Seismic assessment of the Qutb Minar in Delhi, India

The present paper describes the seismic assessment of the Qutb Minar in Delhi, India. Three models with different levels of complexity and simplifications were developed. The use of these models allows to overcome the complexity on the study of the seismic behavior of ancient masonry structures; by combining the results of the different models it is possible to obtain a better and more comprehensive interpretation of the seismic behavior. The models were used for non-linear static (pushover) and non-linear dynamic analyses. The static and dynamic analyses give different behaviors, indicating that push-over analysis should be used carefully in the seismic assessment of masonry structures. For the static analysis, the base of the tower is the most vulnerable part; while according to the dynamic analysis, it is the upper part of the tower. This last behavior is according to the historical damage suffered by the tower due to earthquakes. The different behaviors can be explained by the influence of the higher modes of vibration

Numerical models for the seismic assessment of an old masonry tower

The present paper describes the seismic assessment of the Qutb Minar in Delhi, India. Three models with different levels of complexity and simplifications were developed. The use of these models allows to overcome the complexity on the study of the seismic behavior of ancient masonry structures; by combining the results of the different models it is possible to obtain a better and more comprehensive interpretation of the seismic behavior. The models were used for non-linear static (pushover) and non-linear dynamic analyses. The static and dynamic analyses give different behaviors, indicating that push-over analysis should be used carefully in the seismic assessment of masonry structures. For the static analysis, the base of the tower is the most vulnerable part; while according to the dynamic analysis, it is the upper part of the tower. This last behavior is according to the historical damage suffered by the tower due to earthquakes. The different behaviors can be explained by the influence of the higher modes of vibration.This research was part of the activities of the EU-India Economic Cross Cultural Programme "Improving the Seismic Resistance of Cultural Heritage Buildings", Contract ALA-95-23-2003-077-122. F. Pefia acknowledges funding from the FCT grant contract SFRH/BPD/17449/2004, as well as the partial support of the project PAPIIT IN105409

Efficient Reflection String Analysis via Graph Coloring

Static analyses for reflection and other dynamic language features have recently increased in number and advanced in sophistication. Most such analyses rely on a whole-program model of the flow of strings, through the stack and heap. We show that this global modeling of strings remains a major bottleneck of static analyses and propose a compact encoding, in order to battle unnecessary complexity. In our encoding, strings are maximally merged if they can never serve to differentiate class members in reflection operations. We formulate the problem as an instance of graph coloring and propose a fast polynomial-time algorithm that exploits the unique features of the setting (esp. large cliques, leading to hundreds of colors for realistic programs). The encoding is applied to two different frameworks for string-guided Java reflection analysis from past literature and leads to significant optimization (e.g., a ~2x reduction in the number of string-flow inferences), for a whole-program points-to analysis that uses strings

Scaling Behaviour and Complexity of the Portevin-Le Chatelier Effect

The plastic deformation of dilute alloys is often accompanied by plastic instabilities due to dynamic strain aging and dislocation interaction. The repeated breakaway of dislocations from and their recapture by solute atoms leads to stress serrations and localized strain in the strain controlled tensile tests, known as the Portevin-Le Chatelier (PLC) effect. In this present work, we analyse the stress time series data of the observed PLC effect in the constant strain rate tensile tests on Al-2.5%Mg alloy for a wide range of strain rates at room temperature. The scaling behaviour of the PLC effect was studied using two complementary scaling analysis methods: the finite variance scaling method and the diffusion entropy analysis. From these analyses we could establish that in the entire span of strain rates, PLC effect showed Levy walk property. Moreover, the multiscale entropy analysis is carried out on the stress time series data observed during the PLC effect to quantify the complexity of the distinct spatiotemporal dynamical regimes. It is shown that for the static type C band, the entropy is very low for all the scales compared to the hopping type B and the propagating type A bands. The results are interpreted considering the time and length scales relevant to the effect.Comment: 35 pages, 6 figure

On Fast Large-Scale Program Analysis in Datalog

Designing and crafting a static program analysis is challenging due to the complexity of the task at hand. Among the challenges are modelling the semantics of the input language, finding suitable abstractions for the analysis, and handwriting efficient code for the analysis in a traditional imperative language such as C++. Hence, the development of static program analysis tools is costly in terms of development time and resources for real world languages. To overcome, or at least alleviate the costs of developing a static program analysis, Datalog has been proposed as a domain specific language (DSL).With Datalog, a designer expresses a static program analysis in the form of a logical specification. While a domain specific language approach aids in the ease of development of program analyses, it is commonly accepted that such an approach has worse runtime performance than handcrafted static analysis tools. In this work, we introduce a new program synthesis methodology for Datalog specifications to produce highly efficient monolithic C++ analyzers. The synthesis technique requires the re-interpretation of the semi-naïve evaluation as a scaffolding for translation using partial evaluation. To achieve high-performance, we employ staged compilation techniques and specialize the underlying relational data structures for a given Datalog specification. Experimentation on benchmarks for large-scale program analysis validates the superior performance of our approach over available Datalog tools and demonstrates our competitiveness with state-of-the-art handcrafted tools

