首页 > 最新文献

2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)最新文献

英文 中文
Parameter Description Generation with the Code Parameter Flow 参数说明使用代码参数流生成
Qiuyuan Chen, Zezhou Yang, Zhongxin Liu, Shanping Li, Cuiyun Gao
Prior study shows that comprehending parameters can help developers understand the code’s critical information (e.g., the argument) and enhance the comprehension of the functionality. However, commenting parameter is often ignored in practice. For example, a statistic of 18 popular open-source projects shows the ratio of methods with one or more parameters but lacking "@param" comment ranges from 31% to 97%, indicating the necessity of parameter comments.To fill this gap, we propose ParamDesGen to generate a descriptive code comment (description) for each parameter given a method with one or more formal parameters. ParamDesGen consists of (1) a code analysis component to identify the Parameter Flow and extract "parameter-related code parts" and (2) a machine-learning component to generate parameter comments. We build a large-scale dataset for the task and perform experiments on it to evaluate ParamDesGen. The evaluation results show that the proposed approach substantially outperforms the baselines in terms of BLEU-4 scores (22.54 absolute improvement and 138.79% relative improvement) and ROUGE-L scores (3.12 absolute improvement and 5.90% relative improvement). We further perform ablation experiments to prove the effectiveness of the Parameter Flow.
先前的研究表明,理解参数可以帮助开发人员理解代码的关键信息(例如,参数),并增强对功能的理解。然而,在实践中,注释参数常常被忽略。例如,对18个流行的开源项目的统计显示,有一个或多个参数但没有“@param”注释的方法的比例从31%到97%不等,这表明参数注释是必要的。为了填补这一空白,我们建议ParamDesGen为给定具有一个或多个形式参数的方法的每个参数生成描述性代码注释(描述)。ParamDesGen包括(1)代码分析组件,用于识别参数流并提取“与参数相关的代码部分”;(2)机器学习组件,用于生成参数注释。我们为该任务建立了一个大规模的数据集,并在其上进行实验来评估ParamDesGen。评价结果表明,该方法在BLEU-4评分(绝对改善22.54分,相对改善138.79%)和ROUGE-L评分(绝对改善3.12分,相对改善5.90%)方面显著优于基线。进一步进行了烧蚀实验,验证了参数流的有效性。
{"title":"Parameter Description Generation with the Code Parameter Flow","authors":"Qiuyuan Chen, Zezhou Yang, Zhongxin Liu, Shanping Li, Cuiyun Gao","doi":"10.1109/QRS57517.2022.00093","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00093","url":null,"abstract":"Prior study shows that comprehending parameters can help developers understand the code’s critical information (e.g., the argument) and enhance the comprehension of the functionality. However, commenting parameter is often ignored in practice. For example, a statistic of 18 popular open-source projects shows the ratio of methods with one or more parameters but lacking \"@param\" comment ranges from 31% to 97%, indicating the necessity of parameter comments.To fill this gap, we propose ParamDesGen to generate a descriptive code comment (description) for each parameter given a method with one or more formal parameters. ParamDesGen consists of (1) a code analysis component to identify the Parameter Flow and extract \"parameter-related code parts\" and (2) a machine-learning component to generate parameter comments. We build a large-scale dataset for the task and perform experiments on it to evaluate ParamDesGen. The evaluation results show that the proposed approach substantially outperforms the baselines in terms of BLEU-4 scores (22.54 absolute improvement and 138.79% relative improvement) and ROUGE-L scores (3.12 absolute improvement and 5.90% relative improvement). We further perform ablation experiments to prove the effectiveness of the Parameter Flow.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"1639 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115836376","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Quantity-Simulation-Analysis Method based Novel RSA Timing Attack Algorithm for Single-Chip Microcomputer Platform 基于数量仿真分析方法的新型单片机平台RSA定时攻击算法
Cong Li, Qiang Han, T. Zhang, Bingbing Lei, Yu He
There are limitations in storage and computational capacity on the single-chip microcomputer platform under the secure edge computing paradigm. A higher success rate is possible via collecting sensitive information on the time side channel by multivariate statistical analysis to crack the RSA private key when attackers decrypt ciphertexts. We proposed a quantity-simulation-analysis (QSA) method to construct Markov model for RSA timing attack tasks, which firstly quantizes the decrypt process to obtain the time-consuming characteristics, then simulates the machine instruction cycles through parallel computing to analyze Markov model with more precise state transition matrix. On this basis, a novel timing attack algorithm with fuzzy clustering state transition probability matrix of the higher order Markov model on different step sizes is proposed, compared with some algorithms from other literatures taking an exhaustive search attack algorithm as a benchmark. Experimental results show that the algorithm achieves better results in terms of success rate.
