发布求助
文献互助 智能选刊 最新文献

2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)最新文献

筛选
英文 中文
Multi-Level Execution Trace Based Lock Contention Analysis 基于多级执行跟踪的锁竞争分析
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00068
Majid Rezazadeh, Naser Ezzati-Jivan, Evan Galea, M. Dagenais
{"title":"Multi-Level Execution Trace Based Lock Contention Analysis","authors":"Majid Rezazadeh, Naser Ezzati-Jivan, Evan Galea, M. Dagenais","doi":"10.1109/ISSREW51248.2020.00068","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00068","url":null,"abstract":"multi-threaded programming is a near-universal architecture in modern computer systems. Thread based programs usually utilize locks to coordinate access to shared resources. However, contention for locks can reduce parallel efficiency and degrade scalability.In this paper, we propose an execution-trace based method to analyze lock contention problems, without requiring an application’s source code. Our methodology uses dynamic analysis through execution tracing, running in several levels of the system to collect detailed runtime data. We combine it with an extended critical path algorithm which allows us to identify locking issues occurring in userspace. The result is a framework that is able to diagnose all contention issues while adding minimal impact on the system. We propose new views and structures to model and visualize collected data, giving programmers powerful comprehension tools to address contention issues.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132644923","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Chapter 8: Software Aging Monitoring and Rejuvenation for the Assessment of High Availability Systems - Extended Abstract 第八章:用于高可用性系统评估的软件老化监测和恢复-扩展摘要
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00095
Alberto Avritzer, Michael Grottke, D. Menasché
{"title":"Chapter 8: Software Aging Monitoring and Rejuvenation for the Assessment of High Availability Systems - Extended Abstract","authors":"Alberto Avritzer, Michael Grottke, D. Menasché","doi":"10.1109/ISSREW51248.2020.00095","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00095","url":null,"abstract":"This extended abstract summarizes the background, goals, applicability domain, method, results, and lessons learned presented in the corresponding chapter of the Handbook of Software Aging and Rejuvenation.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131554917","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Improving the Security of Microservice Systems by Detecting and Tolerating Intrusions 通过检测和容忍入侵来提高微服务系统的安全性
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00051
José Flora
{"title":"Improving the Security of Microservice Systems by Detecting and Tolerating Intrusions","authors":"José Flora","doi":"10.1109/ISSREW51248.2020.00051","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00051","url":null,"abstract":"Microservice architectures adoption is growing expeditiously in market size and adoption, including in business-critical systems. This is due to agility in development and deployment further increased by containers and their characteristics. Ensuring security is still a major concern due to challenges faced such as resource separation and isolation, as improper access to one service might compromise complete systems. This doctoral work intends to advance the security of microservice systems through research and improvement of methodologies for detection, tolerance and mitigation of security intrusions, while overcoming challenges related to multi-tenancy, heterogeneity, dynamicity of systems and environments. Our preliminary research shows that host-based IDSes are applicable in container environments. This will be extended to dynamic scenarios, serving as a steppingstone to research intrusion tolerance techniques suited to these environments. These methodologies will be demonstrated in realistic microservice systems: complex, dynamic, scalable and elastic.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132227396","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A Human Error Based Approach to Understanding Programmer-Induced Software Vulnerabilities 基于人为错误的方法来理解程序员引起的软件漏洞
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00036
Vaibhav Anu, Kazi Zakia Sultana, B. Samanthula
{"title":"A Human Error Based Approach to Understanding Programmer-Induced Software Vulnerabilities","authors":"Vaibhav Anu, Kazi Zakia Sultana, B. Samanthula","doi":"10.1109/ISSREW51248.2020.00036","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00036","url":null,"abstract":"Many security incidents can be traced back to software vulnerabilities, which can be described as security-related defects/bugs in the code that can potentially be exploited by the attackers to perform unauthorized actions. An analysis of vulnerability data disseminated by organizations such as NIST’ s National Vulnerability (NVD) and SANS Institute shows that a majority of vulnerabilities can be traced back to a relatively small set of root causes mostly related to the repeated mistakes by the programmers. That is, programmers exhibit a pattern of erroneous coding practices or behavior which lead to vulnerable code. Cognitive Psychologists have long been studying these erroneous behavior patterns and have termed them as human cognition failures or simply, human errors. The primary goal of this paper is to propose a classification for the most frequently observed human errors committed by the programmers (the commitment of a human error can lead to injection of one or more security defects/bugs). Such a classification can be useful for software development organizations as they can train developers on the human errors so that developers can avoid committing the human errors themselves, thereby reducing the chances of vulnerability injection in their code.