-
公开(公告)号:US07694276B2
公开(公告)日:2010-04-06
申请号:US10659221
申请日:2003-09-10
申请人: James R. Larus , Sriram K. Rajamani , Jakob Rehof
发明人: James R. Larus , Sriram K. Rajamani , Jakob Rehof
IPC分类号: G06F9/44
摘要: An asynchronous programming language that facilitates concurrent programming by utilizing futures, asynchronous calls, and joins on futures. For each of a client interface and a service interface of an asynchronous interface, respective models are automatically extracted. A behavioral contract is defined on the asynchronous interface. The client and service models are then passed to modular checking algorithm that checks to ensure that both the client and the service conform to the behavioral contract. The checking algorithm combines region-based type systems with model checking techniques to handle pointer aliasing in a sound manner.
摘要翻译: 一种异步编程语言,通过利用期货,异步调用和期货合并来促进并发编程。 对于异步接口的客户端接口和服务接口,自动提取各自的模型。 在异步接口上定义了行为契约。 然后将客户端和服务模型传递给模块化检查算法,以检查客户端和服务是否符合行为合同。 检查算法将基于区域的类型系统与模型检查技术相结合,以良好的方式处理指针别名。
-
公开(公告)号:US07703077B2
公开(公告)日:2010-04-20
申请号:US10136596
申请日:2002-04-30
申请人: Jakob Rehof , James R. Larus , Sriram K. Rajamani
发明人: Jakob Rehof , James R. Larus , Sriram K. Rajamani
CPC分类号: G06F9/546
摘要: Described are embodiments for developing a message-passing application program. The program is constructed using stages having a plurality of asynchronous functions, or operations. The operations communicate with other operations of other message-passing programs in a distributed computing environment. The operations also communicate with other operations on other stages of the message-passing application. In order to reduce deadlock errors, a behavioral type signature is appended to the declaration of each operation of the message-passing application program. The behavioral type signature specifies behavioral properties for each operation, such as when an operation should send a message to another operation. A type checker utilizes typing rules and the behavioral type signature to extract an implementation model of each function. The type checker then compares the implementation model to the behavioral type signature to determine whether the asynchronous function conforms to the behavioral type signature.
摘要翻译: 描述了用于开发消息传递应用程序的实施例。 该程序使用具有多个异步功能或操作的级构成。 这些操作与分布式计算环境中的其他消息传递程序的其他操作进行通信。 这些操作还与消息传递应用程序的其他阶段的其他操作进行通信。 为了减少死锁错误,行为类型签名附加到消息传递应用程序的每个操作的声明中。 行为类型签名指定每个操作的行为属性,例如操作应该向另一个操作发送消息。 类型检查器利用打字规则和行为类型签名来提取每个功能的实现模型。 类型检查器然后将实现模型与行为类型签名进行比较,以确定异步函数是否符合行为类型签名。
-
公开(公告)号:US07526750B2
公开(公告)日:2009-04-28
申请号:US10778969
申请日:2004-02-13
CPC分类号: G06F11/3608 , Y10S707/99944
摘要: The state space of modeled software can be explored using an object-based systematic state explorer. The object-based model can perform well even in light of the complexities of concurrent software. During state space exploration, differences between states can be stored instead of storing a complete copy of the state.
摘要翻译: 可以使用基于对象的系统状态浏览器来探索建模软件的状态空间。 基于对象的模型可以在并发软件的复杂性方面表现良好。 在状态空间探索期间,可以存储状态之间的差异,而不是存储状态的完整副本。
-
公开(公告)号:US07203924B2
公开(公告)日:2007-04-10
申请号:US10136680
申请日:2002-04-30
申请人: Jakob Rehof , Sriram K. Rajamani
发明人: Jakob Rehof , Sriram K. Rajamani
IPC分类号: G06F9/44
CPC分类号: G06F11/3608 , G06F9/546 , H04L29/06 , H04L67/10 , H04L67/40 , H04L69/329
摘要: A system and method for modeling a message-passing program module using type annotations is disclosed. The message-passing program module is constructed with operations that communicate with operations of other message-passing program modules in an asynchronous computing environment. Type annotations are communication protocols that represent processes of input and/or output actions that the program module developer expects each operation to perform or take on a selected set of communication channels. During development of the program module, the type annotations are declared at each operation of the program module. Soundness of the type annotations and whether implementation of the program module conforms to the type annotations is checked using a type system. If the program module is well-typed and well-implemented, the type system abstracts a behavioral module of the message-passing program module that reflects the relevant processes expressed by the type annotations. A model checker determines whether the behavioral module is in fact a valid abstraction of the implementation, and if so, evaluates one or more properties of the behavioral module to render a conclusion about these properties for the program module.
摘要翻译: 公开了一种使用类型注释建模消息传递程序模块的系统和方法。 消息传递程序模块由在异步计算环境中与其他消息传递程序模块的操作进行通信的操作构成。 类型注释是表示程序模块开发者期望每个操作执行或占据所选择的一组通信信道的输入和/或输出动作的进程的通信协议。 在开发程序模块期间,在程序模块的每个操作中声明类型注释。 使用类型系统检查类型注释的声音以及程序模块的实现是否符合类型注释。 如果程序模块是良好的类型和良好的实现,类型系统抽象反映由类型注释表示的相关进程的消息传递程序模块的行为模块。 模型检查器确定行为模块是否实际上是实现的有效抽象,如果是,则评估行为模块的一个或多个属性以呈现关于程序模块的这些属性的结论。
-
公开(公告)号:US07797669B1
公开(公告)日:2010-09-14
申请号:US10779002
申请日:2004-02-13
申请人: Niels Jakob Rehof , Anthony D. Andrews , Sriram K. Rajamani , Charles Antony Richard Hoare , Cédric Fournet
发明人: Niels Jakob Rehof , Anthony D. Andrews , Sriram K. Rajamani , Charles Antony Richard Hoare , Cédric Fournet
IPC分类号: G06F9/44
CPC分类号: G06F11/3668 , G06F8/10
摘要: A distributed software system of communicating software components can be tested for undesirable behavior. A specification of a component can be substituted in place of the component when testing a model of the distributed software system. Thus, the system can be checked to see if it exhibits undesirable behavior without having code for all components of the system. Also, a component can be checked to see if it is in conformance with its specification. If models built with respective components and substituted specifications indicate that the system does not exhibit undesirable behavior, and the components conform to their specifications, then a system assembled from the components will not exhibit the undesirable behavior. Thus, collaborative testing can be achieved, even if no one entity has access to code for the entire distributed system.
摘要翻译: 可以测试传达软件组件的分布式软件系统的不良行为。 在测试分布式软件系统的型号时,组件的规范可以替代组件。 因此,可以检查系统以查看其是否显示不期望的行为,而不需要系统的所有组件的代码。 此外,可以检查组件以查看其是否符合其规范。 如果使用相应组件和替代规格构建的模型表明系统不表现出不良行为,并且组件符合其规范,则从组件组装的系统将不会显示不期望的行为。 因此,即使没有一个实体可以访问整个分布式系统的代码,也可以实现协同测试。
-
公开(公告)号:US07555418B1
公开(公告)日:2009-06-30
申请号:US10742695
申请日:2003-12-19
IPC分类号: G06F9/45
CPC分类号: G06F11/3608 , G06F8/433
摘要: Procedure summaries can be generated and used for multithreaded software. A set of actions for a software procedure can be identified as atomically modelable with respect to multithreaded execution of the software. Such actions can be considered a transaction and deemed to have occurred one after another without interruption by other threads. Thus, multithreaded execution of the software can be modeled to detect programming flaws. For example, reachability analysis can be used in concert with the procedure summaries to determine if specified invariants fail.
摘要翻译: 可以生成过程摘要并用于多线程软件。 关于软件的多线程执行,可以将软件过程的一组动作识别为可原子模拟的。 这种行为可以被认为是交易,被认为是一个接一个地发生而不被其他线程中断。 因此,可以对软件的多线程执行进行建模,以检测编程缺陷。 例如,可以与过程摘要一起使用可达性分析,以确定指定的不变量是否失败。
-
公开(公告)号:US20080104665A1
公开(公告)日:2008-05-01
申请号:US11555218
申请日:2006-10-31
IPC分类号: H04L9/32
CPC分类号: G06F21/577 , G06F2221/034
摘要: A facility is described for analyzing access control configurations. In various embodiments, the facility comprises an operating system having resources and identifications of principals, the principals having access control privileges relating to the resources, the access control privileges described by access control metadata; an access control scanner component that receives the access control metadata, determines relationships between the principals and the resources, and emits access control relations information; and an access control inference engine that receives the emitted access control relations information and an access control policy model, analyzes the received information and model, and emits a vulnerability report. In various embodiments, the facility generates an information flow based on access control relations, an access control mechanism model, and an access control policy model; determines, based on the generated information flow, whether privilege escalation is possible; and when privilege escalation is possible, indicates in a vulnerability report that the privilege escalation is possible.
