5,218 research outputs found
Static Analysis of Run-Time Errors in Embedded Real-Time Parallel C Programs
We present a static analysis by Abstract Interpretation to check for run-time
errors in parallel and multi-threaded C programs. Following our work on
Astr\'ee, we focus on embedded critical programs without recursion nor dynamic
memory allocation, but extend the analysis to a static set of threads
communicating implicitly through a shared memory and explicitly using a finite
set of mutual exclusion locks, and scheduled according to a real-time
scheduling policy and fixed priorities. Our method is thread-modular. It is
based on a slightly modified non-parallel analysis that, when analyzing a
thread, applies and enriches an abstract set of thread interferences. An
iterator then re-analyzes each thread in turn until interferences stabilize. We
prove the soundness of our method with respect to the sequential consistency
semantics, but also with respect to a reasonable weakly consistent memory
semantics. We also show how to take into account mutual exclusion and thread
priorities through a partitioning over an abstraction of the scheduler state.
We present preliminary experimental results analyzing an industrial program
with our prototype, Th\'es\'ee, and demonstrate the scalability of our
approach
A Review of Formal Methods applied to Machine Learning
We review state-of-the-art formal methods applied to the emerging field of
the verification of machine learning systems. Formal methods can provide
rigorous correctness guarantees on hardware and software systems. Thanks to the
availability of mature tools, their use is well established in the industry,
and in particular to check safety-critical applications as they undergo a
stringent certification process. As machine learning is becoming more popular,
machine-learned components are now considered for inclusion in critical
systems. This raises the question of their safety and their verification. Yet,
established formal methods are limited to classic, i.e. non machine-learned
software. Applying formal methods to verify systems that include machine
learning has only been considered recently and poses novel challenges in
soundness, precision, and scalability.
We first recall established formal methods and their current use in an
exemplar safety-critical field, avionic software, with a focus on abstract
interpretation based techniques as they provide a high level of scalability.
This provides a golden standard and sets high expectations for machine learning
verification. We then provide a comprehensive and detailed review of the formal
methods developed so far for machine learning, highlighting their strengths and
limitations. The large majority of them verify trained neural networks and
employ either SMT, optimization, or abstract interpretation techniques. We also
discuss methods for support vector machines and decision tree ensembles, as
well as methods targeting training and data preparation, which are critical but
often neglected aspects of machine learning. Finally, we offer perspectives for
future research directions towards the formal verification of machine learning
systems
Eliminating stack overflow by abstract interpretation
ManuscriptAn important correctness criterion for software running on embedded microcontrollers is stack safety: a guarantee that the call stack does not overflow. Our first contribution is a method for statically guaranteeing stack safety of interrupt-driven embedded software using an approach based on context-sensitive dataflow analysis of object code. We have implemented a prototype stack analysis tool that targets software for Atmel AVR microcontrollers and tested it on embedded applications compiled from up to 30,000 lines of C. We experimentally validate the accuracy of the tool, which runs in under 10 sec on the largest programs that we tested. The second contribution of this paper is the development of two novel ways to reduce stack memory requirements of embedded software
The Effect of Static Pressure on the Inertial Cavitation Threshold and Collapse Strength
The amplitude of the acoustic pressure required to nucleate a gas and/or vapor bubble in a fluid, and to have that bubble undergo an inertial collapse, is termed the inertial cavitation threshold. The hydrostatic dependence of the inertial cavitation threshold was measured up to 30 MPa in ultrapure water using a high quality factor spherical resonator. The threshold increased linearly with the hydrostatic pressure and was found to be temperature dependent. The strength of the bubble collapse at the threshold was measured in terms of shock waves and light emissions. The shock amplitudes increased linearly with the hydrostatic pressure, while the number of photons increased quadratically. The increase of the collapse strength was attributed to the increased threshold, and therefore to the amount of available acoustic energy
The integration of multi-color taint-analysis with dynamic symbolic execution for Java web application security analysis
The view of IT security in todayâs software development processes is changing. While IT
security used to be seen mainly as a risk that had to be managed during the operation
of IT systems, a class of security weaknesses is seen today as measurable quality aspects
of IT system implementations, e.g., the number of paths allowing SQL injection attacks.
