Automatic generation of software diversity in application source code

Speaker: Benoit Baudry , INRIA, France

Date: Monday, September 28, 2015

Time: 11:00 AM to 12:00 PM Note: all times are in the Eastern Time Zone

Refreshments: 10:45 AM

Public: Yes

Location: Seminar Room D463 (Star)

Event Type:

Room Description:

Host: Martin Rinard, MIT-CSAIL

Contact: Mary McDavitt, 617-253-9620, mmcdavit@csail.mit.edu

Relevant URL:

Speaker URL: None

Speaker Photo:
None

Reminders to: seminars@lists.csail.mit.edu

Reminder Subject: TALK: Automatic generation of software diversity in application source code

Abstract: The phenomenon of ``software monoculture'' was coined more than a decade ago to highlight the risks of using a handful of operating systems and databases. We believe that a new form of software monoculture is emerging among software applications: the applicative monoculture. We address the risks of monoculture through the automatic production of diverse variants of the same application.
In this talk I will present our work about the automatic synthesis of large sets of program variants, called sosies. Sosie programs provide the same expected functionality as the original program (as expressed in the test suite), while exhibiting different executions. We explore the intricate interplay between source code, test suites and transformations in the context of sosie synthesis. Our investigation exploits the following observation: test suites cover the different regions of programs in very unequal ways. Hence, we hypothesize that sosie synthesis has different performances on a statement that is covered by one hundred test case and on a statement that is covered by a single test case.
Our results show that there are two dimensions for diversification. The first one lies in the specification: the more test cases cover a statement, the more difficult it is to synthesize sosies. Yet, to our surprise, we are also able to synthesize sosies on highly tested statements (up to 600 test cases), which indicates an intrinsic property of the programs we study. The second dimension is in the code: we manually explore dozens of sosies and characterize new types of forgiving code regions that are prone to diversification.

Bio: Benoit Baudry is a research scientist at INRIA, France. His research is in the area of software testing, modeling and analysis. He currently investigates automatic software diversification for the construction of robust systems. He leads the DiverSE research group, a software engineering group that investigates automatic composition and synthesis of software diversity to manage unpredictability. He received his PhD from the University of Rennes in 2003.

Research Areas:

Impact Areas:

This event is not part of a series.

Created by Mary McDavitt Email at Monday, September 14, 2015 at 11:18 AM.