在安全边缘计算范式下,单片微机平台的存储和计算能力存在局限性。当攻击者解密密文时,通过多元统计分析收集时间侧信道上的敏感信息来破解RSA私钥,可以提高破解成功率。针对RSA定时攻击任务,提出了一种量化仿真分析(quantitative -simulation-analysis, QSA)方法来构建马尔可夫模型,该方法首先对解密过程进行量化,得到解密过程的耗时特征,然后通过并行计算模拟机器指令周期,利用更精确的状态转移矩阵分析马尔可夫模型。在此基础上,与以穷举搜索攻击算法为基准的其他文献算法相比,提出了一种基于不同步长高阶马尔可夫模型的模糊聚类状态转移概率矩阵的定时攻击算法。实验结果表明,该算法在成功率方面取得了较好的效果。
{"title":"Quantity-Simulation-Analysis Method based Novel RSA Timing Attack Algorithm for Single-Chip Microcomputer Platform","authors":"Cong Li, Qiang Han, T. Zhang, Bingbing Lei, Yu He","doi":"10.1109/QRS57517.2022.00106","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00106","url":null,"abstract":"There are limitations in storage and computational capacity on the single-chip microcomputer platform under the secure edge computing paradigm. A higher success rate is possible via collecting sensitive information on the time side channel by multivariate statistical analysis to crack the RSA private key when attackers decrypt ciphertexts. We proposed a quantity-simulation-analysis (QSA) method to construct Markov model for RSA timing attack tasks, which firstly quantizes the decrypt process to obtain the time-consuming characteristics, then simulates the machine instruction cycles through parallel computing to analyze Markov model with more precise state transition matrix. On this basis, a novel timing attack algorithm with fuzzy clustering state transition probability matrix of the higher order Markov model on different step sizes is proposed, compared with some algorithms from other literatures taking an exhaustive search attack algorithm as a benchmark. Experimental results show that the algorithm achieves better results in terms of success rate.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129380604","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Detection Method for Scarcity Defect of Blockchain Digital Asset based on Invariant Analysis 基于不变量分析的区块链数字资产稀缺性缺陷检测方法
Jin-lei Sun, Song Huang, Xingya Wang, Meijuan Wang, Jinhu Du
Blockchain Digital Assets (BDAs) are intangible assets issued based on blockchain, providing a new paradigm for managing digital assets. Smart contracts are programs running on the blockchain and enhance the flexibility of BDA in a programmable way. However, scarcity defects in smart contracts can lead to abnormal changes in the number of BDA and affect their worth. Software invariants are logical assertions that a program fragment needs to remain faithful during execution and work well in defect detection. This paper studies the scarcity defect detection method of smart contract digital assets based on invariant analysis for the first time. First, we point out eight scarcity defects in three categories and describe their examples. Next, we propose two invariants—transfer invariant and swap invariant—that should be maintained in digital assets’ management and transaction process. Then, we use the two invariants as test oracles and propose an oracle-based method to detect scarcity defects in smart contract. Finally, we evaluate the proposed method on a real-world smart contract dataset. The experimental results show that our method can effectively detect scarcity defects in smart contracts and improve the scarcity defect detection capability of existing smart contract testing tools.
