Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Tailored Source Code 
Transformations to Synthesize 
Computationally Diverse Program 
Variants 
Benoit Baudry, Simon Allie...
• This talk is about the generation of very large 
quantities of sosie programs 
2
sosie program 
• Given a specification S 
3
sosie program 
4 
• Given a specification S 
• Given a program P 
that conforms to S 
specified 
correct 
behavior 
bugs, ...
sosie program 
5 
• Given a specification S 
• Given a program P 
that conforms to S 
• A sosie of P is a 
variant of P th...
Motivation 
• Explore brittelness vs. 
plasticity of software 
• Large quantities of 
diverse variants 
• Moving target 
•...
Software brittleness 
7 
SRSLSLRSRLLSSRRLRL 
G. Berry. « A la chasse aux bugs, la maladie du certain » (8 juin 2011)
Software brittleness hypothesis 
8 
SRSLSLRSRLLSSRRLRL 
G. Berry. « A la chasse aux bugs, la maladie du certain » (8 juin ...
Software brittleness hypothesis 
9 
SRSLSLRSRLLSSRRLRL 
SRSLSLSSRLLSSRRLRL 
G. Berry. « A la chasse aux bugs, la maladie d...
Software brittleness hypothesis 
10 
SRSLSLRSRLLSSRRLRL 
SRSLSLSSRLLSSRRLRL 
G. Berry. « A la chasse aux bugs, la maladie ...
Software brittleness 
11
12
Software plasticity hypothesis 
13
Software plasticity hypothesis 
14 
SRSLSLRSRLLSSRRLRL 
SRSLSLSSRLLSSRRLRL 
Rinard et al. 
ICSE’10, 
FSE’11 
POPL’12, 
PLD...
Specification: data and properties 
fun : Function 
assert abs(fun(.5) - 0.25) < 0.05 
assert abs(fun(.4) - 0.16) < 0.05 
...
Research questions 
Do sosies exist? 
Can we automatically synthesize them? 
What are effective transformations? 
16
Sosiefication process 
17 
7UDQVIRUPDWLRQ 
RQILJXUDWLRQ 
RYHUDJHKHFN RSWLRQDO
7UDQVIRUPDWLRQ 
6RVLHKHFN 
3URJUDP3 
9DULDQW3¶ 
6RVLH3¶ 
6SHFLILFDWLRQ 
7HVW6XLWH
3URJUDP 
7UDQVIRUPDWLRQ 
GHJHQHUDWHG 
YDULDQW3¶ 
RPSLODWLRQ 
RN 
,QSXW 
VWHS 
2XWSXW 
VWHS 
VWHS 
PHWULFV
Automatic Synthesis of Sosies 
l We add/deleted/replace a given statement by another 
one and see whether all assertions ...
Experimental data 
19 
#test 
cases 
#assert 
coverage 
#statement 
compile 
1me 
test 
1me 
Junit 
721 
1535 
82% 
2914 
...
20 
nb of trial: 298938 
nb of compile: 81394 
nb of sosie: 28805 (10%) 
don’t compile 
don’t pass all test cases 
sosies
Computation diversity 
• Goal: unpredictability of 
execution flow 
• Computation monitoring: 
• method calls diversity 
•...
22 
Easymock: 465 sosies 
Dagger: 481 sosies 
Junit: 446 sosies
Conclusion 
• Sosies exist 
• for all programs 
• Sosies can exhibit computation diversity 
• Next steps 
• variability-aw...
References 
• Zeyuan Allen Zhu, Sasa Misailovic, Jonathan A. 
Kelner, Martin C. Rinard: Randomized accuracy-aware 
program...
25
Sosies on line 
• MDMS 
• simple blog app 
• JS on client and server sides 
• Server side stack 
• JS 
• Java 
• DB 
• env...
Sosies on line 
• Monoculture 
• multiple instances 
for performance 
• load balancer 
• all instances are 
clones 
27 
In...
Sosies on line 
• Diversified 
deployment 
• All server instances 
are different 
• Combine natural 
and artificial 
diver...
29
Reactions graph 
• Reactions graph 
• one node per reaction 
• there is an edge between n1 and n2 if 
n2.in_context == n1....
Upcoming SlideShare
Loading in …5
×

Tailored source-code-transformation-synthesize-computationally-diverse-program-variants

357 views

Published on

Diversify presentation by Benoit Baudry, Simon Allier, Martin Monperrus

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Tailored source-code-transformation-synthesize-computationally-diverse-program-variants

