Visible to the public Biblio

Filters: Keyword is modularization  [Clear All Filters]
2018-08-23
Shimakawa, Masaya, Osari, Kenji, Hagihara, Shigeki, Yonezaki, Naoki.  2017.  Modularization of Formal Specifications or Efficient Synthesis of Reactive Systems. Proceedings of the 6th International Conference on Software and Computer Applications. :208–213.
Reactive systems respond to requests from an environment with appropriate timing. Because reactive systems are used widely in infrastructure, it is necessary that they are developed without flaws. Automatic synthesis of reactive systems from particular specifications is an ideal technique for ensuring development without flaws. Several tools for synthesis have been proposed, e.g., Lily, AcaciaPlus and Unbeast. Among them, AcaciaPlus can synthesize systems compositionally, and enables synthesis from large-scale specifications that could not previously be treated. However, the modularization of specifications depends largely on the computation time required for synthesis; this is not a trivial problem. In this paper, we discuss the modularization of specifications to enable efficient synthesis of reactive systems.
2017-09-26
Chen, Haining, Chowdhury, Omar, Li, Ninghui, Khern-am-nuai, Warut, Chari, Suresh, Molloy, Ian, Park, Youngja.  2016.  Tri-Modularization of Firewall Policies. Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies. :37–48.

Firewall policies are notorious for having misconfiguration errors which can defeat its intended purpose of protecting hosts in the network from malicious users. We believe this is because today's firewall policies are mostly monolithic. Inspired by ideas from modular programming and code refactoring, in this work we introduce three kinds of modules: primary, auxiliary, and template, which facilitate the refactoring of a firewall policy into smaller, reusable, comprehensible, and more manageable components. We present algorithms for generating each of the three modules for a given legacy firewall policy. We also develop ModFP, an automated tool for converting legacy firewall policies represented in access control list to their modularized format. With the help of ModFP, when examining several real-world policies with sizes ranging from dozens to hundreds of rules, we were able to identify subtle errors.

2017-08-22
Chen, Haining, Chowdhury, Omar, Li, Ninghui, Khern-am-nuai, Warut, Chari, Suresh, Molloy, Ian, Park, Youngja.  2016.  Tri-Modularization of Firewall Policies. Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies. :37–48.

Firewall policies are notorious for having misconfiguration errors which can defeat its intended purpose of protecting hosts in the network from malicious users. We believe this is because today's firewall policies are mostly monolithic. Inspired by ideas from modular programming and code refactoring, in this work we introduce three kinds of modules: primary, auxiliary, and template, which facilitate the refactoring of a firewall policy into smaller, reusable, comprehensible, and more manageable components. We present algorithms for generating each of the three modules for a given legacy firewall policy. We also develop ModFP, an automated tool for converting legacy firewall policies represented in access control list to their modularized format. With the help of ModFP, when examining several real-world policies with sizes ranging from dozens to hundreds of rules, we were able to identify subtle errors.