Pub Date : 2020-12-01DOI: 10.1109/QRS-C51114.2020.00054
Pu Wang, Zhiyi Zhang, Yuqian Zhou, Zhiqiu Huang
Image recognition software has been widely used in many vital areas, so it needs to be thoroughly tested with images as test data. However, for some special areas, such as medical treatment, there are only a few sufficient and credible test data. Some test data still depends on the training data, which results in the defect detection ability of the testing is not high. In this paper, we propose a new test data augmentation approach with combing domain knowledge and data mutation. Given an image, our approach extracts the features of the recognition targets in this image based on domain knowledge, then mutates these features to generate new images. In theory, our approach could generate high-quality test data, which helps testing image recognition software adequately, and improving the accuracy of image recognition software.
{"title":"Test Data Augmentation for Image Recognition Software","authors":"Pu Wang, Zhiyi Zhang, Yuqian Zhou, Zhiqiu Huang","doi":"10.1109/QRS-C51114.2020.00054","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00054","url":null,"abstract":"Image recognition software has been widely used in many vital areas, so it needs to be thoroughly tested with images as test data. However, for some special areas, such as medical treatment, there are only a few sufficient and credible test data. Some test data still depends on the training data, which results in the defect detection ability of the testing is not high. In this paper, we propose a new test data augmentation approach with combing domain knowledge and data mutation. Given an image, our approach extracts the features of the recognition targets in this image based on domain knowledge, then mutates these features to generate new images. In theory, our approach could generate high-quality test data, which helps testing image recognition software adequately, and improving the accuracy of image recognition software.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123249006","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/QRS-C51114.2020.00050
Rui Wang, Yong Guan, Xiaojuan Li, Rui Zhang
Cyber physical system (CPS) is a multi-dimensional complicated system integrating computing, communication and physical environment. CPS is widely used in safety-critical areas such as aerospace, intelligent transportation and medical equipment. So ensuring the security and reliability of CPS is of great significance. Formal verification is one of the useful ways. This paper builds timed automata models for the communication process of CAN bus used in CPS. Our research especially analyses the gateway in the communication process, and simulates the transmission with different rates between the external environment and internal unit. The task also takes into account the packet transmission priority. The model checking tool Uppaal is used to verify the functional and real-time properties. The verification results illustrate that the established model can meet the relevant properties, and the packet can be transmitted in an orderly and efficient manner.
{"title":"Formal Verification of CAN Bus in Cyber Physical System","authors":"Rui Wang, Yong Guan, Xiaojuan Li, Rui Zhang","doi":"10.1109/QRS-C51114.2020.00050","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00050","url":null,"abstract":"Cyber physical system (CPS) is a multi-dimensional complicated system integrating computing, communication and physical environment. CPS is widely used in safety-critical areas such as aerospace, intelligent transportation and medical equipment. So ensuring the security and reliability of CPS is of great significance. Formal verification is one of the useful ways. This paper builds timed automata models for the communication process of CAN bus used in CPS. Our research especially analyses the gateway in the communication process, and simulates the transmission with different rates between the external environment and internal unit. The task also takes into account the packet transmission priority. The model checking tool Uppaal is used to verify the functional and real-time properties. The verification results illustrate that the established model can meet the relevant properties, and the packet can be transmitted in an orderly and efficient manner.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121810357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/QRS-C51114.2020.00091
Philip Makedonski, Ilie-Daniel Gheorghe-Pop, A. Rennoch, F. Kristoffersen, Bostjan Pintar, A. Ulrich
This article reports on experiences from the use of the ETSI Test Description Language (TDL) and its extension for structured test objective specification (TDL-TO) for the definition of functional and non-functional test purposes in the Internet of Things (IoT) domain. The experiences are based on results from different working groups at ETSI TC MTS and the ETSI Specialist Task Force (STF) 574, focusing on the definition of test purposes for functional, security, and performance testing of the CoAP and MQTT protocols as well as VxLTeinteroperability testing.
