5,329 research outputs found
NPEFix: Automatic Runtime Repair of Null Pointer Exceptions in Java
Null pointer exceptions, also known as null dereferences are the number one
exceptions in the field. In this paper, we propose 9 alternative execution
semantics when a null pointer exception is about to happen. We implement those
alternative execution strategies using code transformation in a tool called
NPEfix. We evaluate our prototype implementation on 11 field null dereference
bugs and 519 seeded failures and show that NPEfix is able to repair at runtime
10/11 and 318/519 failures
SOTER: A Runtime Assurance Framework for Programming Safe Robotics Systems
The recent drive towards achieving greater autonomy and intelligence in
robotics has led to high levels of complexity. Autonomous robots increasingly
depend on third party off-the-shelf components and complex machine-learning
techniques. This trend makes it challenging to provide strong design-time
certification of correct operation.
To address these challenges, we present SOTER, a robotics programming
framework with two key components: (1) a programming language for implementing
and testing high-level reactive robotics software and (2) an integrated runtime
assurance (RTA) system that helps enable the use of uncertified components,
while still providing safety guarantees. SOTER provides language primitives to
declaratively construct a RTA module consisting of an advanced,
high-performance controller (uncertified), a safe, lower-performance controller
(certified), and the desired safety specification. The framework provides a
formal guarantee that a well-formed RTA module always satisfies the safety
specification, without completely sacrificing performance by using higher
performance uncertified components whenever safe. SOTER allows the complex
robotics software stack to be constructed as a composition of RTA modules,
where each uncertified component is protected using a RTA module.
To demonstrate the efficacy of our framework, we consider a real-world
case-study of building a safe drone surveillance system. Our experiments both
in simulation and on actual drones show that the SOTER-enabled RTA ensures the
safety of the system, including when untrusted third-party components have bugs
or deviate from the desired behavior
Tea: A High-level Language and Runtime System for Automating Statistical Analysis
Though statistical analyses are centered on research questions and
hypotheses, current statistical analysis tools are not. Users must first
translate their hypotheses into specific statistical tests and then perform API
calls with functions and parameters. To do so accurately requires that users
have statistical expertise. To lower this barrier to valid, replicable
statistical analysis, we introduce Tea, a high-level declarative language and
runtime system. In Tea, users express their study design, any parametric
assumptions, and their hypotheses. Tea compiles these high-level specifications
into a constraint satisfaction problem that determines the set of valid
statistical tests, and then executes them to test the hypothesis. We evaluate
Tea using a suite of statistical analyses drawn from popular tutorials. We show
that Tea generally matches the choices of experts while automatically switching
to non-parametric tests when parametric assumptions are not met. We simulate
the effect of mistakes made by non-expert users and show that Tea automatically
avoids both false negatives and false positives that could be produced by the
application of incorrect statistical tests.Comment: 11 page
Quantitative Regular Expressions for Arrhythmia Detection Algorithms
Motivated by the problem of verifying the correctness of arrhythmia-detection
algorithms, we present a formalization of these algorithms in the language of
Quantitative Regular Expressions. QREs are a flexible formal language for
specifying complex numerical queries over data streams, with provable runtime
and memory consumption guarantees. The medical-device algorithms of interest
include peak detection (where a peak in a cardiac signal indicates a heartbeat)
and various discriminators, each of which uses a feature of the cardiac signal
to distinguish fatal from non-fatal arrhythmias. Expressing these algorithms'
desired output in current temporal logics, and implementing them via monitor
synthesis, is cumbersome, error-prone, computationally expensive, and sometimes
infeasible.
In contrast, we show that a range of peak detectors (in both the time and
wavelet domains) and various discriminators at the heart of today's
arrhythmia-detection devices are easily expressible in QREs. The fact that one
formalism (QREs) is used to describe the desired end-to-end operation of an
arrhythmia detector opens the way to formal analysis and rigorous testing of
these detectors' correctness and performance. Such analysis could alleviate the
regulatory burden on device developers when modifying their algorithms. The
performance of the peak-detection QREs is demonstrated by running them on real
patient data, on which they yield results on par with those provided by a
cardiologist.Comment: CMSB 2017: 15th Conference on Computational Methods for Systems
Biolog
A type system for components
In modern distributed systems, dynamic reconfiguration, i.e.,
changing at runtime the communication pattern of a program, is chal-
lenging. Generally, it is difficult to guarantee that such modifications will
not disrupt ongoing computations. In a previous paper, a solution to this
problem was proposed by extending the object-oriented language ABS
with a component model allowing the programmer to: i) perform up-
dates on objects by means of communication ports and their rebinding;
and ii) precisely specify when such updates can safely occur in an object
by means of critical sections. However, improper rebind operations could
still occur and lead to runtime errors. The present paper introduces a
type system for this component model that extends the ABS type system
with the notion of ports and a precise analysis that statically enforces
that no object will attempt illegal rebinding
Chaotic Compilation for Encrypted Computing: Obfuscation but Not in Name
An `obfuscation' for encrypted computing is quantified exactly here, leading
to an argument that security against polynomial-time attacks has been achieved
for user data via the deliberately `chaotic' compilation required for security
properties in that environment. Encrypted computing is the emerging science and
technology of processors that take encrypted inputs to encrypted outputs via
encrypted intermediate values (at nearly conventional speeds). The aim is to
make user data in general-purpose computing secure against the operator and
operating system as potential adversaries. A stumbling block has always been
that memory addresses are data and good encryption means the encrypted value
varies randomly, and that makes hitting any target in memory problematic
without address decryption, yet decryption anywhere on the memory path would
open up many easily exploitable vulnerabilities. This paper `solves (chaotic)
compilation' for processors without address decryption, covering all of ANSI C
while satisfying the required security properties and opening up the field for
the standard software tool-chain and infrastructure. That produces the argument
referred to above, which may also hold without encryption.Comment: 31 pages. Version update adds "Chaotic" in title and throughout
paper, and recasts abstract and Intro and other sections of the text for
better access by cryptologists. To the same end it introduces the polynomial
time defense argument explicitly in the final section, having now set that
denouement out in the abstract and intr
- …