Defect prediction technology helps software quality assurance teams understand the distribution of software defects, which can assist them to allocate testing and verification resources appropriately. Current visualization-based software defect prediction methods lack spatial and global information of code images during the feature extraction process. To solve the problem of incomplete information, this paper proposes a Convolutional Neural Network with Global Self-Attention (CNN-GSA). The method converts codes into corresponding images and uses an improved convolutional neural network, which combines channel attention, spatial attention, and self-attention mechanisms in a global attention layer, to extract defect-related structural and semantic features in code images. Empirical study shows that the model built with the features generated by CNN-GSA can achieve better F-measure results in defect prediction tasks.
{"title":"Visualization-Based Software Defect Prediction via Convolutional Neural Network with Global Self-Attention","authors":"Shaojian Qiu, Shaosheng Wang, Xuhong Tian, Mengyang Huang, Qiong Huang","doi":"10.1109/QRS57517.2022.00029","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00029","url":null,"abstract":"Defect prediction technology helps software quality assurance teams understand the distribution of software defects, which can assist them to allocate testing and verification resources appropriately. Current visualization-based software defect prediction methods lack spatial and global information of code images during the feature extraction process. To solve the problem of incomplete information, this paper proposes a Convolutional Neural Network with Global Self-Attention (CNN-GSA). The method converts codes into corresponding images and uses an improved convolutional neural network, which combines channel attention, spatial attention, and self-attention mechanisms in a global attention layer, to extract defect-related structural and semantic features in code images. Empirical study shows that the model built with the features generated by CNN-GSA can achieve better F-measure results in defect prediction tasks.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"112 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132855200","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/QRS57517.2022.00020
Lizhi Cai, Jin Wang, Mingang Chen, Jilong Wang
With the popularity of deep reinforcement learning(DRL), people have great interest in using deep reinforcement learning for application automated testing. However, most automated testing methods based on reinforcement learning ignore text information, use random sampling in experience replay and ignore the characteristics of Android automated testing. To solve above problem, this paper proposes ITPRTesting(Integrated Text feature information and Priority experience in Testing). It extracts the text information in the interface and uses the BERT algorithm to generate sentence vectors. It fuses the interactive control feature diagram(ICFD), which is mentioned in the previous work, and text information as the state required by reinforcement learning. And in reinforcement learning, the priority experience replay is combined, also the traditional priority experience replay is improved. This paper has carried out experiments on 10 open source applications. The experimental results show that ITPRTesting is superior to other methods in statement coverage and branch coverage.
随着深度强化学习(DRL)的普及,人们对使用深度强化学习进行应用程序自动化测试产生了浓厚的兴趣。然而,大多数基于强化学习的自动化测试方法忽略了文本信息,在体验回放中使用随机抽样,忽略了Android自动化测试的特点。为了解决上述问题,本文提出了ITPRTesting(Integrated Text feature information and Priority experience in Testing)。它提取界面中的文本信息,并使用BERT算法生成句子向量。它融合了之前工作中提到的交互式控制特征图(ICFD)和文本信息作为强化学习所需的状态。在强化学习中,结合了优先级经验重播,对传统的优先级经验重播进行了改进。本文在10个开源应用程序上进行了实验。实验结果表明,ITPRTesting在语句覆盖率和分支覆盖率方面都优于其他方法。
{"title":"Automatic Collaborative Testing of Applications Integrating Text Features and Priority Experience Replay","authors":"Lizhi Cai, Jin Wang, Mingang Chen, Jilong Wang","doi":"10.1109/QRS57517.2022.00020","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00020","url":null,"abstract":"With the popularity of deep reinforcement learning(DRL), people have great interest in using deep reinforcement learning for application automated testing. However, most automated testing methods based on reinforcement learning ignore text information, use random sampling in experience replay and ignore the characteristics of Android automated testing. To solve above problem, this paper proposes ITPRTesting(Integrated Text feature information and Priority experience in Testing). It extracts the text information in the interface and uses the BERT algorithm to generate sentence vectors. It fuses the interactive control feature diagram(ICFD), which is mentioned in the previous work, and text information as the state required by reinforcement learning. And in reinforcement learning, the priority experience replay is combined, also the traditional priority experience replay is improved. This paper has carried out experiments on 10 open source applications. The experimental results show that ITPRTesting is superior to other methods in statement coverage and branch coverage.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"249 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134312479","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/QRS57517.2022.00034
