Refining interprocedural change-impact analysis using equivalence relations

Gyori, Alex; Lahiri, Shuvendu K.; Partush, Nimrod

doi:10.1145/3092703.3092719

Cited by 16 publications

(10 citation statements)

References 50 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Jackson and Ladd [14] describe an approach based on dependencies between input and output variables, but do not offer formal proofs. Gyori et al [13] took steps beyond concrete refinement, using equivalence relations, similar to those of Benton, for dataflow-based change impact analysis. Other works.…”

Section: Related Workmentioning

confidence: 99%

“…Researchers and practitioners are increasingly aware that verification tools can be impactful if they embrace change through analyses that are compositional and span program versions. Reasoning about similarities and differences between programs goes back to Benton [7], who introduced state-based refinement relations, which were extended by Yang [36] and others [13,34]. However, to our knowledge, refinement relations have not been explored for traces: existing techniques, including bisimulation, cannot capture similarities/differences between how two programs behave over time.We present a novel theory that allows one to perform compositional reasoning about the similarities/differences between how fragments of two different programs behave over time through the use of what we call trace-refinement relations.…”

mentioning

confidence: 99%

See 1 more Smart Citation

Specification and inference of trace refinement relations

Antonopoulos

Koskinen

2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

Modern software is constantly changing. Researchers and practitioners are increasingly aware that verification tools can be impactful if they embrace change through analyses that are compositional and span program versions. Reasoning about similarities and differences between programs goes back to Benton [7], who introduced state-based refinement relations, which were extended by Yang [36] and others [13,34]. However, to our knowledge, refinement relations have not been explored for traces: existing techniques, including bisimulation, cannot capture similarities/differences between how two programs behave over time.We present a novel theory that allows one to perform compositional reasoning about the similarities/differences between how fragments of two different programs behave over time through the use of what we call trace-refinement relations. We take a reactive view of programs and found Kleene Algebra with Tests (KAT) [17] to be a natural choice to describe traces since it permits algebraic reasoning and has built-in composition. Our theory involves a two-step semantic abstraction from programs to KAT, and then our trace refinement relations correlate behaviors by (i) categorizing program behaviors into trace classes through KAT intersection and (ii) correlating atomic events/conditions across programs with KAT hypotheses. We next describe a synthesis algorithm that iteratively constructs trace-refinement relations between two programs by exploring sub-partitions of their traces, iteratively abstracting them as KAT expressions, discovering relationships through a custom edit-distance algorithm, and applying strategies (i) and (ii) above. We have implemented this algorithm as Knotical, the first tool capable of synthesizing trace-refinement relations. It built from the ground up in OCaml, using Interproc [1] and Symkat [2]. We have demonstrated that useful relations can be efficiently generated across a suite of 37 benchmarks that include changing fragments of array programs, systems code, and web servers.

show abstract

Section: Related Workmentioning

confidence: 99%

mentioning

confidence: 99%

Specification and inference of trace refinement relations

Antonopoulos

Koskinen

2019

Proc. ACM Program. Lang.

View full text Add to dashboard Cite

show abstract

“…Our approach has some similarities to other problems related to tainting [19]. In particular, Change-Impact Analysis is the problem of determining what parts of a program are affected due to a change.…”

Section: Related Workmentioning

confidence: 99%

“…Intuitively, it can be seen as a form of taint analysis, where the change is treated as taint. To solve this, Gyori et al [19] propose a combination of an imprecise type-based approach with a precise semantics-preserving approach. The latter considers the program before and after the change and finds relational equivalences between the two ver-sions.…”

Section: Related Workmentioning

confidence: 99%

Lazy Self-composition for Security Verification

Yang

Vizel

Subramanyan

et al. 2018

Lecture Notes in Computer Science

View full text Add to dashboard Cite

The secure information flow problem, which checks whether low-security outputs of a program are influenced by high-security inputs, has many applications in verifying security properties in programs. In this paper we present lazy self-composition, an approach for verifying secure information flow. It is based on self-composition, where two copies of a program are created on which a safety property is checked. However, rather than an eager duplication of the given program, it uses duplication lazily to reduce the cost of verification. This lazy self-composition is guided by an interplay between symbolic taint analysis on an abstract (single copy) model and safety verification on a refined (two copy) model. We propose two verification methods based on lazy self-composition. The first is a CEGAR-style procedure, where the abstract model associated with taint analysis is refined, on demand, by using a model generated by lazy self-composition. The second is a method based on bounded model checking, where taint queries are generated dynamically during program unrolling to guide lazy self-composition and to conclude an adequate bound for correctness. We have implemented these methods on top of the SeaHorn verification platform and our evaluations show the effectiveness of lazy self-composition.

show abstract

“…A set of software metrics, for example, the C&K metric suite, is used to identify dependencies [2]. The dynamic techniques are based on the total number of distinct messages sent at runtime, method invocations, and aggregation relationships [3–5]. Static code attributes identify the most change prone classes, but not the classes that are most vulnerable to change ripples.…”

Section: Introductionmentioning

confidence: 99%

Predicting co‐change probability in software applications using historical metadata

Agrawal

Singh

2020

IET softw.

View full text Add to dashboard Cite

It is quite challenging to track the after‐effects of changes with increased dependencies among classes while making a change in software applications. Software change impact analysis aims to identify classes affected by a change in software applications. In recent years, researchers have found that revision history has great potential for identifying evolutionary coupling. The two main factors affecting the prediction results are the length and the age of change history considered for deriving dependencies. The effect of age of change history on co‐change prediction results in software applications is empirically studied by varying the weightage of change commits. The results indicate that the older commits have less influence in deriving dependent classes than the newer ones. The proposed approach is useful for software effort estimation and identifying dependencies during the software development, testing, and maintenance phase.

show abstract

Refining interprocedural change-impact analysis using equivalence relations

Cited by 16 publications

References 50 publications

Specification and inference of trace refinement relations

Specification and inference of trace refinement relations

Lazy Self-composition for Security Verification

Predicting co‐change probability in software applications using historical metadata

Contact Info

Product

Resources

About