Crystallizing Application Configurations

Zhang, Zanqing

January 2006

Software applications have both static and dynamic dependencies. Static dependencies are those derived from the source code. Dynamic runtime dependencies are established at runtime and may be based on information external to the source code, such as configuration files. Flexible applications commonly rely on configuration to adapt to diverse environments. An application's configuration encodes runtime dependencies between the various parts of the application. Reverse engineering tools have traditionally been based solely on static dependencies extracted from the source code. Neglecting dynamic dependencies encoded in an application's configuration can result in incorrect or incomplete program comprehension. Unfortunately, many applications store their configuration in an ad hoc, unstructured format from which it is not feasible to extract runtime dependencies by traditional reverse engineering. Our work takes advantage of well structured, published configuration formats, such as that of J2EE applications. Using these formats we are able to extend reverse engineering to analyse this previously neglected information. We introduce a technique called crystallization, which extracts configuration facts that encode dynamic dependencies. We use these recovered facts to predict and validate dynamic dependencies. Crystallizing configurations has the potential to increase developer productivity by providing better program comprehension.

Computer Science

Crystallization

Configuration

Reverse Engineering

Program Comprehension

Reverse engineering encapsulated components from legacy code

Arshad, Rehman

January 2018

Component-based development is an approach that revolves around the construction of systems form pre-built modular units (components). If legacy code can be reverse engineered to extract components, the extracted components can provide architectural re-usability across multiple systems of the same domain. Current component directed reverse engineering approaches are based on component models that belong to architecture description languages (ADLs). ADL-based components cannot be reused without configurational changes at code level and binding every required and provided service. Moreover, these component models neither support code-independent composition after extraction of components nor the re-deposition of a composed configuration of components for future reuse. This thesis presents a reverse engineering approach that extracts components and addresses the limitations of current approaches, together with a tool called RX-MAN. Unlike ADL-based approaches, the presented approach is based on an encapsulated component model called X-MAN. X-MAN components are encapsulated because computation cannot go outside of a component. X-MAN components cannot interact directly but only exogenously (composition is defined outside of a component). Our approach offers code-independent composition after extracting components and does not need binding of all the services like ADLs. The evaluation of our approach shows that it can facilitate the re-usability of legacy code by providing code-independent composition and re-deposition of composed configurations of components for further reuse and composition.

004

Engineering the Byzantine water supply of Constantinople : mapping, hydrology and hydraulics of the long aqueducts outside the city

Ruggeri, Francesca

January 2018

The Water Supply of Byzantine Constantinople is one of the most outstanding achievements of hydraulic engineering from the Roman world. Working entirely as a gravity-fed system, this infrastructure relied on hundreds of kilometres of masonry channels, winding along the hills of Turkish Thrace and carrying water to Constantinople across different watersheds. The Water Supply was built in two main phases: the first in the mid-fourth century, following the foundation of Constantinople in 330 AD; and the second in the early fifth century. It is not clear whether the aqueducts from these two phases worked independently or as a single system, yet the scale of this would have been colossal, reaching lengths of 450 km between the two aqueducts. However, a full and close understanding of its hydraulic design and function has until now been missing. As such, this investigation aims to: (1) establish a clear route for the aqueducts, both in terms of length and gradient (mapping); (2) determine likely volumes of water entering the system at the various intakes (hydrology); and (3) evaluate its hydraulic behaviour and flow characteristics (hydraulics). While previous work on similar Roman aqueducts yielded only estimates of maximum capacity, this work delves into the engineering of the ancient infrastructure to provide a more realistic assessment of theWater Supply discharge to the City. The physical configuration of the aqueducts is reinterpreted based on the latest archaeological records comprising Global Positioning System (GPS) measurements and field observations, and validated against modern satellite terrain data in a Geographic Information System (GIS). Refined estimates of length and gradient are proposed, along with a reassessment of all channel observations, bridges and tunnels along the system. It is found that the total length of the aqueducts would have been around 426 km if they operated as a single system, and up to 565 km if they continued in parallel all the way to Constantinople; the gradient of the system would have been well below 0.1% throughout, decreasing from upstream to downstream, with steeper slopes only at the intakes. To estimate reasoned inflow conditions for the Water Supply intakes at the time of its operation, modern spring flow records are investigated, and climatic changes from the Early Byzantine period are studied by means of Macrophysical Climate Modelling (MCM). Monthly and daily resolutions are addressed: monthly inflow data can capture the extent of the seasonal variations that may have occurred at the springs, accounting for karst hydrogeology; daily inflow data allows the study of flow attenuation in the Water Supply in the short term. Simplified models and engineering judgement are employed to recreate monthly and daily inflow series from limited modern data for karstic springs and weather stations in Thrace. The results from GIS mapping, combined with the proposed inflow scenarios, are used to develop open-channel flow modelling of the Water Supply at a global scale. Aqueduct flow is numerically simulated by means of both steady (monthly) and unsteady (daily) analysis using the river modelling software HEC-RAS. The system capacity and hydraulic performance are studied for the fourth and fifth century aqueducts operating either as parallel lines or joining into a single system. An estimation of water delivered to Constantinople is proposed for typical dry, average and wet years. Results of this work are employed in a parallel research investigation on the management and distribution of water within the ancient city.

IRE: A Framework For Inductive Reverse Engineering

January 2019

abstract: Reverse engineering is critical to reasoning about how a system behaves. While complete access to a system inherently allows for perfect analysis, partial access is inherently uncertain. This is the case foran individual agent in a distributed system. Inductive Reverse Engineering (IRE) enables analysis under such circumstances. IRE does this by producing program spaces consistent with individual input-output examples for a given domain-specific language. Then, IRE intersects those program spaces to produce a generalized program consistent with all examples. IRE, an easy to use framework, allows this domain-specific language to be specified in the form of Theorist s, which produce Theory s, a succinct way of representing the program space. Programs are often much more complex than simple string transformations. One of the ways in which they are more complex is in the way that they follow a conversation-like behavior, potentially following some underlying protocol. As a result, IRE represents program interactions as Conversations in order to more correctly model a distributed system. This, for instance, enables IRE to model dynamically captured inputs received from other agents in the distributed system. While domain-specific knowledge provided by a user is extremely valuable, such information is not always possible. IRE mitigates this by automatically inferring program grammars, allowing it to still perform efficient searches of the program space. It does this by intersecting conversations prior to synthesis in order to understand what portions of conversations are constant. IRE exists to be a tool that can aid in automatic reverse engineering across numerous domains. Further, IRE aspires to be a centralized location and interface for implementing program synthesis and automatic black box analysis techniques. / Dissertation/Thesis / Masters Thesis Computer Science 2019

Computer science

Black Box

Inductive Reverse Engineering

Program Synthesis

Automated Reverse Engineering of Malware to Develop Network Signatures to Match with Known Network Signatures

Sinema, Dan

01 May 2014

Illicit software that seeks to steal user information, deny service, or cause general mayhem on computer networks is often discovered after the damage has been done. The ability to discover network behavior of software before a computer network is utilized would allow administrators to protect and preserve valuable resources. Static reverse engineering is the process of discovering in a offline environment how a software application is built and how it will behave. By automating static reverse engineering, software behavior can be discovered before it is executed on client devices. Fingerprints are then built from the discovered behavior which is matched with known malicious fingerprints to identify potentially dangerous software.

