Auflistung nach Schlagwort "analysis"
1 - 7 von 7
Treffer pro Seite
Sortieroptionen
- KonferenzbeitragClang Preprocessor Tricks for Setting up Source Code Analysis Tools(Softwaretechnik-Trends Band 42, Heft 2, 2022) Quante, Jochenclang is in widespread use for development of C/C++ source code analysis tools. Many professional tools like Astrée use clang as a C++ frontend, specially because the continuously evolving C++ standard causes a lot of effort on the tool side, and clang provides an adequate infrastructure. At the same time, many hardware-specific compilers use gcc as a basis. Although gcc and clang are compatible to a certain degree, analyzing gcc-based code with clang always runs into problems. In this paper, we propose a lightweight approach to address recurring problems in clang-based software analysis tool usage.
- ConferencePaperHeaps'n Leaks: How Heap Snapshots Improve Android Taint Analysis(Software Engineering 2021, 2021) Benz, Manuel; Kristensen, Erik Krogh; Luo, Linghui; Borges Jr., Nataniel P.; Bodden, Eric; Zeller, AndreasThe assessment of information flows is an essential part of analyzing Android apps, and is frequently supported by static taint analysis. Its precision, however, can suffer from the analysis not being able to precisely determine what elements a pointer can (and cannot) point to. Recent advances in static analysis suggest that incorporating dynamic heap snapshots, taken at one point at runtime, can significantly improve general static analysis. In this paper, we investigate to what extent this also holds for taint analysis, and how various design decisions, such as when and how many snapshots are collected during execution, and how exactly they are used, impact soundness and precision. We have extended FlowDroid to incorporate heap snapshots, yielding our prototype Heapster, and evaluated it on DroidMacroBench, a novel benchmark comprising real-world Android apps that we also make available as an artifact. The results show (1) the use of heap snapshots lowers analysis time and memory consumption while increasing precision; (2) a very good trade-off between precision and recall is achieved by a mixed mode in which the analysis falls back to static points-to relations for objects for which no dynamic data was recorded; and (3) while a single heap snapshot (ideally taken at the end of the execution) suffices to improve performance and precision, a better trade-off can be obtained by using multiple snapshots.
- KonferenzbeitragOOLH: A formal framework for specifying system requirements(SIGSAND-EUROPE 2008: Proceedings of the Third AIS SIGSAND European Symposium on Analysis, Design, Use and Societal Impact of Information Systems, 2008) Hon, Yuen Man; Gayen, Jan-Tecker; Ehrich, Hans-DieterMost of the system requirements are written in natural language. It is not easy for the system development team to understand this document unambiguously without domain specific knowledge. It is difficult to check the correctness of these requirements. A formal framework called Object Oriented Lastenheft (German for re- quirements specification) (OOLH) is proposed as a solution to handle these problems 1. This framework provides well-defined mathematical concepts to formulate system requirements. These well-formalized system requirements can be analyzed and understood easier and their consistency can be checked based on the mathematical concepts. A tool, called OOLH tool, is implemented to support analyzing, verifying and checking consistency of formulas in OOLH. Logical formulas can be transformed into decision tables and truth tables. The expected behavior or a design can be specified in decision tables in this tool, such that the correctness of requirements can be verified.
- ZeitschriftenartikelSOAM – Eine Methode zur Konzeption betrieblicher Software mit einer Serviceorientierten Architektur(Wirtschaftsinformatik: Vol. 50, No. 6, 2008) Offermann, PhilippEine große Herausforderung bei der Einführung einer Serviceorientierten Architektur (SOA) für betriebliche Software liegt nicht nur in der technischen Umsetzung, sondern auch in der Konzeption. Insbesondere die Sicherstellung der Servicedesignprinzipien erfordert ein methodisches Vorgehen. Bekannte Methoden sind bezüglich ihrer Architekturbereiche unterspezifiziert oder bezüglich ihrer Merkmale unvollständig. Es wurde eine Methode entwickelt, die werkzeugunterstützt klar definierte Architekturbereiche der SOA umsetzt. Sie baut auf in der Literatur beschriebenen Ansätzen auf und wurde durch Aktionsforschung bei Vattenfall Europe evaluiert und verfeinert. Die Zweckmäßigkeit der durch die Methode erstellten Artefakte wurde durch eine erfolgreiche Implementierung erstmals bestätigt.AbstractA big challenge when introducing service-oriented architecture for software is not only the technical implementation, but also the software design. In particular the enforcement of service design principles demands a methodical approach. Existing methods either support only partial aspects of SOA or are incomplete in respect to the method’s characteristics. A tool-supported method that realises clearly defined architecture realms has been developed. It builds on top of known approaches and has been in evaluated and refined using action research at Vattenfall Europe. The usefulness of artefacts generated by the method has been confirmed for the first time by a successful implementation.
- KonferenzbeitragTackling combinatorial explosion: a study of industrial needs and practices for analyzing highly configurable systems(Software Engineering and Software Management 2019, 2019) Mukelabai, Mukelabai; Nešić, Damir; Maro, Salome; Berger, Thorsten; Steghöfer, Jan-PhilippHundreds of dedicated analysis techniques for highly configurable systems have been conceived, many of them able to analyze properties for all possible system configurations. Unfortunately, it is largely unknown whether these techniques are adopted in practice, whether they address actual needs, or which strategies practitioners apply. We present a study [MNM+18] of analysis practices and needs in industry based on surveys and interviews. We confirm that properties considered in the literature (e.g., reliability) are relevant and that consistency between variability models and artifacts is critical, but that the majority of analyses for specifications of configuration options (a.k.a., variability model analysis) is not perceived as needed. We identified pragmatic analysis strategies, including practices to avoid the need for analysis. We discuss analyses that are missing and synthesize our insights into suggestions for future research.
- KonferenzbeitragTILE and MASS, a retrospective(Software Engineering im Unterricht der Hochschulen 2024, 2024) Dick, Steffen; Dreyer, Teresa; Bockisch, ChristophIn conjunction with the QPED project, we have developed two teaching tools, MASS, an automated feedback tool for code, and TILE, a test-driven exercise paradigm. Over the course of three different iterations of the same university courses, we have collected data to see what effect MASS and TILE have had on the students that were confronted with both. For this we used a survey in a later module and a diagnostic assessment within the final exam in the module where TILE and MASS are introduced. We found a substantial and statistically significant positive effect in our exam data.
- ZeitschriftenartikelWie erstellt man ein objektorientiertes Analysemodell?(Informatik-Spektrum: Vol. 20, No. 1, 1997) Balzert, HeideMethode definiert. Anschließend werden Anforderungen an eine Methode zur objektorientierten Systemanalyse aufgestellt. Anhand eines Fallbeispiels aus der Industrie wird eine systematische, detaillierte und iterative Methode vorgestellt, die eine Weiterentwicklung verschiedener Methoden darstellt. Mit Hilfe von ausgewählten Checklisten wird gezeigt, wie ein OOA-Modell konstruktiv und analytisch erstellt und überprüft wird. Vorschläge zur Qualitätssicherung und ein Abgleich mit den Anforderungen an eine Methode beschließen diesen Beitrag. method is defined in this article. Then the requirements for an object oriented analysis method are set up. Using an industrial case study a systematic, detailed and iterative method is presented, which shows a further development of different methods. With the help of selected check lists it is shown, how an OOA model is created and checked in a constructive and analytical way. The article ends with suggestions for the quality assurance and an adjustment of the postulated requirements of a method.