Zahid A. Syed, Jordan Helmick, Sean Banerjee, B. Cukic
Touch dynamics is a behavioral biometric that authenticates users by analyzing the characteristics of the touch gestures they execute on devices such as tablets and smartphones. The current research in this field has focused on identifying the best algorithms and the most effective attributes to improve authentication performance. However, a robust touch dynamics based authentication system for mobile devices must also be resilient against environmental variables such as user posture, movement, device size, device manufacturer, etc. In this work, we focus on two critical environmental variables that affect touch based authentication systems. We demonstrate that the user's posture and device size have a significant impact on the performance of touch based authentication systems. Our results indicate that authentication performance is proportional to the device size. Furthermore, we conclude that using a device's 3-D orientation is necessary to attain better authentication performance. Our findings indicate that the features used in state-of-the-art touch-based authentication systems are insufficient to provide constant, reliable performance when either the device size or user posture change. The effect of environmental variables on touch dynamics has not been explored. The results presented in this work are the first of its kind and important in the development of robust touch-based authentication systems. This study has immediate, applicable benefits to develop better authentication approaches touch dynamics.
{"title":"Effect of User Posture and Device Size on the Performance of Touch-Based Authentication Systems","authors":"Zahid A. Syed, Jordan Helmick, Sean Banerjee, B. Cukic","doi":"10.1109/HASE.2015.10","DOIUrl":"https://doi.org/10.1109/HASE.2015.10","url":null,"abstract":"Touch dynamics is a behavioral biometric that authenticates users by analyzing the characteristics of the touch gestures they execute on devices such as tablets and smartphones. The current research in this field has focused on identifying the best algorithms and the most effective attributes to improve authentication performance. However, a robust touch dynamics based authentication system for mobile devices must also be resilient against environmental variables such as user posture, movement, device size, device manufacturer, etc. In this work, we focus on two critical environmental variables that affect touch based authentication systems. We demonstrate that the user's posture and device size have a significant impact on the performance of touch based authentication systems. Our results indicate that authentication performance is proportional to the device size. Furthermore, we conclude that using a device's 3-D orientation is necessary to attain better authentication performance. Our findings indicate that the features used in state-of-the-art touch-based authentication systems are insufficient to provide constant, reliable performance when either the device size or user posture change. The effect of environmental variables on touch dynamics has not been explored. The results presented in this work are the first of its kind and important in the development of robust touch-based authentication systems. This study has immediate, applicable benefits to develop better authentication approaches touch dynamics.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"403 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122896654","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Hybrid systems arise in embedded control from the interaction between continuous physical behavior and discrete digital controllers. In this paper, we propose Apricot as a novel object-oriented language for modeling hybrid systems. The language takes the advantages of domain-specific and object-oriented languages, which fills the gap between the design and implementation. With respect to the application of Apricot, we demonstrate the model for urgent distance control in subway control systems. In addition, the comparison with hybrid automata is discussed, which indicates the scalability and conciseness of the Apricot model. Moreover, we develop a prototype modeling tool (a plug-in for Eclipse) for our proposed language. According to the characteristics of object-orientation and the component architecture of Apricot, we conclude that it is suitable for modeling hybrid systems without losing many key features.
{"title":"An Object-Oriented Language for Modeling of Hybrid Systems","authors":"Huixing Fang, Huibiao Zhu, Jianqi Shi","doi":"10.1109/HASE.2015.9","DOIUrl":"https://doi.org/10.1109/HASE.2015.9","url":null,"abstract":"Hybrid systems arise in embedded control from the interaction between continuous physical behavior and discrete digital controllers. In this paper, we propose Apricot as a novel object-oriented language for modeling hybrid systems. The language takes the advantages of domain-specific and object-oriented languages, which fills the gap between the design and implementation. With respect to the application of Apricot, we demonstrate the model for urgent distance control in subway control systems. In addition, the comparison with hybrid automata is discussed, which indicates the scalability and conciseness of the Apricot model. Moreover, we develop a prototype modeling tool (a plug-in for Eclipse) for our proposed language. According to the characteristics of object-orientation and the component architecture of Apricot, we conclude that it is suitable for modeling hybrid systems without losing many key features.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121547749","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Haixing Yan, Huixing Fang, Christian Kuka, Huibiao Zhu
Over the past few years, OAuth has become an open authorization standard that is being adopted by a growing number of sites such as Twitter, Facebook and Google. It allows users to grant a third-party application access to restricted resources without providing their credentials. However, ensuring the correctness of implementations of OAuth in applications brings multiple concerns. Therefore, it is crucial to verify OAuth with an exhaustive examination by utilizing formal methods. In this paper, we first formalize OAuth with ASLan++ on the AVANTSSAR platform and propose several fundamental security properties on it which are specified using extended Linear Temporal Logic (LTL) formulas. In a second step, we use a SAT-based Model-Checker (SATMC) to verify whether OAuth violates these properties. As a result, we reveal three attacks which steal and falsify users' critical information.