Xiaojuan Wang, Wenyu Zhang, Shanyan Lai, Chunyang Ye, Hui Zhou
Matching APP reviews with bug reports can help APP developers to quickly identify new bugs from the users’ feedback. Existing solutions represent the semantics of APP reviews and bug reports via carefully designed features and models, the performance of which however depends heavily on the manually designed model and the training data set. Large-scale pretrained models can well capture the semantics of text and have demonstrated their success in many NLP tasks. Inspired by this, we explore the effect of various pretrained models on the matching accuracy of app review and bug report. We conduct a systematic study to analyze the factors of four major pretrained models (including T5, Sentence T5, Sentence MiniLM, Sentence BERT and so on) on the matching accuracy. We find that the accuracy of Sentence T5 and Sentence MiniLM in four open source applications is significantly greater than that of the state-of-the-art approach DeepMatcher. Based on the findings, we design a novel approach to match the APP reviews with bug reports based on the pretrained model Sentence T5 and Sentence MiniLM to calculate the sentence similarity. We test it on four open source applications and the results show that our method outperforms the existing solution. On average, the precision of Sentence T5 and Sentence MiniLM are increased by 17% and 13%, respectively, and the hit ratio are increased by 15% and 14%, respectively.
{"title":"The Use of Pretrained Model for Matching App Reviews and Bug Reports","authors":"Xiaojuan Wang, Wenyu Zhang, Shanyan Lai, Chunyang Ye, Hui Zhou","doi":"10.1109/QRS57517.2022.00034","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00034","url":null,"abstract":"Matching APP reviews with bug reports can help APP developers to quickly identify new bugs from the users’ feedback. Existing solutions represent the semantics of APP reviews and bug reports via carefully designed features and models, the performance of which however depends heavily on the manually designed model and the training data set. Large-scale pretrained models can well capture the semantics of text and have demonstrated their success in many NLP tasks. Inspired by this, we explore the effect of various pretrained models on the matching accuracy of app review and bug report. We conduct a systematic study to analyze the factors of four major pretrained models (including T5, Sentence T5, Sentence MiniLM, Sentence BERT and so on) on the matching accuracy. We find that the accuracy of Sentence T5 and Sentence MiniLM in four open source applications is significantly greater than that of the state-of-the-art approach DeepMatcher. Based on the findings, we design a novel approach to match the APP reviews with bug reports based on the pretrained model Sentence T5 and Sentence MiniLM to calculate the sentence similarity. We test it on four open source applications and the results show that our method outperforms the existing solution. On average, the precision of Sentence T5 and Sentence MiniLM are increased by 17% and 13%, respectively, and the hit ratio are increased by 15% and 14%, respectively.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134104201","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/QRS57517.2022.00078
Nour Chetouane, F. Wotawa
The testing objective is to find interactions with a system under test leading to unexpected behavior. Such interactions are test cases that can be either manually specified or automatically generated. For the latter, we find many methods and techniques in the research literature, including combinatorial testing or model-based testing. In this paper, we focus on automated test case generation based on models where we are interested in extracting models from available data. In particular, we consider automotive testing, where cars and other vehicles must behave correctly in typical driving situations. The idea is to use available driving data from which we want to extract driving models that we can later use for generating test cases, i.e., arbitrary driving patterns for vehicle testing. Besides outlining the foundations, we discuss the first experimental results we obtain using available open-access driving data.
