Given a program whose functionality depends on access to certain external resources, we investigate the question of how to gracefully degrade functionality when a subset of those resources is unavailable. The concrete...
详细信息
Given a program whose functionality depends on access to certain external resources, we investigate the question of how to gracefully degrade functionality when a subset of those resources is unavailable. The concrete setting motivating this problem statement is mobile applications, which rely on contextual data (e.g., device identifiers, user location and contacts, etc.) to fulfill their functionality. In particular, we focus on the Android platform, which mediates access to resources via an installation-time permission model. On the one hand, granting an app the permission to access a resource (e.g., the device ID) entails privacy threats (e.g., releasing the device ID to advertising servers). On the other hand, denying access to a resource could render the app useless (e.g., if inability to read the device ID is treated as an error state). Our goal is to specialize an existing Android app in such a way that it is disabled from accessing certain sensitive resources (or contextual data) as specified by the user, while still being able to execute functionality that does not depend on those resources. We present SHAMDROID, a program transformation algorithm, based on specialized forms of program slicing, backwards static analysis and constraint solving, that enables the use of Android apps with partial permissions. We rigorously state the guarantees provided by SHAMDROID w.r.t. functionality maximization. We provide an evaluation over the top 500 Google Play apps and report on an extensive comparative evaluation of SHAMDROID against three other state-of-theart solutions (APM, XPrivacy, and Google App Ops) that mediate resource access at the system (rather than app) level. SHAMDROID performs better than all of these tools by a significant margin, leading to abnormal behavior in only 1 out of 27 apps we manually investigated, compared to the other solutions, which cause crashes and abnormalities in 9 or more of the apps. This demonstrates the importance of performing a
The INSIGHT simulation language describes systems in a quick, simple, and compact fashion using a network representation. This description can be entered and simulated using novel interactive facilities that free the ...
详细信息
The INSIGHT simulation language describes systems in a quick, simple, and compact fashion using a network representation. This description can be entered and simulated using novel interactive facilities that free the user from learning specific syntax. Statistics summarizing the simulation are produced automatically, but can be greatly enhanced by various input models and output analysis mechanisms. Use of the language does not require programming and complex models use the descriptive features of simple ones, incorporating more elaborate specifications and more sophisticated concepts. INSIGHT is available for most computers and is portable across machines. The language has been extensively applied and its scope of applications has ranged from manufacturing to service environments. Using INSIGHT, the process of simulation modeling and the results from the simulations combine to provide "insight" into problem solving.
GRAphe Fonctionnel de Commande Etape Transition (GRAFCET) is a powerful graphical modeling language for the specification of discrete event systems and an international standard since 1988. Since GRAFCET is a specific...
详细信息
GRAphe Fonctionnel de Commande Etape Transition (GRAFCET) is a powerful graphical modeling language for the specification of discrete event systems and an international standard since 1988. Since GRAFCET is a specification language and not a programming language, a GRAFCET specification (Grafcet) still has to be interpreted manually, e.g. as a Programmable Logic Controller (PLC) program according to IEC 61131-3. For this reason, the authors subsequently present a tool prototype, which allows the development of a Grafcet according to IEC 60848 definitions and additionally offers the opportunity to automatically generate IEC 61131-3 compliant control code. To facilitate tool integration into industrial applications, the prototype is based on a widely-used office software.
暂无评论