Browsing by Author "Dr. Matthias Stallmann, Committee Member"

Filter results by typing the first few letters
Now showing 1 - 7 of 7
  • No Thumbnail Available
    Abstraction-Based Static Analysis of Buffer Overruns in C Programs
    (2003-07-07) Srinivasa, Gopal Ranganatha; Dr. Matthias Stallmann, Committee Member; Dr. Peng Ning, Committee Member; Dr. Daniel C DuVarney, Committee Member; Dr. S Purushothaman Iyer, Committee Chair
    Bounds violations or buffer overruns have historically been a major source of defects in software systems, making bounds checking a key component in practical automatic verification methods. With the advent of the Internet, buffer overruns have been exploited by attackers to break into secure systems as well. Many security violations ranging from the 1988 Internet worm incident to the AnalogX Proxy server vulnerability have been attributed to buffer overruns. Programs written in the C language, which comprise most of the systems software available today, are particularly vulnerable because of the lack of array bounds checking in the C compiler, presence of pointers that can be used to write anywhere in memory, and the weak type system of the C language. Many methods have been proposed to detect these errors. Runtime methods that detect buffer overruns suffer from significant overhead and incomplete coverage, while compile time methods could suffer from low accuracy and poor scalability. In this thesis, we propose a new technique for bounds checking based on data abstraction that is more accurate, more scalable, and suffers from no runtime overhead. Enhancements have been made to C Wolf, a suite of model generation tools, to handle buffer overflow analysis. Case studies on web2c, a publicly available software package, pico server, an open source web server, and on the wu-ftpd server are presented to demonstrate the practicality of the technique.
  • No Thumbnail Available
    A Conformance Review Strategy for Regulating Safety-Critical Software.
    (2006-09-24) Jetley, Raoul Praful; Dr. S. Purushothaman Iyer, Committee Chair; Dr. Laurie Williams, Committee Member; Dr. Matthias Stallmann, Committee Member; Dr. Alexander Dean, Committee Member
    Safety is an important concern for software used in life-critical systems such as air transport, nuclear power and medical devices. The critical nature of these systems necessitates that the software used therein be reliable and free of errors. It becomes imperative, therefore, to have a stringent review process in place to ascertain the correctness of the software and to ensure that it meets all requirements and standards. Regulatory agencies encourage the use of formal methods based techniques in the development of safety critical software. However, most manufacturers are reluctant to use these techniques, citing them as too complex and time consuming. As a result, (potentially life-threatening) errors are often not discovered until the software is already on the market. When such an error is eventually discovered, it becomes essential to trace the failure to its exact source in the implementation and to assure that the error correction restores the overall safety and effectiveness of the device. In this dissertation, we present how efficient premarket and postmarket reviews of designs and implementations can be carried out using formal methods based techniques, to enable the process of reviewing software in safety-critical devices. To facilitate premarket conformance reviews, we introduce the notion of usage models -- standardized formal models that serve as design templates. We present an approach to conformance checking of safety-critical software through formal verification and automated test case sequences derived from these standardized models. To provide for efficient postmarket reviews, we establish a methodology based on integrating program slicing with model abstraction to trace software failures to their root cause. We formalize this methodology by presenting an iterative algorithm for abstraction-driven slicing and realize this algorithm through the implementation of the CAdS -- a forensic analysis tool for C programs. We provide case studies involving typical medical device software to illustrate the various concepts involved and present results from these studies to gauge the effectiveness of our proposed approach.
  • No Thumbnail Available
    Design and Performance Evaluation of some Conditional Replenishment Schemes
    (2008-07-18) Joshi, Kanishka S; Dr. Douglas Reeves, Committee Member; Dr. Injong Rhee, Committee Chair; Dr. Matthias Stallmann, Committee Member
  • No Thumbnail Available
    Efficient Skycube Computation using Bitmaps derived from Indexes
    (2006-10-24) Tambaram Kailasam, Gayathri; Dr. Ting Yu, Committee Member; Dr. Jaewoo Kang, Committee Chair; Dr. Matthias Stallmann, Committee Member
    Skyline queries have been increasingly used in multi-criteria decision making and data mining applications. They retrieve a set of interesting points from a potentially large set of data points. A point is said to be interesting if it is as good or better in all dimensions and better in at least one dimension. Skyline Cube (Skycube) consists of skylines of all possible non-empty subsets of a given set of dimensions. In this paper, we propose two algorithms for computing skycube using bitmaps that are derivable from indexes. Point-based skycube algorithm is an improvement over the existing Bitmap algorithm, extended to compute skycube. Point-based algorithm processes one point at a time to check for skylines in all subspaces. Value-based skycube algorithm views points as value combinations and probes entire search space for potential skyline points. It significantly reduces bitmap access for low cardinality dimensions. Our experimental study shows that the two algorithms strictly dominate, or at least comparable to, the current skycube algorithm in most of the cases, suggesting that such an approach could be an useful addition to the set of skyline query processing techniques.
