Science of Computer Programming最新文献

{"title":"Operationally proving memory access violations in Isabelle/HOL","authors":"Sharar Ahmadi,&nbsp;Brijesh Dongol,&nbsp;Matt Griffin","doi":"10.1016/j.scico.2024.103088","DOIUrl":"10.1016/j.scico.2024.103088","url":null,"abstract":"<div><p>Security-critical applications often rely on memory isolation mechanisms to ensure integrity of critical data (e.g., keys) and program instructions (e.g., implementing an attestation protocol). These include software-based security microvisor S μV or hardware-based (e.g., TrustLite or SMART) techniques. Here, we must guarantee that during an execution of a program, none of the assembly-level instructions corresponding to the program violate the imposed memory access restrictions. We focus on two security architectures (S μV and TrustLite). We use Binary Analysis Platform (BAP) to generate assembly-level code in an intermediate language (BIL) for a compiled C program. This is then translated to Isabelle/HOL theories. We develop an operational semantics by defining a collection of transition rules for a subset of BIL (called AIRv2) that is sufficient for our work. We develop an adversary model and define <em>conformance predicates</em> for each assembly-level instruction. A conformance predicate holds iff the associated memory access restriction imposed by the underlying security architecture is satisfied. We generate a set of programs covering all possible cases in which an assembly-level instruction attempts to violate at least one of the conformance predicates. For S μV, we capture all such violations not only by checking specific lines of the program but also by applying the operational semantics for every machine-state transition. This shows that the memory access restrictions of S μV is operationally maintained. For TrustLite, we capture all such violations by checking specific lines of the program. Also, we provide an example to show how we can use the operational semantics to capture such violations.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"234 ","pages":"Article 103088"},"PeriodicalIF":1.3,"publicationDate":"2024-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S016764232400011X/pdfft?md5=48f5dc7ae3a5319fc966384bc9f832e2&pid=1-s2.0-S016764232400011X-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139648196","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An industrial experience of using reference architectures for mapping features to code","authors":"Karam Ignaim ,&nbsp;João M. Fernandes ,&nbsp;André L. Ferreira","doi":"10.1016/j.scico.2024.103087","DOIUrl":"10.1016/j.scico.2024.103087","url":null,"abstract":"<div><h3>Context</h3><p>Software Product Lines (SPLs) constitute a popular method for encouraging the methodical reuse of software artefacts. Just like any other piece of software, SPLs require management throughout their evolution, namely to preserve the consistency between requirements and the code.</p></div><div><h3>Problem</h3><p>Over time, for a given SPL, many change requests are made and all of them need to be integrated in a consistent and coordinated way. The evolution of an SPL is facilitated if there exist links between its artefacts, namely between each feature and its respective pieces of implementation code.</p></div><div><h3>Method</h3><p>This paper proposes FMap, a systematic feature mapping approach to be used within SPLs. FMap traces a Feature Model (FM) to other artefacts of an SPL, the reference architecture, and the code, and it establishes connections between each feature of the FM and its locations in the code-base. Additionally, we have created a tool called friendlyMapper to provide some automatic support for the approach. Using two case studies from two different companies, FMap and friendlyMapper are evaluated.</p></div><div><h3>Results</h3><p>The evaluation of the case studies indicates that the FMap approach outperforms the baseline approach (i.e., the branching approach).</p></div><div><h3>Contribution</h3><p>This work contributes with FMap, a novel tool-based approach that supports feature-architecture-code mappings based on reference architecture. FMap assists software engineers in adapting the evolution of the SPLs to accommodate new features and change requests as the SPLs evolve. The case studies for both companies demonstrate that the approach is applicable to real-world products and is able to support feature traceability and maintain consistency among features, architecture, and code.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"234 ","pages":"Article 103087"},"PeriodicalIF":1.3,"publicationDate":"2024-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139560822","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A framework for higher-order effects & handlers","authors":"Birthe van den Berg,&nbsp;Tom Schrijvers","doi":"10.1016/j.scico.2024.103086","DOIUrl":"10.1016/j.scico.2024.103086","url":null,"abstract":"<div><p>Algebraic effects &amp; handlers are a modular approach for modeling side-effects in functional programming. Their syntax is defined in terms of a signature of effectful operations, encoded as a functor, that are plugged into the free monad; their denotational semantics is defined by fold-style handlers that only interpret their part of the syntax and forward the rest. However, not all effects are algebraic: some need to access an <em>internal computation</em>. For example, scoped effects distinguish between a computation in scope and out of scope; parallel effects parallelize over a computation, latent effects defer a computation. Separate definitions have been proposed for these <em>higher-order effects</em> and their corresponding handlers, often leading to expedient and complex monad definitions. In this work we propose a generic framework for higher-order effects, generalizing algebraic effects &amp; handlers: a generic free monad with higher-order effect signatures and a corresponding interpreter. Specializing this higher-order syntax leads to various definitions of previously defined (scoped, parallel, latent) and novel (writer, bracketing) effects. Furthermore, we formally show our framework theoretically correct, also putting different effect instances on formal footing; a significant contribution for parallel, latent, writer and bracketing effects.