Dynamic software update(DSU)patches programs on the fly.It often involves the critical task of object transformation that converts live objects of the old-version program to their semantically consistent counterparts ...Dynamic software update(DSU)patches programs on the fly.It often involves the critical task of object transformation that converts live objects of the old-version program to their semantically consistent counterparts under the new-version program.This task is accomplished by invoking an object transformer on each stale object.However,a defective transformer failing to maintain consistency would cause errors or even crash the program.We propose TOAST(Test Object trAnSformaTion),an automated approach to detecting potential inconsistency caused by object transformers.TOAST first analyzes an update to identify multiple target methods and then adopts a fuzzer with specially designed inconsistency guidance to randomly generate object states to drive two versions of a target method.This creates two corresponding execution traces and a pair of old and new objects.TOAST finally performs object transformation to create a transformed object and detects inconsistency between it and the corresponding new object produced from scratch by the new program.Moreover,TOAST checks behavior inconsistency by comparing the return variables and exceptions of the two executions.Experimental evaluation on 130 updates with default transformers shows that TOAST is promising:it got 96.0%precision and 85.7%recall in state inconsistency detection,and 81.4%precision and 94.6%recall in behavior inconsistency detection.The inconsistency guidance improved the fuzzing efficiency by 14.1%for state inconsistency detection and 40.5%for behavior inconsistency detection.展开更多
In this paper, we merge software trustworthiness with software design and present an approach to trustworthy software design with an automatically adapting software update. First, software behavior and results can be ...In this paper, we merge software trustworthiness with software design and present an approach to trustworthy software design with an automatically adapting software update. First, software behavior and results can be expected and behavior states can be monitored when a software runs by introducing a trustworthy behavior trace on a software and inserting a checkpoint sensor at each checkpoint of the trustworthy software. Second, an updated approach of the trustworthy behavior trace for the software at the level of checkpoints is presented. The trustworthy behavior traces of the software for two versions can be merged adequately by constructing split points and merge points between two trustworthy behavior traces. Finally, experiments and analyses show that: (1) the software designed by our approach can detect and report the anomaly in a software automatically and effectively, so it has a higher ability of trustworthiness evaluation than the traditional software; and (2) our approach can realize the accurate update of the trustworthy behavior trace with a lower space overhead of checkpoints when the software updates.展开更多
基金supported by the National Natural Science Foundation of China under Grant Nos.62025202 and 61690204。
文摘Dynamic software update(DSU)patches programs on the fly.It often involves the critical task of object transformation that converts live objects of the old-version program to their semantically consistent counterparts under the new-version program.This task is accomplished by invoking an object transformer on each stale object.However,a defective transformer failing to maintain consistency would cause errors or even crash the program.We propose TOAST(Test Object trAnSformaTion),an automated approach to detecting potential inconsistency caused by object transformers.TOAST first analyzes an update to identify multiple target methods and then adopts a fuzzer with specially designed inconsistency guidance to randomly generate object states to drive two versions of a target method.This creates two corresponding execution traces and a pair of old and new objects.TOAST finally performs object transformation to create a transformed object and detects inconsistency between it and the corresponding new object produced from scratch by the new program.Moreover,TOAST checks behavior inconsistency by comparing the return variables and exceptions of the two executions.Experimental evaluation on 130 updates with default transformers shows that TOAST is promising:it got 96.0%precision and 85.7%recall in state inconsistency detection,and 81.4%precision and 94.6%recall in behavior inconsistency detection.The inconsistency guidance improved the fuzzing efficiency by 14.1%for state inconsistency detection and 40.5%for behavior inconsistency detection.
基金Supported by the National Natural Science Foundation of China (60873203)the Foundation of Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education (AISTC2009_03)+1 种基金the Outstanding Youth Foundation of Hebei Province (F2010000317)the Natural Science Foundation of Hebei Province (F2010000319, F2011201039)
文摘In this paper, we merge software trustworthiness with software design and present an approach to trustworthy software design with an automatically adapting software update. First, software behavior and results can be expected and behavior states can be monitored when a software runs by introducing a trustworthy behavior trace on a software and inserting a checkpoint sensor at each checkpoint of the trustworthy software. Second, an updated approach of the trustworthy behavior trace for the software at the level of checkpoints is presented. The trustworthy behavior traces of the software for two versions can be merged adequately by constructing split points and merge points between two trustworthy behavior traces. Finally, experiments and analyses show that: (1) the software designed by our approach can detect and report the anomaly in a software automatically and effectively, so it has a higher ability of trustworthiness evaluation than the traditional software; and (2) our approach can realize the accurate update of the trustworthy behavior trace with a lower space overhead of checkpoints when the software updates.
