Visible to the public Highly Configurable Systems - January 2017Conflict Detection Enabled

Submitted by Jamie Presken on Wed, 12/14/2016 - 11:50am

Public Audience
Purpose: To highlight progress. Information is generally at a higher level which is accessible to the interested public.

PI(s): Jurgen Pfeffer
Co-PI(s): Christian Kastner

1) HARD PROBLEM(S) ADDRESSED (with short descriptions)

Scalability and compositionalityWe address scalability of assurances for highly configurable systems with exponentially growing configuration spaces and with massive reuse of third-party libraries that evolve independently. A compositional analysis of
options will allow to scale the analysis; for this it's important to investigate how options are implemented and how they interact. In addition, modular and timely recertification of changes and variations is essential to make security judgements scale in practice.

2) PUBLICATIONS

C. Bogart, C. Kastner, J. Herbsleb, and F. Thung. How to Break an API: Cost Negotiation and Community Values in Three Software Ecosystems. In Proceedings of the ACM SIGSOFT Symposium on the Foundations of Software Engineering (FSE), New York, NY: ACM Press, November 2016

*M. Meng, J. Meinicke, C. Wong, E. Walkingshaw, and C. Kastner. A Choice of Variational Stacks: Exploring Variational Data Structures. In Proceedings of the 11st Int'l Workshop on Variability Modelling of Software-Intensive Systems (VaMoS), 2017.

*J. Al-Kofahi, T. Nguyen, and C. Kastner. Escaping AutoHell: A Vision For Automated Analysis and Migration of Autotools Build Systems. In Proceedings of the 4rd International Workshop on Release Engineering (Releng), New York, NY: ACM Press, November 2016.

* (both papers address key challenges in scaling analyses for highly configurable systems: Internal representations to efficiently share analysis information across configurations and analysis of build systems that often contain significant sources of variability and are necessary to understand for performing a sound analysis)

3) KEY HIGHLIGHTS

  • Published two workshop papers that address key challenges in scaling analyses for highly configurable systems: Internal representations to efficiently share analysis information across configurations and analysis of build systems that often contain significant sources of variability and are necessary to understand for performing a sound analysis
  • Coded and analyzed interview data from interviews with developers, reviewers, and policy makers regarding software security and safety certification practices using Common Criteria and DO178. Preparing manuscript for submission next month.
  • We are looking at the evolution of developer networks in order to assess problems in coordination that may lead to security vulnerabilities. Towards this, we have built a robust, scalable and reusable infrastructure to extract networks from logs and communication data in order to apply state-of-the-art statistical network models.

4) COMMUNITY ENGAGEMENTS - if applicable

N/A

5) EDUCATIONAL ADVANCES - if applicable

N/A

Groups: