Graph-Based Algorithms for Boolean Function Manipulation
IEEE Transactions on Computers
The program dependence graph and its use in optimization
ACM Transactions on Programming Languages and Systems (TOPLAS)
Algebraic specification
ACM Computing Surveys (CSUR)
Interprocedural slicing using dependence graphs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Efficiently computing static single assignment form and the control dependence graph
ACM Transactions on Programming Languages and Systems (TOPLAS)
Dynamic slicing in the presence of unconstrained pointers
TAV4 Proceedings of the symposium on Testing, analysis, and verification
Constraint-Based Automatic Test Data Generation
IEEE Transactions on Software Engineering
Constraint logic programming: selected research
Constraint logic programming: selected research
Applications of feasible path analysis to program testing
ISSTA '94 Proceedings of the 1994 ACM SIGSOFT international symposium on Software testing and analysis
SIGSOFT '94 Proceedings of the 2nd ACM SIGSOFT symposium on Foundations of software engineering
POPL '95 Proceedings of the 22nd ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Precise interprocedural chopping
SIGSOFT '95 Proceedings of the 3rd ACM SIGSOFT symposium on Foundations of software engineering
Parallelism for free: efficient and optimal bitvector analyses for parallel programs
ACM Transactions on Programming Languages and Systems (TOPLAS)
Structural operational semantics as a basis for static program analysis
ACM Computing Surveys (CSUR)
Identifying loops using DJ graphs
ACM Transactions on Programming Languages and Systems (TOPLAS)
REDLOG: computer algebra meets computer logic
ACM SIGSAM Bulletin
Simulation and optimization by quantifier elimination
Journal of Symbolic Computation - Special issue: applications of quantifier elimination
Secure information flow in a multi-threaded imperative language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Automatic test data generation using constraint solving techniques
Proceedings of the 1998 ACM SIGSOFT international symposium on Software testing and analysis
Static slicing of threaded programs
Proceedings of the 1998 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Term rewriting and all that
A conservative data flow algorithm for detecting all pairs of statements that may happen in parallel
SIGSOFT '98/FSE-6 Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering
Automated test data generation using an iterative relaxation method
SIGSOFT '98/FSE-6 Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering
Constraint-based array dependence analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Mixed real-integer linear quantifier elimination
ISSAC '99 Proceedings of the 1999 international symposium on Symbolic and algebraic computation
Identifying loops in almost linear time
ACM Transactions on Programming Languages and Systems (TOPLAS)
The Mathematica book (4th edition)
The Mathematica book (4th edition)
Bandera: extracting finite-state models from Java source code
Proceedings of the 22nd international conference on Software engineering
Undecidability of context-sensitive data-dependence analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
A static analyzer for finding dynamic programming errors
Software—Practice & Experience
A fast algorithm for finding dominators in a flowgraph
ACM Transactions on Programming Languages and Systems (TOPLAS)
Certification of programs for secure information flow
Communications of the ACM
The SLAM project: debugging system software via static analysis
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Flow-sensitive type qualifiers
PLDI '02 Proceedings of the ACM SIGPLAN 2002 Conference on Programming language design and implementation
Efficient path conditions in dependence graphs
Proceedings of the 24th International Conference on Software Engineering
Combining Slicing and Constraint Solving for Validation of Measurement Software
SAS '96 Proceedings of the Third International Symposium on Static Analysis
TVLA: A System for Implementing Static Analyses
SAS '00 Proceedings of the 7th International Symposium on Static Analysis
An Extended Static Checker for Modular-3
CC '98 Proceedings of the 7th International Conference on Compiler Construction
Computational Geometry Problems in REDLOG
Selected Papers from the International Workshop on Automated Deduction in Geometry
The program dependence graph in a software development environment
SDE 1 Proceedings of the first ACM SIGSOFT/SIGPLAN software engineering symposium on Practical software development environments
Evaluating Context-Sensitive Slicing and Chopping
ICSM '02 Proceedings of the International Conference on Software Maintenance (ICSM'02)
Context-sensitive slicing of concurrent programs
Proceedings of the 9th European software engineering conference held jointly with 11th ACM SIGSOFT international symposium on Foundations of software engineering
Slicing, Chopping, and Path Conditions with Barriers
Software Quality Control
IEEE Transactions on Software Engineering
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Proceedings of the 5th ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Dynamic path conditions in dependence graphs
Proceedings of the 2006 ACM SIGPLAN symposium on Partial evaluation and semantics-based program manipulation
