Seminars & Projects © Marcelo d’Amorim 2010.

Slides:

Advertisements

Similar presentations

A Method for Validating Software Security Constraints Filaret Ilas Matt Henry CS 527 Dr. O.J. Pilskalns.

Advertisements

Debugging in End- User Software Engineering summarized by Andrew Ko Toward Sharing Reasoning to Improve Fault Localization in Spreadsheets Joey Lawrance,

Program Slicing and Debugging Elton Alves Informatics Center Federal University of Pernambuco (UFPE) V Encontro Brasilieiro de Testes de Software (EBTS),

A Survey of Approaches for Automated Unit Testing

Introducing Formal Methods, Module 1, Version 1.1, Oct., Formal Specification and Analytical Verification L 5.

Compiler Optimized Dynamic Taint Analysis James Kasten Alex Crowell.

Abstraction and Modular Reasoning for the Verification of Software Corina Pasareanu NASA Ames Research Center.

Defect Localization Using Dynamic Call Tree Mining and Matching Anis Yousefi, PhD Candidate Department of Computing and Software McMaster University May.

1 Symbolic Execution for Model Checking and Testing Corina Păsăreanu (Kestrel) Joint work with Sarfraz Khurshid (MIT) and Willem Visser (RIACS)

Symbolic execution © Marcelo d’Amorim 2010.

Introduction to Program Slicing Presenter: M. Amin Alipour Software Design Laboratory

Ongoing projects in the Program Analysis Group Marcelo d’Amorim Informatics Center, Federal University of Pernambuco (UFPE) Belo Horizonte, MG-Brazil,

Automated creation of verification models for C-programs Yury Yusupov Saint-Petersburg State Polytechnic University The Second Spring Young Researchers.

Evaluating and Tuning a Static Analysis to Find Null Pointer Bugs David Hovemeyer, Jaime Spacco, and William Pugh Presented by Nathaniel Ayewah CMSC838P.

Omer Tripp November 9 th, 2009 Static Analysis for Security A Case Study in the Automation of Code Auditing.

Embedded vs. PC Application Programming. Overview  The software design cycle  Designing differences  Code differences  Test differences.

10/06/2015Dr Andy Brooks1 MSc Software Maintenance MS Viðhald Hugbúnaðar Fyrirlestrar 27 & 28 Debugging with the Whyline tool

Report of the CMU Natural Programming Group Brad Myers, Andy Ko, Jeff Stylos, Michael Coblenz, Brian Ellis, Polo Chao Carnegie Mellon University.

Software Reliability Methods Sorin Lerner. Software reliability methods: issues What are the issues?

Synthesis of Interface Specifications for Java Classes Rajeev Alur University of Pennsylvania Joint work with P. Cerny, G. Gupta, P. Madhusudan, W. Nam,

Dynamically Discovering Likely Program Invariants to Support Program Evolution Michael D. Ernst, Jake Cockrell, William G. Griswold, David Notkin Presented.

From last time S1: l := new Cons p := l S2: t := new Cons *p := t p := t l p S1 l p tS2 l p S1 t S2 l t S1 p S2 l t S1 p S2 l t S1 p L2 l t S1 p S2 l t.

NFA- to NFA conversion. Purpose This presentation presents an example execution of the algorithm which takes as input an NFA with -transitions and produces.

1 Formal Engineering of Reliable Software LASER 2004 school Tutorial, Lecture1 Natasha Sharygina Carnegie Mellon University.

Automated Diagnosis of Software Configuration Errors

September 21, 2005 Dynamic Typing in CORBA Middleware Jeff Parsons ISIS Vanderbilt University Nashville, TN.

1 Archface: Architectural Interface -- Bridging a Gap between Design Modeling and Implementation Naoyasu Ubayashi, Hidenori Akatoki, Jun Nomura Kyushu.

Mining Windows Kernel API Rules Jinlin Yang 09/28/2005CS696.

SDN Abstractions Lecture 20 Aditya Akella. Going beyond defining a virtual network, configuring specific network functions Application interface – PANE:

IST 210: PHP BASICS IST 210: Organization of Data IST210 1.

