scholarly journals Using Program Synthesis for Program Analysis

2015 ◽  
pp. 483-498 ◽  
Author(s):  
Cristina David ◽  
Daniel Kroening ◽  
Matt Lewis
Keyword(s):  
Program Analysis ◽  
Program Synthesis

scholarly journals Program Synthesis for Program Analysis

2018 ◽  
Vol 40 (2) ◽  
pp. 1-45 ◽  
Author(s):  
Cristina David ◽  
Pascal Kesseli ◽  
Daniel Kroening ◽  
Matt Lewis
Keyword(s):  
Program Analysis ◽  
Program Synthesis

scholarly journals Dijkstra's interpretation of the approach to solving a problem of program correctness

2010 ◽  
Vol 20 (2) ◽  
pp. 229-236 ◽  
Author(s):  
Branko Markoski ◽  
Petar Hotomski ◽  
Dusan Malbaski ◽  
Danilo Obradovic
Keyword(s):  
Program Analysis ◽  
Practical Importance ◽  
Program Synthesis ◽  
Program Correctness ◽  
Great Practical Importance ◽  
Automatic Program ◽  
Analysis And Synthesis ◽  
The Difference ◽  
Automated Methods

Proving the program correctness and designing the correct programs are two connected theoretical problems, which are of great practical importance. The first is solved within program analysis, and the second one in program synthesis, although intertwining of these two processes is often due to connection between the analysis and synthesis of programs. Nevertheless, having in mind the automated methods of proving correctness and methods of automatic program synthesis, the difference is easy to tell. This paper presents denotative interpretation of programming calculation explaining semantics by formulae ? and ?, in such a way that they can be used for defining state sets for program P.

A Semantic Perspective on Omission Abstraction in ASP

2020 ◽  
Author(s):  
Zeynep G. Saribatur ◽  
Thomas Eiter
Keyword(s):  
Problem Solving ◽  
Program Analysis ◽  
Abstract Level ◽  
Answer Sets

The recently introduced notion of ASP abstraction is on reducing the vocabulary of a program while ensuring over-approximation of its answer sets, with a focus on having a syntactic operator that constructs an abstract program. It has been shown that such a notion has the potential for program analysis at the abstract level by getting rid of irrelevant details to problem solving while preserving the structure, that aids in the explanation of the solutions. We take here a further look on ASP abstraction, focusing on abstraction by omission with the aim to obtain a better understanding of the notion. We distinguish the key conditions for omission abstraction which sheds light on the differences to the well-studied notion of forgetting. We demonstrate how omission abstraction fits into the overall spectrum, by also investigating its behavior in the semantics of a program in the framework of HT logic.

Mobile Software Assurance Informed through Knowledge Graph Construction: The OWASP Threat of Insecure Data Storage

2020 ◽  
Vol 2 (2) ◽  
Author(s):  
Suzanna Schmeelk ◽  
Lixin Tao
Keyword(s):  
Data Storage ◽  
Program Analysis ◽  
Web Application ◽  
Security Analysis ◽  
Knowledge Graph ◽  
Healthcare Applications ◽  
Sensitive Data ◽  
Knowledge Graphs ◽  
Mobile Malware Detection ◽  
Software Assurance

Many organizations, to save costs, are movinheg to t Bring Your Own Mobile Device (BYOD) model and adopting applications built by third-parties at an unprecedented rate.  Our research examines software assurance methodologies specifically focusing on security analysis coverage of the program analysis for mobile malware detection, mitigation, and prevention.  This research focuses on secure software development of Android applications by developing knowledge graphs for threats reported by the Open Web Application Security Project (OWASP).  OWASP maintains lists of the top ten security threats to web and mobile applications.  We develop knowledge graphs based on the two most recent top ten threat years and show how the knowledge graph relationships can be discovered in mobile application source code.  We analyze 200+ healthcare applications from GitHub to gain an understanding of their software assurance of their developed software for one of the OWASP top ten moble threats, the threat of “Insecure Data Storage.”  We find that many of the applications are storing personally identifying information (PII) in potentially vulnerable places leaving users exposed to higher risks for the loss of their sensitive data.

Sign in / Sign up

Export Citation Format

Share Document