区块链数字资产(bda)是基于区块链发行的无形资产,为数字资产管理提供了一种新的范式。智能合约是运行在区块链上的程序,以可编程的方式增强BDA的灵活性。然而,智能合约的稀缺性缺陷会导致BDA数量的异常变化,影响其价值。软件不变量是逻辑断言,程序片段需要在执行期间保持忠实,并在缺陷检测中工作良好。本文首次研究了基于不变量分析的智能合约数字资产稀缺性缺陷检测方法。首先,我们指出了三种类型的八种稀缺性缺陷,并描述了它们的例子。其次,我们提出了数字资产管理和交易过程中应该保持的两个不变量——转移不变量和交换不变量。然后,我们将这两个不变量作为测试预言器,提出了一种基于预言器的智能合约稀缺性缺陷检测方法。最后,我们在现实世界的智能合约数据集上评估了所提出的方法。实验结果表明,该方法可以有效地检测智能合约中的稀缺性缺陷,提高了现有智能合约测试工具的稀缺性缺陷检测能力。
{"title":"A Detection Method for Scarcity Defect of Blockchain Digital Asset based on Invariant Analysis","authors":"Jin-lei Sun, Song Huang, Xingya Wang, Meijuan Wang, Jinhu Du","doi":"10.1109/QRS57517.2022.00018","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00018","url":null,"abstract":"Blockchain Digital Assets (BDAs) are intangible assets issued based on blockchain, providing a new paradigm for managing digital assets. Smart contracts are programs running on the blockchain and enhance the flexibility of BDA in a programmable way. However, scarcity defects in smart contracts can lead to abnormal changes in the number of BDA and affect their worth. Software invariants are logical assertions that a program fragment needs to remain faithful during execution and work well in defect detection. This paper studies the scarcity defect detection method of smart contract digital assets based on invariant analysis for the first time. First, we point out eight scarcity defects in three categories and describe their examples. Next, we propose two invariants—transfer invariant and swap invariant—that should be maintained in digital assets’ management and transaction process. Then, we use the two invariants as test oracles and propose an oracle-based method to detect scarcity defects in smart contract. Finally, we evaluate the proposed method on a real-world smart contract dataset. The experimental results show that our method can effectively detect scarcity defects in smart contracts and improve the scarcity defect detection capability of existing smart contract testing tools.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129544395","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Building Safe and Stable DNN Controllers using Deep Reinforcement Learning and Deep Imitation Learning 利用深度强化学习和深度模仿学习构建安全稳定的DNN控制器
Xudong He
Cyber-physical systems (CPSs) with controllers built using deep neural nets and reinforcement learning (DRL) have become increasingly used in the functioning of our society. How to assure the correctness such as the safety and stability of these DNN controllers is extremely important and remains a major research challenge. This paper presents an approach to build safe and stable DNN controllers using DRL and deep imitation learning (DIL). An initial DNN controller is built using DRL, which is used to bootstrap a behavior preserving target DNN controller with safety and stability guarantees via DIL. We have applied this approach in successfully building safe and stable DNN controllers of a simplified airplane pitch control system.
