SlideShare une entreprise Scribd logo

Artificial software diversity: automatic synthesis of program sosies

FoCAS Initiative
FoCAS Initiative

Diversify presentation by Benoit Baudry

Technologie
1  sur  18
Télécharger pour lire hors ligne
Artificial software diversity: automatic synthesis of program sosies Benoit Baudry Joint work with Simon Allier, Ioannis Kavvouras, Julien Langlois and Martin Monperrus
Diversity to handle / increase uncertainty l Navigate through the program space l brittleness versus plasticity of software l Failure detection l Moving target l Self-repair of software
Program sosie • Given a specification 3
Program sosie 4 • Given a specification S • Given a program P that conforms to S correct implementation
Program sosie 5 • Given a specification S • Given a program P that conforms to S • A sosie of P is a variant that also conforms to S a sosie
Program sosie 6 potential failures or breaches failure diversity • Given a specification S • Given a program P that conforms to S • A sosie of P is a variant that also conforms to S
Specification: data and properties fun : Function assert abs(fun(.5) - 0.25) < 0.05 assert abs(fun(.4) - 0.16) < 0.05 assert abs(fun(.3) - 0.09) < 0.05 l The test input data specifies the input domain l The assertions specify the level of abstraction
Sosies and Diversity l There is a diversity of sosies l There may be a diversity of output outside the specified domain l The specified input domain and the associated level of abstraction allows more or less diversity The diversity is a dependent variable of the input domain and level of abstraction
Sosies are not l The identity / the clone l Program equivalence (the same output for all possible inputs) l The same output l on the specified input domain l at a given level of abstraction l Could be called "phenotypic equivalence"
Research questions Do sosies exist? Can we automatically synthesize them? What are effective transformations? 10
Automatic Synthesis of Sosies l We replace a given piece of code by another one and see whether all assertions remain satisfied l Pieces of code: l Method calls l Methods l Expressions l ...
Example of sosie 12 @Override public void report(SortedMap<String, Gauge> gauges, SortedMap<String, Counter> counters, SortedMap<String, Histogram> histograms, SortedMap<String, Meter> meters, SortedMap<String, Timer> timers) { final long timestamp = TimeUnit.MILLISECONDS.toSeconds(clock.getTime()); for (Map.Entry<String, Gauge> entry : gauges.entrySet()) { reportGauge(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Counter> entry : counters.entrySet()) { reportCounter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Histogram> entry : histograms.entrySet()) { reportHistogram(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Meter> entry : meters.entrySet()) { reportMeter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Timer> entry : timers.entrySet()) { reportTimer(timestamp, entry.getKey(), entry.getValue()); } }
Example of sosie 13 @Override public void report(SortedMap<String, Gauge> gauges, SortedMap<String, Counter> counters, SortedMap<String, Histogram> histograms, SortedMap<String, Meter> meters, SortedMap<String, Timer> timers) { InputContext: [long] OutputContext: void codeFragment: if (least >= bound) final long timestamp = TimeUnit.MILLISECONDS.toSeconds(clock.getTime()); throw new java.lang.IllegalArgumentException(); for (Map.Entry<String, Gauge> entry : gauges.entrySet()) { reportGauge(timestamp, entry.getKey(), entry.getValue()); } InputContext: [long] OutputContext: void codeFragment: if (n <= 0) for (Map.Entry<String, Counter> entry : counters.entrySet()) { reportCounter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Histogram> entry : histograms.entrySet()) { throw new java.lang.IllegalArgumentException("n must be reportHistogram(timestamp, entry.getKey(), entry.getValue()); positive"); } for (Map.Entry<String, Meter> entry : meters.entrySet()) { reportMeter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Timer> entry : timers.entrySet()) { reportTimer(timestamp, entry.getKey(), entry.getValue()); } }
Example of sosie 14 @Override public void report(SortedMap<String, Gauge> gauges, SortedMap<String, Counter> counters, SortedMap<String, Histogram> histograms, SortedMap<String, Meter> meters, SortedMap<String, Timer> timers) { final long timestamp = TimeUnit.MILLISECONDS.toSeconds(clock.getTime()); for (Map.Entry<String, Gauge> entry : gauges.entrySet()) { reportGauge(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Counter> entry : counters.entrySet()) { if (timestamp <= 0) throw new java.lang.IllegalArgumentException("n must be positive"); } for (Map.Entry<String, Histogram> entry : histograms.entrySet()) { reportHistogram(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Meter> entry : meters.entrySet()) { reportMeter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Timer> entry : timers.entrySet()) { reportTimer(timestamp, entry.getKey(), entry.getValue()); } } variable mapping: {n=timestamp} InputContext: [long] OutputContext: void codeFragment: if (n <= 0) throw new java.lang.IllegalArgumentException("n must be positive");
What is effective for sosiefication? • Evaluate the efficiency of 9 transformations: • Replace/Add/Delete • CMNVM Replace/Add: context mapping but not variable mapping • NCMVMN Replace/Add: not context mapping but mapping on variable name • NCM Replace/Add: no context mapping 15
Preliminary result NCM Replace NCM/ VNM Replace CM/ NVM Replace Normal Replace NCM Add NCM/ VNM Add CM/ NVM Add Add Delete junit #trial #variant #sosie 500 36 2 500 80 27 500 177 32 500 310 43 500 38 33 500 61 42 500 140 70 500 195 79 500 253 25 metrics #trial #variant #sosie " 1960 116 12 1960 282 69 1960 693 86 1960 1262 174 1960 157 108 1960 269 142 1960 700 352 1960 908 347 1960 977 110 clojure #trial #variant #sosie 680 30 0 680 123 3 680 154 7 680 342 21 680 30 7 680 90 3 680 124 35 680 152 28 680 391 29
Sosiefication with reactions #variants #incorrect-variants #sosies % sosies JUnit 5265 4377 888 16.86% Metrics 4699 4299 400 8.51% Codec 14435 11080 3355 23.24% Math 45517 40500 5017 11.02% Clojure 32335 20706 11629 35.96% bubble-sort 23 18 4 17.39% insert-sort 18 17 1 1.26% quick-sort 553 525 7 0.42% merge-sort 4759 4739 20
What to do with sosies? l Demonstrate plastic properties of software l Functional equivalence and repair l Functional resillience; replacement in case of bugs (ICSE'13 Gorla et al.) l Use as gene pool l Randomize execution to create a moving target l Functional sense of self ("detect-fast") The diversity of functionally equivalent code improves the robustness and resilience of software

