The networking industry is currently undergoing a steady trend of softwarization. Yet, network engineers suffer from the lack of software development tools that support programming of new protocols. We are creating a ...
详细信息
The networking industry is currently undergoing a steady trend of softwarization. Yet, network engineers suffer from the lack of software development tools that support programming of new protocols. We are creating a cost analysis tool for the P4 programming language, that automatically verifies whether the developed program meets soft deadline requirements imposed by the network. In this paper, we present an approach to estimate the average execution time of P4 program based on control flow graphs. Our approach takes into consideration that many of the parts of P4 are implementation-defined: required information can be added in through incremental refinement, while missing information is handled by falling back to less precise defaults. We illustrate application of this approach to a P4 protocol in two case studies: we use it to examine the effect of a compiler optimization in the deparse stage, and to show how it enables cost modelling complex lookup table implementations. Finally, we assess future research tasks to be completed before the tool is ready for real-world usage.
Evolutionary structural testing is a technique that uses sp ecific approaches based on guided searches algorithms. It involves evaluating fitness functions to determine wheth er test data satisfy or not various struct...
详细信息
Evolutionary structural testing is a technique that uses sp ecific approaches based on guided searches algorithms. It involves evaluating fitness functions to determine wheth er test data satisfy or not various structural testing crite ria. For testing multi-way decision constructs the nested If-Then-Else structure and Alternative Critical Branches (ACBs) approa ches are generally used. In this paper a new evolutionary structural approach b ased on Compact and Minimized control flow graph (CMCFG) which uses two different formulas for evaluating the perform ance of test data, is presented. The CMCFG approach is derive d from the concept of control flow graph (CFG). Experiments on different Switch-Case constructs with different nesting levels have demonstrated that CMCFG yields significantly better re sults in finding test data which cover a particular target bra nch in comparison with the previous approaches.
Regression testing is the process of validating modified software to provide confidence that the changed parts of the software behave as intended and that the unchanged parts have not been adversely affected by the mo...
详细信息
Regression testing is the process of validating modified software to provide confidence that the changed parts of the software behave as intended and that the unchanged parts have not been adversely affected by the modifications. The goal of regression testing is to reduce the test suit by testing the new characters and the modified parts of a program with the original test suit. Regression testing is a high cost testing method. This paper presents a regression testing selection technique that can reduce the test suit on the basis of control flow graph (CFG). It import the inherit strategy of object-oriented language to ensure an edge’s control domain to reduce the test suit size effectively. We implement the idea by coding the edge. An algorithm is also presented at last.
Software protection technology has been universally emphasized, with the development of reverse engineering and static analysis techniques. So, it is important to research how to quantitatively evaluate the security o...
详细信息
Software protection technology has been universally emphasized, with the development of reverse engineering and static analysis techniques. So, it is important to research how to quantitatively evaluate the security of the protected software. However, there are some researchers evaluating the security of the proposed protect techniques directly by the traditional complexity metrics, which is not suffident. In order to better reflect security from software complexity, a multi-factor complexity metric based on control flow graph (CFG) is proposed, and the corresponding calculating procedures are presented in detail. Moreover, complexity density models are constructed to indicate the strength of software resisting reverse engineering and code analysis. Instance analysis shows that the proposed method is simple and practical, and can more objectively reflect software security from the perspective of the complexity.
Context: Fault localization is an important and expensive activity in software debugging. Previous studies indicated that statistically-based fault-localization techniques are effective in prioritizing the possible fa...
详细信息
Context: Fault localization is an important and expensive activity in software debugging. Previous studies indicated that statistically-based fault-localization techniques are effective in prioritizing the possible faulty statements with relatively low computational complexity, but prior works on statistical analysis have not fully investigated the behavior state information of each program element. Objective: The objective of this paper is to propose an effective fault-localization approach based on the analysis of state dependence information between program elements. Method: In this paper, state dependency is proposed to describe the controlflow dependence between statements with particular states. A state dependency probabilistic model uses path profiles to analyze the state dependency information. Then, a fault-localization approach is proposed to locate faults by differentiating the state dependencies in passed and failed test cases. Results: We evaluated the fault-localization effectiveness of our approach based on the experiments on Siemens programs and four UNIX programs. Furthermore, we compared our approach with current state-of-art fault-localization methods such as SOBER, Tarantula, and CP. The experimental results show that, our approach can locate more faults than the other methods in every range on Siemens programs, and the overall efficiency of our approach in the range of 10-30% of analyzed source code is higher than the other methods on UNIX programs. Conclusion: Our studies show that our approach consistently outperforms the other evaluated techniques in terms of effectiveness in fault localization on Siemens programs. Moreover, our approach is highly effective in fault localization even when very few test cases are available. (C) 2014 Elsevier B.V. All rights reserved.