  1. 1. Tailored Source Code Transformations to Synthesize Computationally Diverse Program Variants Benoit Baudry, Simon Allier, Martin Monperrus
  2. 2. • This talk is about the generation of very large quantities of sosie programs 2
  3. 3. sosie program • Given a specification S 3
  4. 4. sosie program 4 • Given a specification S • Given a program P that conforms to S specified correct behavior bugs, vulnerabilities expected behavior
  5. 5. sosie program 5 • Given a specification S • Given a program P that conforms to S • A sosie of P is a variant of P that also conforms to S a sosie
  6. 6. Motivation • Explore brittelness vs. plasticity of software • Large quantities of diverse variants • Moving target • Failure detection computation failure diversity 6 diversity
  7. 7. Software brittleness 7 SRSLSLRSRLLSSRRLRL G. Berry. « A la chasse aux bugs, la maladie du certain » (8 juin 2011)
  8. 8. Software brittleness hypothesis 8 SRSLSLRSRLLSSRRLRL G. Berry. « A la chasse aux bugs, la maladie du certain » (8 juin 2011)
  9. 9. Software brittleness hypothesis 9 SRSLSLRSRLLSSRRLRL SRSLSLSSRLLSSRRLRL G. Berry. « A la chasse aux bugs, la maladie du certain » (8 juin 2011)
  10. 10. Software brittleness hypothesis 10 SRSLSLRSRLLSSRRLRL SRSLSLSSRLLSSRRLRL G. Berry. « A la chasse aux bugs, la maladie du certain » (8 juin 2011)
  11. 11. Software brittleness 11
  12. 12. 12
  13. 13. Software plasticity hypothesis 13
  14. 14. Software plasticity hypothesis 14 SRSLSLRSRLLSSRRLRL SRSLSLSSRLLSSRRLRL Rinard et al. ICSE’10, FSE’11 POPL’12, PLDI’14 sosie
  15. 15. Specification: data and properties fun : Function assert abs(fun(.5) - 0.25) < 0.05 assert abs(fun(.4) - 0.16) < 0.05 assert abs(fun(.3) - 0.09) < 0.05 l The test input data specifies the input domain l The assertions specify the level of abstraction
  16. 16. Research questions Do sosies exist? Can we automatically synthesize them? What are effective transformations? 16
  17. 17. Sosiefication process 17 7UDQVIRUPDWLRQ RQILJXUDWLRQ RYHUDJHKHFN RSWLRQDO
  18. 18. 7UDQVIRUPDWLRQ 6RVLHKHFN 3URJUDP3 9DULDQW3¶ 6RVLH3¶ 6SHFLILFDWLRQ 7HVW6XLWH
  19. 19. 3URJUDP 7UDQVIRUPDWLRQ GHJHQHUDWHG YDULDQW3¶ RPSLODWLRQ RN ,QSXW VWHS 2XWSXW VWHS VWHS PHWULFV
  20. 20. Automatic Synthesis of Sosies l We add/deleted/replace a given statement by another one and see whether all assertions remain satisfied l we pick code from the same program l Four strategies l random l wittgenstein: replace with variables that have the same name l reaction: replace with variables that have the same type l steroid: reaction + rename variables
  21. 21. Experimental data 19 #test cases #assert coverage #statement compile 1me test 1me Junit 721 1535 82% 2914 4.5 14.4 EasyMock 617 924 91% 2042 4 7.8 Dagger (core) 128 210 85% 674 5.1 11.2 JBehave-­‐core 485 1451 89% 4984 5.5 22.9 Metrics 214 312 79% 1471 4.7 7.7 commons-­‐ collec1ons 1121 5397 84% 9893 7.9 22.9 commons-­‐lang 2359 13681 94% 11715 6.3 24.6 commons-­‐math 3544 9559 92% 47065 9.2 144.2 clojure NA NA 71% 18533 105.1 185
  22. 22. 20 nb of trial: 298938 nb of compile: 81394 nb of sosie: 28805 (10%) don’t compile don’t pass all test cases sosies
  23. 23. Computation diversity • Goal: unpredictability of execution flow • Computation monitoring: • method calls diversity • variable diversity 21 A.foo() IndexedCollection.retainAll(Collection) AbstractCollectionDecorator.retainAll(Collection) AbstractCollectionDecorator.decorated() other calls original call IndexedCollection.reindex() ... sosie call other calls
  24. 24. 22 Easymock: 465 sosies Dagger: 481 sosies Junit: 446 sosies
  25. 25. Conclusion • Sosies exist • for all programs • Sosies can exhibit computation diversity • Next steps • variability-aware execution • is computational diversity unbounded? 23 https://github.com/DIVERSIFY-project/sosies-generator http://diversify-project.eu/sosiefied-programs/
  26. 26. References • Zeyuan Allen Zhu, Sasa Misailovic, Jonathan A. Kelner, Martin C. Rinard: Randomized accuracy-aware program transformations for efficient approximate computations. POPL 2012: 441-454 • Eric Schulte, Jonathan Dorn, Stephen Harding, Stephanie Forrest, Westley Weimer: Post-compiler software optimization for reducing energy. ASPLOS 2014: 639-652 • Frederick B Cohen: Operating system protection through program evolution. Computers Security 12, 6 (1993): 565–584. 24
  27. 27. 25
  28. 28. Sosies on line • MDMS • simple blog app • JS on client and server sides • Server side stack • JS • Java • DB • environment 26 MDMS RingoJS Rhino JVM Redis DB OS
  29. 29. Sosies on line • Monoculture • multiple instances for performance • load balancer • all instances are clones 27 Internet http request Nginx load balancer config 0 config 0 config 0 config 0 config 0 config 0
  30. 30. Sosies on line • Diversified deployment • All server instances are different • Combine natural and artificial diversity 28 Internet http request Nginx load balancer config 1 config 2 config 3 config 4 config 5 config 6
  31. 31. 29
  32. 32. Reactions graph • Reactions graph • one node per reaction • there is an edge between n1 and n2 if n2.in_context == n1.in_context ∨ n1.out_context 30 R1 (int) code (boolean) R2 (boolean) code (int)
  33. 33. 31
  34. 34. Two reactions graph (apache.common) • Statement reactions graph • #edges = 12304 • #nodes = 863 • graph-diameter = 3 • avg path length = 1.466 • avg degree = 14.257 • Expression reactions graph • #edges = 37650 • #nodes = 1953 • graph-diameter = 4 • avg path length = 1.162 • avg degree = 19.278 32

×