1 A Static Analysis Approach for Automatically Generating Test Cases for Web Applications Presented by: Beverly Leung Fahim Rahman.

Bug Localization with Machine Learning Techniques Wujie Zheng

Debugging. Compile problems Read the whole complaint! Runtime problems –Exceptions –Incorrect behavior.

Selected Topics in Information Technology Programming Language - JAVA Semester 1/2554.

Dynamic Analysis of Multithreaded Java Programs Dr. Abhik Roychoudhury National University of Singapore.

A Generalization and Paradigm-Independent Reformulation of Algorithmic Debugging.

POSL (Principles of Software Languages) Gr. Kyushu Institute of Technology, Japan Pointcut-based Architectural Interface.

Which Configuration Option Should I Change? Sai Zhang, Michael D. Ernst University of Washington Presented by: Kıvanç Muşlu.

Christopher Kruegel University of California Engin Kirda Institute Eurecom Clemens Kolbitsch Thorsten Holz Secure Systems Lab Vienna University of Technology.

Ongoing projects in the Program Analysis Group Marcelo d’Amorim Informatics Center, Federal University of Pernambuco (UFPE) Belo Horizonte, MG-Brazil,

Effective Test Execution for SPLs Sabrina Souto (Supervisor: Marcelo d’Amorim) Federal University of Pernambuco - UFPE.

1 Program Slicing Amir Saeidi PhD Student UTRECHT UNIVERSITY.

Static Analysis James Walden Northern Kentucky University.

Active Code Completion Cyrus Omar Computer Science School of Computer Science Carnegie Mellon University [ICSE12] YoungSeok Yoon Software Engineering Brad.

CJAdviser: SMT-based Debugging Support for ContextJ* Shizuka Uchio(Kyushu University, Japan) Naoyasu Ubayashi(Kyushu University, Japan) Yasutaka Kamei(Kyushu.

MA/CSSE 474 Theory of Computation Decision Problems DFSMs.

Alattin: Mining Alternative Patterns for Detecting Neglected Conditions Suresh Thummalapenta and Tao Xie Department of Computer Science North Carolina.

Glenn Ammons Ras Bodík Jim Larus Univ. of Wisconsin Univ. of Wisconsin Microsoft Research Mining Specifications (lots of) code  specifications.

Streamflow - Programming Model for Data Streaming in Scientific Workflows Chathura Herath.

Automated Patch Generation Adapted from Tevfik Bultan’s Lecture.

References: “Pruning Dynamic Slices With Confidence’’, by X. Zhang, N. Gupta and R. Gupta (PLDI 2006). “Locating Faults Through Automated Predicate Switching’’,

Bandera: Extracting Finite-state Models from Java Source Code. Paper By: James C. Corbett, Mathew Dwyer, John Hatcliff, Shawn Laubach, Corina Pasareanu,

Software Engineering Laboratory, Department of Computer Science, Graduate School of Information Science and Technology, Osaka University IWPSE 2003 Program.

An Undergraduate Course on Software Bug Detection Tools and Techniques Eric Larson Seattle University March 3, 2006.

Design - programming Cmpe 450 Fall Dynamic Analysis Software quality Design carefully from the start Simple and clean Fewer errors Finding errors.

Reducing Combinatorics in Testing Product Lines Chang Hwan Peter Kim, Don Batory, and Sarfraz Khurshid University of Texas at Austin.

Liang, Introduction to Java Programming, Sixth Edition, (c) 2007 Pearson Education, Inc. All rights reserved Chapter 11 Object-Oriented.

CSE 130 : Spring 2011 Programming Languages Ranjit Jhala UC San Diego Lecture 5: Functions and Closures.

Static Techniques for V&V. Hierarchy of V&V techniques Static Analysis V&V Dynamic Techniques Model Checking Simulation Symbolic Execution Testing Informal.

Chapter 4 Static Analysis. Summary (1) Building a model of the program:  Lexical analysis  Parsing  Abstract syntax  Semantic Analysis  Tracking.

CS223: Software Engineering Lecture 21: Unit Testing Metric.

