the analysis (or even the simple inspection) of such counterexamples may be unfeasible because of the size and complexity of the traces under examination. In this paper, we endow Web-TLR with a new Web debugging facility that supports the efficient manipulation of counterexample traces. This facility is based on a backward trace-slicing technique for rewriting logic theories that allows the pieces of information that we are interested to be traced back through inverse rewrite sequences. The slicing process drastically simplifies the computation trace by dropping useless data that do not influence the final result. By using this facility, the Web engineer can focus on the relevant fragments of the failing application, which greatly reduces the manual debugging effort and also decreases the number of iterative verifications.Comment: In Proceedings WWV 2011, arXiv:1108.208

Slicing-based debugging of web applications in rewriting logic

The pervasiveness of computing on the Internet has led to an explosive growth of Web applications that, together with their ever-increasing complexity, have turned their design and development in a major challenge. Unfortunately, the huge expansion of development and utilization of Web computation has not been paired by the development of methods, models and debugging tools to help the developer diagnose, quickly and easily, potential problems in a Web application. There is an urgent demand of analysis and verification facilities capable to prevent insecure software that could cause unavailability of systems or services, or provide access to private data or internal resources of a given organization. The main goal of this MSc thesis is to improve the debugging of Web applications by embedding novel analysis and verification techniques that rely on the program semantics. As a practical realization of the ideas, we use Web-TLR that is a verification engine for dynamic Web applications based on Rewrite Logic. We extend Web-TLR with a novel functionality that supports effective Web debugging for realistic Web applications involving complex execution traces. This functionality is based on a backward trace slicing technique that is based on dynamic labeling. In order to extend the class of programs covered by the debugging methodology we formalize a generalization of the slicer to Conditional Rewriting Logic theories, greatly simplifying the debugging task by providing a novel and sophisticated form of pattern matching.Frechina Navarro, F. (2011). Slicing-based debugging of web applications in rewriting logic. http://hdl.handle.net/10251/15637Archivo delegad

Verificación de aplicaciones web dinámicas con Web-TLR

Web-TLR is a software tool designed for model-checking Web applications that is based on rewriting logic. Web applications are expressed as rewrite theories that can be formally verified by using the Maude built-in LTLR model-checker. Whenever a property is refuted, it produces a counterexample trace that underlies the failing model checking computation. However, the analysis (or even the simple inspection) of large counterexamples may prove to be unfeasible due to the size and complexity of the traces under examination. This work aims to improve the understandability of the counterexamples generated by Web-TLR by developing an integrated framework for debugging Web applications that integrates a trace-slicing technique for rewriting logic theories that is particularly tailored to Web-TLR. The verification environment is also provided with a user-friendly, graphical Web interface that shields the user from unnecessary information. Trace slicing is a widely used technique for execution trace analysis that is effectively used in program debugging, analysis and comprehension. Our trace slicing technique allows us to systematically trace back rewrite sequences modulo equational axioms (such as associativity and commutativity) by means of an algorithm that dynamically simpli es the traces by detecting control and data dependencies, and dropping useless data that do not infuence the final result. Our methodology is particularly suitable for analyzing complex, textually-large system computations such as those delivered as counter-example traces by Maude model-checkers. The slicing facility implemented in Web-TLR allows the user to select the pieces of information that she is interested into by means of a suitable pattern-matching language supported by wildcards. The selected information is then traced back through inverse rewrite sequences. The slicing process drastically simpli es the computation trace by dropping useless data that do not influence the nal result. By using this facility, the Web engineer can focus on the relevant fragments of the failing application, which greatly reduces the manual debugging e ort and also decreases the number of iterative verfications.Espert Real, J. (2011). Verificación de aplicaciones web dinámicas con Web-TLR. http://hdl.handle.net/10251/11219.Archivo delegad

Rewriting-based Verification and Debugging of Web Systems

The increasing complexity of Web system has led to the development of sophisticated formal methodologies for verifying and correcting Web data and Web programs. In general, establishing whether a Web system behaves correctly with respect to the original intention of the programmer or checking its internal consistency are non-trivial tasks as witnessed by many studies in the literature. In this dissertation, we face two challenging problems related to the verification of Web systems. Firstly, we extend a previous Web verification framework based on partial rewriting by providing a semi-automatic technique for repairing Web systems. We propose a basic repairing methodology that is endowed with several strategies for optimizing the number of repair actions that must be executed in order to fix a given Web site. Also, we develop an improvement of the Web verification framework that is based on abstract interpretation and greatly enhances both efficiency and scalability of the original technique. Secondly, we formalize a framework for the specification and model-checking of dynamic Web applications that is based on Rewriting Logic. Our framework allows one to simulate the user navigation and the evaluation of Web scripts within a Web application, and also check important related properties such us reachability and consistency. When a property is refuted, a counter-example with the erroneous trace is delivered. Such information can be analyzed in order to debug the Web application under examination by means of a novel backward trace slicing technique that we formulated for this purpose. This technique consists in tracing back, along an execution trace, all the relevant symbols of the term (or state) that we are interested to observe.Romero ., DO. (2011). Rewriting-based Verification and Debugging of Web Systems [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/12496Palanci