{"title":"Verification for OAuth Using ASLan++","authors":"Haixing Yan, Huixing Fang, Christian Kuka, Huibiao Zhu","doi":"10.1109/HASE.2015.20","DOIUrl":"https://doi.org/10.1109/HASE.2015.20","url":null,"abstract":"Over the past few years, OAuth has become an open authorization standard that is being adopted by a growing number of sites such as Twitter, Facebook and Google. It allows users to grant a third-party application access to restricted resources without providing their credentials. However, ensuring the correctness of implementations of OAuth in applications brings multiple concerns. Therefore, it is crucial to verify OAuth with an exhaustive examination by utilizing formal methods. In this paper, we first formalize OAuth with ASLan++ on the AVANTSSAR platform and propose several fundamental security properties on it which are specified using extended Linear Temporal Logic (LTL) formulas. In a second step, we use a SAT-based Model-Checker (SATMC) to verify whether OAuth violates these properties. As a result, we reveal three attacks which steal and falsify users' critical information.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122538090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Due to deployment constraints and communication modalities, unreliable communications are very common in Wireless Sensor Networks (WSNs). In order to ensure that every node can behave in a reasonable manner even though they are in an unreliable communication, we propose CWQ, a process calculus for formal modeling and reasoning about WSNs and their applications from a quality perspective. We combine local broadcast, one of the most important peculiarities of networks, with quality predicate. Default values are given in the case that ideal behaviors of wireless nodes fail because of the unreliable communication, to increase the service quality offered by the system. Moreover, we also give the operational semantics of CWQ in terms of both a Labeled Transition Semantics and a Reduction Semantics, and prove a correspondence result between them. Finally, some examples, and two real-world case studies Smart Home and Smart Grid are used to illustrate the applicability of our calculus.
{"title":"A Calculus for Wireless Sensor Networks from Quality Perspective","authors":"Xi Wu, Huibiao Zhu","doi":"10.1109/HASE.2015.40","DOIUrl":"https://doi.org/10.1109/HASE.2015.40","url":null,"abstract":"Due to deployment constraints and communication modalities, unreliable communications are very common in Wireless Sensor Networks (WSNs). In order to ensure that every node can behave in a reasonable manner even though they are in an unreliable communication, we propose CWQ, a process calculus for formal modeling and reasoning about WSNs and their applications from a quality perspective. We combine local broadcast, one of the most important peculiarities of networks, with quality predicate. Default values are given in the case that ideal behaviors of wireless nodes fail because of the unreliable communication, to increase the service quality offered by the system. Moreover, we also give the operational semantics of CWQ in terms of both a Labeled Transition Semantics and a Reduction Semantics, and prove a correspondence result between them. Finally, some examples, and two real-world case studies Smart Home and Smart Grid are used to illustrate the applicability of our calculus.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117047576","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
V. Bonfiglio, Leonardo Montecchi, Francesco Rossi, P. Lollini, A. Pataricza, A. Bondavalli
Safety analysis is increasingly important for a wide class of systems. In the automotive field, the recent ISO26262 standard foresees safety analysis to be performed at system, hardware, and software levels. Failure Modes and Effects Analysis (FMEA) is an important step in any safety analysis process, and its application at hardware and system levels has been extensively addressed in the literature. Conversely, its application to software architectures is still to a large extent an open problem, especially concerning its integration into a general certification process. The approach we propose in this paper aims at performing semi-automated FMEA on component-based software architectures described in UML. The foundations of our approach are model-execution and fault-injection at model-level, which allows us to compare the nominal and faulty system behaviors and thus assess the effectiveness of safety countermeasures. Besides introducing the detailed workflow for SW FMEA, the work in this paper focuses on the process for obtaining an executable model from a component-based software architecture specified in UML.
