Symbolic execution is one of the most important testing techniques to ensure the quality of software systems that need to be dependable and reliable. This technique systematically explores the program of the subject s...
详细信息
Symbolic execution is one of the most important testing techniques to ensure the quality of software systems that need to be dependable and reliable. This technique systematically explores the program of the subject system which is represented by an Inter-procedural controlflow Graph (ICFG). An ICFG is a graph that combines control flow graphs (CFGs) of the program procedures by connecting each CFG with its call nodes. The existence of unreachable CFGs and infinite loops increases the complexity and runtime of a program, while they have no effect on testing the program. In this paper, we present an approach to convert the ICFG of a program to the corresponding finite automaton, called ICFG-automaton. Then, we construct a quasi-ordering hypergroup on the set of states of the ICFG-automaton and prove that the inner irreducibility in hypergroups is equivalent to the connectivity in CFGs. Moreover, we show that if every sub-automaton of an ICFG-automaton is a sub-hypergroup, then the program has an infinite loop. These results identify the parts of a program that should be modified to decrease the complexity of the testing activity.
This paper addresses the question of how to handle irreducible regions during optimization, which has become even more relevant for contemporary processors since recent VLIW-like architectures highly rely on instructi...
详细信息
This paper addresses the question of how to handle irreducible regions during optimization, which has become even more relevant for contemporary processors since recent VLIW-like architectures highly rely on instruction scheduling. The contributions of this paper are twofold. First, a method of optimized node splitting to transform irreducible regions of controlflow into reducible regions is formally defined and its correctness is shown. This method is superior to approaches previously published since it reduces the number of replicated nodes by comparison. Second, three methods that handle regions of irreducible controlflow are evaluated with respect to their impact on compiler optimizations. First, traditional node splitting is evaluated. Second, optimized node splitting is implemented. Third, DJ-graphs are utilized to recognize nesting of irreducible (and reducible) loops and apply common loop optimizations extended for irreducible loops. Experiments compare the performance of these approaches with unrecognized irreducible loops that cannot be subject to loop optimizations, which is typical for contemporary compilers. Measurements show improvements of 1 to 40% for these methods of handling irreducible loops over the unoptimized case. Optimized node splitting may be chosen to retrofit existing compilers since it has the advantage that it only requires few changes to an optimizing compiler while limiting the code growth of compiled programs compared to traditional node splitting. Recognizing loops via DJ-graphs should be chosen for new compiler developments since it requires more changes to the optimizer but does not significantly change the code size of compiled programs while yielding comparable improvements. Handling irreducible loops should even yield more benefits for exploiting instruction-level parallelism of modern architectures in the context of global instruction scheduling and optimization techniques that may introduce irreducible loops, such as enhanc
Binary-level control-flow Graph (CFG) construction is essential for applications such as control-flow integrity. There are two main approaches: the binary-analysis approach and the compiler-modification approach. The ...
详细信息
ISBN:
(纸本)9781450356329
Binary-level control-flow Graph (CFG) construction is essential for applications such as control-flow integrity. There are two main approaches: the binary-analysis approach and the compiler-modification approach. The binary-analysis approach does not require source code, but it constructs low-precision CFGs. The compiler-modification approach requires source code and modifies compilers for CFG generation. We describe the design and implementation of an alternative system for high-precision CFG construction, which still assumes source code but does not modify compilers. Our approach makes use of standard compiler-generated meta-information, including symbol tables, relocation information, and debugging information. A key component in the system is a type-inference engine that infers types of low-level storage locations such as registers from types in debugging information. Inferred types enable a type-signature matching method for high-precision CFG construction.
Smart contracts are programs that are stored and executed on the Blockchain and can receive, manage and transfer money (cryptocurrency units). Two important problems regarding smart contracts are formal analysis and c...
详细信息
ISBN:
(纸本)9781450359337
Smart contracts are programs that are stored and executed on the Blockchain and can receive, manage and transfer money (cryptocurrency units). Two important problems regarding smart contracts are formal analysis and compiler optimization. Formal analysis is extremely important, because smart contracts hold funds worth billions of dollars and their code is immutable after deployment. Hence, an undetected bug can cause significant financial losses. Compiler optimization is also crucial, because every action of a smart contract has to be executed by every node in the Blockchain network. Therefore, optimizations in compiling smart contracts can lead to significant savings in computation, time and energy. Two classical approaches in program analysis and compiler optimization are intraprocedural and interprocedural analysis. In intraprocedural analysis, each function is analyzed separately, while interprocedural analysis considers the entire program. In both cases, the analyses are usually reduced to graph problems over the controlflow graph (CFG) of the program. These graph problems are often computationally expensive. Hence, there has been ample research on exploiting structural properties of CFGs for efficient algorithms. One such well-studied property is the treewidth, which is a measure of tree-likeness of graphs. It is known that intraprocedural CFGs of structured programs have treewidth at most 6, whereas the interprocedural treewidth cannot be bounded. This result has been used as a basis for many efficient intraprocedural analyses. In this paper, we explore the idea of exploiting the treewidth of smart contracts for formal analysis and compiler optimization. First, similar to classical programs, we show that the intraprocedural treewidth of structured Solidity and Vyper smart contracts is at most 9. Second, for global analysis, we prove that the interprocedural treewidth of structured smart contracts is bounded by 10 and, in sharp contrast with classical program
Exceptions arc a source of information leaks, which arc difficult to handle as they allow for non-local control transfer. Existing dynamic information flowcontrol techniques either ignore unstructured controlflow or...
