Interactive Refinement Of Hierarchical Object Graphs

Developers need to understand the runtime structure of object-oriented code, and abstract object graphs can help. To extract abstract object graphs that convey design intent in the form of object hierarchy, additional information is needed to express this hierarchy in the code using ownership types, but adding ownership type qualifiers after the fact involves manual overhead, and requires developers to switch between adding qualifiers in the code and looking at abstract object graphs to understand the object structures that the qualifiers describe. We describe an approach where developers express their design intent by refining an object graph directly, while an inference analysis infers valid qualifiers in the code. A separate extraction analysis then uses these qualifiers and extracts an updated object graph. We implement and test the approach on several small test cases and confirm its feasibility

Apparatuses and Methods for Producing Runtime Architectures of Computer Program Modules

Apparatuses and methods for producing run-time architectures of computer program modules. One embodiment includes creating an abstract graph from the computer program module and from containment information corresponding to the computer program module, wherein the abstract graph has nodes including types and objects, and wherein the abstract graph relates an object to a type, and wherein for a specific object the abstract graph relates the specific object to a type containing the specific object; and creating a runtime graph from the abstract graph, wherein the runtime graph is a representation of the true runtime object graph, wherein the runtime graph represents containment information such that, for a specific object, the runtime graph relates the specific object to another object that contains the specific object

Runtime visualisation of object-oriented software

Software is a complex and invisible entity, yet one which is core to modem life. The development and maintenance of such software includes one staple task, the need to understand the software at the implementation level. This process of program comprehension is difficult and time consuming. Yet, despite its importance, there remains very limited tool support for program comprehension activities. The results of this research show the role that runtime visualisation can play in aiding the comprehension of object-oriented software by highlighting both its static and dynamic structure. Previous work in this area is discussed, both in terms of the representations used and the methods of extracting runtime information. Building on this previous work, this thesis develops new representations of object-oriented software at runtime, which are then implemented in a proof of concept tool. This tool allowed the representations to be investigated on real software systems. The representations are evaluated against two feature-based evaluation frameworks. The evaluation focuses on generic software visualisation criteria, due to the lack of any specific frameworks for visualising dynamic information. The evaluation also includes lessons learnt in the implementation of a prototype visualisation tool. The object-oriented paradigm continues to grow in popularity and provides advantages to program comprehension activities. However, it also brings a number of new challenges to program comprehension due to the discrepancies between its static definition and its runtime structure. Therefore, techniques that highlight both the static definition and the runtime behaviour of object-oriented systems offer benefits to their comprehension. Software visualisation offers an approach to aid program comprehension activities through providing a means to deal with the size and complexity of the software and its invisible nature. This thesis highlights the generic issues that software visualisation faces, before focusing on how the visualisation of runtime information affects these issues. Many of the issues are compounded by the dynamic nature of the information to be visualised and the explosive growth in the volume of information that this dynamism can bring. Wider results of this research have allowed the proposal of the necessary concepts that should be considered in the design and evaluation of runtime visualisations. Software visualisation at runtime is still a relatively unexplored area and there remains many research challenges within it. This thesis aims to act as a first step to addressing these challenges and aims to promote interest and future development within this area

Static Extraction Of Dataflow Communication For Security

The cost of security vulnerabilities in widely-deployed code such as mobile applications is high. As a result, many companies are using Architectural Risk Analysis (ARA) to find security vulnerabilities before releasing their applications. The existing analyses are focused on finding local coding bugs such as a hard-coded password, rather than architectural flaws such as bypassing the authentication component. During ARA, to find vulnerabilities that are architectural flaws, security architects use a forest-level view of the runtime architecture instead of reading the code. Unfortunately, such a view is often missing from the documentation or is inconsistent with the code. This thesis contributes Scoria, a semi-automated approach for finding architectural flaws that uses a static analysis to extract from code with annotations an approximation of the runtime architecture as an abstract object graph with dataflow edges that refer to abstract objects. The annotations express local, modular hints about architectural tiers, logical containment, and strict encapsulation, such that the extracted object graph is hierarchical, which provides architects with both high-level and detailed understanding of the runtime architecture. Moreover, the abstract object graph is sound such that it has unique representatives for all objects and dataflow communication that may exist at runtime. Architects assisted by Scoria can write as machine-checkable constraints various security policies that are documented only informally. The constraints are in terms of object provenance and indirect communication and can find vulnerabilities missed by constraints that focus only on the presence or the absence of communication, or constraints that track only information flow from sources to sinks. The evaluation consists of expressing several rules from the CERT Secure Coding Standard for Java for which automated detection was previously unavailable. Scoria is also being used to find information disclosure in open-source Android apps. Based on an existing benchmark, Scoria performs better than commercial and research tools in terms of precision and recall. Scoria is thus making Architectural Risk Analysis, which is today mostly manual and informal, a more rigorous, principled and repeatable activity

