发布求助
文献互助 智能选刊 最新文献

2012 IEEE 14th International Symposium on High-Assurance Systems Engineering最新文献

筛选
英文 中文
Device Mechanism: A Structured Device Driver Development Approach 设备机制:一种结构化的设备驱动程序开发方法
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.20
Raul Schmidlin Fajardo Silva, G. Marcus
{"title":"Device Mechanism: A Structured Device Driver Development Approach","authors":"Raul Schmidlin Fajardo Silva, G. Marcus","doi":"10.1109/HASE.2012.20","DOIUrl":"https://doi.org/10.1109/HASE.2012.20","url":null,"abstract":"Drivers are responsible for the majority of the operating system failures. An increased number of devices leads to higher driver reuse without consistently applying code reuse techniques, creating operating failures. We improve driver design and code reuse in device drivers by the separation of policy and mechanism. The device mechanism is a unique interface giving access to the functionality implemented in the device, while the policy uses the mechanism to implement the features required by the operating system. Furthermore, the mechanism adds semantically defined structures that describe the access to the hardware. As a case study, we define the device mechanism for an existing web cam driver in both user- and kernel-space variants. The resulting code enabled us to avoid two known implementation bugs, and uncover another one previously unknown. Register accesses are augmented with permission controls and access rules at the cost of increased code length and memory footprint, but without adversely affecting the performance of the device and the driver.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"541 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122342238","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Diagnostic Fusion for Time-Triggered Automotive Networks 时间触发汽车网络的诊断融合
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.11
Utsav Drolia, Soila Kavulya, Kunal Mankodiya, P. Narasimhan, T. Fuhrman
{"title":"Diagnostic Fusion for Time-Triggered Automotive Networks","authors":"Utsav Drolia, Soila Kavulya, Kunal Mankodiya, P. Narasimhan, T. Fuhrman","doi":"10.1109/HASE.2012.11","DOIUrl":"https://doi.org/10.1109/HASE.2012.11","url":null,"abstract":"Modern vehicles with semi-autonomous (driver-assistance systems) and autonomous capabilities require sophisticated on-board and off-board diagnostics for safe operation, and to reduce unnecessary component replacements at the service garage. We present a diagnostic approach that strategically fuses different sources of instrumentation available in a time-triggered automotive network (Flex Ray) for vehicle control, and learns patterns or signatures of different faults. These patterns ease the classification of faults during runtime or in the service garage. We evaluate our approach through fault-injection experiments on an automotive test bench, and demonstrate that by fusing different sources of instrumentation we can diagnose protocol-level and physical faults with over 98% accuracy. We also show that our approach is applicable across different network topologies.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129684266","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Towards Adaptable Middleware to Support Service Delivery Validation in i-DSML Execution Engines 面向i-DSML执行引擎中支持服务交付验证的适应性中间件
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.25
K. Morris, Jinpeng Wei, Peter J. Clarke, F. Costa
{"title":"Towards Adaptable Middleware to Support Service Delivery Validation in i-DSML Execution Engines","authors":"K. Morris, Jinpeng Wei, Peter J. Clarke, F. Costa","doi":"10.1109/HASE.2012.25","DOIUrl":"https://doi.org/10.1109/HASE.2012.25","url":null,"abstract":"A developing paradigm in the area of Software Engineering is that of Model Driven Development where models are used to express operations that are thereafter interpreted and executed through the use of an execution engine. The high level of abstraction within these models present inherent challenges in guaranteeing operation that respect policies and other constraints during execution. Additionally, the domain specificity necessarily present within these execution engines make them rigid and not suited for repurposing across different domains. We propose to address these issues through the use of a middleware architecture that is responsible for the service delivery aspect of the execution engine. Our architecture will provide a separation of domain specific and domain independent concerns, resulting in a set of domain specific artifacts which possess domain knowledge, and a generalized execution platform that inherits its operations from the domain artifacts. Our design facilitates the realization of user intent through the generation, validation and execution of adaptation models at runtime constrained by policies. We show the viability of this approach in the User-Centric Communication Middleware, a layer of the Communication Virtual Machine, which is responsible for enforcing communication requirements.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"114 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123906277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Linking Syntactic and Semantic Models of Java Source Code within a Program Transformation System 程序转换系统中Java源代码的链接语法和语义模型
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.8
V. Winter, Jonathan Guerrero, Alexander James, Carl Reinke