{"title":"Executable Models to Support Automated Software FMEA","authors":"V. Bonfiglio, Leonardo Montecchi, Francesco Rossi, P. Lollini, A. Pataricza, A. Bondavalli","doi":"10.1109/HASE.2015.36","DOIUrl":"https://doi.org/10.1109/HASE.2015.36","url":null,"abstract":"Safety analysis is increasingly important for a wide class of systems. In the automotive field, the recent ISO26262 standard foresees safety analysis to be performed at system, hardware, and software levels. Failure Modes and Effects Analysis (FMEA) is an important step in any safety analysis process, and its application at hardware and system levels has been extensively addressed in the literature. Conversely, its application to software architectures is still to a large extent an open problem, especially concerning its integration into a general certification process. The approach we propose in this paper aims at performing semi-automated FMEA on component-based software architectures described in UML. The foundations of our approach are model-execution and fault-injection at model-level, which allows us to compare the nominal and faulty system behaviors and thus assess the effectiveness of safety countermeasures. Besides introducing the detailed workflow for SW FMEA, the work in this paper focuses on the process for obtaining an executable model from a component-based software architecture specified in UML.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"168 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127242148","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A. Ceccarelli, Marco Mori, P. Lollini, A. Bondavalli
Complex, evolutionary systems operating in an open world can be seen as a composition of components which interact each other in order to fulfill their requirements. Following this vision, Systems of Systems (SoSs) literature aims at supporting the life of such complex systems taking into account key viewpoints such as emergence, time, mobility, evolution, dynamicity. Although different attempts can be found in the literature to address mostly specific viewpoints separately, it is still missing a unifying approach to analyze the whole set of viewpoints and their relationships, based on the identification of meta-requirements that can be exploited to describe any System of Systems (SoS). To this end, we developed a unifying meta-requirements model to describe SoSs viewpoints and relate them. The model is meant to be used to support the derivation of the requirements for any SoS. This paper introduces the problem, and presents the main notions of the meta-requirements model with the support of a domain-specific scenario.
{"title":"Introducing Meta-Requirements for Describing System of Systems","authors":"A. Ceccarelli, Marco Mori, P. Lollini, A. Bondavalli","doi":"10.1109/HASE.2015.31","DOIUrl":"https://doi.org/10.1109/HASE.2015.31","url":null,"abstract":"Complex, evolutionary systems operating in an open world can be seen as a composition of components which interact each other in order to fulfill their requirements. Following this vision, Systems of Systems (SoSs) literature aims at supporting the life of such complex systems taking into account key viewpoints such as emergence, time, mobility, evolution, dynamicity. Although different attempts can be found in the literature to address mostly specific viewpoints separately, it is still missing a unifying approach to analyze the whole set of viewpoints and their relationships, based on the identification of meta-requirements that can be exploited to describe any System of Systems (SoS). To this end, we developed a unifying meta-requirements model to describe SoSs viewpoints and relate them. The model is meant to be used to support the derivation of the requirements for any SoS. This paper introduces the problem, and presents the main notions of the meta-requirements model with the support of a domain-specific scenario.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121132443","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Traffic light is regarded as one of the most effective ways to alleviate traffic congestion and carbon emission problems. However, traditional traffic light cannot meet the challenges in traffic regulation posed by the fast growing number of vehicles and increasing complexity of road conditions. In this paper, we propose a dynamic traffic regulation method based on virtual traffic light (VTL) for Vehicle Ad Hoc Network (VANET). In our framework, each vehicle can express its "will" - the desire of moving forward - and share among one another its "will" - value and related traffic information at a traffic light controlled intersection. Based on the traffic information collected in real time, the virtual traffic light in our scheme can be adaptive to the changing environment. We conducted a number of simulation experiments with different scenarios using network simulator NS3 combined with traffic simulator SUMO. The results demonstrate the viability of our solution in reducing waiting time and improving the traffic efficiency.