Static Analysis Introduction Emerson Murphy-Hill.

IST 210: PHP Basics IST 210: Organization of Data IST2101.

Static Analysis Tools Emerson Murphy-Hill. A Comparison of Bug Finding Tools for Java Bug pattern detection PMD FindBugs JLint Theorem proving [involves.

Phoenix Based Dynamic Slicing Debugging Tool Eric Cheng Lin Xu Matt Gruskin Ravi Ramaseshan Microsoft Phoenix Intern Team (Summer '06)

Security analysis of COM with Alloy

SwE 455 Program Slicing.

Andrew J. Ko & Brad A. Myers Carnegie Mellon University

Program Slicing Baishakhi Ray University of Virginia

Principles of Imperative Computation

Presentation transcript:

Seminars & Projects © Marcelo d’Amorim 2010

Grade 20% seminar 80% project © Marcelo d’Amorim 2010

Students Leopoldo Teixeira Elton Alves Andrei Alvares Diego Dias Ademir Rocha © Marcelo d’Amorim 2010

SEMINARS © Marcelo d’Amorim 2010

Seminar S1 Symbolic execution of Pointers – S. Khurshid, C. Pasareanu and W. Visser. Generalized Symbolic Execution for Model Checking and Testing. TACAS 2003 © Marcelo d’Amorim 2010

Seminar S2 Symbolic execution of Strings – D. Shannon, S. Hajra, A. Lee, D. Zhan, and S. Khurshid. Abstracting Symbolic Execution with String Analysis. TAIC-PART 2007 © Marcelo d’Amorim 2010

Seminar S3 Tutorial on Andersen’s and Steensgaard’s Points-to analysis – References on request © Marcelo d’Amorim 2010

Seminar S4 Local pattern search – Nathaniel Ayewah, David Hovemeyer, J. David Morgenthaler, John Penix, William Pugh. Experiences Using Static Analysis to Find Bugs. IEEE Software, 2008 © Marcelo d’Amorim 2010

Seminar S5 Global pattern search – Andrew J. Ko and Brad A. Myers. Debugging, Reinvented: Asking and Answering Why and Why Not Questions about Program Behavior. ICSE 2008 © Marcelo d’Amorim 2010

Seminar S6 Code differencing (for evolution) – B. Fluri et al. Change Distilling: Tree Differencing for Fine-Grained Source Code Change Extraction. TSE © Marcelo d’Amorim 2010

Seminar S7 SSA vs. SSI © Marcelo d’Amorim 2010

PROJECTS © Marcelo d’Amorim 2010

Project P1 Symbolic executor instrumenter using Jimple © Marcelo d’Amorim 2010

Project P2 Query Language (LTL or ERE) – Example “A (f.open() => E (f.close()))”, where A means Always, and E means Eventually © Marcelo d’Amorim 2010

Project P3 API rule mining (conceptually, inverse of P2) – Example: API calls: “Whenever you call this method you eventually call that” © Marcelo d’Amorim 2010

Project P4 Lightweight slicing – “What lines of the program are relevant to violate state assertion?” © Marcelo d’Amorim 2010 O1O2O3O4O5 O1 {10,15} O2 {20} O3 O4 {25} O5 – Hypothesis: Several parts of the state (and thus locs) are irrelevant (see blue cells) Transitive closure on this relation from faulty object(s), say o1.

Project P5 Behavior-preserving differencing – Question: Which static changes affect behavior? – Input: Two source bases, output relevant changes – Several approaches… © Marcelo d’Amorim 2010

Project P6 Extract interfaces for feature modularization (Marcio Ribeiro PhD thesis subject) © Marcelo d’Amorim 2010

Project P7 Finding security flaws in PHP programs using tainted-flow analysis © Marcelo d’Amorim 2010

Assignments Leopoldo Teixeira (S5,P6) Elton Alves (S6, P5) Andrei Alvares (S7,P7) Diego Dias (S3,P2) Ademir Rocha (S6,P5) © Marcelo d’Amorim 2010 Apresentações 20 e 22 de Abril. Andrei apresentará no dia 20.