Filters








80,469 Hits in 5.9 sec

Specification and Checking of Software Contracts for Conditional Information Flow [chapter]

Torben Amtoft, John Hatcliff, Edwin Rodríguez, Robby, Jonathan Hoag, David Greve
2010 Design and Verification of Microprocessor Systems for High-Assurance Applications  
, inferring, and compositional checking of conditional information flow contracts.  ...  Motivated by the need to better formally specify and certify MILS applications in industrial contexts, we present an enhancement of the SPARK information flow annotation language that enables specification  ...  One of the primary motivating factors for the use of SPARK is that it includes annotations (formal contracts for procedure interfaces) for specifying and checking information flow [11] .  ... 
doi:10.1007/978-1-4419-1539-9_12 fatcat:dqlvns7k5nhcbntvmwepwerh5q

Specification and Checking of Software Contracts for Conditional Information Flow [chapter]

Torben Amtoft, John Hatcliff, Edwin Rodríguez, Robby, Jonathan Hoag, David Greve
Lecture Notes in Computer Science  
, inferring, and compositional checking of conditional information flow contracts.  ...  Motivated by the need to better formally specify and certify MILS applications in industrial contexts, we present an enhancement of the SPARK information flow annotation language that enables specification  ...  One of the primary motivating factors for the use of SPARK is that it includes annotations (formal contracts for procedure interfaces) for specifying and checking information flow [11] .  ... 
doi:10.1007/978-3-540-68237-0_17 dblp:conf/fm/AmtoftHRRHG08 fatcat:ky2odg7wabbkfdx66jukwoueeu

Interface contract enforcement for improvement of computational quality of service (CQoS) for scientific components

Li Li, Tamara L. Dahlgren, Lois Curfman McInnes, Boyana Norris
2009 Proceedings of the 2009 Workshop on Component-Based High Performance Computing - CBHPC '09  
This paper describes recent investigations into improving the quality and performance of component-based scientific software.  ...  Interface contracts have proven to be helpful for ensuring correct usage.  ...  Department of Energy, under Contracts DE-AC02-06CH11357 and DE-AC52-07NA27344.  ... 
doi:10.1145/1687774.1687783 fatcat:zwcka65c65blnodus3shjvpt64

AC-Contract: Run-Time Verification of Context-Aware Applications

Marina Mongiello, Patrizio Pelliccione, Massimo Sciancalepore
2015 2015 IEEE/ACM 10th International Symposium on Software Engineering for Adaptive and Self-Managing Systems  
pre and post conditions of the contract Contract checker Check Adaptable pattern Core Part Adaptable part FRAME Pre-conditions Post-conditions Adaptation manager Drive Adaptation  ...  pattern according to states/events in loc prop • Implementation of contract verification on Android platform • Use of android Intents to manage events pre and post conditions.  ... 
doi:10.1109/seams.2015.11 dblp:conf/icse/MongielloPS15 fatcat:2vetozuo65b55aobgahdrbo67q

A Systematic Judgement to Automated Programming Contracts Generation

2019 International journal of recent technology and engineering  
The intent of this paper is a concise study of prevalent approaches in the generation of contracts and to put forward an approach to derive programming rules for real-time concurrent Java source code automatically  ...  These rules can then be utilized for software Verification.  ...  Correctness may not hold for condition checking of state of an object outside the scope of selected implementation classes for contract extraction. 2.  ... 
doi:10.35940/ijrte.b1116.0782s319 fatcat:3topljxo6vgv7ouauq4mrqotae

Unification of verification and validation methods for software systems: progress report and initial case study formulation

J.C. Browne, C. Lin, K. Kane, Yoonsik Cheon, P. Teller
2006 Proceedings 20th IEEE International Parallel & Distributed Processing Symposium  
This paper presents initial research on unification of methods for verification and validation (V&V)of software systems. The synergism among methods for V&V are described.  ...  The initial steps of a case study of application of the unified approach to V&V is sketched including definition of the problem domain, the approach and some details of a property specification language  ...  Additionally, there are specifications for information flow, which are sometimes called security policies, and the design and implementation of these security policies also must be verified and validated  ... 
doi:10.1109/ipdps.2006.1639582 dblp:conf/ipps/BrowneLKCT06 fatcat:dhgbuo5xlbdb5dxifdszcmkt74

Open framework for conformance testing via scenarios

Dave Arnold, Jean-Pierre Corriveau, Vojislav Radonjic
2007 Companion to the 22nd ACM SIGPLAN conference on Object oriented programming systems and applications companion - OOPSLA '07  
Scenarios are vital for the specification of software systems. We are developing an open framework for the specification, execution, and conformance evaluation of scenarios.  ...  The scenarios define a contract which is bound to an implementation under test. The scenarios are executed by our framework to ensure conformance against the contract.  ...  ACL is closely tied to requirements, and has constructs for the specification of goals, beliefs [6] , scenarios, and several lower-level constructs, such as pre and post-conditions [4] .  ... 
doi:10.1145/1297846.1297882 dblp:conf/oopsla/ArnoldCR07 fatcat:6wcfl2ojobchne5plh36ch2l7a

Provable Protection against Web Application Vulnerabilities Related to Session Data Dependencies

L. Desmet, P. Verbaeten, W. Joosen, F. Piessens
2008 IEEE Transactions on Software Engineering  
The design of countermeasures that detect or prevent such vulnerabilities or protect against their exploitation is an important research challenge for the fields of software engineering and security engineering  ...  We show that the annotation overhead is very small, that the performance of the fully automatic static verification is acceptable, and that the performance overhead of the runtime checking is limited.  ...  ACKNOWLEDGMENT The authors would like to thank Wolfram Schulte (from Microsoft Research), Bart Jacobs, Adriaan Moors, and Jan Smans (from the Katholieke Universiteit Leuven) for their useful comments and  ... 
doi:10.1109/tse.2007.70742 fatcat:dkw3scuvqjhajh3xvs7tj44uou

Formal Software Analysis Emerging Trends in Software Model Checking

Matthew B. Dwyer, John Hatcliff, Robby Robby, Corina S. Pasareanu, Willem Visser
2007 Future of Software Engineering (FOSE '07)  
Future of Software Engineering(FOSE'07) 0-7695-2829-5/07 $20.00 Abstract The study of methodologies and techniques to produce correct software has been active for four decades.  ...  His interests cover a wide range of topics in software dependability including: specification methods, static analysis and verification, run-time monitoring and testing.  ...  The design-by-contract paradigm [60] leverages contracts, i.e. user annotations in the form of pre-, post-and invariant conditions, to reason about software in a modular way.  ... 
doi:10.1109/fose.2007.6 dblp:conf/icse/DwyerHRPV07 fatcat:ucvmmm75kjbyxluplh5z3y3x4q

State-Based Security Policy Enforcement in Component-Based E-Commerce Applications [chapter]

Peter Herrmann, Lars Wiebusch, Heiko Krumm
2003 IFIP Advances in Information and Communication Technology  
The wrapper of a component monitors the component behavior at its interfaces and checks its compliance with the security behavior constraints of the component's employment contract.  ...  Software component technology supports the cost-effective development of ecommerce applications but also introduces special security problems.  ...  Thus, one has to check that the program complies to the additional information used for verification. Here, the concept of generic software wrappers proves helpful.  ... 
doi:10.1007/978-0-387-35617-4_13 fatcat:iqlhcz4cqrej7k3zdhx5nem7wm

Leveraging software architectures to guide and verify the development of sense/compute/control applications

Damien Cassou, Emilie Balland, Charles Consel, Julia Lawall
2011 Proceeding of the 33rd international conference on Software engineering - ICSE '11  
We introduce a notion of interaction contract that expresses allowed interactions between components, describing both data and control-flow constraints.  ...  A software architecture describes the structure of a computing system by specifying software components and their interactions.  ...  RELATED WORK Our work is related to software architectures, formalisms for interaction specifications, and model-driven development.  ... 
doi:10.1145/1985793.1985852 dblp:conf/icse/CassouBCL11 fatcat:esno54er25axvns7y3jdp4gipi

Converting Specifications in a Subset of Object-Z to Skeletal Spec# Code for both Static and Dynamic Analysis

Xiufeng Ni, Cui Zhang
2008 Journal of Object Technology  
Construction of correctness is an essential issue for the implementation of a reliable software system.  ...  This tool aims at facilitating the refinement from formal specifications to Spec# and the full usage of the static and dynamic analysis techniques in Spec#.  ...  Flow analysis includes control flow analysis, dataflow analysis, and information flow analysis. There are few tools available for automated or semi-automated static verification.  ... 
doi:10.5381/jot.2008.7.8.a6 fatcat:fp3lgqa7m5dpbktgpee7cfkedi

Leveraging Software Architectures to Guide and Verify the Development of Sense/Compute/Control Applications [article]

Damien Cassou, Emilie Balland, Charles Consel (INRIA Bordeaux - Sud-Ouest, ENSEIRB), Julia Lawall
2011 arXiv   pre-print
We introduce a notion of behavioral contract that expresses the set of allowed interactions between components, describing both data and control-flow constraints.  ...  A software architecture describes the structure of a computing system by specifying software components and their interactions.  ...  RELATED WORK Our work is related to software architectures, formalisms for interaction specifications, and model-driven development.  ... 
arXiv:1109.2807v1 fatcat:setdghlyfjfz5bilmxte6qpm44

Trust-Based Monitoring of Component-Structured Software

P. Herrmann, H. Krumm
2004 PIK - Praxis der Informationsverarbeitung und Kommunikation  
We introduce the layout and functionality of the wrappers and outline the formal security specifications which can be easily derived from a set of specification patterns.  ...  A so-called security wrapper monitors the events passing the interface of a component and checks them for compliance with formally specified security policies guaranteeing a benevolent behavior of the  ...  Examples are the Touchstone Compiler [Necu98] , the Efficient Code Certification [Koze98] as well as approaches for type checking [TMC+96, MWCG98] and information flow analysis [FSBJ97, MyLi98, Myer99  ... 
doi:10.1515/piko.2004.237 fatcat:ot2opgrsdrhv5lwtz56zva3aju

Checking Security Compliance between Models and Code [article]

Katja Tuma and Sven Peldszus and Daniel Strüber and Riccardo Scandariato and Jan Jürjens
2021 arXiv   pre-print
This work introduces the first semi-automatic technique for secure data flow compliance checks between design models and code.  ...  Further, the two developed types of security compliance checks are relatively precise (average precision is 79.6% and 100%), but may still overlook some implemented information flows (average recall is  ...  This paper reflects only the author's view and the Commission is not responsible for any use that may be made of the information contained therein.  ... 
arXiv:2108.08579v2 fatcat:7e3lkst5ejffvaeevnihv3mweu
« Previous Showing results 1 — 15 out of 80,469 results