2,731 research outputs found
Slicing of Concurrent Programs and its Application to Information Flow Control
This thesis presents a practical technique for information flow control for concurrent programs with threads and shared-memory communication. The technique guarantees confidentiality of information with respect to a reasonable attacker model and utilizes program dependence
graphs (PDGs), a language-independent representation of information flow in a program
Sound Static Deadlock Analysis for C/Pthreads (Extended Version)
We present a static deadlock analysis approach for C/pthreads. The design of
our method has been guided by the requirement to analyse real-world code. Our
approach is sound (i.e., misses no deadlocks) for programs that have defined
behaviour according to the C standard, and precise enough to prove
deadlock-freedom for a large number of programs. The method consists of a
pipeline of several analyses that build on a new context- and thread-sensitive
abstract interpretation framework. We further present a lightweight dependency
analysis to identify statements relevant to deadlock analysis and thus speed up
the overall analysis. In our experimental evaluation, we succeeded to prove
deadlock-freedom for 262 programs from the Debian GNU/Linux distribution with
in total 2.6 MLOC in less than 11 hours
Ada (trademark) projects at NASA. Runtime environment issues and recommendations
Ada practitioners should use this document to discuss and establish common short term requirements for Ada runtime environments. The major current Ada runtime environment issues are identified through the analysis of some of the Ada efforts at NASA and other research centers. The runtime environment characteristics of major compilers are compared while alternate runtime implementations are reviewed. Modifications and extensions to the Ada Language Reference Manual to address some of these runtime issues are proposed. Three classes of projects focusing on the most critical runtime features of Ada are recommended, including a range of immediately feasible full scale Ada development projects. Also, a list of runtime features and procurement issues is proposed for consideration by the vendors, contractors and the government
And-Or Dependence Graphs for Slicing Statecharts
The construction of an And-Or dependence graphs is illustrated,
and its use in slicing statecharts is described. The additional
structure allows for more precise slices to be constructed in the
event of additional information, such as may be provided by
static analysis and model checking, and with constraints on the
global state and external events
TAPInspector: Safety and Liveness Verification of Concurrent Trigger-Action IoT Systems
Trigger-action programming (TAP) is a popular end-user programming framework
that can simplify the Internet of Things (IoT) automation with simple
trigger-action rules. However, it also introduces new security and safety
threats. A lot of advanced techniques have been proposed to address this
problem. Rigorously reasoning about the security of a TAP-based IoT system
requires a well-defined model and verification method both against rule
semantics and physical-world states, e.g., concurrency, rule latency, and
connection-based interactions, which has been missing until now. This paper
presents TAPInspector, a novel system to detect vulnerabilities in concurrent
TAP-based IoT systems using model checking. It automatically extracts TAP rules
from IoT apps, translates them into a hybrid model with model slicing and state
compression, and performs model checking with various safety and liveness
properties. Our experiments corroborate that TAPInspector is effective: it
identifies 533 violations with 9 new types of violations from 1108 real-world
market IoT apps and is 60000 times faster than the baseline without
optimization at least.Comment: 14 pages, 5 figure
- …