You are here
Search results
(1 - 6 of 6)
- Title
- A three-pronged approach towards improving the development of safety-critical software systems
- Creator
- Christensen, Amy C. (Amy Chere)
- Date
- 1995
- Collection
- Electronic Theses & Dissertations
- Title
- Enhancing automated fault discovery and analysis
- Creator
- DeMott, Jared
- Date
- 2012
- Collection
- Electronic Theses & Dissertations
- Description
-
Creating quality software is difficult. Likewise, offensive researchers look to penetrate quality software. Both parties benefit from a scalable bug hunting framework. Once bugs are found, an equally expensive task is debugging. To debug faults, analysts must identify statements involved in the failures and select suspicious code regions that might contain the fault. Traditionally, this tedious task is performed manually. An automated technique to locate the true source of the failure is...
Show moreCreating quality software is difficult. Likewise, offensive researchers look to penetrate quality software. Both parties benefit from a scalable bug hunting framework. Once bugs are found, an equally expensive task is debugging. To debug faults, analysts must identify statements involved in the failures and select suspicious code regions that might contain the fault. Traditionally, this tedious task is performed manually. An automated technique to locate the true source of the failure is called fault localization. The thesis of this research is that an automated process to find software bugs and quickly localize the root cause of the failure is possible by improving upon existing techniques. This research is most interested in bugs that lead to security vulnerabilities. These bugs are high value to offensive researchers, and to the typical software test engineer. In particular, memory corruption bugs characterized via an application crash is the subset of all bugs focused on in this work. Existing distributed testing frameworks do not integrate with fault localization tools. Also, existing fault localization tools fail to localize certain difficult bugs. The overall goal of this research is to: (1) Build a dynamic testing framework powerful enough to find new bugs in commercial software. (2) Integrate an existing fault localization technique into the framework that can operate on code without the requirement of having the source code or pre-generated test cases. (3) Create a novel fault localization algorithm that better operates on difficult to localize flaws. (4) Test the improvement on benchmark and real-world code. Those objectives were achieved and empirical studies were conducted to verify the goals of this research. The constructed distributed bug hunting and analysis platform is called ClusterFuzz. The enhanced fault localization process is called Execution Mining. Test results show the novel fault localization algorithm to be an important improvement, and to be more effective than prior approaches. This research also achieved ancillary goals: visualizing fault localization in a new environment; assembly basic blocks for fully compiled code. A pipeline approach to finding and categorizing bugs paves the way for future work in the areas of automated vulnerability discovery, triage, and exploitation.
Show less
- Title
- Using formal analysis and search-based techniques to address the assurance of cyber-physical systems at the requirements level
- Creator
- DeVries, Byron
- Date
- 2017
- Collection
- Electronic Theses & Dissertations
- Description
-
For high-assurance cyber-physical systems (CPS), such as the onboard features in modern transportation systems (e.g., automobiles, trains, and flight systems), ensuring acceptable and safe behavior is of paramount importance. Furthermore, the increasing complexity and the number of onboard features for autonomous vehicles further exacerbates the challenge of guaranteeing safe behavior. The operation of these high-assurance cyber-physical systems depends on the specification, implementation,...
Show moreFor high-assurance cyber-physical systems (CPS), such as the onboard features in modern transportation systems (e.g., automobiles, trains, and flight systems), ensuring acceptable and safe behavior is of paramount importance. Furthermore, the increasing complexity and the number of onboard features for autonomous vehicles further exacerbates the challenge of guaranteeing safe behavior. The operation of these high-assurance cyber-physical systems depends on the specification, implementation, and verification of those systems. Obstacles to assessing and ensuring assurance for cyber-physical system requirements may occur in many forms, but two significant sources of specification errors are incomplete requirements specifications and undesired feature interactions. In the case of incomplete requirements, it can be challenging to enumerate all the decomposed requirements necessary to satisfy a requirement (i.e., ensuring completeness), especially when considering different combinations of environmental conditions. A feature interaction occurs when two or more features satisfy specific properties in isolation, but no longer satisfy those properties when they are composed together. It may be necessary to analyze an exponential number of feature combinations to detect all possible interactions, resulting in a potentially exponential number of feature interaction results presented to the system developer. Furthermore, the uncertainty created by unexpected system and environmental scenarios exacerbates already difficult requirements specifications problems, many of which involve an exhaustive search for errors and their causes. That is, the exponential number of possibilities represents not only computational growth but also growth in the effort it takes the system designer to assess the results. This doctoral research tackles two key requirements assurance problems that exhibit these characteristics: requirements incompleteness and undesired feature interactions. The work explores how formal analysis and search-based techniques can be used in a complementary and synergistic fashion to address the assurance of cyber-physical systems facing environmental and system uncertainty, both at design time and run time. Industrial applications are used to demonstrate the respective techniques.
Show less
- Title
- Successful strategies for debugging concurrent software : an empirical investigation
- Creator
- Fleming, Scott Douglas
- Date
- 2009
- Collection
- Electronic Theses & Dissertations
- Title
- Towards automated model revision for fault-tolerant systems
- Creator
- Abujarad, Fuad
- Date
- 2010
- Collection
- Electronic Theses & Dissertations
- Title
- Automatic synthesis of fault-tolerance
- Creator
- Ebnenasir, Ali
- Date
- 2005
- Collection
- Electronic Theses & Dissertations