{"title":"There is a Will, There is a Way: A New Mechanism for Traffic Control Based on VTL and VANET","authors":"Jingmin Shi, Chao Peng, Qin Zhu, P. Duan, Yu Bao, Mengjun Xie","doi":"10.1109/HASE.2015.42","DOIUrl":"https://doi.org/10.1109/HASE.2015.42","url":null,"abstract":"Traffic light is regarded as one of the most effective ways to alleviate traffic congestion and carbon emission problems. However, traditional traffic light cannot meet the challenges in traffic regulation posed by the fast growing number of vehicles and increasing complexity of road conditions. In this paper, we propose a dynamic traffic regulation method based on virtual traffic light (VTL) for Vehicle Ad Hoc Network (VANET). In our framework, each vehicle can express its \"will\" - the desire of moving forward - and share among one another its \"will\" - value and related traffic information at a traffic light controlled intersection. Based on the traffic information collected in real time, the virtual traffic light in our scheme can be adaptive to the changing environment. We conducted a number of simulation experiments with different scenarios using network simulator NS3 combined with traffic simulator SUMO. The results demonstrate the viability of our solution in reducing waiting time and improving the traffic efficiency.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134249800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Sean Banerjee, Jordan Helmick, Zahid A. Syed, B. Cukic
Bug tracking systems play an important role in the development and maintenance of large-scale software systems. Having access to open source bug tracking systems has allowed researchers to take advantage of rich datasets and propose solutions to manage duplicate report classification, developer assignment and quality assessment. In spite of research advances, our understanding of the content of these repositories remains limited, primarily because of their size. In many cases, researchers analyze small portions of datasets thus limiting the understanding of the dynamics of problem reporting. The objective of this study is to explore the properties of two large-scale open source problem report repositories. The Eclipse dataset, at the time of download, consisted of 363; 770 reports spanning 11+ years, whereas Mozilla contained 699; 085 reports spanning 14+ years.Our research examines the evolution of datasets over time by analyzing the changes in the repository and the profiles of users who submit problem reports. We provide quantitative evidence on how submitter's maturity reduces the propensity to submit poor quality, insignificant or duplicate reports. We show that a diverse user base, characteristic of Mozilla, creates challenges for the development team as they spend more time triaging, rather than fixing, issues. Finally, we provide the research community with a series of observations and suggestions on how to study large-scale problem repositories.
{"title":"Eclipse vs. Mozilla: A Comparison of Two Large-Scale Open Source Problem Report Repositories","authors":"Sean Banerjee, Jordan Helmick, Zahid A. Syed, B. Cukic","doi":"10.1109/HASE.2015.45","DOIUrl":"https://doi.org/10.1109/HASE.2015.45","url":null,"abstract":"Bug tracking systems play an important role in the development and maintenance of large-scale software systems. Having access to open source bug tracking systems has allowed researchers to take advantage of rich datasets and propose solutions to manage duplicate report classification, developer assignment and quality assessment. In spite of research advances, our understanding of the content of these repositories remains limited, primarily because of their size. In many cases, researchers analyze small portions of datasets thus limiting the understanding of the dynamics of problem reporting. The objective of this study is to explore the properties of two large-scale open source problem report repositories. The Eclipse dataset, at the time of download, consisted of 363; 770 reports spanning 11+ years, whereas Mozilla contained 699; 085 reports spanning 14+ years.Our research examines the evolution of datasets over time by analyzing the changes in the repository and the profiles of users who submit problem reports. We provide quantitative evidence on how submitter's maturity reduces the propensity to submit poor quality, insignificant or duplicate reports. We show that a diverse user base, characteristic of Mozilla, creates challenges for the development team as they spend more time triaging, rather than fixing, issues. Finally, we provide the research community with a series of observations and suggestions on how to study large-scale problem repositories.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116796643","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Representational State Transfer (REST), as a promising software architecture style, has been used in large scale since proposed. However, there still exist considerable confusions about the REST architecture, which may lead to inappropriate application. We apply formal method CSP in modeling the REST architectural style to give a comprehensive explanation of it. We partition the architectural description into three separate views: process view, connector view and data view, each capturing one architectural element and related properties of the architecture. Furthermore, REST constraints can be described in our models and validated by the model checker PAT. Besides, we focus on the relation between the stateless constraint and resource state, as well as the uniform interface constraint and hypermedia-driven property. The related properties of them are also verified in this paper.