Recommandé

Stack
StackStack
Stack
Seema Sharma
 
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
Quoc-Sang Phan
 
Loop control in c++
Loop control in c++Loop control in c++
Loop control in c++
Debre Tabor University
 
Loops in matlab
Loops in matlabLoops in matlab
Loops in matlab
TUOS-Sam
 
Matlab Script - Loop Control
Matlab Script - Loop ControlMatlab Script - Loop Control
Matlab Script - Loop Control
Shameer Ahmed Koya
 
Stack and queue -polish notations
Stack and queue -polish notationsStack and queue -polish notations
Stack and queue -polish notations
jyoti_lakhani
 
Java -lec-5
Java -lec-5Java -lec-5
Java -lec-5
Zubair Khalid
 
software-vulnerability-detectionPresentation
software-vulnerability-detectionPresentationsoftware-vulnerability-detectionPresentation
software-vulnerability-detectionPresentation
Claude Goubet
 

Recommandé

Stack
StackStack
Stack
Seema Sharma
 
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
All-Solution Satisfiability Modulo Theories: applications, algorithms and ben...
Quoc-Sang Phan
 
Loop control in c++
Loop control in c++Loop control in c++
Loop control in c++
Debre Tabor University
 
Loops in matlab
Loops in matlabLoops in matlab
Loops in matlab
TUOS-Sam
 
Matlab Script - Loop Control
Matlab Script - Loop ControlMatlab Script - Loop Control
Matlab Script - Loop Control
Shameer Ahmed Koya
 
