Advertisement

Abstract Dependences for Alarm Diagnosis

  • Xavier Rival
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3780)

Abstract

We propose a framework for dependence analyses, adapted –among others– to the understanding of static analyzers outputs. Static analyzers like Astrée are sound but not complete; hence, they may yield false alarms, that is report not being able to prove part of the properties of interest. Helping the user in the alarm inspection task is a major challenge for current static analyzers. Semantic slicing, i.e. the computation of precise abstract invariants for a set of erroneous traces, provides a useful characterization of a possible error context. We propose to enhance semantic slicing with information about abstract dependences. Abstract dependences should be more informative than mere dependences: first, we propose to restrict to the dependences that can be observed in a slice; second, we define dependences among abstract properties, so as to isolate abnormal behaviors as source of errors. Last, stronger notions of slicing should allow to restrict slices to such dependences.

Keywords

False Alarm Dependence Graph Dependence Analysis Abstract Interpretation Local Dependence 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Abadi, M.: Secrecy by typing in security protocols. Journal of the ACM (1999)Google Scholar
  2. 2.
    Abadi, M., Banerjee, A., Heintze, N., Riecke, J.G.: A core calculus of dependency. In: POPL (1999)Google Scholar
  3. 3.
    Agrawal, H., Horgan, J.R.: Dynamic program slicing. In: PLDI (1990)Google Scholar
  4. 4.
    Ball, T., Naik, M., Rajamani, S.: From symptom to cause: Localizing errors in counterexample traces. In: POPL (2003)Google Scholar
  5. 5.
    Blanchet, B., Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: A Static Analyzer for Large Safety Critical Software. In: PLDI (2003)Google Scholar
  6. 6.
    Canfora, G., Cimitille, A., Lucia, A.D.: Condition program slicing. Information and Software Technology; Special issue on Program Slicing (1998)Google Scholar
  7. 7.
    Cartwright, R., Felleisen, M.: The semantics of program dependence. In: PLDI (1989)Google Scholar
  8. 8.
    Choi, J.-D., Burke, M., Carini, P.: Efficient flow-sensitive interprocedural computation of pointer-induced aliases and side effects. In: PLDI (1993)Google Scholar
  9. 9.
    Cousot, P.: Constructive design of a hierarchy of semantics of a transition system by abstract interpretation. ENTCS 6 (1997)Google Scholar
  10. 10.
    Cousot, P., Cousot, R.: Abstract Interpretation: a unified lattice model for static analysis of programs by construction or approximation of fixpoints. In: POPL (1977)Google Scholar
  11. 11.
    Cousot, P., Cousot, R., Feret, J., Mauborgne, L., Miné, A., Monniaux, D., Rival, X.: The ASTREÉ analyzer. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 21–30. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Danicic, S., Daoudi, D., Fox, C., Hierons, R., Harman, M., Howroyd, J., Ouarbya, L., Ward, M.: ConSUS: A Light-Weight Program Conditioner. Journal of Systems and Software (2004)Google Scholar
  13. 13.
    Denning, D.E.: A lattice model of secure information flow. Communications of the ACM (1976)Google Scholar
  14. 14.
    Deutsch, A.: Interprocedural may-alias analysis for pointers: beyond k-limiting. In: PLDI (1994)Google Scholar
  15. 15.
    Dor, N., Rodeh, M., Sagiv, M.: CSSV: Towards a realistic tool for statically detecting all buffer overflows in C. In: PLDI (2003)Google Scholar
  16. 16.
    Fox, C., Danicic, S., Harman, M., Hierons, R.: ConSIT: A Conditioned Program Slicing System. Software - Practice and Experience (2004)Google Scholar
  17. 17.
    Giacobazzi, R., Mastroeni, I.: Abstract non-interference: parameterizing non-interference by abstract interpretation. In: POPL (2004)Google Scholar
  18. 18.
    Goguen, J.A., Meseguer, J.: Security policies and security models. In: IEEE Symp. on Security and Privacy (1982)Google Scholar
  19. 19.
    Horwitz, S., Reps, T., Binkley, D.: Interprocedural slicing using dependence graphs. In: PLDI (1988)Google Scholar
  20. 20.
    Korel, B., Laski, J.: Dynamic Program Slicing. Information Processing Letters (1988)Google Scholar
  21. 21.
    Lev-Ami, T., Sagiv, M.: TVLA: A system for implementing static analyses. In: Palsberg, J. (ed.) SAS 2000. LNCS, vol. 1824, pp. 280–302. Springer, Heidelberg (2000)CrossRefGoogle Scholar
  22. 22.
    Mauborgne, L., Rival, X.: Trace Partitioning in Abstract Interpretation Based Static Analyzers. In: Sagiv, M. (ed.) ESOP 2005. LNCS, vol. 3444, pp. 5–20. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  23. 23.
    Rival, X.: Understanding the origin of alarms in astrée. In: Hankin, C., Siveroni, I. (eds.) SAS 2005. LNCS, vol. 3672, pp. 303–319. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  24. 24.
    Sabelfeld, A., Myers, A.: Language-based information-flow security. IEEE Journal on Selected Areas in Communications (2003)Google Scholar
  25. 25.
    Venet, A., Brat, G.: Precise and efficient array bound checking for large embedded c programs. In: PLDI (2004)Google Scholar
  26. 26.
    Weiser, M.: Program slicing. In: Proceeding of the Fifth International Conference on Software Engineering, pp. 439–449 (1981)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2005

Authors and Affiliations

  • Xavier Rival
    • 1
  1. 1.École Normale SupérieureParisFrance

Personalised recommendations