Early detection of ripple propagation in evolving software systems

Ripple effect analysis is the analysis of the consequential knock on effects of a change to a software system. In the first part of this study, ripple effect analysis methods are classified into several categories based on the types of information the methods analyse and produce. A comparative and analytical study of methods from these categories was performed in an attempt to assist maintainers in the selection of ripple effect analysis methods for use in different phases of the software maintenance process. It was observed that existing methods are most usable in the later stages of the software maintenance process and not at an early stage when strategic decisions concerning project scheduling are made. The second part of the work, addresses itself to the problem of tracing the ripple effect of a change, at a stage earlier in the maintenance process than existing ripple effect analysis methods allow. Particular emphasis is placed upon the development of ripple effect analysis methods for analysing system documentation. The ripple effect analysis methods described in this thesis involve manipulating a novel graph theory model called a Ripple Propagation Graph. The model is based on the thematic structure of documentation, previous release information and expert judgement concerning potential ripple effects. In the third part of the study the Ripple Propagation Graph model and the analysis methods are applied and evaluated, using examples of documentation structure and a major case study

Cellular antiseizure mechanisms of everolimus in pediatric tuberous sclerosis complex, cortical dysplasia, and non-mTOR-mediated etiologies.

The present study was designed to examine the potential cellular antiseizure mechanisms of everolimus, a mechanistic target of rapamycin (mTOR) pathway blocker, in pediatric epilepsy cases. Cortical tissue samples obtained from pediatric patients (n = 11, ages 0.67-6.75 years) undergoing surgical resections for the treatment of their pharmacoresistant epilepsy were examined electrophysiologically in ex vivo slices. The cohort included mTOR-mediated pathologies (tuberous sclerosis complex [TSC] and severe cortical dysplasia [CD]) as well as non-mTOR-mediated pathologies (tumor and perinatal infarct). Bath application of everolimus (2 μm) had practically no effect on spontaneous inhibitory postsynaptic activity. In contrast, long-term application of everolimus reduced spontaneous excitatory postsynaptic activity, burst discharges induced by blockade of γ-aminobutyric acid A (GABAA) receptors, and epileptiform activity generated by 4-aminopyridine, a K+ channel blocker. The antiseizure effects were more pronounced in TSC and CD cases, whereas in non-mTOR-mediated pathologies, the effects were subtle at best. These results support further clinical trials of everolimus in mTOR pathway-mediated pathologies and emphasize that the effects require sustained exposure over time

Extending Traditional Static Analysis Techniques to Support Development, Testing and Maintenance of Component-Based Solutions

Traditional static code analysis encompasses a mature set of techniques for helping understand and optimize programs, such as dead code elimination, program slicing, and partial evaluation (code specialization). It is well understood that compared to other program analysis techniques (e.g., dynamic analysis), static analysis techniques do a reasonable job for the cost associated with implementing them. Industry and government are moving away from more ‘traditional’ development approaches towards component-based approaches as ‘the norm.’ Component-based applications most often comprise a collection of distributed object-oriented components such as forms, code snippets, reports, modules, databases, objects, containers, and the like. These components are glued together by code typically written in a visual language. Some industrial experience shows that component-based development and the subsequent use of visual development environments, while reducing an application\u27s total development time, actually increase certain maintenance problems. This provides a motivation for using automated analysis techniques on such systems. The results of this research show that traditional static analysis techniques may not be sufficient for analyzing component-based systems. We examine closely the characteristics of a component-based system and document many of the issues that we feel make the development, analysis, testing and maintenance of such systems more difficult. By analyzing additional summary information for the components as well as any available source code for an application, we show ways in which traditional static analysis techniques may be augmented, thereby increasing the accuracy of static analysis results and ultimately making the maintenance of component-based systems a manageable task. We develop a technique to use semantic information about component properties obtained from type library and interface definition language files, and demonstrate this technique by extending a traditional unreachable code algorithm. To support more complex analysis, we then develop a technique for component developers to provide summary information about a component. This information can be integrated with several traditional static analysis techniques to analyze component-based systems more precisely. We then demonstrate the effectiveness of these techniques on several real Department of Defense (DoD) COTS component-based systems