Stack and queue -polish notations
Stack and queue -polish notationsStack and queue -polish notations
Stack and queue -polish notations
jyoti_lakhani
 
Java -lec-5
Java -lec-5Java -lec-5
Java -lec-5
Zubair Khalid
 
software-vulnerability-detectionPresentation
software-vulnerability-detectionPresentationsoftware-vulnerability-detectionPresentation
software-vulnerability-detectionPresentation
Claude Goubet
 
CS106 Lab 11 - Functions (passing by reference)
CS106 Lab 11 - Functions (passing by reference)CS106 Lab 11 - Functions (passing by reference)
CS106 Lab 11 - Functions (passing by reference)
Nada Kamel
 
CS106 Lab 6 - While and Do..While loop
CS106 Lab 6 - While and Do..While loopCS106 Lab 6 - While and Do..While loop
CS106 Lab 6 - While and Do..While loop
Nada Kamel
 
Working of while loop
Working of while loopWorking of while loop
Working of while loop
Neeru Mittal
 
C++ control loops
C++ control loopsC++ control loops
C++ control loops
pratikborsadiya
 
Project of data structure
Project of data structureProject of data structure
Project of data structure
Umme habiba
 
MATLAB Programming - Loop Control Part 2
MATLAB Programming - Loop Control Part 2MATLAB Programming - Loop Control Part 2
MATLAB Programming - Loop Control Part 2
Shameer Ahmed Koya
 
What is Algorithm - An Overview
What is Algorithm - An OverviewWhat is Algorithm - An Overview
What is Algorithm - An Overview
Ramakant Soni
 
Programming Fundamentals lecture 8
Programming Fundamentals lecture 8Programming Fundamentals lecture 8
Programming Fundamentals lecture 8
REHAN IJAZ
 
Stack Data Structure & It's Application
Stack Data Structure & It's Application Stack Data Structure & It's Application
Stack Data Structure & It's Application
Tech_MX
 
CS106 Lab 4 - If statement
CS106 Lab 4 - If statementCS106 Lab 4 - If statement
CS106 Lab 4 - If statement
Nada Kamel
 
CS106 Lab 7 - For loop
CS106 Lab 7 - For loopCS106 Lab 7 - For loop
CS106 Lab 7 - For loop
Nada Kamel
 
Java Programmin: Selections
Java Programmin: SelectionsJava Programmin: Selections
Java Programmin: Selections
Karwan Mustafa Kareem
 
MCRL2
MCRL2MCRL2
MCRL2
kashif kashif
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
Amrit Kaur
 
Stacks
StacksStacks
Stacks
sweta dargad
 
Linear timesorting
Linear timesortingLinear timesorting
Linear timesorting
International Islamic University
 
Stephan berg track f
Stephan berg track fStephan berg track f
Stephan berg track f
Alona Gradman
 
Stack
StackStack
Stack
Zaid Shabbir
 
Quiz
QuizQuiz
Quiz
Qazi Ejaz
 
stack and queue array implementation in java.
stack and queue array implementation in java.stack and queue array implementation in java.
stack and queue array implementation in java.
CIIT Atd.
 
Anomalies in X-Ray Engine
Anomalies in X-Ray EngineAnomalies in X-Ray Engine
Anomalies in X-Ray Engine
PVS-Studio
 
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Sung Kim
 

Contenu connexe

Tendances

Stack Data Structure & It's Application
Stack Data Structure & It's Application Stack Data Structure & It's Application
Stack Data Structure & It's Application
Tech_MX
 
Java Programmin: Selections
Java Programmin: SelectionsJava Programmin: Selections
Java Programmin: Selections
Karwan Mustafa Kareem
 
Stephan berg track f
Stephan berg track fStephan berg track f
Stephan berg track f
Alona Gradman
 

Tendances (20)

CS106 Lab 11 - Functions (passing by reference)
CS106 Lab 11 - Functions (passing by reference)CS106 Lab 11 - Functions (passing by reference)
CS106 Lab 11 - Functions (passing by reference)
 