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132348706","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Instrumenting Compiler Pipeline to Synthesise Traceable Runtime Memory Layouts in Mixed-critical Applications 在混合关键应用中使用编译器管道来合成可跟踪的运行时内存布局
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00040
N. Kajtazovic, Peter Hödl, Georg Macher
{"title":"Instrumenting Compiler Pipeline to Synthesise Traceable Runtime Memory Layouts in Mixed-critical Applications","authors":"N. Kajtazovic, Peter Hödl, Georg Macher","doi":"10.1109/ISSREW51248.2020.00040","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00040","url":null,"abstract":"Ensuring traceability between software code and its runtime memory is a required design measure in a number of application fields to achieve functional safety targets. For mixed-critical systems, where a code with different levels of criticality may coexist, this aspect is of particular importance. In the course of safety audits for example, this information may serve to build an evidence that safety-critical code/data is sufficiently isolated from non-critical parts. Unfortunately, addressing the evidence for every byte in memory is not supported by modern compilers. In this paper, we introduce a method where the compiler pipeline is instrumented to recover traceability links between the code and runtime memory. We qualify our proposal on a real-world industrial use case in which the C/C++ code is synthesised for ARM Cortex-M3 controllers. Our experimental results suggest that such an accurate traceability support may serve as a solid basis when analysing memories for mixed-critical applications.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131133038","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Generating test cases to evaluate and improve processes of safety-critical systems development 生成测试用例来评估和改进安全关键系统的开发过程
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00090
Lilian Barros, C. Hirata, Johnny Cardoso Marques, A. Ambrosio
{"title":"Generating test cases to evaluate and improve processes of safety-critical systems development","authors":"Lilian Barros, C. Hirata, Johnny Cardoso Marques, A. Ambrosio","doi":"10.1109/ISSREW51248.2020.00090","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00090","url":null,"abstract":"DO-178C establishes considerations for developers, installers, and users to design software of embedded equipment in the aviation sector. Organizations must define processes and verify that they help to demonstrate that the DO-178C objectives are satisfied. We propose a test case generation method for process evaluation and improvement. The proposed method consists of an adaptation of the CoFI (Conformance and Fault Injection) approach to generate test cases to processes. Test cases verify if the deployed processes comply with their requirements. We applied the innovative approach to a corrective action process for safety-critical software reviews. The results show that the method is helpful to elicit and analyze unexpected behaviors.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131255168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Detecting Struct Member-Related Memory Leaks Using Error Code Analysis in Linux Kernel 在Linux内核中使用错误码分析检测结构成员相关的内存泄漏
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00097
Keita Suzuki, Takafumi Kubota, K. Kono
{"title":"Detecting Struct Member-Related Memory Leaks Using Error Code Analysis in Linux Kernel","authors":"Keita Suzuki, Takafumi Kubota, K. Kono","doi":"10.1109/ISSREW51248.2020.00097","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00097","url":null,"abstract":"Struct member-related memory leak can become a serious problem. Linux kernel is not an exception. According to our study of Linux Kernel patches, 54.6% of all memory leak-related patches within the last two years were related to the leak of struct members. This occurs when a struct is freed before freeing its dynamically allocated struct members. Detecting these bugs in large-scale software requires to reduce analysis cost for scalability and effectively collect the state of a struct and its members.In this paper, we present a simple static-analysis approach to detect struct member-related memory leak in the Linux Kernel. Our analysis first collects alloc/free information by conducting a path-insensitive analysis. To efficiently conduct inter-procedural analysis, we introduce error-code analysis, which is an optimization to efficiently pass back the alloc/free information by focusing on the return value of callee and its use in the caller. When detecting a struct free, we scan through the collected information to detect any member that remains unfreed, and generate warnings to them. We evaluated our method by analyzing the Linux Kernel 5.3-rc4, and found two new bugs. Both of the bugs were reviewed and confirmed by Linux Kernel developers.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121279101","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
