Konferenzbeitrag
On Controlling the Attack Surface of Object-Oriented Refactorings
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
Zusatzinformation
Datum
2020
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
The results of this work have originally been published in.
Refactorings constitute an effective means to improve quality and maintainability
of evolving object-oriented programs. Search-based techniques have shown promising results in
finding near-optimal sequences of behavior-preserving program transformations
that (1) maximize code-quality metrics and (2) minimize the number of code changes.
However, the impact of refactorings on non-functional properties like security has received little attention so far.
To this end, we propose, as a further objective, to minimize the attack surface of object-oriented programs
(i.e., to maximize strictness of declared accessibility of class members). Minimizing the attack surface naturally competes with
applicability of established refactorings like MoveMethod, frequently used for improving
code quality in terms of coupling/cohesion measures.
Our tool implementation is based on an EMF meta-model for Java-like programs and utilizes
MOMoT, a search-based model-transformation and optimization framework.
Our experimental results gained from applying different accessibility-control strategies to
a collection of real-world Java programs show the impact of attack surface minimization on design-improving refactorings.
We further compare the results to those of existing refactoring tools.