  • No Thumbnail Available
    Exact and Inexact Methods for Selecting Views and Indexes for OLAP Performance Improvement
    (2010-04-28) Asgharzadeh Talebi, Zohreh; Dr. Matthias Stallmann, Committee Member; Dr. Carla Savage, Committee Member; Dr. Rada Chirkova, Committee Co-Chair; Dr. Yahya Fathi, Committee Co-Chair
    In on-line analytical processing (OLAP), precomputing (materializing as views) and indexing auxiliary data aggregations is a common way of reducing query-evaluation time (cost) for important data-analysis queries. We consider an OLAP view- and index-selection problem as an optimization problem, where (i) the input includes the data-warehouse schema, a set of data-analysis queries of interest, and a storage-limit constraint, and (ii) the output is a set of views and indexes that minimizes the total cost of evaluating the input queries, subject to the storage limit. While greedy and other heuristic strategies for choosing views or indexes might have some success in reducing the cost, it is highly nontrivial to arrive at a globally optimal solution, one that reduces the processing cost of typical OLAP queries as much as is theoretically possible. In this dissertation we present a systematic study of the OLAP view- and indexselection problem. Our specific contributions are: (1) we introduce an integer programming model for OLAP view- and index-selection problem; (2) we develop an algorithm that effectively and efficiently prunes the space of potentially beneficial views and indexes of the problem, and provide formal proofs that our pruning algorithm keeps at least one globally optimal solution in the search space, thus the resulting integer-programming model is guaranteed to find an optimal solution; this allows us to solve realistic-size instances of the problem within reasonable execution time. (3) we develop a family of algorithms to further reduce the size of the search space so that we are able to solve larger instances of the problem, although we no longer guarantee global optimality of the resulting solution; and (4) we present an experimental comparison of our proposed approach with other approaches discussed in the open literature. Our experiments show that our proposed approach to view and index selection results in high-quality solutions — in fact, in the global optimal solutions for many realistic-size problem instances. Thus, it compares favorably with the well-known OLAP-centered approach of [13] and provides for a winning combination with the end-toend framework of [2] for generic view and index selection.
  • No Thumbnail Available
    Improving Software Comprehension In Regulating Safety-Critical Systems
    (2008-06-06) Zhang, Yi; Dr. Tao Xie, Committee Member; Dr. Laurie Williams, Committee Member; Dr. Matthias Stallmann, Committee Member; Dr. S. Purushothaman Iyer, Committee Chair
  • No Thumbnail Available
    Mobile Movement Patterns and Applications in Wireless Networks
    (2008-08-21) Feng, Fang; Dr. Arne A. Nilsson, Committee Member; Dr. Douglas S. Reeves, Committee Chair; Dr. Wenye Wang, Committee Member; Dr. Matthias Stallmann, Committee Member
    In a real-life wireless network, the logical movements of mobile nodes are not purely random. Movements of individual mobile nodes have intrinsic patterns determined by regular activities of individual persons. Regularities in people's group activities also introduce patterns in co-location behavior of multiple mobile nodes. Mobile nodes are able to predict their future behavior using history information, and prediction results can be used to expedite network management processes and reduce the required overhead. Our research focus on characterization and applications of movement and co-location patterns. echanism with movement prediction for wireless IP networks. Each mobile node records movement history information, and predicts its next subnet before the actual movement. It explicitly notifies the current foreign agent to duplicate and forward packets to the predicted subnet. Simulation with real-life wireless network trace shows that the latency of network-layer handoff and the amount of packet loss are greatly reduced, only with a limited overhead in packet duplication and forwarding. The topology matching issue for mobile peer-to-peer networks is also investigated, and a Local Topology Cache mechanism is designed to expedite topology matching for overlay topology optimization and reduce the associated overhead. As mobile nodes have patterns in their movement and interaction, the physical network topology nearby might be similar for a mobile node's two consecutive visits to a subnet. The mobile node caches the information of topologically matched P2P neighbors and reuses them when returning to the subnet, without probing the network again. We simulate this scheme with a real-life wireless network trace, and found the caching mechanism can greatly reduce network probing overhead, while achieving similar efficiency of P2P overlay topology. We further investigate the co-location behavior of multiple mobile nodes. People's regular interactions determine that co-location of mobile nodes has regularities. Using real-life wireless network traces, we measure the characteristics of mobile nodes' co-location, and show that co-location has patterns and is repetitive, which provides the basis of co-location prediction. A Markov-family model is used to dynamically model the co-location behavior, and a fully distributed co-location prediction method only using a mobile node's own movement trace and co-location history is proposed. The effectiveness of this co-location prediction method is demonstrated with simulations based on real-life wireless network activity traces. We also utilize the co-location prediction method in the construction of the peer-to-peer overlay in a wireless network, and show that it can construct a peer-to-peer overlay as efficient as topology matching techniques, without probing the physical network. This demonstrates that co-location prediction can indeed expedite network management and reduce the associated overhead.