{"title":"Extracting Temporal Models from Data Episodes","authors":"Nour Chetouane, F. Wotawa","doi":"10.1109/QRS57517.2022.00078","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00078","url":null,"abstract":"The testing objective is to find interactions with a system under test leading to unexpected behavior. Such interactions are test cases that can be either manually specified or automatically generated. For the latter, we find many methods and techniques in the research literature, including combinatorial testing or model-based testing. In this paper, we focus on automated test case generation based on models where we are interested in extracting models from available data. In particular, we consider automotive testing, where cars and other vehicles must behave correctly in typical driving situations. The idea is to use available driving data from which we want to extract driving models that we can later use for generating test cases, i.e., arbitrary driving patterns for vehicle testing. Besides outlining the foundations, we discuss the first experimental results we obtain using available open-access driving data.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130782459","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/QRS57517.2022.00107
Tong Li, Tianai Zhang
Usability requirements have been widely recognized as an essential quality requirement for systems that interact with people. However, evaluating the satisfaction of usability requirements usually involves user interactions, which is intrusive and time-consuming. In this paper, we propose a novel framework for systematically and automatically evaluating the satisfaction of usability requirements at runtime. Specifically, a behavior-centric conceptual model is proposed to comprehensively characterize user behaviors. An analysis process is then proposed based on the conceptual model, which systematically refines high-level usability requirements into observable and measurable user behaviors in order to automatically evaluate their satisfaction. Moreover, we investigate and mine patterns of user behaviors, which further explain the results of the satisfaction analysis. We systematically design and conduct a case study to evaluate our proposed framework, the results of which show that our approach is able to identify most usability issues and precisely assess the satisfaction of participants’ usability requirements. Importantly, our approach enables continuous usability requirements evaluation without interfering with users, pragmatically contributing to trade-off analysis among quality requirements at runtime.
{"title":"Continuous Usability Requirements Evaluation based on Runtime User Behavior Mining","authors":"Tong Li, Tianai Zhang","doi":"10.1109/QRS57517.2022.00107","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00107","url":null,"abstract":"Usability requirements have been widely recognized as an essential quality requirement for systems that interact with people. However, evaluating the satisfaction of usability requirements usually involves user interactions, which is intrusive and time-consuming. In this paper, we propose a novel framework for systematically and automatically evaluating the satisfaction of usability requirements at runtime. Specifically, a behavior-centric conceptual model is proposed to comprehensively characterize user behaviors. An analysis process is then proposed based on the conceptual model, which systematically refines high-level usability requirements into observable and measurable user behaviors in order to automatically evaluate their satisfaction. Moreover, we investigate and mine patterns of user behaviors, which further explain the results of the satisfaction analysis. We systematically design and conduct a case study to evaluate our proposed framework, the results of which show that our approach is able to identify most usability issues and precisely assess the satisfaction of participants’ usability requirements. Importantly, our approach enables continuous usability requirements evaluation without interfering with users, pragmatically contributing to trade-off analysis among quality requirements at runtime.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114236678","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/QRS57517.2022.00111
Nan-Jung Huang, Chih-Jen Huang, Shih-Kun Huang
Pickle is a built-in library in Python that can serialize and deserialize Python objects and data structures. However, the process of pickle deserialization has been confirmed as a hazardous operation. Marco Slaviero uncovered its dangerous vulnerability and proposed exploitation methods in BlackHat 2011. As a result, corresponding defense methods have also been generated. Restricting Globals was proposed in the official Python documentation as a defensive approach.We find that defense implementations are incorrect in some cases. Therefore, we conducted a large-scale analysis of 7543 open-source Python projects with more than 100 stars to find that 36 projects have implemented defense strategies. Among them, nine projects were not correctly implemented. Furthermore, we investigated the root causes of their failures for automatic exploit generation from these projects.