ADF2T: an Active Disk Failure Forecasting and Tolerance Software ADF2T:一个主动磁盘故障预测和容错软件
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00030
Hongzhang Yang, Yahui Yang, Zhengguang Chen, Zongzhao Li, Yaofeng Tu
{"title":"ADF2T: an Active Disk Failure Forecasting and Tolerance Software","authors":"Hongzhang Yang, Yahui Yang, Zhengguang Chen, Zongzhao Li, Yaofeng Tu","doi":"10.1109/ISSREW51248.2020.00030","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00030","url":null,"abstract":"The reliability of distributed file system is inevitably affected by hard disk failure. This paper proposes an active disk failure forecasting and tolerance software. Firstly, multiple SMART records in the time window are merged into one sample, and after sliding, tens of times of positive samples are created. Secondly, the features are selected by two-stage sorting method, so that the most conducive features are used in machine learning modeling, and the time for model training can be shortened obviously. Thirdly, through two-stage verification, parameters can be adjusted in time for unreasonable proactive reconstruction strategies. Experiments show that modeling and forecast of ZTE data set and Backblaze data set respectively, the recall rate is 95.66% and 84.28%, and the error rate is 0.23% and 2.45%. The work in this paper has been commercially used for more than one year in ZTE data center. The reliability of distributed file system software is significantly improved.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122920109","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
RSX: Reproduction Scenario Extraction Technique for Business Application Workloads in DBMS RSX: DBMS中业务应用工作负载的再现场景提取技术
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00043
Seunghwan Baek, Jisoo Song, Changyun Seo
{"title":"RSX: Reproduction Scenario Extraction Technique for Business Application Workloads in DBMS","authors":"Seunghwan Baek, Jisoo Song, Changyun Seo","doi":"10.1109/ISSREW51248.2020.00043","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00043","url":null,"abstract":"Reproducing software defects plays a crucial role in the process of diagnosing and resolving bugs. While reproducing bugs, programmers may apply additional analysis tools to locate the point at which the program has gone astray. In a database management system for handling massive concurrent workloads from business application, developing a reproduction scenario may be challenging due to complex transactional dependency among workload executions. In this paper, for SAP HANA Quality assurance, we introduce a technique to extract a lightweight reproduction scenario which contains the relevant sequence of database operations for retriggering a target system failure. Our approach comprises two phases: (1) transforming a historical transactional information into a compact data structure, (2) extracting a reproduction scenario to isolate the symptom. We evaluate our technique against real functional bugs detected during the SAP HANA release validation and highlight its effectiveness for handling complex symptom analysis.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128407718","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
K-Detector: Identifying Duplicate Crash Failures in Large-Scale Software Delivery k -检测器:在大规模软件交付中识别重复的崩溃失败
2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2020-10-01 DOI: 10.1109/ISSREW51248.2020.00028
Hao Yang, Yang Xu, Yong Li, Hyunduk Choi
{"title":"K-Detector: Identifying Duplicate Crash Failures in Large-Scale Software Delivery","authors":"Hao Yang, Yang Xu, Yong Li, Hyunduk Choi","doi":"10.1109/ISSREW51248.2020.00028","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00028","url":null,"abstract":"After a developer submits code, corresponding test cases arise to ensure the quality of software delivery. Test failures would occur during this period, such as crash, error, and timeout. Since it takes time for developers to resolve them, many duplicate failures will happen during this period. In the delivery practice of SAP HANA, crash triaging is considered as the most timeconsuming task. If duplicate crash failures can be automatically identified, the degree of automation will be significantly enhanced. To find such duplicates, we propose a training-based mathematical model that utilizes component information of SAP HANA to achieve better crash similarity comparison. We implement our approach in a tool named K-Detector (Knowledge-based Detector), which is verified by 11,208 samples and performs 0.986 in AUC (Area Under ROC Curve). Furthermore, we apply KDetector to the production environment, and it can save 97% human efforts in crash triage as statistics.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129715377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信