Using conditional trace slicing for improving Maude programs

[EN] Understanding the behavior of software is important for the existing software to be improved. In this paper, we present a trace slicing technique that is suitable for analyzing complex, textually-large computations in rewriting logic, which is a general framework efficiently implemented in the Maude language that seamlessly unifies a wide variety of logics and models of concurrency. Given a Maude execution trace T and a slicing criterion for the trace (i.e., a piece of information that we want to observe in the final computation state), we traverse T from back to front and the backward dependence of the observed information is incrementally computed at each execution step. At the end of the traversal, a simplified trace slice is obtained by filtering out all the irrelevant data that do not impact on the data of interest. By narrowing the size of the trace, the slicing technique favors better inspection and debugging activities since most tedious and irrelevant inspections that are routinely performed during diagnosis and bug localization can be eliminated automatically. Moreover, cutting down the execution trace can expose opportunities for further improvement, which we illustrate by means of several examples that we execute by using iJulienne, a trace slicer that implements our conditional slicing technique and is endowed with a trace querying mechanism that increases flexibility and reduction power.This work has been partially supported by the EU (FEDER) and the Spanish MEC project ref. TIN2010-21062-C02-02, and by Generalitat Valenciana ref. PROMETEO2011/052. This work was carried out during the tenure of D. Ballis' ERCIM "Alain Bensoussan" Postdoctoral Fellowship. The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant agreement No. 246016. F. Frechina was supported by FPU-ME grant AP2010-5681 and D. Romero by FPI-MEC grant BES-2008-004860.Alpuente Frasnedo, M.; Ballis, D.; Frechina, F.; Romero, DO. (2014). Using conditional trace slicing for improving Maude programs. Science of Computer Programming. 80:385-415. https://doi.org/10.1016/j.scico.2013.09.018S3854158

Backward Trace Slicing for Rewriting Logic Theories -Technical report -

Trace slicing is a widely used technique for execution trace analysis that is effectively used in program debugging, analysis and comprehension. In this paper, we present a backward trace slicing technique that can be used for the analysis of Rewriting Logic theories. Our trace slicing technique allows us to systematically trace back rewrite sequences modulo equational axioms (such as associativity and commutativity) by means of an algorithm that dynamically simplifies the traces by detecting control and data dependencies, and dropping useless data that do not influence the final result. Our methodology is particularly suitable for analyzing complex, textually-large system computations such as those delivered as counter-example traces by Maude model-checkers.Alpuente Frasnedo, M.; Ballis, D.; Espert, J.; Romero, D. (2011). Backward Trace Slicing for Rewriting Logic Theories -Technical report -. http://hdl.handle.net/10251/1077

A Rewriting-based, Parameterized Exploration Scheme for the Dynamic Analysis of Complex Software Systems

Los sistemas software actuales son artefactos complejos cuyo comportamiento es a menudo extremadamente difícil de entender. Este hecho ha llevado al desarrollo de metodologías formales muy sofisticadas para el análisis, comprensión y depuración de programas. El análisis de trazas de ejecución consiste en la búsqueda dinámica de contenidos específicos dentro de las trazas de ejecución de un cierto programa. La búsqueda puede llevarse a cabo hacia adelante o hacia atrás. Si bien el análisis hacia adelante se traduce en una forma de análisis de impacto que identifica el alcance y las posibles consecuencias de los cambios en la entrada del programa, el análisis hacia atrás permite llevar a cabo un rastreo de la procedencia; es decir, muestra como (partes de) la salida del programa depende de (partes de) su entrada y ayuda a estimar qué dato de la entrada es necesario modificar para llevar a cabo un cambio en el resultado. En esta tesis se investiga una serie de metodologías de análisis de trazas que son especialmente adecuadas para el análisis de trazas de ejecución largas y complejas en la lógica de reescritura, que es un marco lógico y semántico especialmente adecuado para la formalización de sistemas altamente concurrentes. La primera parte de la tesis se centra en desarrollar una técnica de análisis de trazas hacia atrás que alcanza enormes reducciones en el tamaño de la traza. Esta metodología se basa en la fragmentación incremental y favorece un mejor análisis y depuración ya que la mayoría de las inspecciones, tediosas e irrelevantes, que se realizan rutinariamente en el diagnostico y la localización de errores se pueden eliminar de forma automática. Esta técnica se ilustra por medio de varios ejemplos que ejecutamos mediante el sistema iJulienne, una herramienta interactiva de fragmentación que hemos desarrollado y que implementa la técnica de análisis de trazas hacia atrás. En la segunda parte de la tesis se formaliza un sistema paramétrico, flexible y dinámico, para la exploración de computaciones en la lógica de reescritura. El esquema implementa un algoritmo de animación gen érico que permite la ejecución indeterminista de una teoría de reescritura condicional dada y que puede ser objeto de seguimiento mediante el uso de diferentes modalidades, incluyendo una ejecución gradual paso a paso y una fragmentación automática hacia adelante y/o hacia atrás, lo que reduce drásticamente el tamaño y la complejidad de las trazas bajo inspección y permite a los usuarios evaluar de forma aislada los efectos de una declaración o instrucción dada, el seguimiento de los efectos del cambio de la entrada, y obtener información sobre el comportamiento del programa (o mala conducta del mismo). Por otra parte, la fragmentación de la traza de ejecución puede identificar nuevas oportunidades de optimización del programa. Con esta metodología, un analista puede navegar, fragmentar, filtrar o buscar en la traza durante la ejecución del programa. El marco de análisis de trazas gen érico se ha implementado en el sistema Anima y describimos una profunda evaluación experimental de este que demuestra la utilidad del enfoque propuesto.Frechina Navarro, F. (2014). A Rewriting-based, Parameterized Exploration Scheme for the Dynamic Analysis of Complex Software Systems [Tesis doctoral no publicada]. Universitat Politècnica de València. https://doi.org/10.4995/Thesis/10251/44234TESI