摘要翻译: 描述了一种用于分析访问控制配置的设施。 在各种实施例中,该设施包括操作系统,该操作系统具有资源和标识符,主体具有与资源相关的访问控制权限,由访问控制元数据描述的访问控制特权; 访问控制扫描器组件,其接收访问控制元数据,确定主体与资源之间的关系,并且发出访问控制关系信息; 以及访问控制推理引擎,其接收发出的访问控制关系信息和访问控制策略模型,分析所接收的信息和模型,并发出漏洞报告。 在各种实施例中,设备基于访问控制关系,访问控制机制模型和访问控制策略模型生成信息流; 根据生成的信息流确定是否有权限升级; 并且当特权升级成为可能时,在漏洞报告中指出可以升级特权。
-
公开(公告)号:US09383970B2
公开(公告)日:2016-07-05
申请号:US12540381
申请日:2009-08-13
CPC分类号: G06F8/20
摘要: A platform that facilitates software application development, maintenance, and support includes a storage component that receives structured and unstructured data pertaining to at least one application subject to development, maintenance, or support and causes the structured and unstructured data to be stored in a distributed fashion over a plurality of accessible data repositories. The storage component causes the structured and unstructured data to be stored in the data repositories such that the structured and unstructured data is accessible through utilization of a common access format. An executor component executes an analytical process over the structured and unstructured data and generates a first dataset, wherein the storage component causes the first dataset to be stored in at least one of the plurality of accessible data repositories in a format that is accessible by front end analysis applications.
摘要翻译: 促进软件应用程序开发,维护和支持的平台包括一个存储组件,其接收与至少一个受开发,维护或支持的应用有关的结构化和非结构化数据,并导致结构化和非结构化数据以分布式方式存储 在多个可访问的数据存储库中。 存储组件使得结构化和非结构化数据被存储在数据存储库中,使得结构化和非结构化数据可通过利用公共访问格式来访问。 执行器组件对所述结构化和非结构化数据执行分析过程并生成第一数据集,其中所述存储组件使得所述第一数据集以可由前端访问的格式存储在所述多个可访问数据存储库中的至少一个中 分析应用程序。
-
公开(公告)号:US20130239093A1
公开(公告)日:2013-09-12
申请号:US13415850
申请日:2012-03-09
IPC分类号: G06F9/44
CPC分类号: G06F9/44589
摘要: Technologies pertaining to top-down interprocedural analysis of a computer program are described herein. A query is received for processing over a root procedure in the computer program. Responsive to the query being received, the root procedure is explored, and calls to sub-procedures are located. Sub-queries are generated upon encountering the calls to the sub-procedures, and execution of the sub-queries is performed in parallel across multiple computing nodes.
摘要翻译: 本文描述了关于计算机程序的自顶向下过程间分析的技术。 接收到用于在计算机程序中的根过程进行处理的查询。 响应于正在接收的查询,探索根程序,并调用子程序。 子查询是在遇到对子程序的调用时生成的,子查询的执行在多个计算节点之间并行执行。
-
公开(公告)号:US07917900B2
公开(公告)日:2011-03-29
申请号:US11693938
申请日:2007-03-30
IPC分类号: G06F9/45
CPC分类号: G06F11/3604 , G06F8/45 , G06F8/51
摘要: A source code clarification system is described. In various embodiments, the source code clarification system receives clarified source code and transforms the clarified source code into standard source code or object code that implements asynchronous components. The standard software source code can contain expressions for enabling asynchronous communications. The clarified code can be software source code that is expressed in an imperative language and is capable of static analysis. The clarified source code can contain a coordination primitive that encapsulates interactions between asynchronous components. By using the coordination primitives and events, the clarified source code can express interactions between asynchronous components so that the clarified source code is easier for developers to understand and for static analysis tools to analyze.
摘要翻译: 描述了源代码澄清系统。 在各种实施例中,源代码澄清系统接收澄清的源代码,并将澄清的源代码转换成实现异步组件的标准源代码或目标代码。 标准软件源代码可以包含用于启用异步通信的表达式。 澄清的代码可以是以命令式语言表达并且能够进行静态分析的软件源代码。 澄清的源代码可以包含封装异步组件之间的交互的协调原语。 通过使用协调原语和事件,明确的源代码可以表示异步组件之间的交互,以便开发人员更容易理解明确的源代码以及静态分析工具进行分析。
-
-
-
-
-
-
-
-
-
搜索结果
30 条记录 (耗时 0.025 秒)