详细信息
ISBN:
(纸本)9781450327688
Exceptions arc a source of information leaks, which arc difficult to handle as they allow for non-local control transfer. Existing dynamic information flowcontrol techniques either ignore unstructured controlflow or are restrictive. This work presents a more permissive solution for controlling information leaks using program analysis techniques.
Verification is the most crucial part of the chip design process. Test benches, which are used to test VHDL code, need perform efficiently and effectively. We present an algorithm that achieves high code coverage by a...
详细信息
ISBN:
(纸本)9783642419478;9783642419461
Verification is the most crucial part of the chip design process. Test benches, which are used to test VHDL code, need perform efficiently and effectively. We present an algorithm that achieves high code coverage by analyzing the finite state machine (FSM), and controlflow graph (CFG) that are constructed from the source code. The symbolic execution of VHDL (Very-high-speed integrated Hardware Description Language) code is used as well. These three elements are combined into framework (TestBenchGen) written in Python programming language and evaluated against ITC'99 benchmark suite.
This chapter briefly summarizes recent research on the problem of inferring security properties of a computation from measurements of unintended electromagnetic emissions from the processing system on which the comput...
详细信息
ISBN:
(纸本)9783030365370;9783030365363
This chapter briefly summarizes recent research on the problem of inferring security properties of a computation from measurements of unintended electromagnetic emissions from the processing system on which the computation is being executed. The particular approach described involves two ingredients: (i) signal processing and machine learning to map observed analog measurements to program segments;and (ii) the program's controlflow structure which constrains the legitimate transitions between program segments. In particular, the controlflow logic of a program can be represented as a controlflow graph (CFG) that summarizes possible execution paths and controlflows in terms of transitions between basic blocks of the executable. In other words, the ultimate goal of this work is to track the behavior of an execution using unintended electromagnetic emissions. We describe various control flow graphs properties that impact the extent to which valid execution of a program can be monitored and subsequently used for program classification and anomaly detection. Suggestions for future work on graph models are described as well.
Many dedicated embedded processors do not have memory or computational resources to coexist with traditional (host-based) security solutions. As a result, there is interest in using out-of-band analog side-channel mea...
详细信息
ISBN:
(数字)9781510617728
ISBN:
(纸本)9781510617728
Many dedicated embedded processors do not have memory or computational resources to coexist with traditional (host-based) security solutions. As a result, there is interest in using out-of-band analog side-channel measurements and their analyses to accurately monitor and analyze expected program execution. In this paper, we describe an approach to this problem using externally observable multi-band radio frequency (RF) measurements to make inferences about a program's execution. Because it is very difficult to identify individual instructions solely from their RF emissions, we compare RF measurements with the constrained execution logic of the program so that multiple RF measurements over time can effectively track program execution dynamically. In our approach, a program's execution is modeled by control flow graphs (CFG) and transitions between nodes of such graphs. We demonstrate that tracking performance can be improved through applications program modifications such as changing basic block transition properties and/or adding new basic blocks that are highly observable. In addition to demonstrating these principled approaches on some simple programs, we present initial results on the complexity and structure of real-world applications programs, namely gzip and md5sum, in this modeling framework.
Computing professionals in areas like compilers, performance analysis, and security often analyze and manipulate control flow graphs (CFGs) in their work. CFGs are directed networks that describe possible orderings of...
详细信息
ISBN:
(数字)9781665480925
ISBN:
(纸本)9781665480925
Computing professionals in areas like compilers, performance analysis, and security often analyze and manipulate control flow graphs (CFGs) in their work. CFGs are directed networks that describe possible orderings of instructions in the execution of a program. Visualizing a CFG is a common activity in developing or debugging computational approaches that use them. However, general graph drawing layouts, including the hierarchical ones frequently applied to CFGs, do not capture CFG-specific structures or tasks and thus the resulting drawing may not match the needs of their audience, especially for more complicated programs. While several algorithms offer flexibility in specifying the layout, they often require expertise with graph drawing layouts and primitives that these potential users do not have. To bring domain-specific CFG drawing to this audience, we develop CFGConf, a library designed to match the abstraction level of CFG experts. CFGConf provides a JSON interface that produces drawings that can stand-alone or be integrated into multi-view visualization systems. We developed CFGConf through an interactive design process with experts while incorporating lessons learned from previous CFG visualization systems, a survey of CFG drawing conventions in computing systems conferences, and existing design principles for notations. We evaluate CFGConf in terms of expressiveness, usability, and notational efficiency through a user study and illustrative examples. CFG experts were able to use the library to produce the domain-aware layouts and appreciated the task-aware nature of the specification.
Software Testing is an evaluation mechanism that signifies the importance of software quality assurance, which will evaluate a particular system to check if it will satisfy all the requirements specified by the user. ...
详细信息
ISBN:
(纸本)9781509020843
Software Testing is an evaluation mechanism that signifies the importance of software quality assurance, which will evaluate a particular system to check if it will satisfy all the requirements specified by the user. One cannot underestimate the importance of software testing. The wider perceptibility of software systems and the cost, which is related to the software failure are driving factors for efficient planning through testing. In this paper, we elaborate on the Unit testing and Data flow testing techniques applied on Object-oriented Programming and Aspect-oriented Programming. Moreover a tabular contrast of both the techniques is presented representing the differences between both the techniques.
暂无评论