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"234 ","pages":"Article 103086"},"PeriodicalIF":1.3,"publicationDate":"2024-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0167642324000091/pdfft?md5=2f32f586d39373add129303303d8a760&pid=1-s2.0-S0167642324000091-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139499049","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ISTA+: Test case generation and optimization for intelligent systems based on coverage analysis","authors":"Xiaoxue Wu ,&nbsp;Yizeng Gu ,&nbsp;Lidan Lin ,&nbsp;Wei Zheng ,&nbsp;Xiang Chen","doi":"10.1016/j.scico.2024.103078","DOIUrl":"10.1016/j.scico.2024.103078","url":null,"abstract":"<div><p>With the increasing use of intelligent systems in various domains such as self-driving cars, robotics, and smart cities, it is crucial to ensure the quality of intelligent systems for their reliable and effective use in various domains. However, testing intelligent systems poses unique challenges due to their complex structure, low efficiency, and the high cost associated with manually collecting a large number of test cases. Hence, it is crucial to design tools that can adequately test intelligent systems while overcoming these obstacles.</p><p>We propose an intelligent system test tool called ISTA+. This tool implements automatic generation and optimization of test cases based on coverage analysis, resulting in improved test adequacy for intelligent systems. To evaluate the effectiveness of ISTA+, we applied it to two different models (fully-connected DNN and the Rambo model) and two datasets of different data types (i.e., image and text). The evaluation results demonstrate that ISTA+ successfully improves the test dataset quality and ensures comprehensive testing for both text and image data types.</p><ul><li><span>•</span><span><p>Link to source code: <span>https://github.com/wuxiaoxue/ISTAplus</span><svg><path></path></svg></p></span></li><li><span>•</span><span><p>Link to video demonstration: <span>https://youtu.be/6CkzMJ0ghq8</span><svg><path></path></svg></p></span></li></ul></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"234 ","pages":"Article 103078"},"PeriodicalIF":1.3,"publicationDate":"2024-01-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139470269","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"HFCommunity: An extraction process and relational database to analyze Hugging Face Hub data","authors":"Adem Ait ,&nbsp;Javier Luis Cánovas Izquierdo ,&nbsp;Jordi Cabot","doi":"10.1016/j.scico.2024.103079","DOIUrl":"10.1016/j.scico.2024.103079","url":null,"abstract":"<div><p>Social coding platforms such as <span>GitHub</span> or <span>GitLab</span> have become the <em>de facto</em> standard for developing Open-Source Software (OSS) projects. With the emergence of Machine Learning (ML), platforms specifically designed for hosting and developing ML-based projects have appeared, being <span>Hugging Face Hub</span> (HFH) one of the most popular ones. HFH aims at sharing datasets, pre-trained ML models and the applications built with them. With over 400 K repositories, and growing fast, HFH is becoming a promising source of empirical data on all aspects of ML project development. However, apart from the API provided by the platform, there are no easy-to-use solutions to collect the data, nor prepackaged datasets to explore the different facets of HFH. We present <span>HFCommunity</span>, an extraction process for HFH data and a relational database to facilitate an empirical analysis on the growing number of ML projects.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"234 ","pages":"Article 103079"},"PeriodicalIF":1.3,"publicationDate":"2024-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0167642324000029/pdfft?md5=bb0c43422124d50d91f987a6ab598504&pid=1-s2.0-S0167642324000029-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139420808","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"CrossFuzz: Cross-contract fuzzing for smart contract vulnerability detection","authors":"Huiwen Yang ,&nbsp;Xiguo Gu ,&nbsp;Xiang Chen ,&nbsp;Liwei Zheng ,&nbsp;Zhanqi Cui","doi":"10.1016/j.scico.2023.103076","DOIUrl":"10.1016/j.scico.2023.103076","url":null,"abstract":"<div><h3>Context:</h3><p>Smart contracts are computer programs that run on a blockchain. As the functions implemented by smart contracts become increasingly complex, the number of cross-contract interactions within them also rises. Consequently, the combinatorial explosion of transaction sequences poses a significant challenge for smart contract security vulnerability detection. Existing static analysis-based methods for detecting cross-contract vulnerabilities suffer from high false-positive rates and cannot generate test cases, while fuzz testing-based methods exhibit low code coverage and may not accurately detect security vulnerabilities.</p></div><div><h3>Objective:</h3><p>The goal of this paper is to address the above limitations and efficiently detect cross-contract vulnerabilities. To achieve this goal, we present CrossFuzz, a fuzz testing-based method for detecting cross-contract vulnerabilities.</p></div><div><h3>Method:</h3><p>First, CrossFuzz generates parameters of constructors by tracing data propagation paths. Then, it collects inter-contract data flow information. Finally, CrossFuzz optimizes mutation strategies for transaction sequences based on inter-contract data flow information to improve the performance of fuzz testing.