CS106 Lab 6 - While and Do..While loop
CS106 Lab 6 - While and Do..While loopCS106 Lab 6 - While and Do..While loop
CS106 Lab 6 - While and Do..While loop
 
Working of while loop
Working of while loopWorking of while loop
Working of while loop
 
C++ control loops
C++ control loopsC++ control loops
C++ control loops
 
Project of data structure
Project of data structureProject of data structure
Project of data structure
 
MATLAB Programming - Loop Control Part 2
MATLAB Programming - Loop Control Part 2MATLAB Programming - Loop Control Part 2
MATLAB Programming - Loop Control Part 2
 
What is Algorithm - An Overview
What is Algorithm - An OverviewWhat is Algorithm - An Overview
What is Algorithm - An Overview
 
Programming Fundamentals lecture 8
Programming Fundamentals lecture 8Programming Fundamentals lecture 8
Programming Fundamentals lecture 8
 
Stack Data Structure & It's Application
Stack Data Structure & It's Application Stack Data Structure & It's Application
Stack Data Structure & It's Application
 
CS106 Lab 4 - If statement
CS106 Lab 4 - If statementCS106 Lab 4 - If statement
CS106 Lab 4 - If statement
 
CS106 Lab 7 - For loop
CS106 Lab 7 - For loopCS106 Lab 7 - For loop
CS106 Lab 7 - For loop
 
Java Programmin: Selections
Java Programmin: SelectionsJava Programmin: Selections
Java Programmin: Selections
 
MCRL2
MCRL2MCRL2
MCRL2
 
Chapter 3
Chapter 3Chapter 3
Chapter 3
 
Stacks
StacksStacks
Stacks
 
Linear timesorting
Linear timesortingLinear timesorting
Linear timesorting
 
Stephan berg track f
Stephan berg track fStephan berg track f
Stephan berg track f
 
Stack
StackStack
Stack
 
Quiz
QuizQuiz
Quiz
 
stack and queue array implementation in java.
stack and queue array implementation in java.stack and queue array implementation in java.
stack and queue array implementation in java.
 

Similaire à Artificial software diversity: automatic synthesis of program sosies

Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Sung Kim
 
Static Analysis and Verification of C Programs
Static Analysis and Verification of C ProgramsStatic Analysis and Verification of C Programs
Static Analysis and Verification of C Programs
New York City College of Technology Computer Systems Technology Colloquium
 
The Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyThe Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency Statically
Ray Buse
 

Similaire à Artificial software diversity: automatic synthesis of program sosies (20)

Anomalies in X-Ray Engine
Anomalies in X-Ray EngineAnomalies in X-Ray Engine
Anomalies in X-Ray Engine
 
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)Heterogeneous Defect Prediction (

ESEC/FSE 2015)
Heterogeneous Defect Prediction (

ESEC/FSE 2015)
 
White Box testing by Pankaj Thakur, NITTTR Chandigarh
White Box testing by Pankaj Thakur, NITTTR ChandigarhWhite Box testing by Pankaj Thakur, NITTTR Chandigarh
White Box testing by Pankaj Thakur, NITTTR Chandigarh
 
Static Analysis and Verification of C Programs
Static Analysis and Verification of C ProgramsStatic Analysis and Verification of C Programs
Static Analysis and Verification of C Programs
 
The Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency StaticallyThe Road Not Taken: Estimating Path Execution Frequency Statically
The Road Not Taken: Estimating Path Execution Frequency Statically
 
Test Automation Day 2018
Test Automation Day 2018Test Automation Day 2018
Test Automation Day 2018
 
Quality Assurance
Quality AssuranceQuality Assurance
Quality Assurance
 
C lab-programs
C lab-programsC lab-programs
C lab-programs
 
Measuring maintainability; software metrics explained
Measuring maintainability; software metrics explainedMeasuring maintainability; software metrics explained
Measuring maintainability; software metrics explained
 
Exploiting vectorization with ISPC
Exploiting vectorization with ISPCExploiting vectorization with ISPC
Exploiting vectorization with ISPC
 
