-
1.发明申请GENERATION AND EVALUATION OF TEST CASES FOR SOFTWARE VALIDATION AND PROOFS 审中-公开用于软件验证和验证的测试案例的生成和评估公开(公告)号:US20090282289A1
公开(公告)日:2009-11-12
申请号:US12115633
申请日:2008-05-06
IPC分类号: G06F11/36
CPC分类号: G06F11/3608
摘要: A “property checker” uses light-weight symbolic execution to prove that software programs satisfy safety properties by simultaneously performing program testing and program abstraction. A simple example of safety properties includes conditions that must be satisfied for proper program execution, such as whether an application properly interfaces with API methods or functions. Program tests are an “under-approximation” of program behavior, and abstractions are an “over-approximation” of the program. This simultaneous testing either finds a test-case that reaches an error state, or finds an abstraction showing that no path in the state space of the program can reach any error state. If a test-case reaches an error state, the property checker has discovered a violation of the safety property. Conversely, if no path in the state space can reach any error state, the property checker has proved that the program satisfies the desired safety property.
摘要翻译: “属性检查器”使用轻量符号执行来证明软件程序通过同时执行程序测试和程序抽象来满足安全属性。 安全属性的一个简单示例包括必须满足适当程序执行的条件,例如应用程序是否与API方法或功能正确连接。 程序测试是程序行为的“近似”,抽象是程序的“过近似”。 这种同时测试可以找到达到错误状态的测试用例,或者发现一个抽象表明程序状态空间中的任何路径都不能达到任何错误状态。 如果测试用例达到错误状态,则属性检查器发现违反了安全属性。 相反,如果状态空间中没有路径可以达到任何错误状态,则属性检查器已经证明该程序满足所需的安全属性。
-
公开(公告)号:US20120197829A1
公开(公告)日:2012-08-02
申请号:US13018643
申请日:2011-02-01
IPC分类号: G06F15/18
CPC分类号: G06N7/005
摘要: A quantified belief propagation (QBP) algorithm receives as input an existentially quantified boolean formula (QBF) of existentially quantified boolean variables, universally quantified variables, and boolean operators. A tripartite graph is constructed, and includes (i) there-exists nodes that correspond to and represent the existentially quantified variables, (ii) for-all nodes that correspond to and represent the universally quantified variables, and (iii) sub-formula nodes that correspond to and represent sub-formulas of the QBF. A set of boolean values of the existentially quantified variables is found by (i) passing a first message from an arbitrary sub-formula node to an arbitrary for-all node, and (ii) in response, passing a second message from the arbitrary for-all node to the arbitrary sub-formula node.
摘要翻译: 量化信念传播(QBP)算法接收存在量化的布尔变量,通用量化变量和布尔运算符的存在量化布尔公式(QBF)作为输入。 构建三方图,并且包括(i)存在对应于并表示存在量化变量的节点,(ii)对应于并表示通用量化变量的所有节点,以及(iii)子公式节点 它们对应于并表示QBF的子公式。 通过(i)将第一个消息从任意子公式节点传递到任意的全部所有节点,找到存在量化变量的一组布尔值,并且(ii)作为响应,将任意的第二个消息从任意的 - 所有节点到任意子公式节点。
-
公开(公告)号:US20130239093A1
公开(公告)日:2013-09-12
申请号:US13415850
申请日:2012-03-09
IPC分类号: G06F9/44
CPC分类号: G06F9/44589
摘要: Technologies pertaining to top-down interprocedural analysis of a computer program are described herein. A query is received for processing over a root procedure in the computer program. Responsive to the query being received, the root procedure is explored, and calls to sub-procedures are located. Sub-queries are generated upon encountering the calls to the sub-procedures, and execution of the sub-queries is performed in parallel across multiple computing nodes.
摘要翻译: 本文描述了关于计算机程序的自顶向下过程间分析的技术。 接收到用于在计算机程序中的根过程进行处理的查询。 响应于正在接收的查询,探索根程序,并调用子程序。 子查询是在遇到对子程序的调用时生成的,子查询的执行在多个计算节点之间并行执行。
-
公开(公告)号:US07526750B2
公开(公告)日:2009-04-28
申请号:US10778969
申请日:2004-02-13
CPC分类号: G06F11/3608 , Y10S707/99944
摘要: The state space of modeled software can be explored using an object-based systematic state explorer. The object-based model can perform well even in light of the complexities of concurrent software. During state space exploration, differences between states can be stored instead of storing a complete copy of the state.
摘要翻译: 可以使用基于对象的系统状态浏览器来探索建模软件的状态空间。 基于对象的模型可以在并发软件的复杂性方面表现良好。 在状态空间探索期间,可以存储状态之间的差异,而不是存储状态的完整副本。
-
公开(公告)号:US20080104665A1
公开(公告)日:2008-05-01
申请号:US11555218
申请日:2006-10-31
IPC分类号: H04L9/32
CPC分类号: G06F21/577 , G06F2221/034
摘要: A facility is described for analyzing access control configurations. In various embodiments, the facility comprises an operating system having resources and identifications of principals, the principals having access control privileges relating to the resources, the access control privileges described by access control metadata; an access control scanner component that receives the access control metadata, determines relationships between the principals and the resources, and emits access control relations information; and an access control inference engine that receives the emitted access control relations information and an access control policy model, analyzes the received information and model, and emits a vulnerability report. In various embodiments, the facility generates an information flow based on access control relations, an access control mechanism model, and an access control policy model; determines, based on the generated information flow, whether privilege escalation is possible; and when privilege escalation is possible, indicates in a vulnerability report that the privilege escalation is possible.
摘要翻译: 描述了一种用于分析访问控制配置的设施。 在各种实施例中,该设施包括操作系统,该操作系统具有资源和标识符,主体具有与资源相关的访问控制权限,由访问控制元数据描述的访问控制特权; 访问控制扫描器组件,其接收访问控制元数据,确定主体与资源之间的关系,并且发出访问控制关系信息; 以及访问控制推理引擎,其接收发出的访问控制关系信息和访问控制策略模型,分析所接收的信息和模型,并发出漏洞报告。 在各种实施例中,设备基于访问控制关系,访问控制机制模型和访问控制策略模型生成信息流; 根据生成的信息流确定是否有权限升级; 并且当特权升级成为可能时,在漏洞报告中指出可以升级特权。
-
公开(公告)号:US07203924B2
公开(公告)日:2007-04-10
申请号:US10136680
申请日:2002-04-30
申请人: Jakob Rehof , Sriram K. Rajamani
发明人: Jakob Rehof , Sriram K. Rajamani
IPC分类号: G06F9/44
CPC分类号: G06F11/3608 , G06F9/546 , H04L29/06 , H04L67/10 , H04L67/40 , H04L69/329
摘要: A system and method for modeling a message-passing program module using type annotations is disclosed. The message-passing program module is constructed with operations that communicate with operations of other message-passing program modules in an asynchronous computing environment. Type annotations are communication protocols that represent processes of input and/or output actions that the program module developer expects each operation to perform or take on a selected set of communication channels. During development of the program module, the type annotations are declared at each operation of the program module. Soundness of the type annotations and whether implementation of the program module conforms to the type annotations is checked using a type system. If the program module is well-typed and well-implemented, the type system abstracts a behavioral module of the message-passing program module that reflects the relevant processes expressed by the type annotations. A model checker determines whether the behavioral module is in fact a valid abstraction of the implementation, and if so, evaluates one or more properties of the behavioral module to render a conclusion about these properties for the program module.
摘要翻译: 公开了一种使用类型注释建模消息传递程序模块的系统和方法。 消息传递程序模块由在异步计算环境中与其他消息传递程序模块的操作进行通信的操作构成。 类型注释是表示程序模块开发者期望每个操作执行或占据所选择的一组通信信道的输入和/或输出动作的进程的通信协议。 在开发程序模块期间,在程序模块的每个操作中声明类型注释。 使用类型系统检查类型注释的声音以及程序模块的实现是否符合类型注释。 如果程序模块是良好的类型和良好的实现,类型系统抽象反映由类型注释表示的相关进程的消息传递程序模块的行为模块。 模型检查器确定行为模块是否实际上是实现的有效抽象,如果是,则评估行为模块的一个或多个属性以呈现关于程序模块的这些属性的结论。
-
公开(公告)号:US09383970B2
公开(公告)日:2016-07-05
申请号:US12540381
申请日:2009-08-13
CPC分类号: G06F8/20
摘要: A platform that facilitates software application development, maintenance, and support includes a storage component that receives structured and unstructured data pertaining to at least one application subject to development, maintenance, or support and causes the structured and unstructured data to be stored in a distributed fashion over a plurality of accessible data repositories. The storage component causes the structured and unstructured data to be stored in the data repositories such that the structured and unstructured data is accessible through utilization of a common access format. An executor component executes an analytical process over the structured and unstructured data and generates a first dataset, wherein the storage component causes the first dataset to be stored in at least one of the plurality of accessible data repositories in a format that is accessible by front end analysis applications.