A rewriting logic approach to the formal specification and verification of web applications

[EN] This paper develops a Rewriting Logic framework for the automatic specification and verification of Web applications that considers the critical aspects of concurrent Web interactions, browser navigation features (e.g., forward/back-ward navigation, page refresh, and new window/tab opening), and Web script evaluation. By encompassing the main features of the most popular Web scripting languages (e.g., PHP, ASP, and Java Servlets), our scripting language is powerful enough to model the dynamics of complex Web applications, where the interactions among Web servers and Web browsers are formalized through a landmark communicating protocol that abstracts HTTP. We provide a detailed characterization of browser actions via rewrite rules and show how our models can be naturally model-checked by using the Linear Temporal Logic of Rewriting (LTLR), which is a Linear Temporal Logic that is specifically designed for model-checking rewrite theories. The framework has been completely implemented in Maude, and we report on some successful experiments that we conducted using the Maude LTLR model-checker.This work has been partially supported by the EU (FEDER) and the Spanish MEC project ref. TIN2010-21062-C02-02, and by Generalitat Valenciana ref. PROMETE02011/052. This work was carried out during the tenure by Demis Ballis of an ERCIM "Alain Bensoussan" Postdoctoral Fellowship. The research leading to these results has received funding from the European Union Seventh Framework Programme (FP7/2007-2013) under grant agreement no 246016. Daniel Romero was partially supported by FPI-MEC grant BES-2008-004860.Alpuente Frasnedo, M.; Ballis, D.; Romero, DO. (2014). A rewriting logic approach to the formal specification and verification of web applications. Science of Computer Programming. 81:79-107. https://doi.org/10.1016/j.scico.2013.07.014S791078

Slicing slices, an incremental backward trace slicing methodology for rwl computations

[EN] Execution traces are an important source of information for program understanding and debugging. However, they have as an important drawback that they are commonly huge and complex, making their manual analysis unfeasible. In this master's thesis, we develop a trace slicing technique for rewriting logic computations together with its corresponding implementation in the iJulienne graphical tool. Such technique gives support to the analysis of complex, textually-large system computations in rewriting logic, which is a general framework efficiently implemented in the Maude language. Given a Maude execution trace T and a slicing criterion for the trace (i.e., a piece of information that we want to observe in the final computation state), we traverse T from back to front and the backward dependence of the observed information is incrementally computed at each execution step. At the end of the traversal, a simplified trace slice is obtained by filtering out all the irrelevant data that do not impact on the data of interest. By simplifying the trace, the iJulienne tool, which implements the proposed trace slicing technique, favors better inspection and debugging activities. iJulienne is also endowed with a trace querying mechanism that increases flexibility and reduction power and allows program runs to be examined at the appropriate level of abstraction[ES] Las trazas de ejecución son una importante fuente de información para el entendimiento y depuración de los programas. Sin embargo, poseen el importante inconveniente de ser habitualmente enormes y complejas, haciendo inviable su análisis manual. En esta tesis de máster se ha desarrollado una técnica de fragmentación de trazas para computaciones en lógica de reescritura junto con su correspondiente implementación en la herramienta gráfica iJulienne. Dicha técnica da soporte al análisis de extensas y complejas computaciones en lógica de reescritura, que es un marco formal muy general eficientemente implementado en el lenguaje Maude. Dada una traza de ejecución de Maude T y un criterio de fragmentación para la traza (es decir, un fragmento de información que se desea observar en el estado final de la computación), nuestra técnica recorre T de atrás hacia adelante a la vez que calcula la dependencia hacia atrás de la información observada de forma incremental en cada paso de ejecución. Al final del recorrido se obtiene una traza fragmentada simplificada al filtrar toda la información irrelevante que no afecta a los datos de interés. Al simplificar la traza, la herramienta iJulienne, que implementa la técnica de fragmentado propuesta, favorece un mejor análisis y depuración de las trazas manipuladas. iJulienne está además dotada de un mecanismo de consulta de la traza que incrementa la flexibilidad y poder de reducción y permite examinar las ejecuciones de programas en el nivel apropiado de abstracciónSapiña Sanchis, J. (2013). Slicing slices, an incremental backward trace slicing methodology for rwl computations. http://hdl.handle.net/10251/44971Archivo delegad