The dreaded #ifdef

Eric | October 25, 2012

Today we conducted a little case study on OpenSSL to see how frequently people use #ifdef directives. This word cloud shows the relative distribution. There are currently 391 different flags being used in altogether 1874 #ifdef directives (not counting #ifndef etc.). The most prominent one is __cplusplus, occurring 214 times. I wonder how many people actually understand all their different side effects and combinations and how many combinations are actually being used in actual compiled products…

Frequency of occurrence of different #ifdef directives in OpenSSL as of Oct. 25th, 2012

P.S. Thanks to Kevin Falzon for helping out with this graphic!

Comments
Comments Off on The dreaded #ifdef
Categories
Research

Challenges in defining a programming language for provably correct dynamic analyses

Eric | October 12, 2012

Our work Challenges in defining a programming language for provably correct dynamic analyses, to be presented at ISOLA next week, describes the challenges involved in designing a new programming language that we plan to develop. This new language is at the core of my new project RUNSECURE. The language is meant to target security experts, who can use it to implement enforcement monitors that when applied to a potentially insecure program will automatically secure the program against certain classes of attacks. Read the rest of this entry »

Comments
Comments Off on Challenges in defining a programming language for provably correct dynamic analyses
Categories
Research

C# Implementation of Arithmetic Coder

Eric | October 11, 2012

Quite a while ago, when I was still a student, Malte Clasen, Joachim Kneis and I developed an Arithmetic Coder, written in C++. Brent Scriver has now developed a C# Version on top of it, with some improvements.

Comments
Comments Off on C# Implementation of Arithmetic Coder
Categories
Research

Bret Victor on Programming Languages and Environments

Eric | October 6, 2012

Bret Victor has a great essay on Programming Languages and Environments. For anyone interested in software engineering I think it should be a very useful read. And I would love to see some of those concepts pop up in real-world programming environments! (Although some of them would be hard to efficiently implement, it seems.)

 

Comments
Comments Off on Bret Victor on Programming Languages and Environments
Categories
Research

Now at TSE: Automated API Property Inference Techniques

Eric | October 5, 2012
After roughly two years of lots of work I am happy to announce that TSE has just put online our new survey on Automated API Property Inference Techniques. This is joint work with Martin Robillard, David Kawrykow, Mira Mezini, and Tristan Ratchford. Thanks a lot to everyone who helped us with this work, in particular to Bart Dagenais, Michael Pradel and Thomas Zimmermann. We hope you find this text a valuable compendium.

From the abstract:

Frameworks and libraries offer reusable and customizable functionality through Application Programming Interfaces (APIs). Correctly using large and sophisticated APIs can represent a challenge due to hidden assumptions and requirements. Numerous approaches have been developed to infer properties of APIs, intended to guide their use by developers. With each approach come new definitions of API properties, new techniques for inferring these properties, and new ways to assess their correctness and usefulness. This paper provides a comprehensive survey of over a decade of research on automated property inference for APIs. Our survey provides a synthesis of this complex technical field along different dimensions of analysis: properties inferred, mining techniques, and empirical results. In particular, we derive a classification and organization of over 60 techniques into five different categories based on the type of API property inferred: unordered usage patterns, sequential usage patterns, behavioral specifications, migration mappings, and general information.

Download your copy here.

Comments
Comments Off on Now at TSE: Automated API Property Inference Techniques
Categories
Research

Analyzing and transforming Java and Android programs with Soot

Eric | October 3, 2012

Join us for a day-long hands-on lab

Date: Oct. 23rd 2012, Place: Mornewegstr. 30 / S4|14, Room 3.1.01

If you can, bring your own laptop!

This lab is open to members of CASED and TU Darmstadt. If you wish to attend, sign up here. By signing up you commit to attending! Attendance is free of charge.

Soot is one of the most widely-used frameworks for analyzing and transforming Java programs. Recently it has been extended to further support the analysis and transformation of Dalvik/Android bytecode. This day-long interactive hands-on lab has the goal of teaching attendees the basic principles behind Soot and its design, the major components and how they are used, but also how to extend Soot to implement analyses and transformations that are tailored to the user’s needs. The day will be split in three parts. In Part 1, the instructor will give a presentation on the history and API of Soot. Attendees will be able to follow parts of the presentation through examples on their own laptop. In Part 2, attendees will attempt to implement some example program analyses from scratch, both on the intra-procedural and inter-procedural level. During Part 3 (optional) we will split into smaller groups in which attendees can ask questions about projects they would like to implement on their own. They can then start this implementation under the instructor’s guidance. If you wish to discuss a particular topic, it may be useful to email the instructor in advance.

