Anno Accademico 2009/2010
|
|
- Leon Allen
- 8 years ago
- Views:
Transcription
1 tesi di laurea specialistica Analisi sperimentale di strumenti per la fault injection su sistemi Anno Accademico 2009/2010 relatore Ch.mo prof. Domenico Cotroneo Correlatori Ing. Roberto Natella Ing. Ricardo Barbosa Candidato Anna Lanzaro Matr. 885/379 1
2 Context This work has been promoted European project Critical Step by the Aim of the project is the Transfer of Knowledge (ToK) between Accademy and Industry in order to develop new technologies and standards for safety- critical CINI -> Critical Software ToK SOFTWARE FAULT INJECTION 2
3 Software Fault Injection Uses for emulation of software faults: Validation of fault-toleranttolerant mechanisms Dependability benchmarking Adopted for emulation of programming errors It modifies parts of code in order to put bugs in the application To inject faults in the binary code is difficult due to the gap between source and executable code Fault injection in high level code is more realistic and accurate. Therefore it can be seen as an useful technique for assessing the Xception s accuracy 3
4 Objectives In this work, we consider the Xception prototype Software Fault Injection tool To be adopted for dependability evaluation of many safety-critical, NASA s among the others Xception will be compared to the prototype tool SCIFI developed by CINI in order to evaluate its accuracy and to provide feedback for its improvement. The study will be made in the context of a real-world case study from the space domain 4
5 Which software faults should be injected? A previous field data study found that software faults belong to a small set of fault operators Xception and SCIFI are expected to inject the same faults 5
6 Xception tool Xception injects faults in the target application at binary-code level Fault injection process Library of fault operators based on common programming errors Changes correspond to the code that would be generated by the compiler if the faults were in the source code. Identification of specific low-level instruction patterns Generation of faulty versions of the target application 6
7 SCIFI tool It injects faults in the target application at source code level Changes correspond to the real programming errors Based on the same library of fault operators of Xception Fault injection process Identification of fault locations through the Abstract Syntax Tree Generation of patch files, each containing the code of an individual fault 7
8 How evaluate Xception s accuracy? Fault injection in the target application (application code + OS code) both in the binary code and in the source code Ideal case: for each injected fault in the executable exists a corrisponding injected fault in the source code. Xception s injection SCIFI s injection Application code + OS code 0003ef4c rtems_timer_cancel+0 xd8> blr <_Timer_Get()>.. rtems_task Init( rtems_task_argument ignored ) {.} What is the relationship? 8
9 Problem statement Xception may not correctly recognize all the bit patterns corresponding to bugs at the programmer s level False positives: bit patterns not corresponding to constructs in the program in which a fault could exist False negatives: constructs in which a fault could exist not recognized in the executable file 9
10 Case study A satellite data handling system named Command and Data Management System (CDMS), for managing all data transactions between ground and a spacecraft OBS CDMS is composed by 6 sub, each one with a specific task Faults are injected in both the application and OS code CDMS code RTEMS code CDMS object code RTEMS static libraries (.a) Case study binary (OBS+ RTEMS) 10
11 Experimental methodology 1/2 Setup of the case study Generation of the fault-free application Fault operators are applied using both Xception and SCIFI Generation of faults Information is collected about: - Operator - Location of faults in the code (file, function, line of code) Analysis of generated faults Comparison of the injected faults False positive (injected only by Xception) False negative (injected only by SCIFI) Correct faults (injected by both tools) Analysis of a sample of faults (5%) and collection of statistics based on the obtained results Inspection and validation of results 11
12 SCIFI Tool vs Xception 3000 SCIFI Tool Xception Some operators exhibit significant differences in the number of injected faults We noticed that 22% of Xception s faults were incorrectly generated, and they were removed from the analysis 12
13 Comparing the results 1/2 Inline Macro Bugs in SCIFI Other Errors Common 6% 7% FP 21% 17% 7% 10% 18% 48% Faults generated by Xception 26% 40% Faults generated by SCIFI Tool FN Common: Correct faults injected by both Xception and SCIFI Macro/Inline: FPs FPs and FNs due to C macros or inline functions Other Errors: FPs and FNs not due to macros or inline functions Bugs in SCIFI: Not Not real FPs/FNs, but noise in the analysis due to bugs in SCIFI FP =Bugs in SCIFI + Macro/Inline + Other Errors FN = Bugs in SCIFI + Macro/Inline + Other Errors 13
14 Comparing the results 2/2 OMIA Operator for Missing If Around statements OWPFV Operator for Wrong variable in parameter of function Call 6% 2% 11% 16% 6% 22% 8% 24% Inline Macro Bug in SCIFI Other Errors Common 8% 13% 27% 21% 6% 20% 38% 9% Inline Macro Bugs in SCIFI Other Errors Common 63% 41% 37% 21% Faults generated by Xception Faults generated by SCIFI Tool Faults generated by Xception Faults generated by SCIFI Tool 14
15 Analysis of FPs and FNs Evaluating Xception s accuracy: Errors related to macros (21%) 0003ef4c rtems_timer_cancel+0xd8> blr <_Timer_Get()> Istrictions of <_Timer_Get()> ef4c rtems_timer_cancel+0xd8> blr <_Timer_Get()>. Istrictions of <_Timer_Get()> Xception injects a fault only in one copy of the macro/inline function at a time Errors realated to Xception s bugs ( 5%) Some types of Xception errors: When a macro or inline function is faulty, the faulty code is replicated several times in the binary code OMIEB/OMIFS/OMIA: Xception does not distinguish between switch-casecase costructs and if costructs OWPFV: Xception wrongly injects faults in some if conditions. 15
16 From the Conclusions the analysis results: False Positive: : 52% False Negative: : 60% Investigating FPs and FNs can help to improve Xception FP: 18% FN: 37% Limitations of the analysis SCIFI Tool contains some bugs Comparison based on code locations can fail in some cases Future developments Further improvements of measures Improvement of tools based on the obtained results 16
Service Discovery with the Google Android Mobile Platform
tesi di laurea Service Discovery with the Google Android Mobile Platform Anno Accademico 2007/2008 relatore Ch.mo prof. Stefano Russo correlatore Ing. Marcello Cinque candidato Marco Faiella Matr. 885/139
More informationHow To Write A Train Control System
di Base tesi di laurea magistrale Model Driven Engineering of railway control systems with the openetcs process Anno Accademico 2013-2014 relatore Ch.mo Prof. Stefano Russo correlatori Ch.mo Dr. Domenico
More informationDeveloping Google Android Mobile Clients for Web Services: a Case Study
tesi di laurea Developing Google Android Mobile Clients for Web Services: a Case Study Anno Accademico 2007/2008 relatore Ch.mo prof. Stefano Russo correlatore Ing. Marcello Cinque candidato Vito Daniele
More informationInvestigating Mobile Solutions for News Spreading! Anno Accademico 2011/2012!
Facoltà di Ingegneria Corso di Studi in Ingegneria Informatica tesi di laurea Anno Accademico 2011/2012 relatore Ch.mo prof. Marcello Cinque candidato Pasquale Perozzino Matr. 885/261 Facoltà di Ingegneria
More informationMining Invariant Relationships for Failure Analysis of Batch Software Systems
tesi di laurea magistrale Mining Invariant Relationships for Failure Analysis of Batch Software Systems Anno Accademico 2012/2013 relatori Ch.mo Prof. Stefano Russo Ch.mo Prof. Marcello Cinque correlatori
More informationSoftware testing. Objectives
Software testing cmsc435-1 Objectives To discuss the distinctions between validation testing and defect testing To describe the principles of system and component testing To describe strategies for generating
More informationSoftware Engineering. How does software fail? Terminology CS / COE 1530
Software Engineering CS / COE 1530 Testing How does software fail? Wrong requirement: not what the customer wants Missing requirement Requirement impossible to implement Faulty design Faulty code Improperly
More informationEvaluating and Comparing the Impact of Software Faults on Web Servers
Evaluating and Comparing the Impact of Software Faults on Web Servers April 2010, João Durães, Henrique Madeira CISUC, Department of Informatics Engineering University of Coimbra {naaliel, jduraes, henrique}@dei.uc.pt
More informationMetrics, Methods and Tools to Measure Security and Trustworthiness. Measuring trustworthiness
Metrics, Methods and Tools to Measure Security and Trustworthiness Henrique Madeira, University of Coimbra, Portugal Workshop on Recent Advances on Intrusion-Tolerant Systems (WRAITS) Cascais, June 29
More informationCSC574 - Computer and Network Security Module: Intrusion Detection
CSC574 - Computer and Network Security Module: Intrusion Detection Prof. William Enck Spring 2013 1 Intrusion An authorized action... that exploits a vulnerability... that causes a compromise... and thus
More informationThe Hacker Strategy. Dave Aitel dave@immunityinc.com. Security Research
1 The Hacker Strategy Dave Aitel dave@immunityinc.com Security Research Who am I? CTO, Immunity Inc. History: NSA->@stake -> Immunity Responsible for new product development Vulnerability Sharing Club
More informationUsing Static Code Analysis Tools for Detection of Security Vulnerabilities
Using Static Code Analysis Tools for Detection of Security Vulnerabilities Katerina Goseva-Popstajanova & Andrei Perhinschi Lane Deptartment of Computer Science and Electrical Engineering West Virginia
More informationCloud9 Parallel Symbolic Execution for Automated Real-World Software Testing
Cloud9 Parallel Symbolic Execution for Automated Real-World Software Testing Stefan Bucur, Vlad Ureche, Cristian Zamfir, George Candea School of Computer and Communication Sciences Automated Software Testing
More informationPattern Insight Clone Detection
Pattern Insight Clone Detection TM The fastest, most effective way to discover all similar code segments What is Clone Detection? Pattern Insight Clone Detection is a powerful pattern discovery technology
More informationumps software development
Laboratorio di Sistemi Operativi Anno Accademico 2006-2007 Software Development with umps Part 2 Mauro Morsiani Software development with umps architecture: Assembly language development is cumbersome:
More informationLaboratorio di Sistemi Operativi Anno Accademico 2009-2010
Laboratorio di Sistemi Operativi Anno Accademico 2009-2010 Software Development with umps Part 2 Mauro Morsiani Copyright Permission is granted to copy, distribute and/or modify this document under the
More informationOracle Solaris Studio Code Analyzer
Oracle Solaris Studio Code Analyzer The Oracle Solaris Studio Code Analyzer ensures application reliability and security by detecting application vulnerabilities, including memory leaks and memory access
More informationKickoff: Anomaly Detection Challenges
Kickoff: Anomaly Detection Challenges A Practical Course in SS2014 Huang Xiao Han Xiao Chair of IT Security (I20) Department of Informatics Technische Universität München January 31, 2014 Huang Xiao, Han
More informationSistemi ICT per il Business Networking
Corso di Laurea Specialistica Ingegneria Gestionale Sistemi ICT per il Business Networking Software Development Processes Docente: Vito Morreale (vito.morreale@eng.it) 17 October 2006 1 The essence of
More informationSolution: start more than one instruction in the same clock cycle CPI < 1 (or IPC > 1, Instructions per Cycle) Two approaches:
Multiple-Issue Processors Pipelining can achieve CPI close to 1 Mechanisms for handling hazards Static or dynamic scheduling Static or dynamic branch handling Increase in transistor counts (Moore s Law):
More informationSoftware Engineering Introduction & Background. Complaints. General Problems. Department of Computer Science Kent State University
