Prof. Dr. Eric Bodden

Another paper to appear at the New Ideas track of ESEC/FSE:

While aspect-oriented programming supports the modular definition of crosscutting concerns, most approaches to aspect-oriented programming fail to improve, or even preserve, modular reasoning. The main problem is that aspects usually carry, through their pointcuts, explicit references to the base code. These dependencies make programs fragile. Changes in the base code can unwittingly break a pointcut definition, rendering the aspect ineffective or causing spurious matches. Conversely, a change in a pointcut definition may cause parts of the base code to be advised without notice. Therefore separate development of aspect-oriented programs is largely compromised, which in turns seriously hinders the adoption of aspect-oriented programming by practitioners.

We propose to separate base code and aspects using Join Point Interfaces, which are contracts between aspects and base code. Base code can define pointcuts that expose selected join points through a Join Point Interface. Conversely, an aspect can offer to advise join points that provide a given Join Point Interface. Crucially, however, aspect themselves cannot contain pointcuts, and hence cannot refer to base code elements. In addition, because a given join point can provide several Join Point Interfaces, and Join Point Interfaces can be organized in a subtype hierarchy, our approach supports join point polymorphism. We describe a novel advice dispatch mechanism that offers a flexible and type-safe approach to aspect reuse.

This is joint work with Milton Inostroza and Éric Tanter from the Pleiad group.

Download the paper here.

The Center for Advanced Security Research Darmstadt (CASED) has won another 13.4MEUR funding to continue its research on IT-Security related topics. Click here to read more (German)

Accepted for publication at WODA 2011:

Dynamic analyses reason about a program’s concrete heap and control flow and hence can report on actual program behavior with high or even perfect accuracy. But many dynamic analyses require extensive program instrumentation, often slowing down the analyzed program considerably.
In the past, researchers have hence developed specialized static optimizations that can prove instrumentation for a special analysis unnecessary at many program locations: the analysis can safely omit monitoring these locations, as their monitoring would not change the analysis results. Arguing about the correctness of such optimizations is hard, however, and ad-hoc approaches have lead to mistakes in the past.
In this paper we present a correctness criterion called Continuation Equivalence, which allows researchers to prove static optimizations of dynamic analyses correct more easily. The criterion demands that an optimization may alter instrumentation at a program site only if the altered instrumentation produces a dynamic analysis configuration equivalent to the configuration of the un-altered program with respect to all possible continuations of the control flow.
In previous work, we have used a notion of continuation-equivalent states to prove the correctness of static optimization for finite-state runtime monitors. With this work, we propose to generalize the idea to general dynamic analyses.

I am happy to let you all know that the submission deadline for RV 2011 has been extended by another week. The new deadline is June 12th.

I have just put my slides for the ICSE 2011 talk on TamiFlex online. Download them here in Keynote or PDF format (large!).

Aloha! Today I felt very honored to be part of a honorary “Festschrift” event for Lee Osterweil. My talk was part of a session headed by Matt Dwyer, focusing on offsprings from Lee’s early work on typestate analysis. You can find my slides here in Keynote format (PDF here, large!).