发布求助
文献互助 智能选刊 最新文献

2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)最新文献

筛选
英文 中文
Multi-Scale Software Network Model for Software Safety of the Intended Functionality 基于预期功能的软件安全多尺度软件网络模型
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00071
Zhitao Wu, Xiaoming Yang, Ping Chen, Zongshun Qu, Jun Lin
{"title":"Multi-Scale Software Network Model for Software Safety of the Intended Functionality","authors":"Zhitao Wu, Xiaoming Yang, Ping Chen, Zongshun Qu, Jun Lin","doi":"10.1109/ISSREW53611.2021.00071","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00071","url":null,"abstract":"Software systems intensively interact with other software systems and hardware systems, and the potential hazards caused by the interaction with inadequate consideration becomes uncertain, especially the wide application of machine learning technology. Once the functions of software systems cannot meet the requirements of the interactions among software and hardware entities, safety problems caused by non-software system failures as software Safety of the intended functionality (SOTIF) arrise. The uncertainties of interation bring great challenges to SOTIF. In this paper, a multi-scale software network model is proposed based on complex network theory, and with the constructed network, test cases for software SOTIF can be efficiently generated. The key contribution is the uncertainties of interation among the software and hardware entities is digitally modeled, and can play a constructive role for guaranteeing SOTIF of software systems.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"89 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126024902","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
RusBox: Towards Efficient and Adaptive Sandboxing for Rust RusBox:面向Rust的高效和自适应沙盒
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00090
Wanrong Ouyang, Baojian Hua
{"title":"RusBox: Towards Efficient and Adaptive Sandboxing for Rust","authors":"Wanrong Ouyang, Baojian Hua","doi":"10.1109/ISSREW53611.2021.00090","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00090","url":null,"abstract":"Rust is a new language for safe system programming, and its strong type system and dynamic bound checking guarantee memory safety. Surprisingly, Rust is still vulnerable to buffer overflows, due to its unsafe feature. Recently, there have been a significant amount of studies to protect Rust programs against overflows, however, existing studies have severe limitations: they are either too coarse-grain or of considerable runtime overhead. This paper proposes RUSBOX, a novel sand-boxing software prototype to protect Rust programs against buffer overflow vulnerabilities. The key technical contribution of RUSBOX is its adaptive combination of static program analysis with sandboxing, to make the protection both effective and efficient. To testify the effectiveness of RUSBOX, we apply it to three publicly reported CVEs from real-world Rust projects; to evaluate the cost of RusBox, we plan to apply it to 36 widely used open source Rust projects.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128545059","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
(WiP) LLTFI: Low-Level Tensor Fault Injector (WiP) LLTFI:低级张量故障注入器
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00045
Abraham Chan, U. Agarwal, K. Pattabiraman
{"title":"(WiP) LLTFI: Low-Level Tensor Fault Injector","authors":"Abraham Chan, U. Agarwal, K. Pattabiraman","doi":"10.1109/ISSREW53611.2021.00045","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00045","url":null,"abstract":"As machine learning (ML) has become more prevalent across many critical domains, so has the need to understand ML system resilience. While previous work has focused on building ML fault injectors at the application level, there has been little work enabling fault injection of ML applications at a lower level. We present LLTFI, a tool under development, which allows users to run fault injection experiments on C/C++, TensorFlow and PyTorch applications at the LLVM IR level. LLTFI provides users with greater fault injection granularity and a better ability to understand how faults manifest and propagate between programmed and ML components. We demonstrate how LLTFI can be applied to a ML application with an end-to-end example.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"439 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122147013","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Multi-Feature Fusion based Image Steganography using GAN 基于GAN的多特征融合图像隐写
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00079
Zhen Wang, Zhen Zhang, Jianhui Jiang
{"title":"Multi-Feature Fusion based Image Steganography using GAN","authors":"Zhen Wang, Zhen Zhang, Jianhui Jiang","doi":"10.1109/ISSREW53611.2021.00079","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00079","url":null,"abstract":"In order to solve the problem of information loss, some image steganography methods utilize generative adversarial networks (GANs), while the existing methods can not capture both texture information and semantic features. In this paper, a more accurate image steganography method is proposed, where a multi-level feature fusion procedure based on GAN is designed. Firstly, convolution and pooling operations are added to the network for feature extraction. Then, short links are used to fuse multi-level feature information. Finally, the stego image is generated by confrontation learning between discriminator and generator. Experimental results show that the proposed method has higher steganalysis security under the detection of high-dimensional feature steganalysis and neural network steganalysis. Comprehensive experiments show that the performance of the proposed method is better than ASDL-GAN and UT-GAN.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123118155","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Kubernetes for Cloud Container Orchestration Versus Containers as a Service (CaaS): Practical Insights Kubernetes用于云容器编排与容器即服务(CaaS):实践见解
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00110
Senecca Miller, Travis Siems, V. Debroy
{"title":"Kubernetes for Cloud Container Orchestration Versus Containers as a Service (CaaS): Practical Insights","authors":"Senecca Miller, Travis Siems, V. Debroy","doi":"10.1109/ISSREW53611.2021.00110","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00110","url":null,"abstract":"Containers have become the de facto standard for packaging software today, especially in the cloud. However, manually managing the runtime of containers (i.e., container orchestration) can be very complicated, which is why tooling such as Kubernetes, which allows for managed or semi-managed orchestration, has grown in popularity. It is possible to delegate container management altogether, by opting for Container as a Service (CaaS) offerings. There are important tradeoffs involved in these choices, and while much has been said about how to containerize and adopt a particular container orchestration approach, relatively less has been said about how to decide on which approach might work best. This article outlines why we chose the CaaS approach over Kubernetes at Dottid, and transparently discusses the factors we took into consideration. In doing so, we contribute to the technical corpus, and aim to stimulate further industrial-academic research and collaboration, in this emergent area of study.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129336422","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Sensitivity Analysis of Software Rejuvenation Model with Markov Regenerative Process 马尔可夫再生过程下软件年轻化模型的敏感性分析