Software Engineering Introduction & Background Department of Computer Science Kent State University Complaints Software production is often done by amateurs Software development is done by tinkering or
More informationEnvironment Modeling for Automated Testing of Cloud Applications
Environment Modeling for Automated Testing of Cloud Applications Linghao Zhang, Tao Xie, Nikolai Tillmann, Peli de Halleux, Xiaoxing Ma, Jian Lv {lzhang25, txie}@ncsu.edu, {nikolait, jhalleux}@microsoft.com,
More informationThe Web AppSec How-to: The Defenders Toolbox
The Web AppSec How-to: The Defenders Toolbox Web application security has made headline news in the past few years. Incidents such as the targeting of specific sites as a channel to distribute malware
More informationSafety and Hazard Analysis
Safety and Hazard Analysis An F16 pilot was sitting on the runway doing the preflight and wondered if the computer would let him raise the landing gear while on the ground - it did A manufacturer of torpedoes
More informationI Control Your Code Attack Vectors Through the Eyes of Software-based Fault Isolation. Mathias Payer, ETH Zurich
I Control Your Code Attack Vectors Through the Eyes of Software-based Fault Isolation Mathias Payer, ETH Zurich Motivation Applications often vulnerable to security exploits Solution: restrict application
More information1 Introduction. 2 An Interpreter. 2.1 Handling Source Code
1 Introduction The purpose of this assignment is to write an interpreter for a small subset of the Lisp programming language. The interpreter should be able to perform simple arithmetic and comparisons
More informationRegression Verification: Status Report
Regression Verification: Status Report Presentation by Dennis Felsing within the Projektgruppe Formale Methoden der Softwareentwicklung 2013-12-11 1/22 Introduction How to prevent regressions in software
More informationChapter 8 Software Testing
Chapter 8 Software Testing Summary 1 Topics covered Development testing Test-driven development Release testing User testing 2 Program testing Testing is intended to show that a program does what it is
More informationTool-based Approaches to Software Security. Prof. Dr. Eric Bodden Andreas Follner
Tool-based Approaches to Software Security Prof. Dr. Eric Bodden Andreas Follner Outline General Information Timeline Term Paper / Review / Talk Grading Next Steps Topics General Information Purpose of
More informationRichard Martin, Kiran Nagaraja Thu Nguyen and Barbara Ryder. Rutgers University Department of Computer Science. EASY Workshop July 2001
Using Distributed Data Structures for Constructing Cluster-Based Servers Richard Martin, Kiran Nagaraja Thu Nguyen and Barbara Ryder Rutgers University Department of Computer Science EASY Workshop July
More informationBuilding accurate intrusion detection systems. Diego Zamboni Global Security Analysis Lab IBM Zürich Research Laboratory
Building accurate intrusion detection systems Diego Zamboni Global Security Analysis Lab IBM Zürich Research Laboratory Outline Brief introduction to intrusion detection The MAFTIA project Accurate intrusion
More informationResearch Data Management CODING
CODING Coding When writing software or analytical code it is important that others and your future self can understand what the code is doing. published 10 steps that they regard as the Best Practices
More information<Insert Picture Here> What's New in NetBeans IDE 7.2
Slide 1 What's New in NetBeans IDE 7.2 The following is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated
More informationDesign-Driven Software Development: A Programming Language-Inspired Approach Charles Consel University of Bordeaux / Inria
Design-Driven Software Development: A Programming Language-Inspired Approach Charles Consel University of Bordeaux / Inria Joint work with members of the Phoenix Research Group Orchestrating Networked
More informationInformatica e Sistemi in Tempo Reale
Informatica e Sistemi in Tempo Reale Introduction to C programming Giuseppe Lipari http://retis.sssup.it/~lipari Scuola Superiore Sant Anna Pisa October 25, 2010 G. Lipari (Scuola Superiore Sant Anna)
More informationThreat Modelling for Web Application Deployment. Ivan Ristic ivanr@webkreator.com (Thinking Stone)
Threat Modelling for Web Application Deployment Ivan Ristic ivanr@webkreator.com (Thinking Stone) Talk Overview 1. Introducing Threat Modelling 2. Real-world Example 3. Questions Who Am I? Developer /
More informationChapter 12 Programming Concepts and Languages
Chapter 12 Programming Concepts and Languages Chapter 12 Programming Concepts and Languages Paradigm Publishing, Inc. 12-1 Presentation Overview Programming Concepts Problem-Solving Techniques The Evolution
More informationCode Estimation Tools Directions for a Services Engagement
Code Estimation Tools Directions for a Services Engagement Summary Black Duck software provides two tools to calculate size, number, and category of files in a code base. This information is necessary
More informationSecuring PHP Based Web Application Using Vulnerability Injection
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 3, Number 5 (2013), pp. 391-398 International Research Publications House http://www. irphouse.com /ijict.htm Securing
More informationFine-Grained User-Space Security Through Virtualization. Mathias Payer and Thomas R. Gross ETH Zurich
Fine-Grained User-Space Security Through Virtualization Mathias Payer and Thomas R. Gross ETH Zurich Motivation Applications often vulnerable to security exploits Solution: restrict application access
More informationThe Devils Behind Web Application Vulnerabilities
The Devils Behind Web Application Vulnerabilities Defending against Web Application Vulnerabilities IEEE Computer, February 2012 Nuno Antunes, Marco Vieira {nmsa, mvieira}@dei.uc.pt Postgrad Colloquium
More information1-04-10 Configuration Management: An Object-Based Method Barbara Dumas
1-04-10 Configuration Management: An Object-Based Method Barbara Dumas Payoff Configuration management (CM) helps an organization maintain an inventory of its software assets. In traditional CM systems,
More informationALMA MATER STUDIORUM - UNIVERSITA' DI BOLOGNA SCUOLA DI LETTERE E BENI CULTURALI. Corso di laurea in Scienze della Comunicazione pubblica e sociale
ALMA MATER STUDIORUM - UNIVERSITA' DI BOLOGNA SCUOLA DI LETTERE E BENI CULTURALI Corso di laurea in Scienze della Comunicazione pubblica e sociale Mechanical engineering in ER: core aspects of market research
More informationPerformance Based Evaluation of New Software Testing Using Artificial Neural Network
Performance Based Evaluation of New Software Testing Using Artificial Neural Network Jogi John 1, Mangesh Wanjari 2 1 Priyadarshini College of Engineering, Nagpur, Maharashtra, India 2 Shri Ramdeobaba
More informationCIA Lab Assignment: Web Servers
CIA Lab Assignment: Web Servers A. Bakker N. Sijm C. Dumitru J. van der Ham Feedback deadline: October 17, 2014 10:00 CET Abstract Web servers are an important way of putting information out on the Internet
More informationActualtests.C2010-508.40 questions
Actualtests.C2010-508.40 questions Number: C2010-508 Passing Score: 800 Time Limit: 120 min File Version: 5.6 http://www.gratisexam.com/ C2010-508 IBM Endpoint Manager V9.0 Fundamentals Finally, I got
More informationAPPROACHES TO SOFTWARE TESTING PROGRAM VERIFICATION AND VALIDATION
1 APPROACHES TO SOFTWARE TESTING PROGRAM VERIFICATION AND VALIDATION Validation: Are we building the right product? Does program meet expectations of user? Verification: Are we building the product right?
More informationCDH installation & Application Test Report
CDH installation & Application Test Report He Shouchun (SCUID: 00001008350, Email: she@scu.edu) Chapter 1. Prepare the virtual machine... 2 1.1 Download virtual machine software... 2 1.2 Plan the guest
More informationIntroduction. What is an Operating System?
Introduction What is an Operating System? 1 What is an Operating System? 2 Why is an Operating System Needed? 3 How Did They Develop? Historical Approach Affect of Architecture 4 Efficient Utilization
More informationProblems and Measures Regarding Waste 1 Management and 3R Era of public health improvement Situation subsequent to the Meiji Restoration
More information
A GUI Crawling-based technique for Android Mobile Application Testing
3th International Workshop on TESTing Techniques & Experimentation Benchmarks for Event-Driven Software Berlin, Germany March 21, 2011 A GUI Crawling-based technique for Android Mobile Application Testing
More informationVirtual Machines. Virtual Machines
Virtual Machines Virtual Machines What is a virtual machine? Examples? Benefits? 1 Virtualization Creation of an isomorphism that maps a virtual guest system to a real host: Maps guest state S to host
More informationChapter 12. Development Tools for Microcontroller Applications
Chapter 12 Development Tools for Microcontroller Applications Lesson 01 Software Development Process and Development Tools Step 1: Development Phases Analysis Design Implementation Phase 1 Phase 2 Phase
More informationVisualizing Information Flow through C Programs
Visualizing Information Flow through C Programs Joe Hurd, Aaron Tomb and David Burke Galois, Inc. {joe,atomb,davidb}@galois.com Systems Software Verification Workshop 7 October 2010 Joe Hurd, Aaron Tomb
More informationSoftware: Systems and. Application Software. Software and Hardware. Types of Software. Software can represent 75% or more of the total cost of an IS.
C H A P T E R 4 Software: Systems and Application Software Software and Hardware Software can represent 75% or more of the total cost of an IS. Less costly hdwr. More complex sftwr. Expensive developers
More informationBridging the Gap - Security and Software Testing. Roberto Suggi Liverani ANZTB Test Conference - March 2011
Bridging the Gap - Security and Software Testing Roberto Suggi Liverani ANZTB Test Conference - March 2011 1 Agenda Roberto, what test are you doing? Is this a defect, vulnerability or both? What can we
More informationUniversità degli Studi di Roma. "Tor Vergata" Facoltà di Economia. Corso di laurea triennale in. Economia e Management.
Università degli Studi di Roma "Tor Vergata" Facoltà di Economia Corso di laurea triennale in Economia e Management Tesi di laurea in Storia economica "Labor force participation in Italy, 1861-2010. A
More informationIntroduction to Software Paradigms & Procedural Programming Paradigm
Introduction & Procedural Programming Sample Courseware Introduction to Software Paradigms & Procedural Programming Paradigm This Lesson introduces main terminology to be used in the whole course. Thus,
More informationSoftware Security Testing
Software Security Testing Elizabeth Sanders Department of Electrical & Computer Engineering Missouri University of Science and Technology ejwxcf@mst.edu 2015 Elizabeth Sanders Pop Quiz What topics am I
More informationeggon SDK for ios 7 Integration Instructions
eggon SDK for ios 7 Integration Instructions The eggon SDK requires a few simple steps in order to be used within your ios 7 application. Environment This guide assumes that a standard ios Development
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Testing and Source Code Auditing Secure Software Programming 2 Overview
More informationOutline. multiple choice quiz bottom-up design. the modules main program: quiz.py namespaces in Python
Outline 1 Modular Design multiple choice quiz bottom-up design 2 Python Implementation the modules main program: quiz.py namespaces in Python 3 The Software Cycle quality of product and process waterfall
More informationPrecise and Accurate Processor Simulation
Precise and Accurate Processor Simulation Harold Cain, Kevin Lepak, Brandon Schwartz, and Mikko H. Lipasti University of Wisconsin Madison http://www.ece.wisc.edu/~pharm Performance Modeling Analytical
More informationA framework for creating custom rules for static analysis tools
A framework for creating custom rules for static analysis tools Eric Dalci John Steven Cigital Inc. 21351 Ridgetop Circle, Suite 400 Dulles VA 20166 (703) 404-9293 edalci,jsteven@cigital.com Abstract Code
More informationVerification and Validation of Software Components and Component Based Software Systems
Chapter 5 29 Verification and Validation of Software Components and Component Based Christina Wallin Industrial Information Technology Software Engineering Processes ABB Corporate Research christina.wallin@mdh.se
More informationSAS Logic Coding Made Easy Revisit User-defined Function Songtao Jiang, Boston Scientific Corporation, Marlborough, MA
ABSTRACT PharmaSUG 2013 - Paper CC04 SAS Logic Coding Made Easy Revisit User-defined Function Songtao Jiang, Boston Scientific Corporation, Marlborough, MA SAS programmers deal with programming logics
More informationFinding Execution Faults in Dynamic Web Application
International Journal of Information and Computation Technology. ISSN 0974-2239 Volume 4, Number 5 (2014), pp. 445-452 International Research Publications House http://www. irphouse.com /ijict.htm Finding
More informationSoftware Verification and System Assurance
Software Verification and System Assurance John Rushby Based on joint work with Bev Littlewood (City University UK) Computer Science Laboratory SRI International Menlo Park CA USA John Rushby, SR I Verification
More informationCertification of a Scade 6 compiler
Certification of a Scade 6 compiler F-X Fornari Esterel Technologies 1 Introduction Topic : What does mean developping a certified software? In particular, using embedded sofware development rules! What
More informationDesign of High Availability Systems & Software
HighAv - Version: 2 21 June 2016 Design of High Availability Systems & Software Design of High Availability Systems & Software HighAv - Version: 2 2 days Course Description: This course examines the high-level
More informationSoftware Testing. Quality & Testing. Software Testing
Software Testing Software Testing Error: mistake made by the programmer/developer Fault: a incorrect piece of code/document (i.e., bug) Failure: result of a fault Goal of software testing: Cause failures
More informationPeer-to-Peer Networks
Peer-to-Peer Networks Chapter 1: Introduction Jussi Kangasharju Chapter Outline Course outline and practical matters Peer-to-peer (P2P) overview Definition of P2P What is P2P and how it is different from
More informationComponent visualization methods for large legacy software in C/C++
Annales Mathematicae et Informaticae 44 (2015) pp. 23 33 http://ami.ektf.hu Component visualization methods for large legacy software in C/C++ Máté Cserép a, Dániel Krupp b a Eötvös Loránd University mcserep@caesar.elte.hu
More informationAbstract. Introduction. Summary
Analyzing the Effectiveness and Coverage of Web Application Security s By Larry Suto Application Security Consultant San Francisco October, 2007 Abstract This paper summarizes my study of web application
More informationMobile Application Hacking for Android and iphone. 4-Day Hands-On Course. Syllabus
Mobile Application Hacking for Android and iphone 4-Day Hands-On Course Syllabus Android and iphone Mobile Application Hacking 4-Day Hands-On Course Course description This course will focus on the techniques
More informationInstalling Java (Windows) and Writing your First Program
Appendix Installing Java (Windows) and Writing your First Program We will be running Java from the command line and writing Java code in Notepad++ (or similar). The first step is to ensure you have installed
More informationTuesday, October 18. Configuration Management (Version Control)
Tuesday, October 18 Configuration Management (Version Control) How Version Control Works Place the official version of source code into a central repository, or database Programmers check out a working
More informationFrom Rivals to BFF: WAF & VA Unite OWASP 07.23.2009. The OWASP Foundation http://www.owasp.org
From Rivals to BFF: WAF & VA Unite 07.23.2009 Brian Contos, Chief Security Strategist Imperva Inc. brian.contos@imperva.com +1 (650) 832.6054 Copyright The Foundation Permission is granted to copy, distribute
More informationIntroduction to Automated Testing
Introduction to Automated Testing What is Software testing? Examination of a software unit, several integrated software units or an entire software package by running it. execution based on test cases
More informationManual Techniques, Rules of Thumb
Seminar on Software Cost Estimation WS 2002/2003 Manual Techniques, Rules of Thumb Pascal Ziegler 1 Introduction good software measurement and estimation are important simple methods are widely used simple,
More informationERIKA Enterprise pre-built Virtual Machine
ERIKA Enterprise pre-built Virtual Machine with support for Arduino, STM32, and others Version: 1.0 July 2, 2014 About Evidence S.r.l. Evidence is a company operating in the field of software for embedded
More informationProgramming Languages
Programming Languages Qing Yi Course web site: www.cs.utsa.edu/~qingyi/cs3723 cs3723 1 A little about myself Qing Yi Ph.D. Rice University, USA. Assistant Professor, Department of Computer Science Office:
More informationA Test Suite for Basic CWE Effectiveness. Paul E. Black. paul.black@nist.gov. http://samate.nist.gov/
A Test Suite for Basic CWE Effectiveness Paul E. Black paul.black@nist.gov http://samate.nist.gov/ Static Analysis Tool Exposition (SATE V) News l We choose test cases by end of May l Tool output uploaded
More informationIntegrating Artificial Intelligence. Software Testing
Integrating Artificial Intelligence in Software Testing Roni Stern and Meir Kalech, ISE department, BGU Niv Gafni, Yair Ofir and Eliav Ben-Zaken, Software Eng., BGU 1 Abstract Artificial Intelligence Planning
More informationEvaluation of Web Security Mechanisms Using Inline Scenario & Online Scenario
Evaluation of Web Security Mechanisms Using Inline Scenario & Online Scenario M. Durai Ganesh (Research Scholars) Information Technology, St. Peter s University, Chennai- 54, Tamil Nadu, India Dr. G.Gunasekaran,
More informationDetecting SQL Injection Vulnerabilities in Web Services
Detecting SQL Injection Vulnerabilities in Web Services Nuno Antunes, {nmsa, mvieira}@dei.uc.pt LADC 2009 CISUC Department of Informatics Engineering University of Coimbra Outline n Web Services n Web
More informationHP Performance Center 11.5: What s New? Gurmeen Aneja
HP Performance Center 11.5: What s New? Gurmeen Aneja Agenda 1. Introductions 2. Performance Application Lifecycle(PAL) 3. Lab management automation 4. Network Virtualization Performance Application Lifecycle(PAL)
More informationCS222: Systems Programming
CS222: Systems Programming The Basics January 24, 2008 A Designated Center of Academic Excellence in Information Assurance Education by the National Security Agency Agenda Operating System Essentials Windows
More informationOPM Example- Improving Software Code Quality by reducing Code Complexity using Klocwork
OPM Example- Improving Software Code Quality by reducing Code Complexity using Klocwork Sarit Assaraf sassaraf@iai.co.il Yossi Cohen Yscohen@iai.co.il SEPG NORTH AMERICA The CMMI CONFERENCE 6-7 May 2014
More informationCS314: Course Summary
CS314: Course Summary Prof. Robert B. France Dept. of Computer Science Colorado State University Robert B. France 1 1 Software Development Issues Explored - 1 Software engineering basics Why do we need
More informationOPG Leadership Series Kickoff, Solaris Security Design. Casper Dik Sun Microsystems, Inc.
OPG Leadership Series Kickoff, Solaris Security Design September, Considerations 2005 Casper Dik Sun Microsystems, Inc. Solaris Security Design Principles Or how ten years changed my perspective on security
More informationLastest Development in Partial Discharge Testing Koh Yong Kwee James, Leong Weng Hoe Hoestar Group
Lastest Development in Partial Discharge Testing Koh Yong Kwee James, Leong Weng Hoe Hoestar Group INTRODUCTION Failure of High Voltage insulation is the No 1 cause of High voltage system failures with
More informationLevels of Testing Patrick Oladimeji
Levels of Testing Patrick Oladimeji Advance topics in Computer Science Dr. Markus Roggenbach Prof. Dr. Holger Schlingloff University of Wales Swansea Computer Science Department Contents 1. Different levels
More informationDistributed Version Control
Distributed Version Control Faisal Tameesh April 3 rd, 2015 Executive Summary Version control is a cornerstone of modern software development. As opposed to the centralized, client-server architecture
More informationThe care of open source creatures. Vincent Sanders
The care of open source creatures Vincent Sanders What am I on about? An examination of: What a services a project ought to have What options exist to fulfil those requirements A practical look at some
More informationBenchmarking FreeBSD. Ivan Voras <ivoras@freebsd.org>
Benchmarking FreeBSD Ivan Voras What and why? Everyone likes a nice benchmark graph :) And it's nice to keep track of these things The previous major run comparing FreeBSD to Linux
More informationAssembly Language Programming
Assembly Language Programming Assemblers were the first programs to assist in programming. The idea of the assembler is simple: represent each computer instruction with an acronym (group of letters). Eg:
More informationGraphical Environment Tool for Development versus Non Graphical Development Tool
Section 4 Computing, Communications Engineering and Signal Processing & Interactive Intelligent Systems Graphical Environment Tool for Development versus Non Graphical Development Tool Abstract S.Daniel
More information