使用深度神经网络和强化学习(DRL)构建控制器的网络物理系统(cps)已越来越多地用于我们的社会功能。如何保证这些深度神经网络控制器的安全性和稳定性等正确性是非常重要的,也是一个主要的研究挑战。本文提出了一种利用DRL和深度模仿学习(DIL)构建安全稳定的深度神经网络控制器的方法。使用DRL构建初始DNN控制器,通过DIL引导具有安全稳定性保证的目标DNN控制器。我们已经将这种方法应用于一个简化的飞机俯仰控制系统中,成功地建立了安全稳定的深度神经网络控制器。
{"title":"Building Safe and Stable DNN Controllers using Deep Reinforcement Learning and Deep Imitation Learning","authors":"Xudong He","doi":"10.1109/QRS57517.2022.00083","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00083","url":null,"abstract":"Cyber-physical systems (CPSs) with controllers built using deep neural nets and reinforcement learning (DRL) have become increasingly used in the functioning of our society. How to assure the correctness such as the safety and stability of these DNN controllers is extremely important and remains a major research challenge. This paper presents an approach to build safe and stable DNN controllers using DRL and deep imitation learning (DIL). An initial DNN controller is built using DRL, which is used to bootstrap a behavior preserving target DNN controller with safety and stability guarantees via DIL. We have applied this approach in successfully building safe and stable DNN controllers of a simplified airplane pitch control system.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131338804","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Cast Away: On the Security of DLNA Deployments in the SmartTV Ecosystem 抛弃:关于智能电视生态系统中DLNA部署的安全性
Guangwei Tian, Jiongyi Chen, Kailun Yan, S. Yang, Wenrui Diao
The casting service on SmartTV has been increasingly used for home entertainment and business, given the convenience offered in media broadcast and screen sharing. Among the underlying protocols that support TV cast, DLNA (Digital Living Networking Alliance) – established by a group of tech giants – has become a prevailing standard in the consumer market. Although DLNA has launched the market for years, concerns may arise about whether its real-world deployment has been clearly understood.In this work, we systematically evaluate the security of DLNA deployments in the SmartTV ecosystem. Specifically, we identify a series of critical security issues in the interactions between SmartTVs and casting apps on the smartphone, ranging from non-mandatory encryption to unauthorized file access. The identified security risks can be exploited by a malicious app on the victim’s phone, without requesting sensitive permissions, to launch multiple attacks, including arbitrary command execution, data theft, MITM (man-in-the-middle) attack, and DoS (denial-of-service) attack. To measure the impact of the identified security issues, we designed semi-automated analysis solutions to facilitate the measurements and conducted real-world experiments on 10 on-shelf TV boxes. The results show that most DLNA implementations of products and apps in the wild are insecure. In the end, we provide immediate improvement solutions to mitigate the identified security issues.
由于媒体播放和屏幕共享的便利性,智能电视的直播服务越来越多地用于家庭娱乐和商业。在支持电视直播的底层协议中,由一群科技巨头建立的DLNA(数字生活网络联盟)已经成为消费市场的主流标准。尽管DLNA推出市场已有多年,但人们可能会担心其在现实世界中的部署是否得到了清晰的理解。在这项工作中,我们系统地评估了智能电视生态系统中DLNA部署的安全性。具体来说,我们在智能手机上的智能电视和铸造应用程序之间的交互中发现了一系列关键的安全问题,从非强制性加密到未经授权的文件访问。识别出的安全风险可以被受害者手机上的恶意应用程序利用,无需请求敏感权限,即可发起多种攻击,包括任意命令执行、数据窃取、MITM(中间人)攻击和DoS(拒绝服务)攻击。为了测量已确定的安全问题的影响,我们设计了半自动分析解决方案来促进测量,并在10个现成的电视盒上进行了实际实验。结果表明,大多数产品和应用的DLNA实现都是不安全的。最后,我们提供即时改进解决方案,以减轻已确定的安全问题。
{"title":"Cast Away: On the Security of DLNA Deployments in the SmartTV Ecosystem","authors":"Guangwei Tian, Jiongyi Chen, Kailun Yan, S. Yang, Wenrui Diao","doi":"10.1109/QRS57517.2022.00021","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00021","url":null,"abstract":"The casting service on SmartTV has been increasingly used for home entertainment and business, given the convenience offered in media broadcast and screen sharing. Among the underlying protocols that support TV cast, DLNA (Digital Living Networking Alliance) – established by a group of tech giants – has become a prevailing standard in the consumer market. Although DLNA has launched the market for years, concerns may arise about whether its real-world deployment has been clearly understood.In this work, we systematically evaluate the security of DLNA deployments in the SmartTV ecosystem. Specifically, we identify a series of critical security issues in the interactions between SmartTVs and casting apps on the smartphone, ranging from non-mandatory encryption to unauthorized file access. The identified security risks can be exploited by a malicious app on the victim’s phone, without requesting sensitive permissions, to launch multiple attacks, including arbitrary command execution, data theft, MITM (man-in-the-middle) attack, and DoS (denial-of-service) attack. To measure the impact of the identified security issues, we designed semi-automated analysis solutions to facilitate the measurements and conducted real-world experiments on 10 on-shelf TV boxes. The results show that most DLNA implementations of products and apps in the wild are insecure. In the end, we provide immediate improvement solutions to mitigate the identified security issues.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121995360","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Test Reuse based on Adaptive Semantic Matching across Android Mobile Applications 基于Android移动应用自适应语义匹配的测试重用
