Green Security Plugin for Pervasive Computing using the HADAS toolkit

Energy is a critical resource in pervasive computing devices. However, information about energy consumption is not directly accessible through software development environments, making it difficult to reuse the knowledge provided by existing energy-consumption experimental studies. To address this limitation, this paper presents a solution to enrich Android Studio with energy consumption information. We have developed a Green Security Plugin that provides energy-aware information to developers that make use of Android Security API. This plugin has been developed taking advantage of the functionalities provided by the HADAS toolkit. HADAS is a repository of energy consuming concerns in which researchers can store the energy measures obtained during their experimental studies and developers can perform a sustainability analysis to make green design/implementation decisions.Universidad de Málaga. Campus de Excelencia Internacional Andalucía Tec

Adding Reference Immutability to Scala

Scala is a multi-paradigm programming language combining the power of functional and object-oriented programming. While Scala has many features promoting immutability, it lacks a built-in mechanism for controlling and enforcing reference immutability. Reference immutability means the state of an object and all other objects reachable from it cannot be mutated through an immutable reference. This thesis presents a system for reference immutability in Scala, along with a simple implementation in the Dotty (Scala 3) compiler. By extending the Scala type system and encoding mutability as types within annotations, my system enables tracking and enforcing reference immutability for any type. It addresses challenges such as the complexities of the Scala type system and context sensitivity with nested classes and functions. The design offers binary compatibility with existing Scala code, and promotes predictable object behavior, reducing the risk of bugs in software development

Context Sensitive Typechecking And Inference: Ownership And Immutability

Context sensitivity is one important feature of type systems that helps creating concise type rules and getting accurate types without being too conservative. In a context-sensitive type system, declared types can be resolved to different types according to invocation contexts, such as receiver and assignment contexts. Receiver-context sensitivity is also called viewpoint adaptation, meaning adapting declared types from the viewpoint of receivers. In receiver-context sensitivity, resolution of declared types only depends on receivers' types. In contrast, in assignment-context sensitivity, declared types are resolved based on context types to which declared types are assigned to. The Checker Framework is a poweful framework for developing pluggable type systems for Java. However, it lacks the ability of supporting receiver- and assignment-context sensitivity, which makes the development of such type systems hard. The Checker Framework Inference is a framework based on the Checker Framework to infer and insert pluggable types for unannotated programs to reduce the overhead of manually doing so. This thesis presents work that adds the two context sensitivity features into the two frameworks and how those features are reused in typechecking and inference and shared between two different type systems --- Generic Universe Type System (GUT) and Practical Immutability for Classes And Objects (PICO). GUT is an existing light-weight object ownership type system that is receiver-context sensitive. It structures the heap hierarchically to control aliasing and access between objects. GUTInfer is the corresponding inference system to infer GUT types for unannotated programs. GUT is the first type system that introduces the concept of viewpoint adaptation, which inspired us to raise the receiver-context sensitivity feature to the framework level. We adapt the old GUT and GUTInfer implementation to use the new framework-level receiver-context sensitivity feature. We also improve implicits rules of GUT to better handle corner cases. Immutability is a way to control mutation and avoid unintended side-effects. Object immutability specifies restrictions on objects, such that immutable objects' states can not be changed. It provides many benefits such as safe sharing of objects between threads without the need of synchronization, compile- and run-time optimizations, and easier reasoning about the software behaviour etc. PICO is a novel object and class immutability type system developed using the Checker Framework with the new framework-level context sensitivity features. It transitively guarentees the immutability of the objects that constitute the abstraction of the root object. It supports circular initialization of immutable objects and mutability restrictions on classes that influence all instances of that class. PICO supports creation of objects whose mutability is independent from receivers, which inspired us to add the assignment-context sensitivity feature to the framework level. PICOInfer is the inference system that infers and propagates mutability types to unannotated programs according to PICO's type rules. We experiment PICO, PICOInfer and GUTInfer on 16 real-world projects up to 71,000 lines of code in total. Our experiments indicate that the new framework-level context sensitivity features work correctly in PICO and GUT. PICO is expressive and flexible enough to be used in real-world programs. Improvements to GUT are also correct

ASiMOV: Microservices-based verifiable control logic with estimable detection delay against cyber-attacks to cyber-physical systems

The automatic control in Cyber-Physical-Systems brings advantages but also increased risks due to cyber-attacks. This Ph.D. thesis proposes a novel reference architecture for distributed control applications increasing the security against cyber-attacks to the control logic. The core idea is to replicate each instance of a control application and to detect attacks by verifying their outputs. The verification logic disposes of an exact model of the control logic, although the two logics are decoupled on two different devices. The verification is asynchronous to the feedback control loop, to avoid the introduction of a delay between the controller(s) and system(s). The time required to detect a successful attack is analytically estimable, which enables control-theoretical techniques to prevent damage by appropriate planning decisions. The proposed architecture for a controller and an Intrusion Detection System is composed of event-driven autonomous components (microservices), which can be deployed as separate Virtual Machines (e.g., containers) on cloud platforms. Under the proposed architecture, orchestration techniques enable a dynamic re-deployment acting as a mitigation or prevention mechanism defined at the level of the computer architecture. The proposal, which we call ASiMOV (Asynchronous Modular Verification), is based on a model that separates the state of a controller from the state of its execution environment. We provide details of the model and a microservices implementation. Through the analysis of the delay introduced in both the control loop and the detection of attacks, we provide guidelines to determine which control systems are suitable for adopting ASiMOV. Simulations show the behavior of ASiMOV both in the absence and in the presence of cyber-attacks

An Immutability Type System for Classes and Objects: Improvements, Experiments, and Comparisons

Mutability, the ability for an object to change, is frequently cited as one of the sources of software problems. Ensuring the immutability of objects opens opportunities for optimizations, e.g., removing the need for locks in a concurrent environment for an immutable object. This thesis explores an approach to analyze immutability of classes and objects by using static analysis with pluggable type systems. A properly implemented pluggable type system can statically analyze the mutability property of an object without execution. This thesis presents (1) the analysis of some previous work, including Javari, ReIm, and Glacier, (2) improvements to a pluggable type system, PICO, to enhance the soundness of the formalization and to improve the user experience, and (3) experiments with the enhanced PICO with real projects, and comparisons with the results of the previous work. PICO is an immutability type system that analyzes and enforces the mutability property of an object so that a mutation on an immutable object can be statically detected. Although many modern programming languages have various means of declaring this property, PICO provides an easier, more flexible, and foolproof way to declare the mutability property of a class by automating the check of immutability. While PICO is a novel work in improving the flexibility of the immutability type system, it has certain bad designs for defaulting in parts of the immutability rules. Such bad designs would lead to the risk of allowing the mutation of an immutable object, known as the false negative. To solve this problem, this thesis provides more sound formalization to fix the false negative. Also, PICO contains counterintuitive logic, such as unsafe defaulting. To solve the counterintuitive logic, this thesis presents a new defaulting scheme for PICO, and reports various minor changes made to improve the user-friendliness during the type checking process. This thesis conducts experiments on small code snippets and large real-world projects, and also compares the new PICO with previous works on immutability to find more potential problems and demonstrates the flexibility and usability of PICO compared with previous projects, e.g., Glacier