Refactoring programs to secure information flows
Proceedings of the 2006 workshop on Programming languages and analysis for security
Practical memory leak detection using guarded value-flow analysis
Proceedings of the 2007 ACM SIGPLAN conference on Programming language design and implementation
A Smart Fuzzer for x86 Executables
SESS '07 Proceedings of the Third International Workshop on Software Engineering for Secure Systems
Empirical study of optimization techniques for massive slicing
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure slices of insecure programs
Proceedings of the 2008 ACM symposium on Information, computer and communications security
Static path conditions for Java
Proceedings of the third ACM SIGPLAN workshop on Programming languages and analysis for security
Specification and Checking of Software Contracts for Conditional Information Flow
FM '08 Proceedings of the 15th international symposium on Formal Methods
On temporal path conditions in dependence graphs
Automated Software Engineering
Integrating hardware and software information flow analyses
Proceedings of the 2009 ACM SIGPLAN/SIGBED conference on Languages, compilers, and tools for embedded systems
TAJ: effective taint analysis of web applications
Proceedings of the 2009 ACM SIGPLAN conference on Programming language design and implementation
On PDG-based noninterference and its modular proof
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Automated Analysis of Java Methods for Confidentiality
CAV '09 Proceedings of the 21st International Conference on Computer Aided Verification
The dependence condition graph: Precise conditions for dependence between program points
Computer Languages, Systems and Structures
User-input dependence analysis via graph reachability
User-input dependence analysis via graph reachability
Exploiting program dependencies for scalable multiple-path symbolic execution
Proceedings of the 19th international symposium on Software testing and analysis
Information flow analysis via path condition refinement
FAST'10 Proceedings of the 7th International conference on Formal aspects of security and trust
Advanced chopping of sequential and concurrent programs
Software Quality Control
A lightweight code analysis and its role in evaluation of a dependability case
Proceedings of the 33rd International Conference on Software Engineering
Saving the world wide web from vulnerable JavaScript
Proceedings of the 2011 International Symposium on Software Testing and Analysis
Gateway decompositions for constrained reachability problems
SEA'10 Proceedings of the 9th international conference on Experimental Algorithms
New domains for applied quantifier elimination
CASC'06 Proceedings of the 9th international conference on Computer Algebra in Scientific Computing
ESOP'10 Proceedings of the 19th European conference on Programming Languages and Systems
An empirical evaluation of several test-a-few strategies for testing particular conditions
Software—Practice & Experience
Weak integer quantifier elimination beyond the linear case
CASC'07 Proceedings of the 10th international conference on Computer Algebra in Scientific Computing
Path-Sensitive backward slicing
SAS'12 Proceedings of the 19th international conference on Static Analysis
ANDROMEDA: accurate and scalable security analysis of web applications
FASE'13 Proceedings of the 16th international conference on Fundamental Approaches to Software Engineering
Composing polymorphic information flow systems with reference immutability
Proceedings of the 15th Workshop on Formal Techniques for Java-like Programs
Marple: Detecting faults in path segments using automatically generated analyses
ACM Transactions on Software Engineering and Methodology (TOSEM) - In memoriam, fault detection and localization, formal methods, modeling and design
Hi-index | 0.00 |
A new method for software safety analysis is presented which uses program slicing and constraint solving to construct and analyze path conditions, conditions defined on a program's input variables which must hold for information flow between two points in a program. Path conditions are constructed from subgraphs of a program's dependence graph, specifically, slices and chops. The article describes how constraint solvers can be used to determine if a path condition is satisfiable and, if so, to construct a witness for a safety violation, such as an information flow from a program point at one security level to another program point at a different security level. Such a witness can prove useful in legal matters.The article reviews previous research on path conditions in program dependence graphs; presents new extensions of path conditions for arrays, pointers, abstract data types, and multithreaded programs; presents new decomposition formulae for path conditions; demonstrates how interval analysis and BDDs (binary decision diagrams) can be used to reduce the scalability problem for path conditions; and presents case studies illustrating the use of path conditions in safety analysis. Applying interval analysis and BDDs is shown to overcome the combinatorial explosion that can occur in constructing path conditions. Case studies and empirical data demonstrate the usefulness of path conditions for analyzing practical programs, in particular, how illegal influences on safety-critical programs can be discovered and analyzed.