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00038
Junjun Zheng, H. Okamura, T. Dohi
{"title":"Sensitivity Analysis of Software Rejuvenation Model with Markov Regenerative Process","authors":"Junjun Zheng, H. Okamura, T. Dohi","doi":"10.1109/ISSREW53611.2021.00038","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00038","url":null,"abstract":"This paper considers the parametric sensitivity of a software rejuvenation model for transaction systems whose system behavior is described by a quasi birth-and-death (QBD) process with Markovian arrivals, and the software rejuvenation model is represented by a Markov regenerative process (MRGP). The stationary analysis of the MRGP model is based on the embedding Markov chain (EMC) approach. Then the sensitivities of the stationary solution and the performance criteria of interest, i.e., the loss probability of transactions, with respect to all model parameters, are formulated. Finally, a numerical experiment was conducted to illustrate the critical parameters for a transaction system with software rejuvenation. The numerical results showed that the proposed approach effectively revealed critical model parameters and provided significant insights into performance optimization and parameter estimation.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"208 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114409158","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Assurance Carrying Code for Software Supply Chain 软件供应链的保证承载代码
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00077
Y. Matsuno, Yoriyuki Yamagata, Hideaki Nishihara, Yuichiro Hosokawa
{"title":"Assurance Carrying Code for Software Supply Chain","authors":"Y. Matsuno, Yoriyuki Yamagata, Hideaki Nishihara, Yuichiro Hosokawa","doi":"10.1109/ISSREW53611.2021.00077","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00077","url":null,"abstract":"Modern software systems are composed of software components supplied by a software supply chain, and it has become difficult to maintain the dependability of the software supply chain. To address this problem, we introduce assurance carrying code, a framework in which every software component in a software supply chain has its own assurance case. When integrating a software component into a supply chain, the stakeholders check (manually or automatically) the assurance case to determine whether or not the software component is dependable for the supply chain. We introduce a pattern language for Goal Structuring Notation (GSN) formalized by $lambda$ -calculus, which is used in a theory of functional programming languages theory.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122460873","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
SourceSnippet2Binary: A Method for Searching Vulnerable Source Code Snippets in Binaries SourceSnippet2Binary:一种在二进制文件中搜索脆弱源代码片段的方法
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00083
Qinqin Wu, Hao Huang, Yi Tang, Zhenwei Gu, Ang Jia
{"title":"SourceSnippet2Binary: A Method for Searching Vulnerable Source Code Snippets in Binaries","authors":"Qinqin Wu, Hao Huang, Yi Tang, Zhenwei Gu, Ang Jia","doi":"10.1109/ISSREW53611.2021.00083","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00083","url":null,"abstract":"Vulnerability detection, known as research to detect whether a target code contains vulnerabilities, is often conducted at source code level or binary code level. However, in some cases, the vulnerable code is usually at source-level as they are found by software developers, and target code is usually in binary-level as they are released to be executed in different operating systems, which pose new requirements for vulnerability detection. In this paper, we illustrate a new method named SourceSnippet2Binary, trying to use vulnerable source code snippets to search whether a binary code contains the vulnerability. By proposing such a method, we hope further studies to spend more effort in source2binary vulnerability detection and make vulnerability detection more comprehensive.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126323444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Generation and Verification of Executable Assurance Case by Model-based Engineering 基于模型工程的可执行保证用例的生成与验证
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/ISSREW53611.2021.00096
Fang Yan
{"title":"Generation and Verification of Executable Assurance Case by Model-based Engineering","authors":"Fang Yan","doi":"10.1109/ISSREW53611.2021.00096","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00096","url":null,"abstract":"Assurance Cases (ACs) are used for justifying system confidence in important properties including safety, reliability, etc. Their manual generation is time-consuming and prone to errors. Also, AC update calls for more labour. However, there is not an automatic solution to guide the whole engineering process of AC generation and verification process. An executable AC is machine readable and checkable, and brings the benefit of efficiency and confidence of AC evolution. Thus, in this PhD, the Model-based Engineering (MBE) techniques are exploited for an automatic process for executable ACs. The first aim is to generate AC models automatically from system artefacts. Currently available approaches are usually constrained to specific modelling environments, or address only system model artefacts, or do not cover informal and unstructured artefacts. The second aim is to automate the evidence generation using formal verification. FM provides a rigorously mathematical proof. But current solutions to create formal assertions are manual and expertise-requiring. The paper discusses on the technical problem, and the proposed approach.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121695880","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Message from the GAUSS 2021 Workshop Chairs 来自GAUSS 2021研讨会椅子的信息
2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW) Pub Date : 2021-10-01 DOI: 10.1109/issrew53611.2021.00023
{"title":"Message from the GAUSS 2021 Workshop Chairs","authors":"","doi":"10.1109/issrew53611.2021.00023","DOIUrl":"https://doi.org/10.1109/issrew53611.2021.00023","url":null,"abstract":"","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"82 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115029395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信