Shuqi Liu, Yu Zhou, Tingting Han, Taolue Chen
Automatic test generation can help verify and develop the behavior of mobile applications. Test reuse based on semantic similarities between applications of the same category has been utilized to reduce the manual effort of Graphical User Interface (GUI) testing. However, most of the existing studies fail to solve the semantic problem of event matching, which leads to the failure of test reuse. To overcome this challenge, we propose TRASM (Test Reuse based on Adaptive Semantic Matching), a test reuse approach based on adaptive strategies to find a better event matching across android mobile applications. TRASM first performs GUI events deduplication on the initial test set obtained from test generation, and then employs an adaptive strategy to find better event matching, which enables reusing the existing test. Preliminary experiments with comparison to baseline methods on 15 applications demonstrate that TRASM can improve the precision of GUI event matching while reducing the failure of test reuse and the running time required for test reuse.
自动测试生成可以帮助验证和开发移动应用程序的行为。基于同一类别应用程序之间语义相似性的测试重用已被用于减少图形用户界面(GUI)测试的手工工作。然而,现有的研究大多没有解决事件匹配的语义问题,导致测试重用失败。为了克服这一挑战,我们提出了基于自适应语义匹配的测试重用方法TRASM (Test Reuse based on Adaptive Semantic Matching),这是一种基于自适应策略的测试重用方法,用于在android移动应用程序中寻找更好的事件匹配。TRASM首先对从测试生成中获得的初始测试集执行GUI事件重复删除,然后采用自适应策略寻找更好的事件匹配,从而实现对现有测试的重用。通过与基线方法在15个应用程序上的对比实验表明,TRASM可以提高GUI事件匹配的精度,同时减少测试重用的失败和测试重用所需的运行时间。
{"title":"Test Reuse based on Adaptive Semantic Matching across Android Mobile Applications","authors":"Shuqi Liu, Yu Zhou, Tingting Han, Taolue Chen","doi":"10.1109/QRS57517.2022.00076","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00076","url":null,"abstract":"Automatic test generation can help verify and develop the behavior of mobile applications. Test reuse based on semantic similarities between applications of the same category has been utilized to reduce the manual effort of Graphical User Interface (GUI) testing. However, most of the existing studies fail to solve the semantic problem of event matching, which leads to the failure of test reuse. To overcome this challenge, we propose TRASM (Test Reuse based on Adaptive Semantic Matching), a test reuse approach based on adaptive strategies to find a better event matching across android mobile applications. TRASM first performs GUI events deduplication on the initial test set obtained from test generation, and then employs an adaptive strategy to find better event matching, which enables reusing the existing test. Preliminary experiments with comparison to baseline methods on 15 applications demonstrate that TRASM can improve the precision of GUI event matching while reducing the failure of test reuse and the running time required for test reuse.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121260418","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
A Novel Approach for Bounded Model Checking Through Full Parallelism 一种基于全并行的有界模型检验新方法
Debao Sang, Jing Liu, Haiying Sun, Jin Xu, Jiexiang Kang
Bounded Model Checking (BMC) has been found promising in finding deep vulnerabilities in industry designs and scaling well with design sizes. However, the parallelisation of BMC is challenging, due to the propositional satisfiability (SAT) problem and satisfiability modulo theories problem solving being hard to parallelise. In this paper, we propose a novel approach to perform BMC based on the mathematical model of probe machine, which is the first approach to employ probe machine to accelerate BMC, particularly it can solve SAT formulas in full parallel. We introduce the workflow of the algorithm and explain in detail the process of mapping BMC to the probe machine. A method is provided to prove the correctness of the algorithm and to analyze its time complexity. We develop a model checker called BMC2PROBE based on our approach and explain the framework and memory management of the tool. The experiment results are discussed, which prove the feasibility and effectiveness of our approach.