{"title":"Linking Syntactic and Semantic Models of Java Source Code within a Program Transformation System","authors":"V. Winter, Jonathan Guerrero, Alexander James, Carl Reinke","doi":"10.1109/HASE.2012.8","DOIUrl":"https://doi.org/10.1109/HASE.2012.8","url":null,"abstract":"Static analysis and software manipulation tools are frequently rule-based and draw on a variety of software models in order to achieve their goals. Program transformation languages provide traversal and matching capabilities that are aligned with the core functionality of rule-based systems. Therefore, transformation systems should be considered as candidates for implementing static analysis and manipulation tools. An issue associated with this approach is that transformation systems predominantly operate on syntactic models (abstract/concrete trees) of software. To effectively support in-depth analysis, it is beneficial to integrate the syntactic models used by transformation systems with one or more semantic models. This paper describes a system, called GPS-Traverse, that establishes a link between syntactic and semantic models of Java software. These models are central to a transformation-based Java source code analysis and manipulation system we are developing called Sextant. Within Sextant, GPS-traverse provides a coordinate system that is accessible during transformation. These coordinates enable the semantic model to be queried in a context-sensitive fashion during the course of transformation.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115202887","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Multi-objective Optimization of Formal Specifications 形式规范的多目标优化
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.21
S. Struck, Michael Lipaczewski, F. Ortmeier, Matthias Güdemann
{"title":"Multi-objective Optimization of Formal Specifications","authors":"S. Struck, Michael Lipaczewski, F. Ortmeier, Matthias Güdemann","doi":"10.1109/HASE.2012.21","DOIUrl":"https://doi.org/10.1109/HASE.2012.21","url":null,"abstract":"Even in the domain of safety critical systems, safety and reliability are not the only goals and a developing engineer is faced with the problem to find good compromises wrt. other antagonistic objectives, in particular economic aspects of a system. Thus there does not exist a single optimal design variant of a system but only compromises each \"best\" in its own rights. With the rising complexity, especially of cyber-physical systems, the process of manually finding best compromises becomes even more difficult. To cope with this problem, we propose a model-based optimization approach which uses quantitative model-based safety analysis. While the general approach is tool-independent, we implement it technically by introducing well defined variation points to a formal system model. These allow enough variability to cover whole families of systems while still being rigorous enough for formal analysis. From the specification of this family of system variants and a set of objective functions, we compute Pareto optimal sets, which represent best compromises. In this paper we present a framework which allows for optimization of arbitrary quantitative goal functions, in particular probabilistic temporal logic properties used for model-based safety analysis. Nevertheless, the approach itself is well applicable to other domains.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124779206","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Exception Handling Defects: An Empirical Study 异常处理缺陷:一个实证研究
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.24
Puntitra Sawadpong, E. B. Allen, Byron J. Williams
{"title":"Exception Handling Defects: An Empirical Study","authors":"Puntitra Sawadpong, E. B. Allen, Byron J. Williams","doi":"10.1109/HASE.2012.24","DOIUrl":"https://doi.org/10.1109/HASE.2012.24","url":null,"abstract":"Exception handling mechanisms are a feature common in many programming languages. Improper handling of exceptions can cause failures in software systems. This is especially critical for high-assurance systems where software failures may have severe consequences. Understanding the impact of misusing exception handling is important for better utilization of these constructs. This paper presents an exploratory study to determine whether using exception handling is relatively risky by analyzing the defect densities of exception handling code and the overall source code. Also, statistics representing the prevalence of exception handling code are proposed. The study was conducted with six major Eclipse releases. Essential data was collected using custom scripts to extract exception handling information from the source code and exception handling defects information from bug reports. We found that the density of defects that are closely related to exception handling constructs is relatively high compared to the overall defect density. This implies a relationship between the use of exception handling constructs and the risk of defects. Further studies should be conducted to better determine proper ways to implement exception handling and the root causes of exception defects in the software systems.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116384928","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
A Resilient Architecture for Forensic Storage of Events in Critical Infrastructures 关键基础设施中事件取证存储的弹性体系结构
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.9
M. Afzaal, Cesario Di Sarno, L. Coppolino, S. D'Antonio, L. Romano
{"title":"A Resilient Architecture for Forensic Storage of Events in Critical Infrastructures","authors":"M. Afzaal, Cesario Di Sarno, L. Coppolino, S. D'Antonio, L. Romano","doi":"10.1109/HASE.2012.9","DOIUrl":"https://doi.org/10.1109/HASE.2012.9","url":null,"abstract":"In Critical Infrastructures, forensic analysis of stored events is an essential task when a security breach occurs. The goal of forensic analysis is to provide evidence to be used as valid proofs in a legal proceeding. So, it is very important to ensure the integrity of the events stored in order to perform a correct forensic analysis. Today, most of the SIEMs used to protect the Critical Infrastructures sign the security events with RSA classic algorithm in order to ensure their integrity. The signed security events cannot be admissible as evidence if the secret key is compromised, or when the module responsible for signing operations is down for any reason. In this paper a new architecture that overcomes these limitations has been proposed. Experimental tests show the performance of our architecture and the high resilience in faulty situations, i.e. some nodes are under attack.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114317401","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