Current trends, such as DevSecOps pipelines, therefore establish security testing in the
development process aiming to catch these security weaknesses before they make their
way into production systems. At the same time, the analysis works differently than in
functional testing, as security requirements are mostly universal and not project specific.
Further, they measure the quality of the source code and not the function of the system.
As a consequence, established testing strategies such as unit testing or integration testing
are not applicable for security testing. Instead, a new category of tools is required in
the software development process: IT security weakness analyzers. These tools scan
the source code for security weaknesses independent of the functional aspects of the
implementation. In general, such analyzers give stronger guarantees for the presence
or absence of security weaknesses than functional testing strategies. In this thesis, I
present a combination of dynamic symbolic execution and explicit dynamic multi-color
taint analysis for the security analysis of Java web applications. Explicit dynamic
taint analysis is an established monitoring technique that allows the precise detection of
security weaknesses along a single program execution path, if any are present. Multi-color
taint analysis implies that different properties defining diverse security weaknesses can
be expressed at the same time in different taint colors and are analyzed in parallel during
the execution of a program path. Each taint color analyzes its own security weakness
and taint propagation can be tailored in specific sanitization points for this color. The
downside of dynamic taint analysis is the single exploration of one path. Therefore, this
technique requires a path generator component as counterpart that ensures all relevant
paths are explored. Dynamic symbolic execution is appropriate here, as enumerating all
reachable execution paths in a program is its established strength. The Jaint framework
presented here combines these two techniques in a single tool. More specifically, the
thesis looks into SMT meta-solving, extending dynamic symbolic execution on Java
programs with string operations, and the configuration problem of multi-color taint
analysis in greater detail to enable Jaint for the analysis of Java web applications. The
evaluation demonstrates that the resulting framework is the best research tool on the
OWASP Benchmark. One of the two dynamic symbolic execution engines that I worked
on as part of the thesis has won gold in the Java track of SV-COMP 2022. The other
demonstrates that it is possible to lift the implementation design from a research specific
JVM to an industry grade JVM, paving the way for the future scaling of Jaint
The Quest for the Most Spherical Bubble
We describe a recently realized experiment producing the most spherical
cavitation bubbles today. The bubbles grow inside a liquid from a point-plasma
generated by a nanosecond laser pulse. Unlike in previous studies, the laser is
focussed by a parabolic mirror, resulting in a plasma of unprecedented
symmetry. The ensuing bubbles are sufficiently spherical that the hydrostatic
pressure gradient caused by gravity becomes the dominant source of asymmetry in
the collapse and rebound of the cavitation bubbles. To avoid this natural
source of asymmetry, the whole experiment is therefore performed in
microgravity conditions (ESA, 53rd and 56th parabolic flight campaign).
Cavitation bubbles were observed in microgravity (~0g), where their collapse
and rebound remain spherical, and in normal gravity (1g) to hyper-gravity
(1.8g), where a gravity-driven jet appears. Here, we describe the experimental
setup and technical results, and overview the science data. A selection of
high-quality shadowgraphy movies and time-resolved pressure data is published
online.Comment: 18 pages, 14 figures, 1 tabl
Programmiersprachen und Rechenkonzepte
Seit 1984 veranstaltet die GI--Fachgruppe "Programmiersprachen und Rechenkonzepte" regelmĂ€Ăig im FrĂŒhjahr einen Workshop im Physikzentrum Bad Honnef. Das Treffen dient in erster Linie dem gegenseitigen Kennenlernen, dem Erfahrungsaustausch, der Diskussion und der Vertiefung gegenseitiger Kontakte
- âŠ