{"title":"Using TDL for Standardised Test Purpose Definitions","authors":"Philip Makedonski, Ilie-Daniel Gheorghe-Pop, A. Rennoch, F. Kristoffersen, Bostjan Pintar, A. Ulrich","doi":"10.1109/QRS-C51114.2020.00091","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00091","url":null,"abstract":"This article reports on experiences from the use of the ETSI Test Description Language (TDL) and its extension for structured test objective specification (TDL-TO) for the definition of functional and non-functional test purposes in the Internet of Things (IoT) domain. The experiences are based on results from different working groups at ETSI TC MTS and the ETSI Specialist Task Force (STF) 574, focusing on the definition of test purposes for functional, security, and performance testing of the CoAP and MQTT protocols as well as VxLTeinteroperability testing.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133310299","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/QRS-C51114.2020.00117
Jiaxin Liu, Wei Dong, Binbin Liu, Yating Zhang, Daiyan Wang
This paper presents the ongoing work of studying the iterative program synthesis based on knowledge searched from the Internet, which can fairly reduce the scale of program space and improve the efficiency of synthesis. First, we implement a tool named Args(api Recommendation via General Search) to obtain the API knowledge from the Internet. Second, we propose an iterative method that incrementally constructs the program space to quickly approach the target program. The initial experimental result shows the effectiveness of our work.
本文介绍了基于互联网知识搜索的迭代程序综合的研究工作,该方法可以较好地减小程序空间的规模,提高综合效率。首先,我们实现了一个名为Args(api Recommendation via General Search)的工具,从互联网上获取api知识。其次,我们提出了一种迭代方法,增量构建程序空间以快速接近目标程序。初步的实验结果表明了我们工作的有效性。
{"title":"Effective Iterative Program Synthesis with Knowledge Searched from Internet","authors":"Jiaxin Liu, Wei Dong, Binbin Liu, Yating Zhang, Daiyan Wang","doi":"10.1109/QRS-C51114.2020.00117","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00117","url":null,"abstract":"This paper presents the ongoing work of studying the iterative program synthesis based on knowledge searched from the Internet, which can fairly reduce the scale of program space and improve the efficiency of synthesis. First, we implement a tool named Args(api Recommendation via General Search) to obtain the API knowledge from the Internet. Second, we propose an iterative method that incrementally constructs the program space to quickly approach the target program. The initial experimental result shows the effectiveness of our work.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134272031","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ahstract-Points-to analysis is a fundamental, but computationally intensive technique for static program analysis, optimization, debugging and verification. Context-Free Language (CFL) reachability has been proposed and widely used in demand-driven points-to analyses that aims for computing specific points-to relations on demand rather than all variables in the program. However, CFL-reachability-based points-to analysis still faces challenges when applied in practice especially for flow-sensitive points-to analysis, which aims at improving the precision of points-to analysis by taking account of the execution order of program statements. We propose a scalable approach named Parseeker to parallelize flow-sensitive demand-driven points-to analysis via CFL-reachability in order to improve the performance of points-to analysis with high precision. Our core insights are to (1) produce and process a set of fine-grained, parallelizable queries of points-to relations for the objective program, and (2) take a CFL-reachability-based points-to analysis to answer each query. The MapReduce is used to parallelize the queries and three optimization strategies are designed for further enhancing the efficiency.
{"title":"Parallelizing Flow-Sensitive Demand-Driven Points-to Analysis","authors":"Haibo Yu, Qiang Sun, Kejun Xiao, Yuting Chen, Tsunenori Mine, Jianjun Zhao","doi":"10.1109/QRS-C51114.2020.00026","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00026","url":null,"abstract":"Ahstract-Points-to analysis is a fundamental, but computationally intensive technique for static program analysis, optimization, debugging and verification. Context-Free Language (CFL) reachability has been proposed and widely used in demand-driven points-to analyses that aims for computing specific points-to relations on demand rather than all variables in the program. However, CFL-reachability-based points-to analysis still faces challenges when applied in practice especially for flow-sensitive points-to analysis, which aims at improving the precision of points-to analysis by taking account of the execution order of program statements. We propose a scalable approach named Parseeker to parallelize flow-sensitive demand-driven points-to analysis via CFL-reachability in order to improve the performance of points-to analysis with high precision. Our core insights are to (1) produce and process a set of fine-grained, parallelizable queries of points-to relations for the objective program, and (2) take a CFL-reachability-based points-to analysis to answer each query. The MapReduce is used to parallelize the queries and three optimization strategies are designed for further enhancing the efficiency.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"90 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115787443","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/QRS-C51114.2020.00018
Peng Wu, Liangze Yin, Xiang Du, Liyuan Jia, Wei Dong
With the development of open source software and open source community, there are more available codes on the Internet. And the open vulnerability information can be found on the Internet. In fact, using known vulnerabilities to calculate the similarity with the source code has been demonstrated a useful method to detect vulnerabilities. But the vulnerabilities often have many irrelevant codes, which may cause false positives and reduce the accuracy of vulnerability detection. Besides, the program code may have been patched. This also leads to false positives. We use code property graphs to extract source code and calculate the similarity between the vulnerable code and the source code to judge whether the software has vulnerabilities. By using the patched code, we can reduce the false positive. We use our approach on LibTIFF and Linux kernel. The experimental results show that the approach can effectively find vulnerabilities and reduce the false positive.