Structural testing techniques for the selective revalidation of software

The research in this thesis addresses the subject of regression testing. Emphasis is placed on developing a technique for selective revalidation which can be used during software maintenance to analyse and retest only those parts of the program affected by changes. In response to proposed program modifications, the technique assists the maintenance programmer in assessing the extent of the program alterations, in selecting a representative set of test cases to rerun, and in identifying any test cases in the test suite which are no longer required because of the program changes. The proposed technique involves the application of code analysis techniques and operations research. Code analysis techniques are described which derive information about the structure of a program and are used to determine the impact of any modifications on the existing program code. Methods adopted from operations research are then used to select an optimal set of regression tests and to identify any redundant test cases. These methods enable software, which has been validated using a variety of structural testing techniques, to be retested. The development of a prototype tool suite, which can be used to realise the technique for selective revalidation, is described. In particular, the interface between the prototype and existing regression testing tools is discussed. Moreover, the effectiveness of the technique is demonstrated by means of a case study and the results are compared with traditional regression testing strategies and other selective revalidation techniques described in this thesis

PROGRAM SLICING TECHNIQUES AND ITS APPLICATIONS

Program understanding is an important aspect in Software Maintenance and Reengineering. Understanding the program is related to execution behaviour and relationship of variable involved in the program. The task of finding all statements in a program that directly or indirectly influence the value for an occurrence of a variable gives the set of statements that can affect the value of a variable at some point in a program is called a program slice. Program slicing is a technique for extracting parts of computer programs by tracing the programs’ control and data flow related to some data item. This technique is applicable in various areas such as debugging, program comprehension and understanding, program integration, cohesion measurement, re-engineering, maintenance, testing where it is useful to be able to focus on relevant parts of large programs. This paper focuses on the various slicing techniques (not limited to) like static slicing, quasi static slicing, dynamic slicing and conditional slicing. This paper also includes various methods in performing the slicing like forward slicing, backward slicing, syntactic slicing and semantic slicing. The slicing of a program is carried out using Java which is a object oriented programming language

A combined representation for the maintenance of C programs

A programmer wishing to make a change to a piece of code must first gain a full understanding of the behaviours and functionality involved. This process of program comprehension is difficult and time consuming, and often hindered by the absence of useful program documentation. Where documentation is absent, static analysis techniques are often employed to gather programming level information in the form of data and control flow relationships, directly from the source code itself. Software maintenance environments are created by grouping together a number of different static analysis tools such as program sheers, call graph builders and data flow analysis tools, providing a maintainer with a selection of 'views' of the subject code. However, each analysis tool often requires its own intermediate program representation (IPR). For example, an environment comprising five tools may require five different IPRs, giving repetition of information and inefficient use of storage space. A solution to this problem is to develop a single combined representation which contains all the program relationships required to present a maintainer with each required code view. The research presented in this thesis describes the Combined C Graph (CCG), a dependence-based representation for C programs from which a maintainer is able to construct data and control dependence views, interprocedural control flow views, program slices and ripple analyses. The CCG extends earlier dependence-based program representations, introducing language features such as expressions with embedded side effects and control flows, value returning functions, pointer variables, pointer parameters, array variables and structure variables. Algorithms for the construction of the CCG are described and the feasibility of the CCG demonstrated by means of a C/Prolog based prototype implementation

Towards a unified software attack model to assess software protections

Attackers can tamper with programs to break usage conditions. Different software protection techniques have been proposed to limit the possibility of tampering. Some of them just limit the possibility to understand the (binary) code, others react more actively when a change attempt is detected. However, the validation of the software protection techniques has been always conducted without taking into consideration a unified process adopted by attackers to tamper with programs. In this paper we present an extension of the mini-cycle of change, initially proposed to model the process of changing program for maintenance, to describe the process faced by an attacker to defeat software protections. This paper also shows how this new model should support a developer when considering what are the most appropriate protections to deplo