An executable formal semantics of PHP with applications to program analysis

Nowadays, many important activities in our lives involve the web. However, the software and protocols on which web applications are based were not designed with the appropriate level of security in mind. Many web applications have reached a level of complexity for which testing, code reviews and human inspection are no longer sufficient quality-assurance guarantees. Tools that employ static analysis techniques are needed in order to explore all possible execution paths through an application and guarantee the absence of undesirable behaviours. To make sure that an analysis captures the properties of interest, and to navigate the trade-offs between efficiency and precision, it is necessary to base the design and the development of static analysis tools on a firm understanding of the language to be analysed. When this underlying knowledge is missing or erroneous, tools can’t be trusted no matter what advanced techniques they use to perform their task. In this Thesis, we introduce KPHP, the first executable formal semantics of PHP, one of the most popular languages for server-side web programming. Then, we demonstrate its practical relevance by developing two verification tools, of increasing complexity, on top of it - a simple verifier based on symbolic execution and LTL model checking and a general purpose, fully configurable and extensible static analyser based on Abstract Interpretation. Our LTL-based tool leverages the existing symbolic execution and model checking support offered by K, our semantics framework of choice, and constitutes a first proof-of-concept of the usefulness of our semantics. Our abstract interpreter, on the other hand, represents a more significant and novel contribution to the field of static analysis of dynamic scripting languages (PHP in particular). Although our tool is still a prototype and therefore not well suited for handling large real-world codebases, we demonstrate how our semantics-based, principled approach to the development of verification tools has lead to the design of static analyses that outperform existing tools and approaches, both in terms of supported language features, precision, and breadth of possible applications.Open Acces

Automatic Derivation of Abstract Semantics From Instruction Set Descriptions

Abstracted semantics of instructions of processor-based architectures are an invaluable asset for several formal verification techniques, such as software model checking and static analysis. In the field of model checking, abstract versions of instructions can help counter the state explosion problem, for instance by replacing explicit values by symbolic representations of sets of values. Similar to this, static analyses often operate on an abstract domain in order to reduce complexity, guarantee termination, or both. Hence, for a given microcontroller, the task at hand is to find such abstractions. Due to the large number of available microcontrollers, some of which are even created for specific applications, it is impracticable to rely on human developers to perform this step. Therefore, we propose a technique that starts from imperative descriptions of instructions, which allows to automate most of the process

Static Analysis of Deterministic Negotiations

Negotiation diagrams are a model of concurrent computation akin to workflow Petri nets. Deterministic negotiation diagrams, equivalent to the much studied and used free-choice workflow Petri nets, are surprisingly amenable to verification. Soundness (a property close to deadlock-freedom) can be decided in PTIME. Further, other fundamental questions like computing summaries or the expected cost, can also be solved in PTIME for sound deterministic negotiation diagrams, while they are PSPACE-complete in the general case. In this paper we generalize and explain these results. We extend the classical "meet-over-all-paths" (MOP) formulation of static analysis problems to our concurrent setting, and introduce Mazurkiewicz-invariant analysis problems, which encompass the questions above and new ones. We show that any Mazurkiewicz-invariant analysis problem can be solved in PTIME for sound deterministic negotiations whenever it is in PTIME for sequential flow-graphs---even though the flow-graph of a deterministic negotiation diagram can be exponentially larger than the diagram itself. This gives a common explanation to the low-complexity of all the analysis questions studied so far. Finally, we show that classical gen/kill analyses are also an instance of our framework, and obtain a PTIME algorithm for detecting anti-patterns in free-choice workflow Petri nets. Our result is based on a novel decomposition theorem, of independent interest, showing that sound deterministic negotiation diagrams can be hierarchically decomposed into (possibly overlapping) smaller sound diagrams.Comment: To appear in the Proceedings of LICS 2017, IEEE Computer Societ

The Transitivity of Trust Problem in the Interaction of Android Applications

Mobile phones have developed into complex platforms with large numbers of installed applications and a wide range of sensitive data. Application security policies limit the permissions of each installed application. As applications may interact, restricting single applications may create a false sense of security for the end users while data may still leave the mobile phone through other applications. Instead, the information flow needs to be policed for the composite system of applications in a transparent and usable manner. In this paper, we propose to employ static analysis based on the software architecture and focused data flow analysis to scalably detect information flows between components. Specifically, we aim to reveal transitivity of trust problems in multi-component mobile platforms. We demonstrate the feasibility of our approach with Android applications, although the generalization of the analysis to similar composition-based architectures, such as Service-oriented Architecture, can also be explored in the future