Fast Abstract: Software Selection Based on Quantitative Security Risk Assessment 摘要:基于定量安全风险评估的软件选择
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.10
R. Das, S. Sarkani, T. Mazzuchi
{"title":"Fast Abstract: Software Selection Based on Quantitative Security Risk Assessment","authors":"R. Das, S. Sarkani, T. Mazzuchi","doi":"10.1109/HASE.2012.10","DOIUrl":"https://doi.org/10.1109/HASE.2012.10","url":null,"abstract":"Multiple software products often exist on the same server and, thus, vulnerability in one product might compromise the entire environment. Therefore security risk assessments of the candidate software products, which are evaluated to be part of a larger system, are important. Having a quantitative security risk assessment model provides an objective criterion for such assessments as well as comparison between candidate software products. In this paper, we present our preliminary exploration of a software product evaluation method using such a quantitative security risk assessment model. Our goal is to utilize prior research in quantitative security risk assessment, which is based on empirical data from the National Vulnerability Database (NVD), and compare the security risk levels of the products evaluated. We are evaluating the application of topic modeling to build a security risk assessment model. Such a procedure could help decision makers evaluate and compare open-source software (OSS) products to ensure that they are safe and secure enough to be put into their environment.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131367096","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Model Checking Software Architecture Design 模型检查软件架构设计
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.12
Jiexin Zhang, Yang Liu, Jing Sun, J. Dong, Jun Sun
{"title":"Model Checking Software Architecture Design","authors":"Jiexin Zhang, Yang Liu, Jing Sun, J. Dong, Jun Sun","doi":"10.1109/HASE.2012.12","DOIUrl":"https://doi.org/10.1109/HASE.2012.12","url":null,"abstract":"Software Architecture plays an essential role in the high level description of a system design. Despite its importance in the software engineering practice, the lack of formal description and verification support hinders the development of quality architectural models. In this paper, we present an automated approach to the modeling and verification of software architecture designs using the Process Analysis Toolkit (PAT). We present the formal syntax of the Wright# architecture description language together with its operational semantics in Labeled Transition System (LTS). A dedicated model checking module for Wright# is implemented in the PAT verification framework based on the proposed formalism. The module - ADL supports verification and simulation of software architecture models in PAT. We advance our work via defining an architecture style library that embodies commonly used architecture patterns to facilitate the modeling process. Finally, a case study of the Teleservices and Remote Medical Care System (TRMCS) modeling and verification is presented to evaluate the effectiveness and scalability of our approach.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130488743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 21
Automated Duplicate Bug Report Classification Using Subsequence Matching 使用子序列匹配自动重复错误报告分类
2012 IEEE 14th International Symposium on High-Assurance Systems Engineering Pub Date : 2012-10-25 DOI: 10.1109/HASE.2012.38
Sean Banerjee, B. Cukic, D. Adjeroh
{"title":"Automated Duplicate Bug Report Classification Using Subsequence Matching","authors":"Sean Banerjee, B. Cukic, D. Adjeroh","doi":"10.1109/HASE.2012.38","DOIUrl":"https://doi.org/10.1109/HASE.2012.38","url":null,"abstract":"The use of open bug tracking repositories like Bugzilla is common in many software applications. They allow developers, testers and users the ability to report problems associated with the system and track resolution status. Open and democratic reporting tools, however, face one major challenge: users can, and often do, submit reports describing the same problem. Research in duplicate report detection has primarily focused on word frequency based similarity measures paying little regard to the context or structure of the reporting language. Thus, in large repositories, reports describing different issues may be marked as duplicates due to the frequent use of common words. In this paper, we present Factor LCS, a methodology which utilizes common sequence matching for duplicate report detection. We demonstrate the approach by analyzing the complete Fire fox bug repository up until March 2012 as well as a smaller subset of Eclipse dataset from January 1, 2008 to December 31, 2008. We achieve a duplicate recall rate above 70% with Fire fox, which exceeds the results reported on smaller subsets of the same repository.","PeriodicalId":214862,"journal":{"name":"2012 IEEE 14th International Symposium on High-Assurance Systems Engineering","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124078106","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 36
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信