A tale of experiments on bug prediction
A tale of experiments on bug predictionA tale of experiments on bug prediction
A tale of experiments on bug prediction
 
Podem_Report
Podem_ReportPodem_Report
Podem_Report
 
Regression and Classification with R
Regression and Classification with RRegression and Classification with R
Regression and Classification with R
 
C and Data structure lab manual ECE (2).pdf
C and Data structure lab manual ECE (2).pdfC and Data structure lab manual ECE (2).pdf
C and Data structure lab manual ECE (2).pdf
 
Machine Learning on Code - SF meetup
Machine Learning on Code - SF meetupMachine Learning on Code - SF meetup
Machine Learning on Code - SF meetup
 
My Postdoctoral Research
My Postdoctoral ResearchMy Postdoctoral Research
My Postdoctoral Research
 
Machine Learning and Go. Go!
Machine Learning and Go. Go!Machine Learning and Go. Go!
Machine Learning and Go. Go!
 
The operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzerThe operation principles of PVS-Studio static code analyzer
The operation principles of PVS-Studio static code analyzer
 
7-White Box Testing.ppt
7-White Box Testing.ppt7-White Box Testing.ppt
7-White Box Testing.ppt
 
White box testing
White box testingWhite box testing
White box testing
 

Plus de FoCAS Initiative

Where Shall We Have Lunch? Problems For A Computer-aided Future
Where Shall We Have Lunch? Problems For A Computer-aided FutureWhere Shall We Have Lunch? Problems For A Computer-aided Future
Where Shall We Have Lunch? Problems For A Computer-aided Future
FoCAS Initiative
 

Plus de FoCAS Initiative (20)

Fundamentals of Collective Adaptive Systems Manifesto
Fundamentals of Collective Adaptive Systems ManifestoFundamentals of Collective Adaptive Systems Manifesto
Fundamentals of Collective Adaptive Systems Manifesto
 
Final FoCAS Newsletter, Issue Eight, Winter 2016
Final FoCAS Newsletter, Issue Eight, Winter 2016Final FoCAS Newsletter, Issue Eight, Winter 2016
Final FoCAS Newsletter, Issue Eight, Winter 2016
 
Optimal Floor Heating
Optimal Floor HeatingOptimal Floor Heating
Optimal Floor Heating
 
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...
Advanced Manufacturing: An Industrial Application for Collective Adaptive Sys...
 
FoCAS Newsletter Issue Seven
FoCAS Newsletter Issue SevenFoCAS Newsletter Issue Seven
FoCAS Newsletter Issue Seven
 
Wrangling Complex Systems
Wrangling Complex SystemsWrangling Complex Systems
Wrangling Complex Systems
 
Where Shall We Have Lunch? Problems For A Computer-aided Future
Where Shall We Have Lunch? Problems For A Computer-aided FutureWhere Shall We Have Lunch? Problems For A Computer-aided Future
Where Shall We Have Lunch? Problems For A Computer-aided Future
 
Sustainability Challenges In A Complex World
Sustainability Challenges In A Complex WorldSustainability Challenges In A Complex World
Sustainability Challenges In A Complex World
 
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...
On Manipulating Attractors In Collective Behaviours Of Bio-hybrid Societies W...
 
The Liquid Computing Paradigm
The Liquid Computing ParadigmThe Liquid Computing Paradigm
The Liquid Computing Paradigm
 
Complexity And The Relationship Between Knowledge And Action
Complexity And The Relationship Between Knowledge And ActionComplexity And The Relationship Between Knowledge And Action
Complexity And The Relationship Between Knowledge And Action
 
FoCAS Newsletter Issue Six
FoCAS Newsletter Issue SixFoCAS Newsletter Issue Six
FoCAS Newsletter Issue Six
 
FoCAS Newsletter Issue Five
FoCAS Newsletter Issue FiveFoCAS Newsletter Issue Five
FoCAS Newsletter Issue Five
 
Temporal logics for multi-agent systems
Temporal logics for multi-agent systemsTemporal logics for multi-agent systems
Temporal logics for multi-agent systems
 
Advanced Systems Engineering
Advanced Systems EngineeringAdvanced Systems Engineering
Advanced Systems Engineering
 
Tailored source-code-transformation-synthesize-computationally-diverse-progra...
Tailored source-code-transformation-synthesize-computationally-diverse-progra...Tailored source-code-transformation-synthesize-computationally-diverse-progra...
Tailored source-code-transformation-synthesize-computationally-diverse-progra...
 
