Checking type safety of foreign function calls

AbstractFortran is still widely used in scientific computing, and a very large corpus of legacy as well as new code is written in FORTRAN 77. In general this code is not type safe, so that incorrect programs can compile without errors. In this paper, we present a formal approach to ensure type safety of legacy Fortran code through automated program transformation. The objective of this work is to reduce programming errors by guaranteeing type safety. We present the first rigorous analysis of the type safety of FORTRAN 77 and the novel program transformation and type checking algorithms required to convert FORTRAN 77 subroutines and functions into pure, side-effect free subroutines and functions in Fortran 90. We have implemented these algorithms in a source-to-source compiler which type checks and automatically transforms the legacy code. We show that the resulting code is type safe and that the pure, side-effect free and referentially transparent subroutines can readily be offloaded to accelerators.

Download Full-text

Enhanced Bug Prediction in JavaScript Programs with Hybrid Call-Graph Based Invocation Metrics

Technologies ◽

10.3390/technologies9010003 ◽

2020 ◽

Vol 9 (1) ◽

pp. 3

Author(s):

Gábor Antal ◽

Zoltán Tóth ◽

Péter Hegedűs ◽

Rudolf Ferenc

Keyword(s):

Software Maintenance ◽

Positive Impact ◽

Source Code ◽

Code Analysis ◽

Static Source ◽

Static Code Analysis ◽

Function Calls ◽

Hybrid Code ◽

Code Metrics ◽

Scripting Language

Bug prediction aims at finding source code elements in a software system that are likely to contain defects. Being aware of the most error-prone parts of the program, one can efficiently allocate the limited amount of testing and code review resources. Therefore, bug prediction can support software maintenance and evolution to a great extent. In this paper, we propose a function level JavaScript bug prediction model based on static source code metrics with the addition of a hybrid (static and dynamic) code analysis based metric of the number of incoming and outgoing function calls (HNII and HNOI). Our motivation for this is that JavaScript is a highly dynamic scripting language for which static code analysis might be very imprecise; therefore, using a purely static source code features for bug prediction might not be enough. Based on a study where we extracted 824 buggy and 1943 non-buggy functions from the publicly available BugsJS dataset for the ESLint JavaScript project, we can confirm the positive impact of hybrid code metrics on the prediction performance of the ML models. Depending on the ML algorithm, applied hyper-parameters, and target measures we consider, hybrid invocation metrics bring a 2–10% increase in model performances (i.e., precision, recall, F-measure). Interestingly, replacing static NOI and NII metrics with their hybrid counterparts HNOI and HNII in itself improves model performances; however, using them all together yields the best results.

Download Full-text

Lightweight extension of an execution environment for safer function calls in Solidity/Ethereum Virtual Machine smart contracts

2021 IEEE International Conference on Software Analysis, Evolution and Reengineering (SANER) ◽

10.1109/saner50967.2021.00087 ◽

2021 ◽

Author(s):

Sooyeon Lee ◽

Eun-Sun Cho

Keyword(s):

Virtual Machine ◽

Smart Contracts ◽

Function Calls ◽

Execution Environment

Download Full-text

The construction of a radar-type safety device to complement human vision in safety prediction

Ergonomics ◽

10.1080/00140139008927182 ◽

1990 ◽

Vol 33 (6) ◽

pp. 735-761 ◽

Cited By ~ 4

Author(s):

Noboru Sugimoto ◽

Hiroyasu Ikeda

Keyword(s):

Human Vision ◽

Safety Device ◽

Type Safety

Download Full-text

Improving the FLORIS wind plant model for compatibility with gradient-based optimization

Wind Engineering ◽

10.1177/0309524x17722000 ◽

2017 ◽

Vol 41 (5) ◽

pp. 313-329 ◽

Cited By ~ 13

Author(s):

Jared J Thomas ◽

Pieter MO Gebraad ◽

Andrew Ning

Keyword(s):

Steady State ◽

Wind Turbine ◽

Case Studies ◽

Wind Farm ◽

Optimization Problems ◽

Algorithmic Differentiation ◽

Function Calls ◽

Gradient Based ◽

Wake Model ◽

Yaw Angle

The FLORIS (FLOw Redirection and Induction in Steady-state) model, a parametric wind turbine wake model that predicts steady-state wake characteristics based on wind turbine position and yaw angle, was developed for optimization of control settings and turbine locations. This article provides details on changes made to the FLORIS model to make the model more suitable for gradient-based optimization. Changes to the FLORIS model were made to remove discontinuities and add curvature to regions of non-physical zero gradient. Exact gradients for the FLORIS model were obtained using algorithmic differentiation. A set of three case studies demonstrate that using exact gradients with gradient-based optimization reduces the number of function calls by several orders of magnitude. The case studies also show that adding curvature improves convergence behavior, allowing gradient-based optimization algorithms used with the FLORIS model to more reliably find better solutions to wind farm optimization problems.

Download Full-text

Fuzzing JavaScript Environment APIs with Interdependent Function Calls

Lecture Notes in Computer Science - Integrated Formal Methods ◽

10.1007/978-3-030-34968-4_12 ◽

2019 ◽

pp. 212-226 ◽

Cited By ~ 1

Author(s):

Renáta Hodován ◽

Dániel Vince ◽

Ákos Kiss

Keyword(s):

Function Calls

Download Full-text

AN EVOLUTIONARY ALGORITHM FOR FAST INTENSITY BASED IMAGE MATCHING BETWEEN OPTICAL AND SAR SATELLITE IMAGERY

ISPRS Annals of Photogrammetry Remote Sensing and Spatial Information Sciences ◽

10.5194/isprs-annals-iv-3-83-2018 ◽

2018 ◽

Vol IV-3 ◽

pp. 83-90 ◽

Cited By ~ 1

Author(s):

Peter Fischer ◽

Philipp Schuegraf ◽

Nina Merkle ◽

Tobias Storch

Keyword(s):

Evolutionary Algorithm ◽

Satellite Imagery ◽

Image Matching ◽

Optimal Solution ◽

Search Problem ◽

Computational Costs ◽

Radar Sensors ◽

Function Calls ◽

Point Detection ◽

Very High

This paper presents a hybrid evolutionary algorithm for fast intensity based matching between satellite imagery from SAR and very high-resolution (VHR) optical sensor systems. The precise and accurate co-registration of image time series and images of different sensors is a key task in multi-sensor image processing scenarios. The necessary preprocessing step of image matching and tie-point detection is divided into a search problem and a similarity measurement. Within this paper we evaluate the use of an evolutionary search strategy for establishing the spatial correspondence between satellite imagery of optical and radar sensors. The aim of the proposed algorithm is to decrease the computational costs during the search process by formulating the search as an optimization problem. Based upon the canonical evolutionary algorithm, the proposed algorithm is adapted for SAR/optical imagery intensity based matching. Extensions are drawn using techniques like hybridization (e.g. local search) and others to lower the number of objective function calls and refine the result. The algorithm significantely decreases the computational costs whilst finding the optimal solution in a reliable way.

Download Full-text

End-to-end automated cache-timing attack driven by Machine Learning

10.29007/nwj8 ◽

2019 ◽

Cited By ~ 1

Author(s):

Sebastien Carré ◽

Victor Dyseryn ◽

Adrien Facon ◽

Sylvain Guilley ◽

Thomas Perianin

Keyword(s):

Neural Network ◽

Language Processing ◽

Relevant Information ◽

Security Threats ◽

Cache Memories ◽

Function Calls ◽

Timing Data ◽

Timing Attack ◽

End To End ◽

Timing Attacks

Cache timing attacks are serious security threats that exploit cache memories to steal secret information.We believe that the identification of a sequence of operations from a set of cache-timing data measurements is not a trivial step when building an attack. We present a recurrent neural network model able to automatically retrieve a sequence of function calls from cache-timings. Inspired from natural language processing, our model is able to learn on partially labelled data. We use the model to unfold an end-to-end automated attack on OpenSSL ECDSA on the secp256k1 curve. Contrary to most research, we did not need human processing of the traces to retrieve relevant information.

Download Full-text