Java Card are devices subject to either hardware and software attacks. Thus several countermeasures need to be embedded to avoid the effects of these attacks. Recently, the idea to combine logical attacks with a physi...
详细信息
Java Card are devices subject to either hardware and software attacks. Thus several countermeasures need to be embedded to avoid the effects of these attacks. Recently, the idea to combine logical attacks with a physical attack to bypass bytecode verification has emerged. For instance, correct and legitimate Java Card applications can be dynamically modified on-card using laser beam. Such applications become mutant applications, with a different behavior. This internal change could lead to bypass control and protection and thus should offer illegal access to secret data and operation inside the chip. In this paper, we propose a set of countermeasures that can be activated by the developer using the annotation mechanism. These countermeasures are efficient but also affordable for the smart card domain, as shown by the evaluation of the coverage and memory usage.
This paper addresses a probabilistic approach to error propagation analysis of a mechatronic system. These types of systems require highly abstractive models for the proper mapping of the mutual interaction of heterog...
详细信息
This paper addresses a probabilistic approach to error propagation analysis of a mechatronic system. These types of systems require highly abstractive models for the proper mapping of the mutual interaction of heterogeneous system components such as software, hardware, and physical parts. A literature overview reveals a number of appropriate error propagation models that are based on Markovian representation of controlflow. However, these models imply that data errors always propagate through the controlflow. This assumption limits their application to systems, in which components can be triggered in arbitrary order with non-sequential data flow. A motivational example, discussed in this paper, shows that control and data flows must be considered separately for an accurate description of an error propagation process. For this reason, we introduce a new concept of error propagation analysis. The central idea is a synchronous examination of two directed graphs: a control flow graph and a data flowgraph. The structures of these graphs can be derived systematically during system development. The knowledge about an operational profile and properties of individual system components allow the definition of additional parameters of the error propagation model. A discrete time Markov chain is applied for the modeling of faults activation, errors propagation, and errors detection during operation of the system. A state graph of this Markov chain can be generated automatically using the discussed dual-graph representation. A specific approach to computation of this Markov chain makes it possible to obtain the probabilities of erroneous and error-free system execution scenarios. This information plays a valuable role in development of dependable systems. For instance, it can help to define an effective testing strategy, to perform accurate reliability estimation, and to speed up error detection and fault localization processes. This paper contains a comprehensive description
This paper is devoted to the design and development of a system for automating numerical similarity assessment of Android applications. The task of the evaluation of application similarity is reduced to the similarity...
详细信息
This paper is devoted to the design and development of a system for automating numerical similarity assessment of Android applications. The task of the evaluation of application similarity is reduced to the similarity evaluation of sets of control flow graphs constructed based on code from *** files of applications. The similarity value was calculated based on the similarity matrix. The algorithms of graph editing and Levenshtein distance were used to compare control flow graphs. The application similarity criteria were formulated, and their representation forms were investigated. Types of Android application models and methods of their construction are presented. A prototype of the system for automating the numerical evaluation of Android-applications similarity is developed. Optimization of the software solution is performed with the help of parallel programming tools. Experiments are carried out, and a conclusion is drawn concerning the ability of the developed system to detect similarities between Android applications.
In this paper we propose to use software classes as actual components and to build the control flow graph to represent software architecture using suffix tree. The proposed model of dynamic collection and storage of r...
详细信息
ISBN:
(纸本)9781467364614
In this paper we propose to use software classes as actual components and to build the control flow graph to represent software architecture using suffix tree. The proposed model of dynamic collection and storage of reliability testing data using high order Markov chains results in less memory usage than matrix representation and allows easy dynamic changes of Markov process order. As an example of the model we suggest to use new pattern based on Composite design pattern.
This paper deals with the binary analysis of executable programs, with the goal of understanding how they access memory. It explains how to statically build a formal model of all memory accesses. Starting with a contr...
详细信息
ISBN:
(纸本)9780769541785
This paper deals with the binary analysis of executable programs, with the goal of understanding how they access memory. It explains how to statically build a formal model of all memory accesses. Starting with a control-flowgraph of each procedure, well-known techniques are used to structure this graph into a hierarchy of loops in all cases. The paper shows that much more information can be extracted by performing a complete data-flow analysis over machine registers after the program has been put in static single assignment (SSA) form. By using the SSA form, registers used in addressing memory can be symbolically expressed in terms of other, previously set registers. By including the loop structures in the analysis, loop indices and trip counts can also often be expressed symbolically. The whole process produces a formal model made of loops where memory accesses are linear expressions of loop counters and registers. The paper provides a quantitative evaluation of the results when applied to several dozens of SPEC benchmark programs. Because static analysis is often incomplete, the paper ends by describing a lightweight instrumentation strategy that collects at run time enough information to complete the program's symbolic description.
暂无评论