{"title":"Graph-based Vulnerability Detection via Extracting Features from Sliced Code","authors":"Peng Wu, Liangze Yin, Xiang Du, Liyuan Jia, Wei Dong","doi":"10.1109/QRS-C51114.2020.00018","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00018","url":null,"abstract":"With the development of open source software and open source community, there are more available codes on the Internet. And the open vulnerability information can be found on the Internet. In fact, using known vulnerabilities to calculate the similarity with the source code has been demonstrated a useful method to detect vulnerabilities. But the vulnerabilities often have many irrelevant codes, which may cause false positives and reduce the accuracy of vulnerability detection. Besides, the program code may have been patched. This also leads to false positives. We use code property graphs to extract source code and calculate the similarity between the vulnerable code and the source code to judge whether the software has vulnerabilities. By using the patched code, we can reduce the false positive. We use our approach on LibTIFF and Linux kernel. The experimental results show that the approach can effectively find vulnerabilities and reduce the false positive.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123413403","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/QRS-C51114.2020.00047
Renzhi Tang, Zhihao Jiang
Vision is the primary way to perceive the environment during driving. However, due to its low spatial and temporal resolution, a driver may fail to perceive agents on the road, which may lead to collisions. Modern vehicles are equipped with sensors that can better perceive the driving environment, as well as ADAS to provide driving assist. However, ADAS does not consider the driver's perception, which may result in unnecessary warnings or actions against the driver's will. These false-positives may cause distractions and confusions in complex driving scenarios, which pose safety threat. In this project, we proposed a driving assist system which can reduce the number of unnecessary warnings by taking into account the driver's perception of the driving environment. The driver's perception model combines estimation of driving environment update and driver's observation. The driver's observation is obtained from gaze tracking and the driving environment update is estimated based on the last observation. In this paper, we formulated inference problem on the driver's perception, and developed a virtual driving simulator to evaluate the feasibility of the system.
{"title":"Driver's Perception Model in Driving Assist","authors":"Renzhi Tang, Zhihao Jiang","doi":"10.1109/QRS-C51114.2020.00047","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00047","url":null,"abstract":"Vision is the primary way to perceive the environment during driving. However, due to its low spatial and temporal resolution, a driver may fail to perceive agents on the road, which may lead to collisions. Modern vehicles are equipped with sensors that can better perceive the driving environment, as well as ADAS to provide driving assist. However, ADAS does not consider the driver's perception, which may result in unnecessary warnings or actions against the driver's will. These false-positives may cause distractions and confusions in complex driving scenarios, which pose safety threat. In this project, we proposed a driving assist system which can reduce the number of unnecessary warnings by taking into account the driver's perception of the driving environment. The driver's perception model combines estimation of driving environment update and driver's observation. The driver's observation is obtained from gaze tracking and the driving environment update is estimated based on the last observation. In this paper, we formulated inference problem on the driver's perception, and developed a virtual driving simulator to evaluate the feasibility of the system.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129645841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/QRS-C51114.2020.00044
Mengqi Luo, Fengchang Yu, Haihua Chen
Clinical case reports are the ‘eyewitness’ in biomedical literature and provide a valuable, unique, albeit noisy and underutilized type of evidence. Main finding is the reason for writing up the reports. Main finding based case reports retrieval provides way for user to conveniently access information of eyewitness evidence. However, user retrieval requirements are often ambiguous and diverse, traditional similarity based retrieval mechanism cannot meet different needs of users. Here, we conduct research of result diversification in case reports retrieval based on main finding. First, four similarity measurements for comparing main finding contents are used for initial result ranking; second, two implicit reranking algorithms and two explicit reranking algorithms are applied for result diversification. Experimental result showed that the methods we used had improved sub-topics coverage rate (CR@ X%) in re-ranking result, which proved the effectiveness of our research work for improving result diversification degree.
