2,904 research outputs found
BCFA: Bespoke Control Flow Analysis for CFA at Scale
Many data-driven software engineering tasks such as discovering programming
patterns, mining API specifications, etc., perform source code analysis over
control flow graphs (CFGs) at scale. Analyzing millions of CFGs can be
expensive and performance of the analysis heavily depends on the underlying CFG
traversal strategy. State-of-the-art analysis frameworks use a fixed traversal
strategy. We argue that a single traversal strategy does not fit all kinds of
analyses and CFGs and propose bespoke control flow analysis (BCFA). Given a
control flow analysis (CFA) and a large number of CFGs, BCFA selects the most
efficient traversal strategy for each CFG. BCFA extracts a set of properties of
the CFA by analyzing the code of the CFA and combines it with properties of the
CFG, such as branching factor and cyclicity, for selecting the optimal
traversal strategy. We have implemented BCFA in Boa, and evaluated BCFA using a
set of representative static analyses that mainly involve traversing CFGs and
two large datasets containing 287 thousand and 162 million CFGs. Our results
show that BCFA can speedup the large scale analyses by 1%-28%. Further, BCFA
has low overheads; less than 0.2%, and low misprediction rate; less than 0.01%.Comment: 12 page
IoTSan: Fortifying the Safety of IoT Systems
Today's IoT systems include event-driven smart applications (apps) that
interact with sensors and actuators. A problem specific to IoT systems is that
buggy apps, unforeseen bad app interactions, or device/communication failures,
can cause unsafe and dangerous physical states. Detecting flaws that lead to
such states, requires a holistic view of installed apps, component devices,
their configurations, and more importantly, how they interact. In this paper,
we design IoTSan, a novel practical system that uses model checking as a
building block to reveal "interaction-level" flaws by identifying events that
can lead the system to unsafe states. In building IoTSan, we design novel
techniques tailored to IoT systems, to alleviate the state explosion associated
with model checking. IoTSan also automatically translates IoT apps into a
format amenable to model checking. Finally, to understand the root cause of a
detected vulnerability, we design an attribution mechanism to identify
problematic and potentially malicious apps. We evaluate IoTSan on the Samsung
SmartThings platform. From 76 manually configured systems, IoTSan detects 147
vulnerabilities. We also evaluate IoTSan with malicious SmartThings apps from a
previous effort. IoTSan detects the potential safety violations and also
effectively attributes these apps as malicious.Comment: Proc. of the 14th ACM CoNEXT, 201
Stepwise refinement of heap-manipulating code in Chalice
Stepwise refinement is a well-studied technique for developing a program from an abstract description to a concrete implementation. This paper describes a system with automated tool support for refinement, powered by a state-of-the-art verification engine that uses an SMT solver. Unlike previous refinement systems, users of the presented system interact only via declarations in the programming language. Another aspect of the system is that it accounts for dynamically allocated objects in the heap, so that data representations in an abstract program can be refined into ones that use more objects. Finally, the system uses a language with familiar imperative features, including sequential composition, loops, and recursive calls, offers a syntax with skeletons for describing program changes between refinements, and provides a mechanism for supplying witnesses when refining non-deterministic programs
Mining Application-Specific Coding Patterns for Software Maintenance
LATE '08 Proceedings of the 2008 AOSD workshop on Linking aspect technology and evolutio
RT-MaC: Runtime Monitoring and Checking of Quantitative and Probabilistic Properties
Correctness of a real-time system depends on its computation as well as its timeliness and its reliability. In recent years, researches have focused on verifying correctness of a real-time system during runtime by monitoring its execution and checking it against its formal specifications. Such verification method is called Runtime Verification. Most existing runtime verification tools verify computation correctness using qualitative property specifications but do not verify timeliness nor reliability correctness. In this paper, we investigate the verification on timeliness and reliability correctness by offering quantitative and probabilistic property specifications and implementing efficient verifiers
Formal Specification and Verification of Hyperledger Fabric Chaincode
Smart contracts are programs building on blockchain technology.
They implement functionality that has been agreed on between
the concerned parties on a network. However, their immutability
and exposed position make them vulnerable to programming errors,
leading to faulty behavior and possible exploits. Therefore,
smart contracts demand a particularly thorough analysis,
ideally using formal program verification. In this paper, we
present an approach for the deductive verification of
Hyperledger Fabric smart contracts using the KeY prover.
We have extended KeY to handle Fabric ledger implementations;
in particular, we have developed mechanisms for reasoning about
serialization and object persistence. The feasibility of our
approach is demonstrated with a small case study
Extraction of Process Models from Business Process Descriptions
The purpose of my work is to design a method to transform a textual process description (in English) into a business process model. This is of practical relevance, since process models are often designed by business analysts starting from textual documentation. The method to be designed aims at automating the text-to-diagram conversion phase as much as possible.
Natural languages are known to be highly complex and ambiguous. Accordingly, for this project we will approach the problem using a best-effort approach, meaning that the method is not intended to work always. Instead, the proposed approach will be able to detect certain sentence structures and extract actors, actions and objects/artifacts from them. Coordinating and subordinating conjunctions, as well as punctuation and other markers, will be used to identify sequencing, parallelism, conditional branching and repetition. The output of the method will be a block-structured process model.
The method is being implemented in Java based on open-source Natural-Language Processing (NLP) libraries. Specifically, Part-of-Speech (POS) tagging is performed using the Stanford parser and according to the POS tags, corresponding process entities are identified using Tregex and Tsurgeon. The current implementation is already able to identify actors, actions/tasks and artifacts from sentences that abide to certain common structures. Additionally the implementation is able to correctly interpret passive voice construction, avoid articles, parenthesis and other complex structures for the purpose of extracting essential information about the process
- …