有界模型检查(BMC)在发现工业设计中的深层漏洞和根据设计尺寸进行扩展方面很有前景。然而,由于命题可满足性(SAT)问题和可满足模理论问题求解难以并行化,BMC的并行化面临挑战。本文提出了一种基于探针机数学模型的BMC执行方法,这是首次采用探针机加速BMC的方法,特别是它可以完全并行地求解SAT公式。介绍了该算法的工作流程,并详细说明了将BMC映射到探针机的过程。给出了一种证明算法正确性和分析算法时间复杂度的方法。我们基于我们的方法开发了一个名为BMC2PROBE的模型检查器,并解释了该工具的框架和内存管理。实验结果证明了该方法的可行性和有效性。
{"title":"A Novel Approach for Bounded Model Checking Through Full Parallelism","authors":"Debao Sang, Jing Liu, Haiying Sun, Jin Xu, Jiexiang Kang","doi":"10.1109/QRS57517.2022.00046","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00046","url":null,"abstract":"Bounded Model Checking (BMC) has been found promising in finding deep vulnerabilities in industry designs and scaling well with design sizes. However, the parallelisation of BMC is challenging, due to the propositional satisfiability (SAT) problem and satisfiability modulo theories problem solving being hard to parallelise. In this paper, we propose a novel approach to perform BMC based on the mathematical model of probe machine, which is the first approach to employ probe machine to accelerate BMC, particularly it can solve SAT formulas in full parallel. We introduce the workflow of the algorithm and explain in detail the process of mapping BMC to the probe machine. A method is provided to prove the correctness of the algorithm and to analyze its time complexity. We develop a model checker called BMC2PROBE based on our approach and explain the framework and memory management of the tool. The experiment results are discussed, which prove the feasibility and effectiveness of our approach.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129048825","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Comprehensiveness, Automation and Lifecycle: A New Perspective for Rust Security 全面、自动化和生命周期:Rust安全的新视角
Shuang Hu, Baojian Hua, Yang Wang
Rust is an emerging programming language designed for secure system programming that provides both security guarantees and runtime efficiency and has been increasingly used to build software infrastructures such as OS kernels, web browsers, databases, and blockchains. To support arbitrary low-level programming and to provide more flexibility, Rust introduced the unsafe feature, which may lead to security issues such as memory or concurrency vulnerabilities. Although there have been a significant number of studies on Rust security utilizing diverse techniques such as program analysis, fuzzing, privilege separation, and formal verification, existing studies suffer from three problems: 1) they only partially solve specific security issues but lack comprehensiveness; 2) most of them require manual interventions or annotations thus are not automated; and 3) they only cover a specific phase instead of the full lifecycle.In this perspective paper, we first survey current research progress on Rust security from 5 aspects, namely, empirical studies, vulnerability prevention, vulnerability detection, vulnerability rectification, and formal verification, and note the limitations of current studies. Then, we point out key challenges for Rust security. Finally, we offer our vision of a Rust security infrastructure guided by three principles: Comprehensiveness, Automation, and Lifecycle (CAL). Our work intends to promote the Rust security studies by proposing new research challenges and future research directions.
