A novel escape analysis framework that handles the Java open-world features is proposed and evaluated. The novel approach analyzes a Java program with an optimistic view that the program is in a closed world and appli...
详细信息
A novel escape analysis framework that handles the Java open-world features is proposed and evaluated. The novel approach analyzes a Java program with an optimistic view that the program is in a closed world and applies optimizations aggressively. The framework also provides a mechanism that controls the analysis complexity. The results show that the escape analysis framework, which has been implemented in Intel's Open Runtime Platform on X86, eliminated about 70% and 94% synchronization operations, and improved the runtime performance 15.77% and 31.28%, for SPECjbb2000 and 209_db respectively.
In this paper we introduce our model-driven software engineering method, called SecureMDD, which facilitates the development of security-critical applications that are based on cryptographic protocols. The approach se...
详细信息
ISBN:
(纸本)9781424435722
In this paper we introduce our model-driven software engineering method, called SecureMDD, which facilitates the development of security-critical applications that are based on cryptographic protocols. The approach seamlessly integrates the generation of code and formal methods. Starting with a platform-independent UML model of a system under development, we generate executable Java(Card) code as well as a formal model from the UML model. Subsequent to this, the formal model is used to verify the security of the modeled system. Our goal is to prove that the generated code is correct w.r.t. the generated formal I model in terms of formal refinement. The approach is tailored to the domain of security-critical systems, e.g. smart card applications.
SecureMDD is a model-driven approach to develop secure systems with a special focus on smart card applications. Based on a platform-dependent UML model of the system under development we generate a platform-specific m...
详细信息
ISBN:
(纸本)9780769535999
SecureMDD is a model-driven approach to develop secure systems with a special focus on smart card applications. Based on a platform-dependent UML model of the system under development we generate a platform-specific model, and finally executable code. The SecureMDD approach also allows to generate a formal specification where security properties can be proven formally. In this paper we describe the automatic generation of Java Card code from UML class and activity diagrams in detail. The full code running on the smart card is generated which is not trivial because of the limitations of smart cards and the specialties of Java Card.
We show on a case study from an autonomous aerospace context how to apply a game-based model-checking approach as a powerful technique for the verification, diagnosis, and adaptation of system behaviors based on tempo...
详细信息
We show on a case study from an autonomous aerospace context how to apply a game-based model-checking approach as a powerful technique for the verification, diagnosis, and adaptation of system behaviors based on temporal properties. This work is part of our contribution within the SHADOWS project, where we provide a number of enabling technologies for model-driven self-healing. We propose here to use GEAR, a game-based model checker, as a user-friendly tool that can offer automatic proofs of critical properties of such systems. Although it is a model checker for the fullmodal mu-calculus, it also supports derived, more useroriented logics. With GEAR, designers and engineers can interactively investigate automatically generated winning strategies for the games, by this way exploring the connection between the property, the system, and the proof.
Background: The development of bioinformatics databases, algorithms, and tools throughout the last years has lead to a highly distributed world of bioinformatics services. Without adequate management and development s...
详细信息
Background: The development of bioinformatics databases, algorithms, and tools throughout the last years has lead to a highly distributed world of bioinformatics services. Without adequate management and development support, in silico researchers are hardly able to exploit the potential of building complex, specialized analysis processes from these services. The Semantic Web aims at thoroughly equipping individual data and services with machine-processable meta-information, while workflow systems support the construction of service compositions. However, even in this combination, in silico researchers currently would have to deal manually with the service interfaces, the adequacy of the semantic annotations, type incompatibilities, and the consistency of service compositions. Results: In this paper, we demonstrate by means of two examples how Semantic Web technology together with an adequate domain modelling frees in silico researchers from dealing with interfaces, types, and inconsistencies. In Bio-jETI, bioinformatics services can be graphically combined to complex services without worrying about details of their interfaces or about type mismatches of the composition. These issues are taken care of at the semantic level by Bio-jETI's model checking and synthesis features. Whenever possible, they automatically resolve type mismatches in the considered service setting. Otherwise, they graphically indicate impossible/incorrect service combinations. In the latter case, the workflow developer may either modify his service composition using semantically similar services, or ask for help in developing the missing mediator that correctly bridges the detected type gap. Newly developed mediators should then be adequately annotated semantically, and added to the service library for later reuse in similar situations. Conclusion: We show the power of semantic annotations in an adequately modelled and semantically enabled domain setting. Using model checking and synthesis metho
In the service-oriented approach to software engineering, interactive components offer contracted services through public interfaces. Over time a component receives a stream of service requests and generates a stream ...
详细信息
ISBN:
(纸本)9783540958901
In the service-oriented approach to software engineering, interactive components offer contracted services through public interfaces. Over time a component receives a stream of service requests and generates a stream of responses. In general, a component. is only prepared to serve a subset of possible requests in each situation Services are partial behaviours. Oil the specification level, we model services by stream functions defined oil a restricted service domain. For the state-based implementation of services we introduce partial state machines. We present a transformation how to Systematically implement a service by a partial state machine. The transformation exploits history abstractions to relate service histories with machine states. We, illustrate the formal method with three characteristic applications, viz. an interactive stack, a bounded buffer and a server with registration.
Tins paper presents a case study on retrospective verification of the Linux Virtual File System (VFS), winch is aimed at checking for violations of API usage rules and memory properties Since VFS maintains dynamic dat...
详细信息
ISBN:
(纸本)9783642104510
Tins paper presents a case study on retrospective verification of the Linux Virtual File System (VFS), winch is aimed at checking for violations of API usage rules and memory properties Since VFS maintains dynamic data. structures and is written in a mixture of C and mimed assembly, modem software model checkers cannot be applied Our case study centres around our novel verification tool, the SOCA Verifier: winch symbolically executes and analyses compiled code We describe how tins verifier deals with complex program features such as memory access, pointer aliasing and computed jumps, while reducing manual modelling to the bate minimum Our results show that the SOCA Verifier is capable of reliably analysing complex operating system components such as the Lit nix VFS, thereby going beyond traditional testing tools and into inches that current software model checkers do not reach
A sequential memory component stores data in addressable locations. The component serves an input stream in a regular way iff all read commands retrieve data from locations with a previous assignment. We study the com...
The SecureMDD approach aims to generate both, a formal specification for verification and executable code, front UML diagrams. The UML models define the static as well as dynamic components of the system under develop...
详细信息
ISBN:
(纸本)9781424437252
The SecureMDD approach aims to generate both, a formal specification for verification and executable code, front UML diagrams. The UML models define the static as well as dynamic components of the system under development. This model-driven approach is focused on security-critical applications that are based on cryptographic protocols, esp. Java Card applications. In this paper we describe the generation of the formal specification from the UML model which is then used as input for our interactive verification system KIV The formal specification is based on abstract state machines and algebraic specifications. It allows to formulate and to prove application-specific security properties.
暂无评论