29 research outputs found

    Fundamental Approaches to Software Engineering

    Get PDF
    computer software maintenance; computer software selection and evaluation; formal logic; formal methods; formal specification; programming languages; semantics; software engineering; specifications; verificatio

    On Run-Time Configuration Engineering

    Get PDF
    De nos jours, les utilisateurs changent le comportement de leur logiciel et l’adaptent Ă  diffĂ©rentes situations et contexts, sans avoir besoin d’aucune modifications du code source ou recompilation du logiciel. En effet, les utilisateurs utilisent le mĂ©canisme de configuration qui offre un ensemble d’options modifiables par les utilisateurs. D’aprĂšs plusieurs Ă©tudes, des mauvaises valeurs des options de configuration causent des erreurs difficiles Ă  dĂ©boguer. Plusieurs compagnies importantes, comme Facebook, Google et Amazon ont rencontrĂ© des pannes et erreurs sĂ©rieuses Ă  cause de la configuration et qui sont considĂ©rĂ©es parmi les plus pires pannes dans ces compagnies. En plus, plusieurs Ă©tudes ont trouvĂ© que le mĂ©canisme de configuration augmente la complexitĂ© des logiciels et les rend plus difficile Ă  utiliser. Ces problĂšmes ont un sĂ©rieux impact sur plusieurs facteurs de qualitĂ©, comme la sĂ©curitĂ©, l’exactitude, la disponibilitĂ©, la comprĂ©hensibilitĂ©, la maintenabilitĂ©, et la performance des logiciels. Plusieurs Ă©tudes ont Ă©tĂ© Ă©laborĂ©es dans des aspects spĂ©cifiques dans l’ingĂ©nierie des configurations, dont la majoritĂ© se concentrent sur le dĂ©bogage des dĂ©faillances de configuration et les tests de la configuration des logiciels, tandis que peu de recherches traitent les autres aspects de l’ingĂ©nierie des configurations de logiciel, comme la crĂ©ation et la maintenance des options de configuration. Par contre, nous pensons que la configuration des logiciels n’a pas seulement un impact sur l’exactitude d’un logiciel, mais peut avoir un impact sur d’autres mĂ©triques de qualitĂ© comme la comprĂ©hensibilitĂ© et la maintenabilitĂ©. Dans cette thĂšse, nous faisons d’abord un pas en arriĂšre pour mieux comprendre les activitĂ©s principales liĂ©es du processus de l’ingĂ©nierie des configurations, avant d’évaluer l’impact d’un catalogue de bonnes pratiques sur l’exactitude et la performance du processus de la configuration des logiciels. Pour ces raisons, nous avons conduit un ensemble d’études empiriques qualitatives et quantitatives sur des grands projets libres. On a conduit une Ă©tude qualitative en premier lieu, dans laquelle nous avons essayĂ© de comprendre le processus de l’ingĂ©nierie de configuration, les enjeux et problĂšmes que les dĂ©veloppeurs rencontrent durant ce processus, et qu’est ce que les dĂ©veloppeurs et chercheurs proposent pour aider les dĂ©veloppeurs Ă  amĂ©liorer la qualitĂ© de l’ingĂ©nierie de la configuration logiciel. En rĂ©alisant 14 entrevues semi structurĂ©es, un sondage et une revue systĂ©matique de littĂ©rature, nous avons dĂ©fini un processus de l’ingĂ©nierie de configuration invoquant 9 activitĂ©s, un ensemble de 22 challenges rencontrĂ©s en pratique et 24 recommandations des experts.----------ABSTRACT: Modern software applications allow users to change the behavior of a software application and adapt it to different situations and contexts, without requiring any source code modifications or recompilations. To this end, applications leverage a wide range of mechanisms of software configuration that provide a set of options that can be changed by users. According to several studies, incorrect values of software configuration options cause severe errors that are hard-to-debug. Major companies such as Facebook, Google, and Amazon faced serious outages and failures due to configuration, which are considered as some of the worst outages in these companies. In addition, several studies found that the mechanism of software configuration increases the complexity of a software system and makes it hard to use. Such problems have a serious impact on different quality factors, such as security, correctness, availability, comprehensibility, maintainability, and performance of software systems. Several studies have been conducted on specific aspects of configuration engineering, with most of them focusing on debugging configuration failures and testing software configurations, while only few research efforts focused on other aspects of configuration engineering, such as the creation and maintenance of configuration options. However, we think that software configuration can not only have a negative impact on the correctness of a software system, but also on other quality metrics, such as its comprehensibility and maintainability. In this thesis, we first take a step back to better understand the main activities involved in the process of run-time configuration engineering, before evaluating the impact of a catalog of best practices on the correctness and performance of the configuration engineering process. For these purposes, we conducted several qualitative and quantitative empirical studies on large repositories and open source projects. We first conducted a qualitative study, in which we tried to understand the configuration engineering process, the challenges and problems developers face during this process, and what practitioners and researchers recommend to help developers to improve their software configuration engineering quality. By conducting 14 semi-structured interviews, a large survey, and a systematic literature review, we identified a process of configuration engineering involving 9 activities, a set of 22 challenges faced in practice, and a set of 24 recommendations by experts

    Actes des SixiÚmes journées nationales du Groupement De Recherche CNRS du Génie de la Programmation et du Logiciel

    Get PDF
    National audienceCe document contient les actes des SixiÚmes journées nationales du Groupement De Recherche CNRS du Génie de la Programmation et du Logiciel (GDR GPL) s'étant déroulées au CNAM à Paris du 11 au 13 juin 2014. Les contributions présentées dans ce document ont été sélectionnées par les différents groupes de travail du GDR. Il s'agit de résumés, de nouvelles versions, de posters et de démonstrations qui correspondent à des travaux qui ont déjà été validés par les comités de programmes d'autres conférences et revues et dont les droits appartiennent exclusivement à leurs auteurs