{"title":"Pain Pickle: Bypassing Python Restricted Unpickler for Automatic Exploit Generation","authors":"Nan-Jung Huang, Chih-Jen Huang, Shih-Kun Huang","doi":"10.1109/QRS57517.2022.00111","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00111","url":null,"abstract":"Pickle is a built-in library in Python that can serialize and deserialize Python objects and data structures. However, the process of pickle deserialization has been confirmed as a hazardous operation. Marco Slaviero uncovered its dangerous vulnerability and proposed exploitation methods in BlackHat 2011. As a result, corresponding defense methods have also been generated. Restricting Globals was proposed in the official Python documentation as a defensive approach.We find that defense implementations are incorrect in some cases. Therefore, we conducted a large-scale analysis of 7543 open-source Python projects with more than 100 stars to find that 36 projects have implemented defense strategies. Among them, nine projects were not correctly implemented. Furthermore, we investigated the root causes of their failures for automatic exploit generation from these projects.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130913584","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/QRS57517.2022.00091
Mubark Jedh, Jian Kai Lee, L. B. Othmane
Attackers demonstrated the use of remote access to the in-vehicle network of connected vehicles to take control of these vehicles. Machine-learning-based Intrusion Detection Systems (IDSs) techniques have been proposed for the detection of such attacks. The evaluations of some of these IDSs showed their efficacy in terms of accuracy in detecting message injections but were performed offline, which limits the confidence in their use for real-time protection scenarios. This paper evaluates four architecture designs for real-time IDS for connected vehicles using Controller Area Network (CAN) datasets collected from a moving vehicle under malicious speed reading message injections. The evaluation shows that a real-time IDS for a connected vehicle designed as a separate process for CAN Bus monitoring and another one for anomaly detection engine is reliable (does not lose messages) and could be used for real-time resilience mechanisms as a response to cyber-attacks.
{"title":"Evaluation of the Architecture Alternatives for Real-Time Intrusion Detection Systems for Vehicles","authors":"Mubark Jedh, Jian Kai Lee, L. B. Othmane","doi":"10.1109/QRS57517.2022.00091","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00091","url":null,"abstract":"Attackers demonstrated the use of remote access to the in-vehicle network of connected vehicles to take control of these vehicles. Machine-learning-based Intrusion Detection Systems (IDSs) techniques have been proposed for the detection of such attacks. The evaluations of some of these IDSs showed their efficacy in terms of accuracy in detecting message injections but were performed offline, which limits the confidence in their use for real-time protection scenarios. This paper evaluates four architecture designs for real-time IDS for connected vehicles using Controller Area Network (CAN) datasets collected from a moving vehicle under malicious speed reading message injections. The evaluation shows that a real-time IDS for a connected vehicle designed as a separate process for CAN Bus monitoring and another one for anomaly detection engine is reliable (does not lose messages) and could be used for real-time resilience mechanisms as a response to cyber-attacks.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122033817","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/QRS57517.2022.00113
Thorn Jansen, Fernando Pastor Ricós, Yaping Luo, K. Vlist, R. V. Dalen, Pekka Aho, T. Vos
Traditionally, end-to-end testing of mobile apps is either performed manually or automated with test scripts. However, manual GUI testing is expensive and slow, and test scripts are fragile for GUI changes, resulting in high maintenance costs. Scriptless testing attempts to address the costs associated with GUI testing. Existing scriptless approaches for mobile testing do not seem to fit the requirements of the industry, specifically those of the ING. This study presents an extension to open source TESTAR tool to support scriptless GUI testing of Android and iOS applications. We present an initial validation of the tool on an industrial setting at the ING. From the validation, we determine that the extended TESTAR outperforms two other state-of-the-art scriptless testing tools for Android in terms of code coverage, and achieves similar performance as the scripted test automation already in use at the ING. Moreover, we see that the scriptless approach covers parts of the application under test that the existing test scripts did not cover, showing the complementarity of the approaches, providing more value for the testers.