Comments
Comments Off on Analyzing and transforming Java and Android programs with Soot
Categories
Research

TamiFlex 2.0.1 is out

Eric | September 19, 2012

We just released Version 2.0.1 of TamiFlex. This is a bugfix release, fixing a possible segmentation fault caused by incorrect instrumentation.

Comments
Comments Off on TamiFlex 2.0.1 is out
Categories
Research

Using Soot with custom entry points

Eric | July 26, 2012

When doing whole-program analysis with Soot, you will need to tell Soot what the entry points to your program are. Soot has always supported an option of custom entry points, which comes in handy when analyzing libraries, applets or apps that do not have a “main method”. However, as it turns out there was quite some confusion as to how to use the “custom entry points” feature. Admitted, it is more tricky than it maybe should be. This blog post is meant to clarify some of those issues. The following code shows you how to set a method MyEntryPoint.myMethod as entry point.

Options.v().parse(args);
SootClass c = Scene.v().forceResolve("MyEntryPoint", SootClass.BODIES);
c.setApplicationClass();
Scene.v().loadNecessaryClasses();
SootMethod method = c.getMethodByName("myMethod");
List entryPoints = new ArrayList();
entryPoints.add(method);
Scene.v().setEntryPoints(entryPoints);
PackManager.v().runPacks();

Usually we recommend users to just call Soot’s very own main method after setting up the initial configuration. Note that in this particular case this is not recommended. The problem is that the above code is loading classes, which conflicts with the standard class-loading process that Soot’s main method implements. Instead above we call runPacks which will run all of Soot’s packs in the usual order. At the beginning of the above code, we call parse to parse the command-line arguments given to your driver class, forwarding those to Soot (as usual).

Thanks to Yi Lin, Marc-André Laverdière-Papineau, Phil Pratt-Szeliga and for helping me figure out how to get this work best.

Comments
Comments Off on Using Soot with custom entry points
Categories
Research
Tags
Soot Tutorial

Distinguished Paper Award for paper on RefaFlex

Eric | July 19, 2012

We got the good news last night… The paper RefaFlex: Safer Refactorings for Reflective Java Programs by Andreas Thies from Fernuni Hagen and myself has won an ACM SIGSOFT Distinguished Paper Award. Other awards go to the papers Remedying the Eval that Men Do by Simon Holm Jensen, Peter A. Jonsson, and Anders Møller and Residual Investigation: Predictive and Precise Bug Detection by Kaituo Li, Christoph Reichenbach, Christoph Csallner, and Yannis Smaragdakis. Congrats!

Comments
Comments Off on Distinguished Paper Award for paper on RefaFlex
Categories
Research

DFG funds new Emmy Noether Group “RUNSECURE”

Eric | July 9, 2012

RUNSECURE is the acronym for a new research project on Provably secure program executions through declaratively defined dynamic program analyses, which the DFG is now funding for up to five years through its prestigious Emmy Noether Fellowship program. As the DFG writes, “The Emmy Noether Program supports young researchers in achieving independence at an early stage of their scientific careers. Young postdocs gain the qualifications required for a university teaching career during a DFG-funded period, usually lasting five years, in which they lead their own independent junior research group. As a rule, researchers who have acquired between two and four years of postdoctoral research experience are eligible to apply. Applicants must have international research experience.”

Project RUNSECURE

Modern software systems are rich in functionality but also prone to bugs and vulnerabilities that threaten the security and privacy of users and their data. In the past years, researchers have made significant progress in the static analysis of such systems, which allows developers to recognize and remove programming errors prior to deployment. Many vulnerabilities, however, can only be recognized as a piece of software executes, last but not least because also malicious attackers can use static-analysis tools to craft exploits in such a way that they circumvent static detection. A truly secure execution environment must therefore combine static analyses with just-in-time runtime analyses.

The project RUNSECURE will develop methods, techniques and tools that will allow software developers to reliably detect and security vulnerabilities and prevent them from being exploited. No matter how much an exploit tries to conceal its malicious intent, it can always be recognized when it is about to execute. At this point in time, one must be sure, however, that the executing exploit can be recognized and prevented from succeeding. To this end, the project will develop a novel programming language that allows developers to define dynamic program analyses and security monitors in a highly declarative manner. Analyses defined that way are then amenable to highly efficient automatic code generation and can easily be proven correct, due to their high level of abstraction.

This project is initially funded for three years, with possible extension up to five years. Thanks to everyone who supported my application!

Press Coverage

Comments
Comments Off on DFG funds new Emmy Noether Group “RUNSECURE”
Categories
Research