Automatic Generation of Attacker Contracts in Solidity

Smart contracts on the Ethereum blockchain continue to suffer from well-published problems. A particular example is the well-known smart contract reentrancy vulnerability, which continues to be exploited. In this article, we present preliminary work on a method which, given a smart contract that may be vulnerable to such a reentrancy attack, proceeds to attempt to automatically derive an "attacker" contract which can be used to successfully attack the vulnerable contract. The method uses property-based testing to generate, semi-randomly, large numbers of potential attacker contracts, and then proceeds to check whether any of them is a successful attacker. The method is illustrated using a case study where an attack is derived for a vulnerable contract

Automated model-based testing based on an agnostic-platform modeling language

Currently multiple Domain Specific Languages (DSLs) are used for model-driven software development, in some specific domains. Software development methods, such as agile development, are test-centered, and their application in model-based frameworks requires model support for test development. We introduce a specific language to define generic test models, which can be automatically transformed into executable tests for particular testing platforms. The resulting test models represent the test plan for applications also built according to a model-based approach. The approach presented here includes some customisations for the application of the developed languages and transformation tools for some specific testing platforms. These languages and tools have been integrated with some specific DSL designed for software development

Languages for safety-certification related propertis

The Safety Certification of Software-Intensive Systems with Reusable Components project, in short SafeCer (www.safecer.eu),is targeting increased efficiency and reduced time-to-market by composable safety certification of safety- relevant embedded systems. The industrial domains targeted are within automotive and construction equipment, avionics, and rail. Some of the companies involved are: Volvo Tech- nology, Thales, TTTech, and Intecs among others. SafeCer includes more than 30 partners in six different countries and has a budget of e25.7 millions. A primary objective is to provide support for system safety arguments based on arguments and properties of system components as well as to provide support for generation of corresponding evidence in a similar compositional way. By providing support for efficient reuse of certification and stronger links between certification and development, compo- nent reuse will be facilitated, and by providing support for reuse across domains the amount of components available for reuse will increase dramatically. The resulting efficiency and reduced time to market will, together with increased quality and reduced risk, increase competitiveness and pave the way for a cross-domain market for software components qualified for certification

Engineering Multi-Agent Systems: State of Affairs and the Road Ahead

The continuous integration of software-intensive systems together with the ever-increasing computing power offer a breeding ground for intelligent agents and multi-agent systems (MAS) more than ever before. Over the past two decades, a wide variety of languages, models, techniques and methodologies have been proposed to engineer agents and MAS. Despite this substantial body of knowledge and expertise, the systematic engineering of large-scale and open MAS still poses many challenges. Researchers and engineers still face fundamental questions regarding theories, architectures, languages, processes, and platforms for designing, implementing, running, maintaining, and evolving MAS. This paper reports on the results of the 6th International Workshop on Engineering Multi-Agent Systems (EMAS 2018, 14th-15th of July, 2018, Stockholm, Sweden), where participants discussed the issues above focusing on the state of affairs and the road ahead for researchers and engineers in this area

Model checking the interaction of Erlang components

EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Translating Erlang to /spl mu/CRL

The language Erlang has been developed by Ericsson to implement large switching systems. Erlang is nowadays used by several companies for complex embedded systems. The language /spl mu/CRL is a process algebra with data. Several verification tools are available for /spl mu/CRL and other process algebras, including a tool to create labelled transition systems from /spl mu/CRL specifications. By having a translation from Erlang to /spl mu/CRL we can apply the verification tools for process algebras and labelled transition systems to industrial code. The translation is aware of the major design component in the switching software. This knowledge is used to ensure that the size of the labelled transition system generated by the tools is smaller than with a naive translation