</p></div><div><h3>Results:</h3><p>We implemented CrossFuzz, which is an extension of ConFuzzius, and conducted experiments on a real-world dataset containing 396 smart contracts. The results show that CrossFuzz outperforms xFuzz, a fuzz testing-based tool optimized for cross-contract vulnerability detection, with a 10.58% increase in bytecode coverage. Furthermore, CrossFuzz detects 1.82 times more security vulnerabilities than ConFuzzius.</p></div><div><h3>Conclusion:</h3><p>Our method utilizes data flow information to optimize mutation strategies. It significantly improves the efficiency of fuzz testing for detecting cross-contract vulnerabilities.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"234 ","pages":"Article 103076"},"PeriodicalIF":1.3,"publicationDate":"2024-01-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0167642323001582/pdfft?md5=7fef51df3438fb9723e7404479376a1f&pid=1-s2.0-S0167642323001582-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139102730","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Verification of message-passing uninterpreted programs","authors":"Weijiang Hong ,&nbsp;Zhenbang Chen ,&nbsp;Yufeng Zhang ,&nbsp;Hengbiao Yu ,&nbsp;Yide Du ,&nbsp;Ji Wang","doi":"10.1016/j.scico.2023.103075","DOIUrl":"10.1016/j.scico.2023.103075","url":null,"abstract":"<div><p><span>Message-passing programs involve several processes with channel-based communications to deal with tasks concurrently. The complex computations and communications between processes make the verification of message-passing programs hard. By regarding the functions in programs as uninterpreted functions, we focus on the verification problem of message-passing uninterpreted programs. Although the usage of uninterpreted functions alleviates the computational difficulties brought by functions, the verification problem is still undecidable in general. In this work, we provide a decidable subclass of message-passing uninterpreted programs, wherein programs in this subclass satisfy the property of </span><em>k-record coherence</em>. The decidability result closely relies on communicating finite-state machine (CFM) with bounded channels. Based on the decidability result, we proposed a verification framework for message-passing uninterpreted programs.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"234 ","pages":"Article 103075"},"PeriodicalIF":1.3,"publicationDate":"2024-01-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139082493","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A method of test case set generation in the commutativity test of reduce functions","authors":"Xiangyu Mu, Lei Liu, P. Zhang, Jingyao Li, Hui Li","doi":"10.1016/j.scico.2023.103006","DOIUrl":"https://doi.org/10.1016/j.scico.2023.103006","url":null,"abstract":"","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"231 1","pages":"103006"},"PeriodicalIF":1.3,"publicationDate":"2024-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"55137030","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Monitoring and forecasting usability indicators: A business intelligence approach for leveraging user-centered evaluation data","authors":"José A Macías ,&nbsp;Clemente R. Borges","doi":"10.1016/j.scico.2023.103077","DOIUrl":"10.1016/j.scico.2023.103077","url":null,"abstract":"<div><p>Monitoring performance indicators has become a main concern for most organizations today. While much attention has been paid to developing economic, bioinformatics, health, and social media dashboards, little or no attention has been devoted to monitoring and forecasting usability indicators. This can be of interest for analyzing the degree of perceived satisfaction and usability of interactive software products designed or just developed, being also useful as general strategic indicators in human-centered organizations. This paper presents an approach including main measures, Key Performance Indicators, trends, and forecasts to deal with usability information over time and produce new knowledge based on historical data. Also, an instance has been implemented, including data obtained from real software evaluations. Target users have evaluated the approach to validate its suitability, obtaining successful usability results that denote the adequacy of the approach presented.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"234 ","pages":"Article 103077"},"PeriodicalIF":1.3,"publicationDate":"2023-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://www.sciencedirect.com/science/article/pii/S0167642323001594/pdfft?md5=c15510fac177d5c1b3ed8447ec91395f&pid=1-s2.0-S0167642323001594-main.pdf","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"139070812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TDFix: A lightweight tool for fixing deadlocks based on templates","authors":"Wangjie Ji,&nbsp;Lili Bo,&nbsp;Yanchi Yuan,&nbsp;Xiaobing Sun","doi":"10.1016/j.scico.2023.103073","DOIUrl":"10.1016/j.scico.2023.103073","url":null,"abstract":"<div><p>Deadlock is notoriously difficult to detect and fix correctly. Existing approaches aim at fixing deadlocks under the premise of having known the deadlock and the buggy code involved in the deadlock, which leads to a certain gap from the practical multithreaded software development. In this paper, we describe the design and implementation of <em>TDFix</em>, which can detect, localize, and fix deadlocks in Java programs based on the pre-defined deadlock fixing templates. <em>TDFix</em> locates the buggy code by searching for the destination node in the AST of a program and modifying the node information based on the templates. Experimental results show that <em>TDFix</em> can successfully fix 176 out of 198 deadlocks in at most 90 seconds for each large Java project, indicating its effectiveness and efficiency.</p></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"233 ","pages":"Article 103073"},"PeriodicalIF":1.3,"publicationDate":"2023-12-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"138685752","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}