{"title":"Result Diversification in Clinical Case Reports Retrieval based on Main Finding","authors":"Mengqi Luo, Fengchang Yu, Haihua Chen","doi":"10.1109/QRS-C51114.2020.00044","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00044","url":null,"abstract":"Clinical case reports are the ‘eyewitness’ in biomedical literature and provide a valuable, unique, albeit noisy and underutilized type of evidence. Main finding is the reason for writing up the reports. Main finding based case reports retrieval provides way for user to conveniently access information of eyewitness evidence. However, user retrieval requirements are often ambiguous and diverse, traditional similarity based retrieval mechanism cannot meet different needs of users. Here, we conduct research of result diversification in case reports retrieval based on main finding. First, four similarity measurements for comparing main finding contents are used for initial result ranking; second, two implicit reranking algorithms and two explicit reranking algorithms are applied for result diversification. Experimental result showed that the methods we used had improved sub-topics coverage rate (CR@ X%) in re-ranking result, which proved the effectiveness of our research work for improving result diversification degree.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130584845","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-12-01DOI: 10.1109/QRS-C51114.2020.00035
Dongcheng Li, W. E. Wong, Man Zhao, Qiang Hou
Computerized systems and software, which allow optimizing and planning the processes of production, storage, transportation, sale, and distribution of goods, have emerged in the industry. Scheduling systems, in particular, are designed to control and optimize the manufacturing process. This tool can have a significant effect on the productivity of the industry because it reduces the time and cost through well-defined optimization algorithms. Recently, the applicability of blockchain technology has been demonstrated in scheduling systems to add decentralization, traceability, au-ditability, and verifiability of the immutable information that this technology provides. This is a novel contribution that provides scheduling systems with an additional layer of security. With the latest version of Hyperledger Fabric, the appropriate levels of permission and policies for access to information can be established with significant levels of privacy and security, which prevent malicious actors from trying to cheat or abuse the system. Different alternatives exist to manage all processes associated with the operation of a blockchain network, and among them, providers of blockchain as a service have emerged. Chainstack stands out for its simplicity and scalability features to deploy and operate a blockchain network. Our goal in this work is to create a solution for secure storage of and access to task-scheduling scheme on the consortium blockchain and inter-planetary file system as a proof of concept to demonstrate its potential and usability.
{"title":"Secure Storage and Access for Task-Scheduling Schemes on Consortium Blockchain and Interplanetary File System","authors":"Dongcheng Li, W. E. Wong, Man Zhao, Qiang Hou","doi":"10.1109/QRS-C51114.2020.00035","DOIUrl":"https://doi.org/10.1109/QRS-C51114.2020.00035","url":null,"abstract":"Computerized systems and software, which allow optimizing and planning the processes of production, storage, transportation, sale, and distribution of goods, have emerged in the industry. Scheduling systems, in particular, are designed to control and optimize the manufacturing process. This tool can have a significant effect on the productivity of the industry because it reduces the time and cost through well-defined optimization algorithms. Recently, the applicability of blockchain technology has been demonstrated in scheduling systems to add decentralization, traceability, au-ditability, and verifiability of the immutable information that this technology provides. This is a novel contribution that provides scheduling systems with an additional layer of security. With the latest version of Hyperledger Fabric, the appropriate levels of permission and policies for access to information can be established with significant levels of privacy and security, which prevent malicious actors from trying to cheat or abuse the system. Different alternatives exist to manage all processes associated with the operation of a blockchain network, and among them, providers of blockchain as a service have emerged. Chainstack stands out for its simplicity and scalability features to deploy and operate a blockchain network. Our goal in this work is to create a solution for secure storage of and access to task-scheduling scheme on the consortium blockchain and inter-planetary file system as a proof of concept to demonstrate its potential and usability.","PeriodicalId":358174,"journal":{"name":"2020 IEEE 20th International Conference on Software Quality, Reliability and Security Companion (QRS-C)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130936204","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: