Spelling suggestions: "subject:"[een] CONFIGURABLE SYSTEMS"" "subject:"[enn] CONFIGURABLE SYSTEMS""
1 |
A FIREWALL MODEL FOR TESTING USER-CONFIGURABLE SOFTWARE SYSTEMSRobinson, Brian P. 01 April 2008 (has links)
No description available.
|
2 |
Guidelines For Building Experimental Mobile Robots With Off-the-shelf ComponentsOzkil, Gurcan Ali 01 February 2008 (has links) (PDF)
Robotics is an emerging field, and it is also affecting several other fields. Design of robotic platforms gains more importance since the focus and aim of the robotics research broadens widely and the variety of the users is significant. This work aims to present the design of a modular mobile robotic platform, which should be simple, easy to build and easy to use. The concept of modularity, usage of off-the shelf components and utilizing a PC platform, are addressed in this work. As a result of this work, a conceptual design is presented, and a prototype is built to highlight some important aspects of the conceptual design.
|
3 |
Addressing high dimensionality and lack of feature models in testing of software product linesSOUTO, Sabrina de Figueirêdo 31 March 2015 (has links)
Submitted by Fabio Sobreira Campos da Costa (fabio.sobreira@ufpe.br) on 2016-03-15T15:21:11Z
No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
TESE_SABRINA.pdf: 1152470 bytes, checksum: a89ffc94cb3ee813cf52ca2c043171ba (MD5) / Made available in DSpace on 2016-03-15T15:21:11Z (GMT). No. of bitstreams: 2
license_rdf: 1232 bytes, checksum: 66e71c371cc565284e70f40736c94386 (MD5)
TESE_SABRINA.pdf: 1152470 bytes, checksum: a89ffc94cb3ee813cf52ca2c043171ba (MD5)
Previous issue date: 2015-03-31 / Software Product Lines (SPLs) allow engineers to systematically build families of
software products, defined by a unique combination of features—increments in functionality,
improving both the efficiency of the software development process and the quality of the software
developed. However, testing these kinds of systems is challenging, as it may require running each
test against a combinatorial number of products. We call this problem the High Dimensionality
Problem. Another obstacle to product line testing is the absence of Feature Models (FMs),
making it difficult to discover the real causes for test failures. We call this problem the Lack of
Feature Model Problem.
The High Dimensionality Problem is associated to the large space of possible configurations
that an SPL can reach. If an SPL has n boolean features, for example, there are 2n
possible feature combinations. Therefore, systematically testing this kind of system may require
running each test against all those combinations, in the worst case. The Lack of Feature Model
Problem is related to the absence of feature models. The FM enables accurate categorization of
failing tests as failures of programs or the tests themselves, not as failures due to inconsistent
combinations of features. For this reason, the lack of FM presents a huge challenge to discover
the true causes for test failures.
Aiming to solve these problems, we propose two lightweight techniques: SPLat and
SPLif. SPLat is a new approach to dynamically prune irrelevant configurations: the configurations
to run for a test can be determined during test execution by monitoring accesses to
configuration variables. As a result, SPLat reduces the number of configurations. Consequently,
SPLat is lightweight compared to prior works that used static analysis and heavyweight dynamic
execution. SPLif is a technique for testing SPLs that does not require a priori availability of
feature models. Our insight is to use a profile of passing and failing test runs to quickly identify
test failures that are indicative of a problem (in test or code) as opposed to a manifestation of
execution against an inconsistent combination of features.
Experimental results show that SPLat effectively identifies relevant configurations with
a low overhead. We also apply SPLat on two large configurable systems (Groupon and GCC),
and it scaled without much engineering effort. Experimental results demonstrate that SPLif
is useful and effective to quickly find tests that fail on consistent configurations, regardless of
how complete the FMs are. Furthermore, we evaluated SPLif on one large extensively tested
configurable system, GCC, where it helped to reveal 5 new bugs, 3 of which have been fixed
after our bug reports. / Software Product Lines (SPLs) allow engineers to systematically build families of
software products, defined by a unique combination of features—increments in functionality,
improving both the efficiency of the software development process and the quality of the software
developed. However, testing these kinds of systems is challenging, as it may require running each
test against a combinatorial number of products. We call this problem the High Dimensionality
Problem. Another obstacle to product line testing is the absence of Feature Models (FMs),
making it difficult to discover the real causes for test failures. We call this problem the Lack of
Feature Model Problem.
The High Dimensionality Problem is associated to the large space of possible configurations
that an SPL can reach. If an SPL has n boolean features, for example, there are 2n
possible feature combinations. Therefore, systematically testing this kind of system may require
running each test against all those combinations, in the worst case. The Lack of Feature Model
Problem is related to the absence of feature models. The FM enables accurate categorization of
failing tests as failures of programs or the tests themselves, not as failures due to inconsistent
combinations of features. For this reason, the lack of FM presents a huge challenge to discover
the true causes for test failures.
Aiming to solve these problems, we propose two lightweight techniques: SPLat and
SPLif. SPLat is a new approach to dynamically prune irrelevant configurations: the configurations
to run for a test can be determined during test execution by monitoring accesses to
configuration variables. As a result, SPLat reduces the number of configurations. Consequently,
SPLat is lightweight compared to prior works that used static analysis and heavyweight dynamic
execution. SPLif is a technique for testing SPLs that does not require a priori availability of
feature models. Our insight is to use a profile of passing and failing test runs to quickly identify
test failures that are indicative of a problem (in test or code) as opposed to a manifestation of
execution against an inconsistent combination of features.
Experimental results show that SPLat effectively identifies relevant configurations with
a low overhead. We also apply SPLat on two large configurable systems (Groupon and GCC),
and it scaled without much engineering effort. Experimental results demonstrate that SPLif
is useful and effective to quickly find tests that fail on consistent configurations, regardless of
how complete the FMs are. Furthermore, we evaluated SPLif on one large extensively tested
configurable system, GCC, where it helped to reveal 5 new bugs, 3 of which have been fixed
after our bug reports.
|
4 |
[pt] MITIGAÇÃO PROATIVA DE VULNERABILIDADES EM SISTEMAS DA WEB BASEADOS EM PLUGIN / [en] PROACTIVE MITIGATION OF VULNERABILITIES IN PLUGIN-BASED WEB SYSTEMSOSLIEN MESA RODRIGUEZ 12 May 2020 (has links)
[pt] Uma estratégia comum de linha de produtos de software envolve sistemas da Web baseados em plug-ins que suportam a incorporação simples
e rápida de comportamentos personalizados, sendo amplamente adotados
para criar aplicativos baseados na web. A popularidade dos ecossistemas
que suportam o desenvolvimento baseado em plug-ins (como o WordPress)
é, em grande parte, devido ao número de opções de personalização disponíveis como plug-ins contribuídos pela comunidade. Entretanto, as vulnerabilidades relacionadas a plug-ins tendem a ser recorrentes, exploráveis e
difíceis de serem detectadas e podem levar a graves conseqüências para o
produto personalizado. Portanto, é necessário entender essas vulnerabilidades para permitir a prevenção de ameaças de segurança relevantes. Neste
trabalho, realizamos um estudo exploratório para caracterizar vulnerabilidades causadas por plug-ins em sistemas baseados na web, examinando os
boletins de vulnerabilidade do WordPress catalogados pelo National Vulnerability Database e os patches associados, mantidos pelo repositório de
plugins do WordPress. Identificamos os principais tipos de vulnerabilidades, o seu impacto e o tamanho do patch para corrigir a vulnerabilidade.
Identificamos, também, os tópicos mais comuns relacionados à segurança
discutidos entre os desenvolvedores do WordPress. Observamos que, embora as vulnerabilidades possam ter consequências graves e permanecerem
despercebidas por muito tempo, elas geralmente podem ser atenuadas com
pequenas alterações no código-fonte. A caracterização ajuda a fornecer uma
compreensão de como tais vulnerabilidades se manifestam na prática e contribui com as novas gerações de ferramentas de teste de vulnerabilidades
capazes de antecipar sua possível ocorrência. Esta pesquisa propõe uma
ferramenta de suporte para mitigar a ocorrência de vulnerabilidades em sistemas baseados em plugins web, facilitando a descoberta e antecipação da
possível ocorrência de vulnerabilidades. / [en] A common software product line strategy involves plug-in-based web
systems that support the simple and rapid incorporation of custom behaviors and are widely adopted for building web-based applications. The popularity of ecosystems that support plug-in-based development (such as
WordPress) is largely due to the number of customization options available
as community-contributed plugins. However, plug-in related vulnerabilities
tend to be recurring, exploitable and difficult to detect and can lead to serious consequences for the custom product. Therefore, these vulnerabilities
must be understood to enable the prevention of relevant security threats. In
this paper, we conduct an exploratory study to characterize plug-in vulnerabilities in web-based systems by examining the WordPress vulnerability
bulletins cataloged by the National Vulnerability Database and the associated patches maintained by the WordPress plugin repository. We identify
the main types of vulnerabilities, their impact, and the size of the patch to
address the vulnerability. We have also identified the most common securityrelated topics discussed among WordPress developers. We note that while
vulnerabilities can have serious consequences and remain unnoticed for a
long time, they can often be mitigated with minor changes to source code.
Characterization helps provide an understanding of how such vulnerabilities
manifest themselves in practice and contributes to new generations of vulnerability testing tools that can anticipate their potential occurrence. This
research proposes a support tool to mitigate the occurrence of vulnerabilities in web plugin based systems, facilitating the discovery and anticipation
of the possible occurrence of vulnerabilities.
|
5 |
Automatic non-functional testing and tuning of configurable generators / Une approche pour le test non-fonctionnel et la configuration automatique des générateursBoussaa, Mohamed 06 September 2017 (has links)
Les techniques émergentes de l’ingénierie dirigée par les modèles et de la programmation générative ont permis la création de plusieurs générateurs (générateurs de code et compilateurs). Ceux-ci sont souvent utilisés afin de faciliter le développement logiciel et automatiser le processus de génération de code à partir des spécifications abstraites. De plus, les générateurs modernes comme les compilateurs C, sont devenus hautement configurables, offrant de nombreuses options de configuration à l'utilisateur de manière à personnaliser facilement le code généré pour la plateforme matérielle cible. Par conséquent, la qualité logicielle est devenue fortement corrélée aux paramètres de configuration ainsi qu'au générateur lui-même. Dans ce contexte, il est devenu indispensable de vérifier le bon comportement des générateurs. Cette thèse établit trois contributions principales : Contribution I: détection automatique des inconsistances dans les familles de générateurs de code : Dans cette contribution, nous abordons le problème de l'oracle dans le domaine du test non-fonctionnel des générateurs de code. La disponibilité de multiples générateurs de code avec des fonctionnalités comparables (c.-à-d. familles de générateurs de code) nous permet d'appliquer l'idée du test métamorphique en définissant des oracles de test de haut-niveau (c.-à-d. relation métamorphique) pour détecter des inconsistances. Une inconsistance est détectée lorsque le code généré présente un comportement inattendu par rapport à toutes les implémentations équivalentes de la même famille. Nous évaluons notre approche en analysant la performance de Haxe, un langage de programmation de haut niveau impliquant un ensemble de générateurs de code multi-plateformes. Les résultats expérimentaux montrent que notre approche est capable de détecter plusieurs inconsistances qui révèlent des problèmes réels dans cette famille de générateurs de code. Contribution II: une approche pour l'auto-configuration des compilateurs. Le grand nombre d'options de compilation des compilateurs nécessite une méthode efficace pour explorer l'espace d’optimisation. Ainsi, nous appliquons, dans cette contribution, une méta-heuristique appelée Novelty Search pour l'exploration de cet espace de recherche. Cette approche aide les utilisateurs à paramétrer automatiquement les compilateurs pour une architecture matérielle cible et pour une métrique non-fonctionnelle spécifique tel que la performance et l'utilisation des ressources. Nous évaluons l'efficacité de notre approche en vérifiant les optimisations fournies par le compilateur GCC. Nos résultats expérimentaux montrent que notre approche permet d'auto-configurer les compilateurs en fonction des besoins de l'utilisateur et de construire des optimisations qui surpassent les niveaux d'optimisation standard. Nous démontrons également que notre approche peut être utilisée pour construire automatiquement des niveaux d'optimisation qui représentent des compromis optimaux entre plusieurs propriétés non-fonctionnelles telles que le temps d'exécution et la consommation des ressources. Contribution III: Un environnement d'exécution léger pour le test et la surveillance de la consommation des ressources des logiciels. Enfin, nous proposons une infrastructure basée sur les micro-services pour assurer le déploiement et la surveillance de la consommation des ressources des différentes variantes du code généré. Cette contribution traite le problème de l'hétérogénéité des plateformes logicielles et matérielles. Nous décrivons une approche qui automatise le processus de génération, compilation, et exécution du code dans le but de faciliter le test et l'auto-configuration des générateurs. Cet environnement isolé repose sur des conteneurs système, comme plateformes d'exécution, pour une surveillance et analyse fine des propriétés liées à l'utilisation des ressources (CPU et mémoire). / Generative software development has paved the way for the creation of multiple generators (code generators and compilers) that serve as a basis for automatically producing code to a broad range of software and hardware platforms. With full automatic code generation, users are able to rapidly synthesize software artifacts for various software platforms. In addition, they can easily customize the generated code for the target hardware platform since modern generators (i.e., C compilers) become highly configurable, offering numerous configuration options that the user can apply. Consequently, the quality of generated software becomes highly correlated to the configuration settings as well as to the generator itself. In this context, it is crucial to verify the correct behavior of generators. Numerous approaches have been proposed to verify the functional outcome of generated code but few of them evaluate the non-functional properties of automatically generated code, namely the performance and resource usage properties. This thesis addresses three problems : (1) Non-functional testing of generators: We benefit from the existence of multiple code generators with comparable functionality (i.e., code generator families) to automatically test the generated code. We leverage the metamorphic testing approach to detect non-functional inconsistencies in code generator families by defining metamorphic relations as test oracles. We define the metamorphic relation as a comparison between the variations of performance and resource usage of code, generated from the same code generator family. We evaluate our approach by analyzing the performance of HAXE, a popular code generator family. Experimental results show that our approach is able to automatically detect several inconsistencies that reveal real issues in this family of code generators. (2) Generators auto-tuning: We exploit the recent advances in search-based software engineering in order to provide an effective approach to tune generators (i.e., through optimizations) according to user's non-functional requirements (i.e., performance and resource usage). We also demonstrate that our approach can be used to automatically construct optimization levels that represent optimal trade-offs between multiple non-functional properties such as execution time and resource usage requirements. We evaluate our approach by verifying the optimizations performed by the GCC compiler. Our experimental results show that our approach is able to auto-tune compilers and construct optimizations that yield to better performance results than standard optimization levels. (3) Handling the diversity of software and hardware platforms in software testing: Running tests and evaluating the resource usage in heterogeneous environments is tedious. To handle this problem, we benefit from the recent advances in lightweight system virtualization, in particular container-based virtualization, in order to offer effective support for automatically deploying, executing, and monitoring code in heterogeneous environment, and collect non-functional metrics (e.g., memory and CPU consumptions). This testing infrastructure serves as a basis for evaluating the experiments conducted in the two first contributions.
|
Page generated in 0.0261 seconds