摘要翻译: 促进软件应用程序开发,维护和支持的平台包括一个存储组件,其接收与至少一个受开发,维护或支持的应用有关的结构化和非结构化数据,并导致结构化和非结构化数据以分布式方式存储 在多个可访问的数据存储库中。 存储组件使得结构化和非结构化数据被存储在数据存储库中,使得结构化和非结构化数据可通过利用公共访问格式来访问。 执行器组件对所述结构化和非结构化数据执行分析过程并生成第一数据集,其中所述存储组件使得所述第一数据集以可由前端访问的格式存储在所述多个可访问数据存储库中的至少一个中 分析应用程序。
-
公开(公告)号:US07917900B2
公开(公告)日:2011-03-29
申请号:US11693938
申请日:2007-03-30
IPC分类号: G06F9/45
CPC分类号: G06F11/3604 , G06F8/45 , G06F8/51
摘要: A source code clarification system is described. In various embodiments, the source code clarification system receives clarified source code and transforms the clarified source code into standard source code or object code that implements asynchronous components. The standard software source code can contain expressions for enabling asynchronous communications. The clarified code can be software source code that is expressed in an imperative language and is capable of static analysis. The clarified source code can contain a coordination primitive that encapsulates interactions between asynchronous components. By using the coordination primitives and events, the clarified source code can express interactions between asynchronous components so that the clarified source code is easier for developers to understand and for static analysis tools to analyze.
摘要翻译: 描述了源代码澄清系统。 在各种实施例中,源代码澄清系统接收澄清的源代码,并将澄清的源代码转换成实现异步组件的标准源代码或目标代码。 标准软件源代码可以包含用于启用异步通信的表达式。 澄清的代码可以是以命令式语言表达并且能够进行静态分析的软件源代码。 澄清的源代码可以包含封装异步组件之间的交互的协调原语。 通过使用协调原语和事件,明确的源代码可以表示异步组件之间的交互,以便开发人员更容易理解明确的源代码以及静态分析工具进行分析。
-
公开(公告)号:US07536606B2
公开(公告)日:2009-05-19
申请号:US10835838
申请日:2004-04-30
IPC分类号: G06F11/00
CPC分类号: G06F11/0751 , G06F11/0709 , H04L41/06
摘要: Methods and systems are provided for automatically generating an accurate model of communications processes between disparate computing systems that may be analyzed in an efficient manner for error detection in web services systems. Business Process Execution Language for Web Services (BPEL) descriptions are automatically generated for the BPEL-based executable processes utilized by each communicating computing system in a given web services system. The BPEL abstract process descriptions for each communicating computing system are translated into a combined process model according to a suitable modeling language. The process model is tested by a model checking software application. Communications errors between the disparate computing systems are detected by automatically testing the combined process model according to a variety of potential communications scenarios.
摘要翻译: 提供了方法和系统,用于在不同的计算系统之间自动生成精确的通信过程模型,可以以有效的方式对Web服务系统中的错误检测进行分析。 为每个通信计算系统在给定Web服务系统中使用的基于BPEL的可执行流程自动生成Web服务的业务流程执行语言(BPEL)描述。 每个通信计算系统的BPEL抽象过程描述根据合适的建模语言被转换为组合过程模型。 流程模型通过模型检查软件应用程序进行测试。 通过根据各种潜在通信场景自动测试组合过程模型来检测不同计算系统之间的通信错误。
-
公开(公告)号:US07509534B2
公开(公告)日:2009-03-24
申请号:US11470066
申请日:2006-09-05
IPC分类号: G06F11/00
CPC分类号: G06F9/45508 , G06F11/28
摘要: A refinement system automatically identifies whether a detected error in a target system during abstract interpretation is a false error or a true error and adjusts the interpretation to prevent the false error. The target system is represented as a transition system with an initial state and state transitions and a specification that the target system is to satisfy. The refinement system iteratively performs steps of the abstract interpretation using a widening operator. When the state of a step does not satisfy the specification, the refinement system identifies a step whose widening operator was the source of the state that did not satisfy the specification and applies a more precise operator that eliminates the problem with the widening. The refinement system then starts re-performing the steps starting at that step.
摘要翻译: 细化系统自动识别在抽象解释期间目标系统中检测到的错误是否为错误或真实错误,并调整解释以防止错误。 目标系统表示为具有初始状态和状态转换的转换系统以及目标系统要满足的规范。 细化系统使用加宽算子迭代地执行抽象解释的步骤。 当步骤的状态不符合规范时,精化系统识别其加宽操作者是不满足规范的状态的来源的步骤,并应用更加精确的操作者,消除了扩大的问题。 细化系统然后开始重新执行从该步骤开始的步骤。
-
-
-
-
-
-
-
-
-
搜索结果
30 条记录 (耗时 0.028 秒)