Rust是一种新兴的编程语言,专为安全系统编程而设计,提供安全保证和运行时效率,并且越来越多地用于构建软件基础设施,如操作系统内核,web浏览器,数据库和区块链。为了支持任意的低级编程并提供更大的灵活性,Rust引入了不安全特性,这可能会导致诸如内存或并发漏洞之类的安全问题。尽管已经有大量关于Rust安全性的研究使用了各种技术,如程序分析、模糊测试、特权分离和形式验证,但现有的研究存在三个问题:1)它们只部分解决了特定的安全问题,而缺乏全面性;2)大多数需要人工干预或注释,因此不是自动化的;3)它们只涵盖特定阶段,而不是整个生命周期。本文首先从实证研究、漏洞防范、漏洞检测、漏洞整改、形式化验证5个方面对Rust安全的研究现状进行了综述,并指出了目前研究的局限性。然后,我们指出Rust安全面临的主要挑战。最后,我们提供了Rust安全基础架构的远景,它由三个原则指导:全面性、自动化和生命周期(CAL)。我们的工作旨在通过提出新的研究挑战和未来的研究方向来促进Rust安全研究。
{"title":"Comprehensiveness, Automation and Lifecycle: A New Perspective for Rust Security","authors":"Shuang Hu, Baojian Hua, Yang Wang","doi":"10.1109/QRS57517.2022.00102","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00102","url":null,"abstract":"Rust is an emerging programming language designed for secure system programming that provides both security guarantees and runtime efficiency and has been increasingly used to build software infrastructures such as OS kernels, web browsers, databases, and blockchains. To support arbitrary low-level programming and to provide more flexibility, Rust introduced the unsafe feature, which may lead to security issues such as memory or concurrency vulnerabilities. Although there have been a significant number of studies on Rust security utilizing diverse techniques such as program analysis, fuzzing, privilege separation, and formal verification, existing studies suffer from three problems: 1) they only partially solve specific security issues but lack comprehensiveness; 2) most of them require manual interventions or annotations thus are not automated; and 3) they only cover a specific phase instead of the full lifecycle.In this perspective paper, we first survey current research progress on Rust security from 5 aspects, namely, empirical studies, vulnerability prevention, vulnerability detection, vulnerability rectification, and formal verification, and note the limitations of current studies. Then, we point out key challenges for Rust security. Finally, we offer our vision of a Rust security infrastructure guided by three principles: Comprehensiveness, Automation, and Lifecycle (CAL). Our work intends to promote the Rust security studies by proposing new research challenges and future research directions.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131031294","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Generating Abstract Test Cases from User Requirements using MDSE and NLP 使用MDSE和NLP从用户需求生成抽象测试用例
Sai Chaithra Allala, Juan P. Sotomayor, D. Santiago, Tariq M. King, Peter J. Clarke
Model-driven software engineering (MDSE) has emerged as a popular and commonly used method for designing software systems in which models are the primary development artifact over the last decade. MDSE has resulted in the trend toward further automating the software process. However, the generation of test cases from user requirements still lags in reaching the required level of automation. Given that most user requirements are written in natural language, the recent advances in natural language processing (NLP) provide an opportunity to further automate the test generation process.In this paper, we exploit the advances in MDSE and NLP to generate abstract test cases from user requirements written in structured natural language and the respective data model. We accomplish this by creating meta-models for user requirements and abstract test cases and defining the appropriate transformation rules. To support this transformation, helper methods are defined to extract the relevant information from user requirements related to testing. To show the feasibility of the approach, we developed a prototype and conducted a case study with use cases and test cases from a Payroll Management System.
在过去十年中,模型驱动软件工程(MDSE)已经成为设计软件系统的一种流行且常用的方法,其中模型是主要的开发工件。MDSE导致了软件过程进一步自动化的趋势。然而,从用户需求中生成的测试用例在达到所需的自动化水平方面仍然滞后。考虑到大多数用户需求是用自然语言编写的,自然语言处理(NLP)的最新进展为进一步自动化测试生成过程提供了机会。在本文中,我们利用MDSE和NLP的进步,从用结构化自然语言和相应的数据模型编写的用户需求中生成抽象的测试用例。我们通过为用户需求和抽象测试用例创建元模型以及定义适当的转换规则来完成此任务。为了支持这种转换,定义了辅助方法来从与测试相关的用户需求中提取相关信息。为了显示该方法的可行性,我们开发了一个原型,并使用来自薪资管理系统的用例和测试用例进行了一个案例研究。