{"title":"Scriptless GUI Testing on Mobile Applications","authors":"Thorn Jansen, Fernando Pastor Ricós, Yaping Luo, K. Vlist, R. V. Dalen, Pekka Aho, T. Vos","doi":"10.1109/QRS57517.2022.00113","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00113","url":null,"abstract":"Traditionally, end-to-end testing of mobile apps is either performed manually or automated with test scripts. However, manual GUI testing is expensive and slow, and test scripts are fragile for GUI changes, resulting in high maintenance costs. Scriptless testing attempts to address the costs associated with GUI testing. Existing scriptless approaches for mobile testing do not seem to fit the requirements of the industry, specifically those of the ING. This study presents an extension to open source TESTAR tool to support scriptless GUI testing of Android and iOS applications. We present an initial validation of the tool on an industrial setting at the ING. From the validation, we determine that the extended TESTAR outperforms two other state-of-the-art scriptless testing tools for Android in terms of code coverage, and achieves similar performance as the scripted test automation already in use at the ING. Moreover, we see that the scriptless approach covers parts of the application under test that the existing test scripts did not cover, showing the complementarity of the approaches, providing more value for the testers.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122360722","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/qrs57517.2022.00008
{"title":"QRS 2022 Program Committee","authors":"","doi":"10.1109/qrs57517.2022.00008","DOIUrl":"https://doi.org/10.1109/qrs57517.2022.00008","url":null,"abstract":"","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"153 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120841075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2022-12-01DOI: 10.1109/QRS57517.2022.00101
Shuang Hu, Baojian Hua, Lei Xia, Yang Wang
Rust is a new safe system programming language enforcing safety guarantees by novel language features, a rich type system, and strict compile-time checking rules, and thus has been used extensively to build system software. For multilingual Rust applications containing external C code, memory security vulnerabilities can occur due to the intrinsically unsafe nature of C and the improper interactions between Rust and C. Unfortunately, existing security studies on Rust only focus on pure Rust code but cannot analyze either the native C code or the Rust/C interactions in multilingual Rust applications. As a result, the lack of such studies may defeat the guarantee that Rust is a safe language.This paper presents CRust, a unified program analysis framework across Rust and C, which enables program analyses to understand the semantics of C code by translating Rust and C into a unified specification language. The CRust framework consists of three key components: (1) a unified specification language CRustIR, which is a strong-typed low-level intermediate language suitable for program analysis; (2) a transformation to build models of C code by converting C code into CRustIR; and (3) program analysis algorithms on CRustIR to detect security vulnerabilities. We have implemented a software prototype for CRust, and have conducted extensive experiments to evaluate its effectiveness and performance. Experimental results demonstrated that CRust can effectively detect common memory security vulnerabilities caused by the interaction of Rust and C that are missed by state-of-the-art tools. In addition, CRust is efficient in bringing negligible overhead (0.23 seconds on average).
{"title":"CRUST: Towards a Unified Cross-Language Program Analysis Framework for Rust","authors":"Shuang Hu, Baojian Hua, Lei Xia, Yang Wang","doi":"10.1109/QRS57517.2022.00101","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00101","url":null,"abstract":"Rust is a new safe system programming language enforcing safety guarantees by novel language features, a rich type system, and strict compile-time checking rules, and thus has been used extensively to build system software. For multilingual Rust applications containing external C code, memory security vulnerabilities can occur due to the intrinsically unsafe nature of C and the improper interactions between Rust and C. Unfortunately, existing security studies on Rust only focus on pure Rust code but cannot analyze either the native C code or the Rust/C interactions in multilingual Rust applications. As a result, the lack of such studies may defeat the guarantee that Rust is a safe language.This paper presents CRust, a unified program analysis framework across Rust and C, which enables program analyses to understand the semantics of C code by translating Rust and C into a unified specification language. The CRust framework consists of three key components: (1) a unified specification language CRustIR, which is a strong-typed low-level intermediate language suitable for program analysis; (2) a transformation to build models of C code by converting C code into CRustIR; and (3) program analysis algorithms on CRustIR to detect security vulnerabilities. We have implemented a software prototype for CRust, and have conducted extensive experiments to evaluate its effectiveness and performance. Experimental results demonstrated that CRust can effectively detect common memory security vulnerabilities caused by the interaction of Rust and C that are missed by state-of-the-art tools. In addition, CRust is efficient in bringing negligible overhead (0.23 seconds on average).","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"94 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116189126","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: