The Future of Correct Software George Necula. 2 Software Correctness is Important ► Where there is software, there are bugs ► It is estimated that software.

Slides:



Advertisements
Similar presentations
Starfish: A Self-tuning System for Big Data Analytics.
Advertisements

Test process essentials Riitta Viitamäki,
Acceptance Testing.
1/20 Generalized Symbolic Execution for Model Checking and Testing Charngki PSWLAB Generalized Symbolic Execution for Model Checking and Testing.
David Brumley, Pongsin Poosankam, Dawn Song and Jiang Zheng Presented by Nimrod Partush.
Presenter: PCLee – This paper outlines the MBAC tool for the generation of assertion checkers in hardware. We begin with a high-level presentation.
Bug Isolation via Remote Program Sampling Ben Liblit, Alex Aiken, Alice X.Zheng, Michael I.Jordan Presented by: Xia Cheng.
The Design and Implementation of a Certifying Compiler [Necula, Lee] A Certifying Compiler for Java [Necula, Lee et al] David W. Hill CSCI
Applied Software Project Management Andrew Stellman & Jennifer Greenehttp:// Applied Software Project Management Introduction.
Applied Software Project Management INTRODUCTION Applied Software Project Management 1 5/20/2015.
Assurance through Enhanced Design Methodology Orlando, FL 5 December 2012 Nirav Davé SRI International This effort is sponsored by the Defense Advanced.
Extensible Verification of Untrusted Code Bor-Yuh Evan Chang, Adam Chlipala, Kun Gao, George Necula, and Robert Schneck May 14, 2004 OSQ Retreat Santa.
Type-Safe Programming in C George Necula EECS Department University of California, Berkeley.
Software Engineering. How many lines of code? Average CS1004 assignment: 200 lines Average CS4115 project: 5000 lines Corporate e-commerce project: 80,000.
Software Engineering.
Programmability with Proof-Carrying Code George C. Necula University of California Berkeley Peter Lee Carnegie Mellon University.
Reasons to study concepts of PL
Software Reliability Methods Sorin Lerner. Software reliability methods: issues What are the issues?
1 Security Architecture and Analysis Software Inspections and Verification Software Testing and Certification.
Applied Software Project Management 1 Introduction Dr. Mengxia Zhu Computer Science Department Southern Illinois University Carbondale.
School of Computer ScienceG53FSP Formal Specification1 Dr. Rong Qu Introduction to Formal Specification
1 ES 314 Advanced Programming Lec 2 Sept 3 Goals: Complete the discussion of problem Review of C++ Object-oriented design Arrays and pointers.
1 The Problem o Fluid software cannot be trusted to behave as advertised unknown origin (must be assumed to be malicious) known origin (can be erroneous.
1 Joe Meehean. 2 Testing is the process of executing a program with the intent of finding errors. -Glenford Myers.
SEC(R) 2008 Intel® Concurrent Collections for C++ - a model for parallel programming Nikolay Kurtov Software and Services.
© Janice Regan, CMPT 128, Jan CMPT 128 Introduction to Computing Science for Engineering Students Creating a program.
Software Quality Assurance Lecture #8 By: Faraz Ahmed.
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 1: Software and Software Engineering.
Michael Ernst, page 1 Collaborative Learning for Security and Repair in Application Communities Performers: MIT and Determina Michael Ernst MIT Computer.
Programming by Sketching Armando Solar-Lezama, Liviu Tancau, Gilad Arnold, Rastislav Bodik, Sanjit Seshia UC Berkeley, Rodric Rabbah MIT, Kemal Ebcioglu,
Scalable Statistical Bug Isolation Ben Liblit, Mayur Naik, Alice Zheng, Alex Aiken, and Michael Jordan University of Wisconsin, Stanford University, and.
Microsoft Research Faculty Summit Panacea or Pandora’s Box? Software Transactional Memory Panacea or Pandora’s Box? Christos Kozyrakis Assistant.
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 1: Software and Software Engineering.
Proof Carrying Code Zhiwei Lin. Outline Proof-Carrying Code The Design and Implementation of a Certifying Compiler A Proof – Carrying Code Architecture.
Programming Models & Runtime Systems Breakout Report MICS PI Meeting, June 27, 2002.
Enabling Refinement with Synthesis Armando Solar-Lezama with work by Zhilei Xu and many others*
Testing and Debugging Version 1.0. All kinds of things can go wrong when you are developing a program. The compiler discovers syntax errors in your code.
Ethics of Software Testing Thomas LaToza CS 210 Final Presentation 12 / 2 / 2002.
Object-Oriented Software Engineering Practical Software Development using UML and Java Chapter 1: Software and Software Engineering.
Introduction to Software Testing. Types of Software Testing Unit Testing Strategies – Equivalence Class Testing – Boundary Value Testing – Output Testing.
Functional Verification Figure 1.1 p 6 Detection of errors in the design Before fab for design errors, after fab for physical errors.
Software Debugging, Testing, and Verification Presented by Chris Hundersmarck November 10, 2004 Dr. Bi’s SE516.
Contents Introduction Available OSF Solutions for VM UFO Design Implementation Evaluation Discussion Conclusions References.
Mobile Agent Security Presented By Sayuri Yonekawa October 17, 2000.
Security Vulnerabilities in A Virtual Environment
ANU COMP2110 Software Design in 2003 Lecture 10Slide 1 COMP2110 Software Design in 2004 Lecture 12 Documenting Detailed Design How to write down detailed.
Objects First With Java A Practical Introduction Using BlueJ Well-behaved objects 2.1.
SAFE KERNEL EXTENSIONS WITHOUT RUN-TIME CHECKING George C. Necula Peter Lee Carnegie Mellon U.
Grigore Rosu Founder, President and CEO Professor of Computer Science, University of Illinois
A Binary Agent Technology for COTS Software Integrity Anant Agarwal Richard Schooler InCert Software.
Introduction to Software Analysis CS Why Take This Course? Learn methods to improve software quality – reliability, security, performance, etc.
Efficiently Solving Computer Programming Problems Doncho Minkov Telerik Corporation Technical Trainer.
Chapter 10 Chapter 10 Implementing Subprograms. Implementing Subprograms  The subprogram call and return operations are together called subprogram linkage.
Programming by Sketching Ras Bodik. 2 The Problem Problem: k-line algorithm translates to k lines of code. 30-year-old idea: Can we synthesize the.
Introduction to Computer Programming Concepts M. Uyguroğlu R. Uyguroğlu.
CS 5150 Software Engineering Lecture 21 Reliability 2.
Operating systems depend on device drivers to communicate with attached hardware. A device driver is a collection of subroutines written in a low-level.
Presented By:- Himanshu Rajkiran Sudipta.  History  Introduction  System Specification(H/W & S/W)  Feasibility Study  Entity-Relationship Diagram.
Software Testing. Software Quality Assurance Overarching term Time consuming (40% to 90% of dev effort) Includes –Verification: Building the product right,
Types for Programs and Proofs
Владимир Гусаров Директор R&D, Dell Visual Studio ALM MVP ALM Ranger
APEx: Automated Inference of Error Specifications for C APIs
runtime verification Brief Overview Grigore Rosu
State your reasons or how to keep proofs while optimizing code
Public Deployment of Cooperative Bug Isolation
Fault Tolerance Distributed Web-based Systems
Programming by Sketching
Software Security.
Test Cases, Test Suites and Test Case management systems
Presentation transcript:

The Future of Correct Software George Necula

2 Software Correctness is Important ► Where there is software, there are bugs ► It is estimated that software bugs cost the economy over $60B a year (1% of GDP)  Average cost of downtime can be $1M/hour ► Software bugs are responsible for over 50% of known security vulnerabilities

3 Software Correctness is Hard ► Social challenges  Customers still favor features and performance  Programmers notoriously overconfident ► Economic challenges  Correctness costs more than extra features ► Technical challenges  Impossible to build perfect software quality tools  False alarms and missed errors are facts of life

4 The Open Source Quality Group ► Members  Rastislav Bodik, George Necula, Sanjit Seshia  Collaborators at Stanford, Microsoft, IBM, Intel  And 15 graduate students ► Develop techniques and tools for building, deploying and monitoring quality software ► Use Open Source software as a test bed

5 1. Building Correct Software ► Tools can help only if we bring more information in the software process ► Find unobtrusive ways to get programmer assistance with correctness reasoning  Programs express “how” things must be done  Programmers know the “what” and “why” ! ► Example: Programming by sketching  by Rastislav Bodik, Sanjit Seshia

6 The Sketching Experience sketch implementation (completed sketch) spec specification +

7 Promising Properties Sketched programs are developed … rapidly: the low-level details are synthesized automatically correctly: implementation guaranteed to behave like the specification

8 Example: Sorting by hand int[] merge (int[] a, int b[], int n) { for (int i = 0; i < n; i++) if ( j<n && ( !(k<n) || a[j] < b[k]) ) { result[i] = a[j]; j++; } else { result[i] = b[k]; k++; }} return result; } ► The devil is in the details

9 int[] merge (int[] a, int b[], int n) { for (int i = 0; i < n; i++) if ( synthesize( ||, &&, <, !, [] ) ) { result[i] = a[j]; j++; } else { result[i] = b[k]; k++; }} return result; } ► Sketch compiler fills in the details correctly ► Sketches are programs with missing details ► Specifications can be slow/simple programs Sorting sketched hole

10 Experience with Sketching Ciphers User experiment:  goal: implement a mini-cipher  how: C programmer vs. sketching programmer Results:  sketching programmer was twice as fast  sketched cipher ran 50% faster Next: sketching for general purpose programs

11 2. Deploying Correct Software ► Today’s view of software:  Software is executable ► Future view of software:  Software is checkable and executable ► We need to redefine what software is: Software = Executable content Software = Executable content + Assurance support + Assurance support

12 Today: Digital Signatures CPU Code Consumer Signature Checking Trust the code producer Not a behavioral assurance Dangerous ! Does not scale well Good but not enough

13 Future: Semantic Assurance CPU Code Consumer Safety Proof Proof Checking Proof-carrying code Provides semantic assurance Producer does the hard work C ode producer “helps” the consumer to check the code

14 Challenges ► How small can you make the proofs?  Today about 25% of the code and shrinking ► How do you generate proofs ?  Certifying software synthesis tools (compilers)  Automatic today for memory safety, resource usage constraints ► Next: make more software tools certifying

15 3. When Everything Else Fails ► The future of correct software must include incorrect software ► We must deal with execution errors  Monitoring, recovery, restarting, … ► Example: Cooperative Bug Isolation

16 Post-Deployment Monitoring Cooperative Bug Isolation

17 Idea: Measure Reality ► Go beyond measuring crashes ► Monitor good and bad executions  Spread cost of monitoring over many users  Collect feedback data & mine for bug causes ► Actual user runs are a vast resource  Number of real runs >> number of testing runs  Real-world executions are most important

18 Bug Isolation Architecture Program Source Compiler Sampler Shipping Application Prole /  Statistical Debugging Top bugs with likely causes

19 Public Deployment in Progress ► Applications do have bugs ► Attract more users for statistical analysis

20 Conclusion ► Social factors will work in favor of software correctness ► Technology must provide affordable solutions for correctness  Bring more information into software process  Software synthesis from high-level specifications  Software distributions with assurance support ► Good error handling always important

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.