Malware

Automated Reverse Engineering

Network Signatures

Computer Sciences

Reverse Actualization

McClain, William David Ross

01 May 1999

No description available.

consumerism

Maslow's Heirarchy of Needs

reverse engineering

advertising

victimization

Art and Design

Reverse Engineering of Content as a Task for Finding Usability Problems: An Evaluative Case Study using the Wikibreathe Tool for Online Creation of Asthma Action Plans

Wan, Flora

17 February 2010

After formulating the problem and reviewing relevant research literature, a study was performed that compared reverse engineering with traditional scenario-based techniques in usability evaluation. In this case study, an online tool for creating asthma action plans was created and evaluated through questionnaires and focus groups. The tool was then tested in a controlled study using both a traditional scenario-based approach and the reverse engineering method. A group of twelve users built asthma action plans using each method in a randomized order. Results concerning usability, efficiency and the types of usability problems found were reported, along with recommendations for further research in the use of reverse engineering as a method of usability evaluation.

Reverse Engineering

Usability

Human Factors

Asthma Action Plan

0546

Reverse Engineering of Content as a Task for Finding Usability Problems: An Evaluative Case Study using the Wikibreathe Tool for Online Creation of Asthma Action Plans

Wan, Flora

17 February 2010

After formulating the problem and reviewing relevant research literature, a study was performed that compared reverse engineering with traditional scenario-based techniques in usability evaluation. In this case study, an online tool for creating asthma action plans was created and evaluated through questionnaires and focus groups. The tool was then tested in a controlled study using both a traditional scenario-based approach and the reverse engineering method. A group of twelve users built asthma action plans using each method in a randomized order. Results concerning usability, efficiency and the types of usability problems found were reported, along with recommendations for further research in the use of reverse engineering as a method of usability evaluation.

Reverse Engineering

Usability

Human Factors

Asthma Action Plan

0546

Crystallizing Application Configurations

Zhang, Zanqing

January 2006

Software applications have both static and dynamic dependencies. Static dependencies are those derived from the source code. Dynamic runtime dependencies are established at runtime and may be based on information external to the source code, such as configuration files. Flexible applications commonly rely on configuration to adapt to diverse environments. An application's configuration encodes runtime dependencies between the various parts of the application. Reverse engineering tools have traditionally been based solely on static dependencies extracted from the source code. Neglecting dynamic dependencies encoded in an application's configuration can result in incorrect or incomplete program comprehension. Unfortunately, many applications store their configuration in an ad hoc, unstructured format from which it is not feasible to extract runtime dependencies by traditional reverse engineering. Our work takes advantage of well structured, published configuration formats, such as that of J2EE applications. Using these formats we are able to extend reverse engineering to analyse this previously neglected information. We introduce a technique called crystallization, which extracts configuration facts that encode dynamic dependencies. We use these recovered facts to predict and validate dynamic dependencies. Crystallizing configurations has the potential to increase developer productivity by providing better program comprehension.

Computer Science

Crystallization

Configuration

Reverse Engineering

Program Comprehension

A Study of Reverse Engineering in Software Modeling

Chen, Po-hsun

26 May 2006

The system design document can provide maintenance workers a quick understanding of the system operation process and review detail which helps current increasingly complicated information quite a lot, especially the in the aspect of the comprehension of original design concept to system. In addition, the system design document of platform independent can even quickly switch the platform for system without designing system again. It largely increases the operation of information system across platform. Besides the source code, system design document is also one of the most important asset; for instance, when the source code is lost, the designer can quickly duplicate a set of system with the same function under a basis of system design document. Due to the constant revolution of the platform technology to the current software, as well as the prevalent of visualized rapid application development tool, there is no complete design document attached in a set of the developed information system, or the document has been missing. It is necessary to find a way for the source code of system to reversely generate system design document. The study is based on object-oriented technology and object-oriented model to address a concept that platform independent system design document can be reversely generated from the object-oriented source code and to generalize a set of the reverse modeling method from this study. Last, a implemented case would be carried out and verified by the method mentioned above. Through this method, the maintenance workers could therefore quickly transform codes to system design document and then increase the operation efficiency of system maintenance.

software modeling

reverse engineering

object-oriented analysis and design