901 resultados para source code analysis
Resumo:
Originally presented as the author's thesis (M.S.), University of Illinois at Urbana-Champaign.
Resumo:
In the context of Software Reuse providing techniques to support source code retrieval has been widely experimented. However, much effort is required in order to find how to match classical Information Retrieval and source code characteristics and implicit information. Introducing linguistic theories in the software development process, in terms of documentation standardization may produce significant benefits when applying Information Retrieval techniques. The goal of our research is to provide a tool to improve source code search and retrieval In order to achieve this goal we apply some linguistic rules to the development process.
Resumo:
In the article, we have reviewed the means for visualization of syntax, semantics and source code for programming languages which support procedural and/or object-oriented paradigm. It is examined how the structure of the source code of the structural and object-oriented programming styles has influenced different approaches for their teaching. We maintain a thesis valid for the object-oriented programming paradigm, which claims that the activities for design and programming of classes are done by the same specialist, and the training of this specialist should include design as well as programming skills and knowledge for modeling of abstract data structures. We put the question how a high level of abstraction in the object-oriented paradigm should be presented in simple model in the design stage, so the complexity in the programming stage stay low and be easily learnable. We give answer to this question, by building models using the UML notation, as we take a concrete example from the teaching practice including programming techniques for inheritance and polymorphism.
Resumo:
Красимир Манев, Антон Желязков, Станимир Бойчев - В статията е представена имплементацията на последната фаза на автоматичен генератор на тестови данни за структурно тестване на софтуер, написан на обектно-ориентиран език за програмиране – генерирането на изходен код на тестващия модул. Някои детайли от имплементацията на останалите фази, които са важни за имплементацията на последната фаза, са представени първо. След това е описан и алгоритъмът за генериране на кода на тестващия модул.
Resumo:
Background: Recent morpho-functional evidence pointed out that abnormalities in the thalamus could play a major role in the expression of migraine neurophysiological and clinical correlates. Whether this phenomenon is primary or secondary to its functional disconnection from the brainstem remains to be determined. We used a Functional Source Separation algorithm of EEG signal to extract the activity of the different neuronal pools recruited at different latencies along the somatosensory pathway in interictal migraine without aura (MO) patients. Methods: Twenty MO patients and 20 healthy volunteers (HV) underwent EEG recording. Four ad-hoc functional constraints, two sub-cortical (FS14 at brainstem and FS16 at thalamic level) and two cortical (FS20 radial and FS22 tangential parietal sources), were used to extract the activity of successive stages of somatosensory information processing in response to the separate left and right median nerve electric stimulation. A band-pass digital filter (450-750 Hz) was applied offline in order to extract high-frequency oscillatory (HFO) activity from the broadband EEG signal. Results: In both stimulated sides, significant reduced sub-cortical brainstem (FS14) and thalamic (FS16) HFO activations characterized MO patients when compared with HV. No difference emerged in the two cortical HFO activations between the two groups. Conclusions: Present results are the first neurophysiological evidence supporting the hypothesis that a functional disconnection of the thalamus from the subcortical monoaminergic system may underline the interictal cortical abnormal information processing in migraine. Further studies are needed to investigate the precise directional connectivity across the entire primary subcortical and cortical somatosensory pathway in interictal MO. Written informed consent to publication was obtained from the patient(s).
Resumo:
随着硬件性能的不断提升,计算机正在被赋予越来越艰巨的任务,运行其上的软件作为沟通人类思维和底层硬件的桥梁,其重要性日益增加。与此同时,软件系统的规模也在不断变大,所涉及的逻辑也更为复杂,这导致开发人员难免会由于疏漏在软件设计实现的过程中引入缺陷、埋下隐患。所以,如何检验、确保软件的属性就成为时下一个亟待解决的热点问题。而在此背景下,源代码静态分析技术由于恰好可以弥补现有测试方法的不足,已经开始在这一研究领域崭露头角。有鉴于此,本文为了推进安全信息系统的研发,分别围绕源代码静态分析技术在软件属性保障中两个最主要的应用场景展开研究,涉及高等级安全操作系统开发过程中的源代码自动化审计,以及分布式信息系统中平台间互信建立时针对软件属性所进行的远程验证,其中,前者是为从深度上将现有安全操作系统向更高等级推进提供助力,而后者是为了从广度上将信息安全领域现有的围绕单机平台的研究成果向分布式架构推广建立基础。具体来说,本文选择针对编程接口规范的一致性检验和应用静态分析的软件属性远程验证作为研究的切入点,探讨了应用源代码静态分析技术检验、确保软件属性的方法和用途,主要取得以下几个方面的成果: 第一,本文给出了一个基于值等价类的别名分析方法。该方法依据相关的传值操作维护一个值等价类空间,可以在编程接口规范一致性检验的过程中按需推导变量符号间的等值关系,不仅有能力支持上下文相关、路径相关的全局分析,还可以有效应对C代码中因结构、指针等构件所衍生出来的大量变量符号。 第二,针对大部分现有代码静态分析工具分析规模受限的问题,本文围绕编程接口规范的一致性检验给出了可以与别名分析有效结合的性能优化方案。该方案不仅能通过剔除与分析无关的执行分支和引入缓存机制提高分析效率,还可以尽量确保分析的准确性少受影响。 第三,我们设计、实现了一个C代码静态分析工具ABAZER(A Bug AnalyZER)。该工具可以依据用户使用有限自动机模型描述的编程接口规范,对操作系统内核级别的软件进行全局分析,指出代码中可能有悖于规范的部分。我们使用ABAZER实际考查了FreeBSD内核中锁机制以及GCC 4.x中库GNU Libiberty的使用情况,从中发现了若干真实的缺陷。 第四,本文针对现有应用可信计算技术、基于完整性信息进行远程验证的方案在灵活性和实用性上所存在的不足,给出一个扩展方案。该方案通过引入虚拟机技术,在软件构建过程中收集举证信息,应用静态分析方法分析软件功能模块间的相关性,划分出与验证相关的模块,有效控制用户定制软件验证时所要依赖的可信列表的规模,使其有能力适应当今网络环境中的大量异质平台和各种安全需求。此外,它还可以为自身所依赖的可信计算基的替换和更新提供支持。 第五,本文针对Flask架构的特点,给出了一个既能检验强制访问控制实现正确性,又能最大限度保留软件灵活性、使得用户可以在一定程度上对软件进行定制的远程验证方案。该方案依赖源代码静态分析技术界定软件中无需基于完整性进行验证的模块,在进一步缩减可信列表规模的同时,使用代码改写技术在这些模块中自动化地插入监控代码约束软件的动态行为,以达到确保强制访问控制实现正确性的目的。该方案初步展现了源代码静态分析技术在远程验证中广阔的应用前景。
Resumo:
Observation-based slicing is a recently-introduced, language-independent, slicing technique based on the dependencies observable from program behaviour. Due to the wellknown limits of dynamic analysis, we may only compute an under-approximation of the true observation-based slice. However, because the observation-based slice captures all possible dependence that can be observed, even such approximations can yield insight into the limitations of static slicing. For example, a static slice, S that is strictly smaller than the corresponding observation based slice is guaranteed to be unsafe. We present the results of three sets of experiments on 12 different programs, including benchmarks and larger programs, which investigate the relationship between static and observation-based slicing. We show that, in extreme cases, observation-based slices can find the true static minimal slice, where static techniques cannot. For more typical cases, our results illustrate the potential for observation-based slicing to highlight unsafe static slices. Finally, we report on the sensitivity of observation-based slicing to test quality.
Resumo:
Wednesday 23rd April 2014 Speaker(s): Willi Hasselbring Organiser: Leslie Carr Time: 23/04/2014 14:00-15:00 Location: B32/3077 File size: 802Mb Abstract The internal behavior of large-scale software systems cannot be determined on the basis of static (e.g., source code) analysis alone. Kieker provides complementary dynamic analysis capabilities, i.e., monitoring/profiling and analyzing a software system's runtime behavior. Application Performance Monitoring is concerned with continuously observing a software system's performance-specific runtime behavior, including analyses like assessing service level compliance or detecting and diagnosing performance problems. Architecture Discovery is concerned with extracting architectural information from an existing software system, including both structural and behavioral aspects like identifying architectural entities (e.g., components and classes) and their interactions (e.g., local or remote procedure calls). In addition to the Architecture Discovery of Java systems, Kieker supports Architecture Discovery for other platforms, including legacy systems, for instance, inplemented in C#, C++, Visual Basic 6, COBOL or Perl. Thanks to Kieker's extensible architecture it is easy to implement and use custom extensions and plugins. Kieker was designed for continuous monitoring in production systems inducing only a very low overhead, which has been evaluated in extensive benchmark experiments. Please, refer to http://kieker-monitoring.net/ for more information.
Resumo:
Single-page applications have historically been subject to strong market forces driving fast development and deployment in lieu of quality control and changeable code, which are important factors for maintainability. In this report we develop two functionally equivalent applications using AngularJS and React and compare their maintainability as defined by ISO/IEC 9126. AngularJS and React represent two distinct approaches to web development, with AngularJS being a general framework providing rich base functionality and React a small specialized library for efficient view rendering. The quality comparison was accomplished by calculating Maintainability Index for each application. Version control analysis was used to determine quality indicators during development and subsequent maintenance where new functionality was added in two steps. The results show no major differences in maintainability in the initial applications. As more functionality is added the Maintainability Index decreases faster in the AngularJS application, indicating a steeper increase in complexity compared to the React application. Source code analysis reveals that changes in data flow requires significantly larger modifications of the AngularJS application due to its inherent architecture for data flow. We conclude that frameworks are useful when they facilitate development of known requirements but less so when applications and systems grow in size.