Search Diverse Models for Proactive Software Diversification
Search Diverse Models for Proactive Software DiversificationSearch Diverse Models for Proactive Software Diversification
Search Diverse Models for Proactive Software Diversification
 
Modelling Adaptation Policies As Domain-Specific Constraints
Modelling Adaptation Policies As Domain-Specific ConstraintsModelling Adaptation Policies As Domain-Specific Constraints
Modelling Adaptation Policies As Domain-Specific Constraints
 
Quantified NTL
Quantified NTLQuantified NTL
Quantified NTL
 
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIES
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIESSOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIES
SOCIAL ADAPTATION OF ROBOTS FOR MODULATING SELF-ORGANIZATION IN ANIMAL SOCIETIES
 

Dernier

Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Drew Madelung
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
Earley Information Science
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
Puma Security, LLC
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
Enterprise Knowledge
 

Dernier (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 

Artificial software diversity: automatic synthesis of program sosies

  • 1. Artificial software diversity: automatic synthesis of program sosies Benoit Baudry Joint work with Simon Allier, Ioannis Kavvouras, Julien Langlois and Martin Monperrus
  • 2. Diversity to handle / increase uncertainty l Navigate through the program space l brittleness versus plasticity of software l Failure detection l Moving target l Self-repair of software
  • 3. Program sosie • Given a specification 3
  • 4. Program sosie 4 • Given a specification S • Given a program P that conforms to S correct implementation
  • 5. Program sosie 5 • Given a specification S • Given a program P that conforms to S • A sosie of P is a variant that also conforms to S a sosie
  • 6. Program sosie 6 potential failures or breaches failure diversity • Given a specification S • Given a program P that conforms to S • A sosie of P is a variant that also conforms to S
  • 7. Specification: data and properties fun : Function assert abs(fun(.5) - 0.25) < 0.05 assert abs(fun(.4) - 0.16) < 0.05 assert abs(fun(.3) - 0.09) < 0.05 l The test input data specifies the input domain l The assertions specify the level of abstraction
  • 8. Sosies and Diversity l There is a diversity of sosies l There may be a diversity of output outside the specified domain l The specified input domain and the associated level of abstraction allows more or less diversity The diversity is a dependent variable of the input domain and level of abstraction
  • 9. Sosies are not l The identity / the clone l Program equivalence (the same output for all possible inputs) l The same output l on the specified input domain l at a given level of abstraction l Could be called "phenotypic equivalence"
  • 10. Research questions Do sosies exist? Can we automatically synthesize them? What are effective transformations? 10
  • 11. Automatic Synthesis of Sosies l We replace a given piece of code by another one and see whether all assertions remain satisfied l Pieces of code: l Method calls l Methods l Expressions l ...
  • 12. Example of sosie 12 @Override public void report(SortedMap<String, Gauge> gauges, SortedMap<String, Counter> counters, SortedMap<String, Histogram> histograms, SortedMap<String, Meter> meters, SortedMap<String, Timer> timers) { final long timestamp = TimeUnit.MILLISECONDS.toSeconds(clock.getTime()); for (Map.Entry<String, Gauge> entry : gauges.entrySet()) { reportGauge(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Counter> entry : counters.entrySet()) { reportCounter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Histogram> entry : histograms.entrySet()) { reportHistogram(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Meter> entry : meters.entrySet()) { reportMeter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Timer> entry : timers.entrySet()) { reportTimer(timestamp, entry.getKey(), entry.getValue()); } }