Static Extraction Of Dataflow Communication For Security

The cost of security vulnerabilities in widely-deployed code such as mobile applications is high. As a result, many companies are using Architectural Risk Analysis (ARA) to find security vulnerabilities before releasing their applications. The existing analyses are focused on finding local coding bugs such as a hard-coded password, rather than architectural flaws such as bypassing the authentication component. During ARA, to find vulnerabilities that are architectural flaws, security architects use a forest-level view of the runtime architecture instead of reading the code. Unfortunately, such a view is often missing from the documentation or is inconsistent with the code. This thesis contributes Scoria, a semi-automated approach for finding architectural flaws that uses a static analysis to extract from code with annotations an approximation of the runtime architecture as an abstract object graph with dataflow edges that refer to abstract objects. The annotations express local, modular hints about architectural tiers, logical containment, and strict encapsulation, such that the extracted object graph is hierarchical, which provides architects with both high-level and detailed understanding of the runtime architecture. Moreover, the abstract object graph is sound such that it has unique representatives for all objects and dataflow communication that may exist at runtime. Architects assisted by Scoria can write as machine-checkable constraints various security policies that are documented only informally. The constraints are in terms of object provenance and indirect communication and can find vulnerabilities missed by constraints that focus only on the presence or the absence of communication, or constraints that track only information flow from sources to sinks. The evaluation consists of expressing several rules from the CERT Secure Coding Standard for Java for which automated detection was previously unavailable. Scoria is also being used to find information disclosure in open-source Android apps. Based on an existing benchmark, Scoria performs better than commercial and research tools in terms of precision and recall. Scoria is thus making Architectural Risk Analysis, which is today mostly manual and informal, a more rigorous, principled and repeatable activity

A Front-End For An Ownership Object Graph Interactive Editor

Runtime views which show runtime structure, is a type of object graph. They show components as groups of objects and data structures. Runtime views are useful for tasks related to performance, reliability, and security. Most previous work on extracting object graphs has produced flat object graphs which are not scalable. Ownership object graphs (OOGs) increase the scalability of object graphs because it nests objects, creating hierarchy. Recent work has shown that sound extraction of OOGs from object-oriented systems is technically feasible. Soundness means that in any execution of the program, every object can be mapped to exactly one component in the graph. The recent work is a read-only viewer and shows a default decomposition. In order for developers to change the default decomposition, they must change the annotations. This is very tedious. In order to allow developers to iteratively refine an OOG, we propose the front-end of an editor to support this functionality, OOGIE. The OOGIE tool only supports operations that intuitively support soundness. For example, objects cannot be deleted, and edges cannot be added. The tool allows developers two kinds of operations to change the decomposition, abstraction by ownership hierarchy and abstraction by type. Abstraction by ownership hierarchy means that the decomposition shows architecturally significant objects near the top of the hierarchy and less architecturally significant objects such as data structures further down. Abstraction by types allows objects to be collapsed further according to their declared types. The work in this thesis is the first stage in addressing the usability problems of the read-only viewer. At this stage, OOGIE takes an XML file that contains an initial OOG produced by the extraction tool, and records the changes made to the OOG by the developer in the XML file. In the future, we plan on integrating the OOGIE tool with the extraction tool, and having OOGIE manipulate the annotations directly so that the developer does not have to. Having a user-friendly method of abstracting and manipulating OOGs increases their usefulness since developers can pick the decomposition that best suits their needs

An efficient and scalable platform for java source code analysis using overlaid graph representations

© 2013 IEEE. Although source code programs are commonly written as textual information, they enclose syntactic and semantic information that is usually represented as graphs. This information is used for many different purposes, such as static program analysis, advanced code search, coding guideline checking, software metrics computation, and extraction of semantic and syntactic information to create predictive models. Most of the existing systems that provide these kinds of services are designed ad hoc for the particular purpose they are aimed at. For this reason, we created ProgQuery, a platform to allow users to write their own Java program analyses in a declarative fashion, using graph representations. We modify the Java compiler to compute seven syntactic and semantic representations, and store them in a Neo4j graph database. Such representations are overlaid, meaning that syntactic and semantic nodes of the different graphs are interconnected to allow combining different kinds of information in the queries/analyses. We evaluate ProgQuery and compare it to the related systems. Our platform outperforms the other systems in analysis time, and scales better to program sizes and analysis complexity. Moreover, the queries coded show that ProgQuery is more expressive than the other approaches. The additional information stored by ProgQuery increases the database size and associated insertion time, but these increases are significantly lower than the query/analysis performance gains obtained.Spanish Department of Science, Innovation and Universities under Project RTI2018-099235-B-I00

Quantitative And Qualitative Evaluation Of Metrics On Object Graphs Extracted By Abstract Interpretation

Evaluating programming-language based techniques is crucial to judge their usefulness in practice but requires a careful selection of systems on which to evaluate the technique. Since it is particularly hard to evaluate a heavyweight technique, such as one that requires adding annotations to the code or rewriting the system in a radically different language, it is common to use a lightweight proxy to predict the technique\u27s usefulness for a system. But the reliability of such a proxy is unclear. We propose a principled data-driven approach to derive a lightweight proxy for a heavyweight technique that requires adding annotations to the code. The approach involves the following: computing metrics (DiffMetrics) that measure differences between a system representation (e.g., the code structure) and the system representation extracted by the heavyweight technique (e.g., abstraction of the runtime structure); identifying the outliers of the DiffMetrics; identifying code patterns and classifying the outliers based on the identified code patterns; implementing visitors that look for the code patterns on systems with no annotations; identifying code metrics that correlate strongly with the DiffMetrics. For a new system with no annotations, a proxy predicts if the heavyweight technique may be useful based on the results from the visitors and the code metrics. To evaluate the approach, we run the visitors and compute code metrics on four systems that were previously not analyzed. The proxy predicts that the heavyweight technique may be useful two of the systems. Thus, the abstract runtime structure may be significantly different from the code structure for those systems. To validate the proxy\u27s predictions, we run the heavyweight technique on the two systems to confirm the predictions. Such a principled approach is reusable and can be applied on any programming-language based technique to identify systems for evaluation and for a better understanding the types of systems for which a technique is most useful