{"title":"Generating Abstract Test Cases from User Requirements using MDSE and NLP","authors":"Sai Chaithra Allala, Juan P. Sotomayor, D. Santiago, Tariq M. King, Peter J. Clarke","doi":"10.1109/QRS57517.2022.00080","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00080","url":null,"abstract":"Model-driven software engineering (MDSE) has emerged as a popular and commonly used method for designing software systems in which models are the primary development artifact over the last decade. MDSE has resulted in the trend toward further automating the software process. However, the generation of test cases from user requirements still lags in reaching the required level of automation. Given that most user requirements are written in natural language, the recent advances in natural language processing (NLP) provide an opportunity to further automate the test generation process.In this paper, we exploit the advances in MDSE and NLP to generate abstract test cases from user requirements written in structured natural language and the respective data model. We accomplish this by creating meta-models for user requirements and abstract test cases and defining the appropriate transformation rules. To support this transformation, helper methods are defined to extract the relevant information from user requirements related to testing. To show the feasibility of the approach, we developed a prototype and conducted a case study with use cases and test cases from a Payroll Management System.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131871328","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
DeepRTest: A Vulnerability-Guided Robustness Testing and Enhancement Framework for Deep Neural Networks Deep - test:一个基于漏洞的深度神经网络鲁棒性测试和增强框架
Minghao Yang, Shunkun Yang, Wenda Wu
Effective testing methods have been proposed to verify the reliability and robustness of Deep Neural Networks (DNNs). However, enhancing their adversarial robustness against various attacks and perturbations through testing remains a key issue for their further applications. Therefore, we propose DeepRTest, a white-box testing framework for DNNs guided by vulnerability to effectively test and improve the adversarial robustness of DNNs. Specifically, the test input generation algorithm based on joint optimization fully induces the misclassification of DNNs. The generated high neuron coverage inputs near classification boundaries expose vulnerabilities to test adversarial robustness comprehensively. Then, retraining based on the generated inputs effectively optimize the classification boundaries and fix the vulnerabilities to improve the adversarial robustness against perturbations. The experimental results indicate that DeepRTest achieved higher neuron coverage and classification accuracy than baseline methods. Moreover, DeepRTest could improve the adversarial robustness by 39% on average, which was 12.56% higher than other methods.
为了验证深度神经网络(dnn)的可靠性和鲁棒性,已经提出了有效的测试方法。然而,通过测试增强其对抗各种攻击和扰动的鲁棒性仍然是其进一步应用的关键问题。因此,我们提出了基于漏洞的深度神经网络白盒测试框架DeepRTest,以有效测试和提高深度神经网络的对抗鲁棒性。具体来说,基于联合优化的测试输入生成算法充分诱导了dnn的误分类。在分类边界附近生成的高神经元覆盖率输入全面暴露了测试对抗鲁棒性的脆弱性。然后,基于生成的输入进行再训练,有效地优化分类边界并修复漏洞,提高对扰动的对抗鲁棒性。实验结果表明,与基线方法相比,DeepRTest获得了更高的神经元覆盖率和分类精度。此外,DeepRTest平均可将对抗鲁棒性提高39%,比其他方法提高12.56%。
{"title":"DeepRTest: A Vulnerability-Guided Robustness Testing and Enhancement Framework for Deep Neural Networks","authors":"Minghao Yang, Shunkun Yang, Wenda Wu","doi":"10.1109/QRS57517.2022.00081","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00081","url":null,"abstract":"Effective testing methods have been proposed to verify the reliability and robustness of Deep Neural Networks (DNNs). However, enhancing their adversarial robustness against various attacks and perturbations through testing remains a key issue for their further applications. Therefore, we propose DeepRTest, a white-box testing framework for DNNs guided by vulnerability to effectively test and improve the adversarial robustness of DNNs. Specifically, the test input generation algorithm based on joint optimization fully induces the misclassification of DNNs. The generated high neuron coverage inputs near classification boundaries expose vulnerabilities to test adversarial robustness comprehensively. Then, retraining based on the generated inputs effectively optimize the classification boundaries and fix the vulnerabilities to improve the adversarial robustness against perturbations. The experimental results indicate that DeepRTest achieved higher neuron coverage and classification accuracy than baseline methods. Moreover, DeepRTest could improve the adversarial robustness by 39% on average, which was 12.56% higher than other methods.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133478925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1