  • 13. Example of sosie 13 @Override public void report(SortedMap<String, Gauge> gauges, SortedMap<String, Counter> counters, SortedMap<String, Histogram> histograms, SortedMap<String, Meter> meters, SortedMap<String, Timer> timers) { InputContext: [long] OutputContext: void codeFragment: if (least >= bound) final long timestamp = TimeUnit.MILLISECONDS.toSeconds(clock.getTime()); throw new java.lang.IllegalArgumentException(); for (Map.Entry<String, Gauge> entry : gauges.entrySet()) { reportGauge(timestamp, entry.getKey(), entry.getValue()); } InputContext: [long] OutputContext: void codeFragment: if (n <= 0) for (Map.Entry<String, Counter> entry : counters.entrySet()) { reportCounter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Histogram> entry : histograms.entrySet()) { throw new java.lang.IllegalArgumentException("n must be reportHistogram(timestamp, entry.getKey(), entry.getValue()); positive"); } for (Map.Entry<String, Meter> entry : meters.entrySet()) { reportMeter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Timer> entry : timers.entrySet()) { reportTimer(timestamp, entry.getKey(), entry.getValue()); } }
  • 14. Example of sosie 14 @Override public void report(SortedMap<String, Gauge> gauges, SortedMap<String, Counter> counters, SortedMap<String, Histogram> histograms, SortedMap<String, Meter> meters, SortedMap<String, Timer> timers) { final long timestamp = TimeUnit.MILLISECONDS.toSeconds(clock.getTime()); for (Map.Entry<String, Gauge> entry : gauges.entrySet()) { reportGauge(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Counter> entry : counters.entrySet()) { if (timestamp <= 0) throw new java.lang.IllegalArgumentException("n must be positive"); } for (Map.Entry<String, Histogram> entry : histograms.entrySet()) { reportHistogram(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Meter> entry : meters.entrySet()) { reportMeter(timestamp, entry.getKey(), entry.getValue()); } for (Map.Entry<String, Timer> entry : timers.entrySet()) { reportTimer(timestamp, entry.getKey(), entry.getValue()); } } variable mapping: {n=timestamp} InputContext: [long] OutputContext: void codeFragment: if (n <= 0) throw new java.lang.IllegalArgumentException("n must be positive");
  • 15. What is effective for sosiefication? • Evaluate the efficiency of 9 transformations: • Replace/Add/Delete • CMNVM Replace/Add: context mapping but not variable mapping • NCMVMN Replace/Add: not context mapping but mapping on variable name • NCM Replace/Add: no context mapping 15
  • 16. Preliminary result NCM Replace NCM/ VNM Replace CM/ NVM Replace Normal Replace NCM Add NCM/ VNM Add CM/ NVM Add Add Delete junit #trial #variant #sosie 500 36 2 500 80 27 500 177 32 500 310 43 500 38 33 500 61 42 500 140 70 500 195 79 500 253 25 metrics #trial #variant #sosie " 1960 116 12 1960 282 69 1960 693 86 1960 1262 174 1960 157 108 1960 269 142 1960 700 352 1960 908 347 1960 977 110 clojure #trial #variant #sosie 680 30 0 680 123 3 680 154 7 680 342 21 680 30 7 680 90 3 680 124 35 680 152 28 680 391 29
  • 17. Sosiefication with reactions #variants #incorrect-variants #sosies % sosies JUnit 5265 4377 888 16.86% Metrics 4699 4299 400 8.51% Codec 14435 11080 3355 23.24% Math 45517 40500 5017 11.02% Clojure 32335 20706 11629 35.96% bubble-sort 23 18 4 17.39% insert-sort 18 17 1 1.26% quick-sort 553 525 7 0.42% merge-sort 4759 4739 20
  • 18. What to do with sosies? l Demonstrate plastic properties of software l Functional equivalence and repair l Functional resillience; replacement in case of bugs (ICSE'13 Gorla et al.) l Use as gene pool l Randomize execution to create a moving target l Functional sense of self ("detect-fast") The diversity of functionally equivalent code improves the robustness and resilience of software