TY - GEN
T1 - Mining interface specifications for generating checkable robustness properties
AU - Acharya, Mithun
AU - Xie, Tao
AU - Xu, Jun
PY - 2006
Y1 - 2006
N2 - A software system interacts with its environment through interfaces. Improper handling of exceptional returns from system interfaces can cause robustness problems. Robustness of software systems are governed by various temporal properties related to interfaces. Static verification has been shown to be effective in checking these temporal properties. But manually specifying these properties is cumbersome and requires the knowledge of interface specifications, which are often either unavailable or undocumented. In this paper, we propose a novel framework to automatically infer system-specific interface specifications from program source code. We use a model checker to generate traces related to the interfaces. From these model checking traces, we infer interface specification details such as return value on success or failure. Based on these inferred specifications, we translate generically specified interface robustness rules to concrete robustness properties verifiable by static checking. Hence the generic rules can be specified at an abstract level that needs no knowledge of the source code, system, or interfaces. We implement our framework for an existing static analyzer that employs push down model checking and apply the analyzer to the well known POSIX-API system interfaces. We found 28 robustness violations in 10 open source packages using our framework.
AB - A software system interacts with its environment through interfaces. Improper handling of exceptional returns from system interfaces can cause robustness problems. Robustness of software systems are governed by various temporal properties related to interfaces. Static verification has been shown to be effective in checking these temporal properties. But manually specifying these properties is cumbersome and requires the knowledge of interface specifications, which are often either unavailable or undocumented. In this paper, we propose a novel framework to automatically infer system-specific interface specifications from program source code. We use a model checker to generate traces related to the interfaces. From these model checking traces, we infer interface specification details such as return value on success or failure. Based on these inferred specifications, we translate generically specified interface robustness rules to concrete robustness properties verifiable by static checking. Hence the generic rules can be specified at an abstract level that needs no knowledge of the source code, system, or interfaces. We implement our framework for an existing static analyzer that employs push down model checking and apply the analyzer to the well known POSIX-API system interfaces. We found 28 robustness violations in 10 open source packages using our framework.
UR - http://www.scopus.com/inward/record.url?scp=34547678001&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=34547678001&partnerID=8YFLogxK
U2 - 10.1109/ISSRE.2006.29
DO - 10.1109/ISSRE.2006.29
M3 - Conference contribution
AN - SCOPUS:34547678001
SN - 0769526845
SN - 9780769526843
T3 - Proceedings - International Symposium on Software Reliability Engineering, ISSRE
SP - 311
EP - 320
BT - Proceedings - 17th International Symposium on Software Reliability Engineering, ISSRE 2006
T2 - 17th International Symposium on Software Reliability Engineering, ISSRE 2006
Y2 - 7 November 2006 through 10 November 2006
ER -