Static Taint Analysis Applied to Detecting Bad Programming Practices in Android

Frameworks and Application Programming Interfaces (API) usually come along with a set of guidelines that establish good programming practices in order to avoid pitfalls which could lead, at least, to bad user experiences, and at most, to program crashes. Most often than not, such guidelines are not at all enforced by IDEs. This work investigates whether static taint analysis could be effectively used for automatically detecting bad programming patterns in Android applications. It presents the implemented tool, called CheckDroid, together with the preliminary experimental evaluation carried out.Sociedad Argentina de Informática e Investigación Operativ

Static Taint Analysis Applied to Detecting Bad Programming Practices in Android

Frameworks and Application Programming Interfaces (API) usually come along with a set of guidelines that establish good programming practices in order to avoid pitfalls which could lead, at least, to bad user experiences, and at most, to program crashes. Most often than not, such guidelines are not at all enforced by IDEs. This work investigates whether static taint analysis could be effectively used for automatically detecting bad programming patterns in Android applications. It presents the implemented tool, called CheckDroid, together with the preliminary experimental evaluation carried out.Sociedad Argentina de Informática e Investigación Operativ

Summary-based inference of quantitative bounds of live heap objects

This article presents a symbolic static analysis for computing parametric upper bounds of the number of simultaneously live objects of sequential Java-like programs. Inferring the peak amount of irreclaimable objects is the cornerstone for analyzing potential heap-memory consumption of stand-alone applications or libraries. The analysis builds method-level summaries quantifying the peak number of live objects and the number of escaping objects. Summaries are built by resorting to summaries of their callees. The usability, scalability and precision of the technique is validated by successfully predicting the object heap usage of a medium-size, real-life application which is significantly larger than other previously reported case-studies.Fil: Braberman, Victor Adrian. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Departamento de Computación; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas; ArgentinaFil: Garbervetsky, Diego David. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Departamento de Computación; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas; ArgentinaFil: Hym, Samuel. Universite Lille 3; FranciaFil: Yovine, Sergio Fabian. Universidad de Buenos Aires. Facultad de Ciencias Exactas y Naturales. Departamento de Computación; Argentina. Consejo Nacional de Investigaciones Científicas y Técnicas; Argentin

Stability Analysis of a Longitudinal Control Law for Autonomous Vehicles

We focus in this article on the analysis of an existing acceleration law for a following autonomous vehicle with constant time headway goal. We first define a function that measures the positioning of the following vehicle compared to the leading vehicle with respect to the desired time headway. We study the convergence and bounds of this positioning function and prove some key results in an ideal case, i.e., when all accelerations are unbounded. Then we conduct several simulations that validate our theoretical results and show their limitations in real cases, i.e., when the accelerations are technologically bounded. Finally we use decoupling and feedback linearization techniques to derive a new acceleration law whose convergence is always exponential in the ideal case, and we compare both laws

Efficient Region-Based Memory Management for Resource-limited Real-Time Embedded Systems.

This paper presents a simple and efficient static analysis algorithm, combined with a region allocation policy for real-time embedded Java applications. The goal of this work is to provide a static analysis mechanism efficient enough to be integrated in an assisted-development environment, and to implement region-based memory management primitives suited for resource-limited platforms such as smart cards

¿Cómo compartir datos de manera efectiva y privada?

Este trabajo analiza la problemática general de dar garantías de privacidad manteniendo niveles aceptables de utilidad predictiva cuando se comparten datos sensibles. En particular, se considera la situación en la cual varias organizaciones (públicas y/o privadas) comparten entre ellas y/o con terceros modelos entrenados con datos privados de cada una de ellas.Agencia Nacional de Investigación e Innovació

Static Taint Analysis Applied to Detecting Bad Programming Practices in Android

Frameworks and Application Programming Interfaces (API) usually come along with a set of guidelines that establish good programming practices in order to avoid pitfalls which could lead, at least, to bad user experiences, but also to program crashes. Most often than not, such guidelines are not at all enforced by IDEs. This work investigates whether static taint analysis could be effectively used for automatically detecting bad programming patterns in Android applications. It presents the implemented tool, called CheckDroid, together with the preliminary experimental evaluation carried out.Sociedad Argentina de Informática e Investigación Operativ

Prototipo de “Application of Private Aggregation of Ensemble Models to Sensible Data” en la plataforma PySyft de OpenMined

En este documento se presenta una prueba de concepto de implementación concreta en la plataforma PySyft de OpenMined de la solución propuesta en “Application of Private Aggregation of Ensemble Models to Sensible Data” para la protección de datos privados.Agencia Nacional de Investigación e Innovació

Static Taint Analysis Applied to Detecting Bad Programming Practices in Android

Frameworks and Application Programming Interfaces (API) usually come along with a set of guidelines that establish good programming practices in order to avoid pitfalls which could lead, at least, to bad user experiences, and at most, to program crashes. Most often than not, such guidelines are not at all enforced by IDEs. This work investigates whether static taint analysis could be effectively used for automatically detecting bad programming patterns in Android applications. It presents the implemented tool, called CheckDroid, together with the preliminary experimental evaluation carried out.Sociedad Argentina de Informática e Investigación Operativ

Building models of real-time systems from application software

We present a methodology for building timed models of real-time systems by adding time constraints to their application software. The applied constraints take into account execution times of atomic statements, the behavior of the system's external environment, and scheduling policies. The timed models of the application obtained in this manner can be analyzed by using time analysis techniques to check relevant real-time properties. We show an instance of the methodology developed in the TAXYS project for the modeling and analysis of real-time systems programmed in the Esterel language. This language has been extended to describe, by using pragmas, time constraints characterizing the execution platform and the external environment. An analyzable timed model of the real-time system is produced by composing instrumented C-code generated by the compiler. The latter has been re-engineered in order to take into account the pragmas. Finally, we report on applications of TAXYS to several nontrivial examples. © 2003 IEEE