REST (Representational State Transfer, Representational State Transfer)作为一种很有前途的软件架构风格,自提出以来已经得到了广泛的应用。然而,对于REST体系结构仍然存在相当大的混淆,这可能导致不适当的应用。本文运用形式化方法CSP对REST架构风格进行建模,对其进行全面的解释。我们将体系结构描述划分为三个独立的视图:流程视图、连接器视图和数据视图,每个视图捕获一个体系结构元素和体系结构的相关属性。此外,REST约束可以在我们的模型中描述,并由模型检查器PAT进行验证。此外,我们还重点讨论了无状态约束与资源状态之间的关系,以及统一接口约束与超媒体驱动特性之间的关系。本文还验证了它们的相关性质。
{"title":"Formalization and Verification of REST Architecture in Viewpoints","authors":"Yiting Tang, Xi Wu, Huibiao Zhu, Jian Guo","doi":"10.1109/HASE.2015.37","DOIUrl":"https://doi.org/10.1109/HASE.2015.37","url":null,"abstract":"Representational State Transfer (REST), as a promising software architecture style, has been used in large scale since proposed. However, there still exist considerable confusions about the REST architecture, which may lead to inappropriate application. We apply formal method CSP in modeling the REST architectural style to give a comprehensive explanation of it. We partition the architectural description into three separate views: process view, connector view and data view, each capturing one architectural element and related properties of the architecture. Furthermore, REST constraints can be described in our models and validated by the model checker PAT. Besides, we focus on the relation between the stateless constraint and resource state, as well as the uniform interface constraint and hypermedia-driven property. The related properties of them are also verified in this paper.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"41 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125176964","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
E. V. D. Kouwe, Cristiano Giuffrida, Razvan Ghituletez, A. Tanenbaum
Despite decades of advances in software engineering, operating systems (OSes) are still plagued by crashes due to software faults, calling for techniques to improve OS stability when faults occur. Evaluating such techniques requires a way to compare the stability of different OSes that is both representative of real faults and scales to the large code bases of modern OSes and a large (and statistically sound) number of experiments. In this paper, we propose a widely applicable methodology meeting all such requirements. Our methodology relies on a novel fault injection strategy based on a combination of static and run-time instrumentation, which yields representative software faults while drastically reducing the instrumentation time and thus greatly enhancing scalability. To guarantee unbiased and comparable results, finally, our methodology relies on the use of pre- and post tests to isolate the direct impact of faults from the stability of the OS itself. We demonstrate our methodology by comparing the stability of Linux and MINIX 3, saving a total of 115 computer-days for the 12,000 Linux fault injection runs compared to the traditional approach of re-instrumenting for every run.
{"title":"A Methodology to Efficiently Compare Operating System Stability","authors":"E. V. D. Kouwe, Cristiano Giuffrida, Razvan Ghituletez, A. Tanenbaum","doi":"10.1109/HASE.2015.22","DOIUrl":"https://doi.org/10.1109/HASE.2015.22","url":null,"abstract":"Despite decades of advances in software engineering, operating systems (OSes) are still plagued by crashes due to software faults, calling for techniques to improve OS stability when faults occur. Evaluating such techniques requires a way to compare the stability of different OSes that is both representative of real faults and scales to the large code bases of modern OSes and a large (and statistically sound) number of experiments. In this paper, we propose a widely applicable methodology meeting all such requirements. Our methodology relies on a novel fault injection strategy based on a combination of static and run-time instrumentation, which yields representative software faults while drastically reducing the instrumentation time and thus greatly enhancing scalability. To guarantee unbiased and comparable results, finally, our methodology relies on the use of pre- and post tests to isolate the direct impact of faults from the stability of the OS itself. We demonstrate our methodology by comparing the stability of Linux and MINIX 3, saving a total of 115 computer-days for the 12,000 Linux fault injection runs compared to the traditional approach of re-instrumenting for every run.","PeriodicalId":248645,"journal":{"name":"2015 IEEE 16th International Symposium on High Assurance Systems Engineering","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131177024","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: