33,039 research outputs found
Recommended from our members
Using formal methods to support testing
Formal methods and testing are two important approaches that assist in the development of high quality software. While traditionally these approaches have been seen as rivals, in recent
years a new consensus has developed in which they are seen as complementary. This article reviews the state of the art regarding ways in which the presence of a formal specification can be used to assist testing
JWalk: a tool for lazy, systematic testing of java classes by design introspection and user interaction
Popular software testing tools, such as JUnit, allow frequent retesting of modified code; yet the manually created test scripts are often seriously incomplete. A unit-testing tool called JWalk has therefore been developed to address the need for systematic unit testing within the context of agile methods. The tool operates directly on the compiled code for Java classes and uses a new lazy method for inducing the changing design of a class on the fly. This is achieved partly through introspection, using Java’s reflection capability, and partly through interaction with the user, constructing and saving test oracles on the fly. Predictive rules reduce the number of oracle values that must be confirmed by the tester. Without human intervention, JWalk performs bounded exhaustive exploration of the class’s method protocols and may be directed to explore the space of algebraic constructions, or the intended design state-space of the tested class. With some human interaction, JWalk performs up to the equivalent of fully automated state-based testing, from a specification that was acquired incrementally
Pruning, Pushdown Exception-Flow Analysis
Statically reasoning in the presence of exceptions and about the effects of
exceptions is challenging: exception-flows are mutually determined by
traditional control-flow and points-to analyses. We tackle the challenge of
analyzing exception-flows from two angles. First, from the angle of pruning
control-flows (both normal and exceptional), we derive a pushdown framework for
an object-oriented language with full-featured exceptions. Unlike traditional
analyses, it allows precise matching of throwers to catchers. Second, from the
angle of pruning points-to information, we generalize abstract garbage
collection to object-oriented programs and enhance it with liveness analysis.
We then seamlessly weave the techniques into enhanced reachability computation,
yielding highly precise exception-flow analysis, without becoming intractable,
even for large applications. We evaluate our pruned, pushdown exception-flow
analysis, comparing it with an established analysis on large scale standard
Java benchmarks. The results show that our analysis significantly improves
analysis precision over traditional analysis within a reasonable analysis time.Comment: 14th IEEE International Working Conference on Source Code Analysis
and Manipulatio
Modelling of Multi-Agent Systems: Experiences with Membrane Computing and Future Challenges
Formal modelling of Multi-Agent Systems (MAS) is a challenging task due to
high complexity, interaction, parallelism and continuous change of roles and
organisation between agents. In this paper we record our research experience on
formal modelling of MAS. We review our research throughout the last decade, by
describing the problems we have encountered and the decisions we have made
towards resolving them and providing solutions. Much of this work involved
membrane computing and classes of P Systems, such as Tissue and Population P
Systems, targeted to the modelling of MAS whose dynamic structure is a
prominent characteristic. More particularly, social insects (such as colonies
of ants, bees, etc.), biology inspired swarms and systems with emergent
behaviour are indicative examples for which we developed formal MAS models.
Here, we aim to review our work and disseminate our findings to fellow
researchers who might face similar challenges and, furthermore, to discuss
important issues for advancing research on the application of membrane
computing in MAS modelling.Comment: In Proceedings AMCA-POP 2010, arXiv:1008.314
Sound and Precise Malware Analysis for Android via Pushdown Reachability and Entry-Point Saturation
We present Anadroid, a static malware analysis framework for Android apps.
Anadroid exploits two techniques to soundly raise precision: (1) it uses a
pushdown system to precisely model dynamically dispatched interprocedural and
exception-driven control-flow; (2) it uses Entry-Point Saturation (EPS) to
soundly approximate all possible interleavings of asynchronous entry points in
Android applications. (It also integrates static taint-flow analysis and least
permissions analysis to expand the class of malicious behaviors which it can
catch.) Anadroid provides rich user interface support for human analysts which
must ultimately rule on the "maliciousness" of a behavior.
To demonstrate the effectiveness of Anadroid's malware analysis, we had teams
of analysts analyze a challenge suite of 52 Android applications released as
part of the Auto- mated Program Analysis for Cybersecurity (APAC) DARPA
program. The first team analyzed the apps using a ver- sion of Anadroid that
uses traditional (finite-state-machine-based) control-flow-analysis found in
existing malware analysis tools; the second team analyzed the apps using a
version of Anadroid that uses our enhanced pushdown-based
control-flow-analysis. We measured machine analysis time, human analyst time,
and their accuracy in flagging malicious applications. With pushdown analysis,
we found statistically significant (p < 0.05) decreases in time: from 85
minutes per app to 35 minutes per app in human plus machine analysis time; and
statistically significant (p < 0.05) increases in accuracy with the
pushdown-driven analyzer: from 71% correct identification to 95% correct
identification.Comment: Appears in 3rd Annual ACM CCS workshop on Security and Privacy in
SmartPhones and Mobile Devices (SPSM'13), Berlin, Germany, 201
Development of Variant of Software Architecture Implementation for Low-power General Purpose Microcontrollers by Finite State Machines
As a result of the research, two directions for development of software architecture for low-power general purpose microcontrollers (LPGPM) are identified. The first, classical approach is the development using standard State patterns. The second is the development of programs, algorithms and structures based on mathematical analysis.The first direction is chosen in the work. The variant of the implementation of a typical pattern for development of software architecture (SA) in the form of a finite state machine (FSM) is proposed to discussion. This pattern allows to divide the development of the architectural part of the program for LPGPM and programming the LPGPM hardware. This approach makes it possible to divide the work of the software architect and the work of LPGPM hardware specialists. Advantage of the solution in comparison with the real time operating system (RTOS) is the saving of LPGPM hardware resources. In addition, it improves the readability of code and good testing prospects. The resulting architecture makes it possible to easily accompany the software and switch to other types of microcontroller. The disadvantage is an increase in the required amount of RAM with an increase in the number of states. It is this disadvantage that requires the application not only of experimental and engineering-intuitive methods, but also to continue research in the second direction
- …