Detecting Test Clones with Static Analysis

Large-scale software systems often have correspondingly complicated test suites, which are diffi cult for developers to construct and maintain. As systems evolve, engineers must update their test suite along with changes in the source code. Tests created by duplicating and modifying previously existing tests (clones) can complicate this task. Several testing technologies have been proposed to mitigate cloning in tests, including parametrized unit tests and test theories. However, detecting opportunities to improve existing test suites is labour intensive. This thesis presents a novel technique for etecting similar tests based on type hierarchies and method calls in test code. Using this technique, we can track variable history and detect test clones based on test assertion similarity. The thesis further includes results from our empirical study of 10 benchmark systems using this technique which suggest that test clone detection by our technique will aid test de-duplication eff orts in industrial systems

Incidence of childhood leukaemia in the vicinity of nuclear sites in France, 1990–1998

Overall, 670 cases (O) of childhood leukaemia were diagnosed within 20 km of the 29 French nuclear installations between 1990 and 1998 compared to an expected number (E) of 729.09 cases (O/E=0.92, 95% confidence interval (CI)=[0.85-0.99]). Each of the four areas defined around the sites showed non significant deficits of cases (0-5 km: O=65, O/E=0.87, CI=[0.67-1.10]; 5-10 km: O=165, O/E=0.95, CI=[0.81-1.10]; 10-15 km: O=220, O/E=0.88, CI=[0.77-1.00]; 15-20 km: O=220, O/E=0.96, CI=[0.84-1.10]). There was no evidence of a trend in standardised incidence ratio with distance from the sites for all children or for any of the three age groups studied. Similar results were obtained when the start-up year of the electricity-generating nuclear sites and their electric nuclear power were taken into account. No evidence was found of a generally increased risk of childhood leukaemia around the 29 French nuclear sites under study during 1990-1998

Tight Private Circuits: Achieving Probing Security with the Least Refreshing

Masking is a common countermeasure to secure implementations against side-channel attacks. In 2003, Ishai, Sahai, and Wagner introduced a formal security model, named t-probing model, which is now widely used to theoretically reason on the security of masked implementations. While many works have provided security proofs for small masked components, called gadgets, within this model, no formal method allowed to securely compose gadgets with a tight number of shares (namely, t + 1) until recently. In 2016, Barthe et al. filled this gap with maskComp, a tool checking the security of masking schemes composed of several gadgets. This tool can achieve provable security with tight number of shares by inserting mask-refreshing gadgets at carefully selected locations. However the method is not tight in the sense that there exists some compositions of gadgets for which it cannot exhibit a flaw nor prove the security. As a result, it is overconservative and might insert more refresh gadgets than actually needed to ensure t-probing security. In this paper, we exhibit the first tool, referred to as tightPROVE, able to clearly state whether a shared circuit composed of standard gadgets (addition, multiplication, and refresh) is t-probing secure or not. Given such a composition, our tool either produces a probing-security proof (valid at any order) or exhibits a security flaw that directly implies a probing attack at a given order. Compared to maskComp, tightPROVE can drastically reduce the number of required refresh gadgets to get a probing security proof, and thus the randomness requirement for some secure shared circuits. We apply our method to a recent AES implementation secured with higher-order masking in bitslice and we show that we can save all the refresh gadgets involved in the s-box layer, which results in an significant performance gain