    Ease: a real-time multitasking executive

    Get PDF
    Ease the real time multitasking executive described m this thesis is designed for embedded systems with particular emphasis on DSP motor control applications. Ease provides an application software interface to the underlying hardware and encourages an object oriented programming approach which inherently enhances software integrity, maintainability and dependability in the potentially chaotic real time environment. Its focus is to tackle the undesirable aspects of real time programming and device dependent issues thereby allowing the application programmer to concentrate more on the application. The multitasking aspect of the executive means application tasks can be generated with ease which aids development, evolution or enhancement of an application. The multitasking aspect also facilitates tasks dedicated to on-line reconfiguration, error handling and fault correction or shutdown procedures. The software quality of a real time application running on the Ease platform is paid for by a small percentage of CPU processing power and a larger response time to external events than an unstructured monolithic interrupt driven system. During the course of research, development and prototyping of Ease , a number of suitable sample applications have been explored to test and optimise its functionality. The most notable of these is the control system for the motor simulation of a shock absorber with an active disturbance load. This was implemented as seven concurrent tasks in a uniprocessor DSP system, running Ease

    Proceedings of the 22nd Conference on Formal Methods in Computer-Aided Design – FMCAD 2022

    Get PDF
    The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing

    Actes des CinquiÚmes journées nationales du Groupement De Recherche CNRS du Génie de la Programmation et du Logiciel

    Get PDF
    National audienceCe document contient les actes des CinquiÚmes journées nationales du Groupement De Recherche CNRS du Gé}nie de la Programmation et du Logiciel (GDR GPL) s'étant déroulées à Nancy du 3 au 5 avril 2013. Les contributions présentées dans ce document ont été sélectionnées par les différents groupes de travail du GDR. Il s'agit de résumés, de nouvelles versions, de posters et de démonstrations qui correspondent à des travaux qui ont déjà été validés par les comités de programmes d'autres conférences et revues et dont les droits appartiennent exclusivement à leurs auteurs

    Proceedings of the 22nd Conference on Formal Methods in Computer-Aided Design – FMCAD 2022

    Get PDF
    The Conference on Formal Methods in Computer-Aided Design (FMCAD) is an annual conference on the theory and applications of formal methods in hardware and system verification. FMCAD provides a leading forum to researchers in academia and industry for presenting and discussing groundbreaking methods, technologies, theoretical results, and tools for reasoning formally about computing systems. FMCAD covers formal aspects of computer-aided system design including verification, specification, synthesis, and testing

    Ubiquitous Computing

    Get PDF
    The aim of this book is to give a treatment of the actively developed domain of Ubiquitous computing. Originally proposed by Mark D. Weiser, the concept of Ubiquitous computing enables a real-time global sensing, context-aware informational retrieval, multi-modal interaction with the user and enhanced visualization capabilities. In effect, Ubiquitous computing environments give extremely new and futuristic abilities to look at and interact with our habitat at any time and from anywhere. In that domain, researchers are confronted with many foundational, technological and engineering issues which were not known before. Detailed cross-disciplinary coverage of these issues is really needed today for further progress and widening of application range. This book collects twelve original works of researchers from eleven countries, which are clustered into four sections: Foundations, Security and Privacy, Integration and Middleware, Practical Applications

    Analyzing Dynamic Code: A Sound Abstract Interpreter for evil eval

    Get PDF
    Dynamic languages, such as JavaScript, employ string-to-code primitives to turn dynamically generated text into executable code at run-time. These features make standard static analysis extremely hard if not impossible because its essential data structures, i.e., the control-flow graph and the system of recursive equations associated with the program to analyze, are themselves dynamically mutating objects. Nevertheless, assembling code at run-time by manipulating strings, such as by eval in JavaScript, has been always strongly discouraged since it is often recognized that \u201ceval is evil", leading static analyzers to not consider such statements or ignoring their effects. Unfortunately, the lack of formal approaches to analyze string-to-code statements pose a perfect habitat for malicious code, that is surely evil and do not respect good practice rules, allowing them to hide malicious intents as strings to be converted to code and making static analyses blind to the real malicious aim of the code. Hence, the need to handle string-to-code statements approximating what they can execute, and therefore allowing the analysis to continue (even in presence of dynamically generated program statements) with an acceptable degree of precision, should be clear. In order to reach this goal, we propose a static analysis allowing us to collect string values and to soundly over-approximate and analyze the code potentially executed by a string-to-code statement

    Analyzing Dynamic Code: A Sound Abstract Interpreter for Evil Eval

    Get PDF
    Dynamic languages, such as JavaScript, employ string-to-code primitives to turn dynamically generated text into executable code at run-time. These features make standard static analysis extremely hard if not impossible, because its essential data structures, i.e., the control-flow graph and the system of recursive equations associated with the program to analyze, are themselves dynamically mutating objects. Nevertheless, assembling code at run-time by manipulating strings, such as by eval in JavaScript, has been always strongly discouraged, since it is often recognized that "eval is evil,"leading static analyzers to not consider such statements or ignoring their effects. Unfortunately, the lack of formal approaches to analyze string-to-code statements pose a perfect habitat for malicious code, that is surely evil and do not respect good practice rules, allowing them to hide malicious intents as strings to be converted to code and making static analyses blind to the real malicious aim of the code. Hence, the need to handle string-to-code statements approximating what they can execute, and therefore allowing the analysis to continue (even in the presence of dynamically generated program statements) with an acceptable degree of precision, should be clear. To reach this goal, we propose a static analysis allowing us to collect string values and to soundly over-approximate and analyze the code potentially executed by a string-to-code statement
    corecore