SlideShare a Scribd company logo
1 of 19
Download to read offline
Dharma Ganesan
Reverse Architecting using
Relation Algebra
2
What’s On The Agenda
● Software Architecture
● Reverse Architecting
● A little bit math - I promise
● Extract-Abstract-Present to Reverse Architecting
● Demos (during the presentation)
● Some References
3
Software Architecture
● Software architecture deals with the design of the
high-level structure of the software
● Assembly of architectural elements in some well-chosen
forms to satisfy requirements
● (including Reliability, Scalability, Portability, etc)
● Software architecture deals with
● abstraction
● decomposition and composition
● styles (pipe-and-filter, publish-subscribe, etc.)
4
Describing Software Architecture
using Views
● How to best describe Software Architecture
is a topic of on-going R&D
● In literature, views are used to describe
Software Architecture
● Each view address one concern, for example:
● Structural view shows the decomposition of
system
● Behavioral view shows how components
interact at run-time
● Deployment view shows how components
are assigned to hardware elements
5
Reverse Architecting
Informally, extracting architecture information from
source code (including makefiles, docs, test cases,
etc.)
Some challenges:
● Software architecture is an invisible one
● It is difficult to “see” architecture in source code
● Real-world systems have a lot of code
Goal of reverse architecting: Semi-automatically
extract architecture from source code
6
Some questions we ask
● What are the entry-points to the system?
● Which classes inherit from this class?
● Which files deal with network communication?
● Is this function reachable from ‘main’?
● Are there missing code not in repo?
● Which functions are dead?
● etc. etc. etc.
All these questions can be be viewed as relational
algebra questions!
7
Just a bit of math (I promise)
What do we mean by Relation Algebra?
Three things:
Set - an unordered collection
E.g., set of files {f1.c, f2.c, …}
Binary Relation - an unordered set of pairs
E.g., {<main, run>, <run, execute>, …, }
Multi-Relation - Weighted Binary Relation
E.g., {<caller, callee, 5>, …}
8
Relation Algebra Queries
They are made of set-theory operators only
For example, union, intersection, complement, etc.
Compose two relations using join (a.k.a., comp)
part_of= {<a A}, <b B>, <c C>}
call = {<a b>, <b, c>}
E.g: inverse(part_of) comp (call) comp (part_of)?
9
Relation Algebra Toolset
Made of small utilities for each set-theory operator
Combine utilities using pipe-and-filter style
rel_inv part_of | rel_comp call - | rel_comp -
part_of
I personally used RA tools for several reverse
architecting projects
My Phd thesis has more details
10 A Reverse Architecting
Approach (Philips in 1990s)
Extraction: semi-automated extraction of different
relations (import, inherit, call, etc.)
Abstraction: rise the level of abstraction using
relational algebra queries (imagine SQL)
Presentation: visualize using graphs, tables, etc.
(These were published
by Philips)
11
Extraction
● Language-specific parsers to extract different
relations: inherit, call, include, etc.
○ Code need not compile or link
● Each relation is stored in database/files
● Depending on the goal, more custom parsers
have to be developed to extract code relations
● For example, if your goal is to extract inter-task
RPC views, you need to
○ extract tasks, queue names, which function
writes to or read from queues, etc.
12
Abstraction
A suite of relation algebra operators was developed
for abstraction (see demos)
Again, depending on the goal one could apply
different abstraction operators
Some common abstraction (examples):
● Lift class-level dependencies to package-level
● Filter out irrelevant information for your goal
○ For example, show all Java packages that
depend on Crypto packages
● Abstraction of runtime structure to show
inter-task communication (more details later)
13
Some examples: Folder-level
dependency from code relations
14
A medical device case study
Goal: Extract architecture from source code
Visualize inter-task and msg queue communication
Approach:
Extract relations from code
Abstraction using Relation Algebra
Visualize using our graph visualization tools
15
Extracted relations/sets
Our parser extracts names of tasks, queues,
semaphores, etc by pattern matching of library calls
16
Abstraction
We write SQL-like queries using join, inverse, and
other operations on the extracted relations
Output is also relations/sets
17
Presentation
We visualize relations as graphs or tables in general
For inter-task structure, we have something like this
from abstracted relations:
18
Conclusion/Takeaways
● Reverse architecting is a challenging problem
● Extract-Abstract-Present using relational algebra
can help with reverse architecting
● Many of the analysis questions can be
reformulated as relational algebra questions!
● The key is to have a goal for your reverse
architecting effort - to filter out irrelevant data
19 Some Reverse Engineering
Papers (not complete at all)
https://www.win.tue.nl/~wstomv/edu/2ii45/yea
r-0910/Maintaining_a_Legacy.pdf
https://www.cs.cmu.edu/~aldrich/courses/654-s
p05/ReengineeringTaxonomy.pdf
https://ieeexplore.ieee.org/document/5959691
https://ieeexplore.ieee.org/document/5071104
…

More Related Content

Similar to Reverse Architecting using Relation Algebra.pdf

Software Engineering Tools and Practices.pdf
Software Engineering Tools and Practices.pdfSoftware Engineering Tools and Practices.pdf
Software Engineering Tools and Practices.pdf
MeagGhn
 

Similar to Reverse Architecting using Relation Algebra.pdf (20)

Java 8 streams
Java 8 streams Java 8 streams
Java 8 streams
 
5-Architecture.ppt
5-Architecture.ppt5-Architecture.ppt
5-Architecture.ppt
 
5 architecture
5 architecture5 architecture
5 architecture
 
ASPECT ORIENTED PROGRAMING(aop)
ASPECT ORIENTED PROGRAMING(aop)ASPECT ORIENTED PROGRAMING(aop)
ASPECT ORIENTED PROGRAMING(aop)
 
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.docx
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.docxUNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.docx
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.docx
 
Software Engineering Tools and Practices.pdf
Software Engineering Tools and Practices.pdfSoftware Engineering Tools and Practices.pdf
Software Engineering Tools and Practices.pdf
 
Carlo Bonamico, Sonia Pini - So you want to build your (Angular) Component Li...
Carlo Bonamico, Sonia Pini - So you want to build your (Angular) Component Li...Carlo Bonamico, Sonia Pini - So you want to build your (Angular) Component Li...
Carlo Bonamico, Sonia Pini - So you want to build your (Angular) Component Li...
 
Build Your Own Angular Component Library
Build Your Own Angular Component LibraryBuild Your Own Angular Component Library
Build Your Own Angular Component Library
 
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.pptUNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
 
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.pptUNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
 
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.pptUNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
UNIT-I(Unified_Process_and_Use Case_Diagrams)_OOAD.ppt
 
Unit v -Construction and Evaluation
Unit v -Construction and EvaluationUnit v -Construction and Evaluation
Unit v -Construction and Evaluation
 
Sysprog 10
Sysprog 10Sysprog 10
Sysprog 10
 
Sysprog 10
Sysprog 10Sysprog 10
Sysprog 10
 
Architectural Modeling
Architectural ModelingArchitectural Modeling
Architectural Modeling
 
Java and XPages
Java and XPagesJava and XPages
Java and XPages
 
What`s New in Java 8
What`s New in Java 8What`s New in Java 8
What`s New in Java 8
 
3 analysis and design overview
3 analysis and design overview3 analysis and design overview
3 analysis and design overview
 
Transaction Management, Recovery and Query Processing.pptx
Transaction Management, Recovery and Query Processing.pptxTransaction Management, Recovery and Query Processing.pptx
Transaction Management, Recovery and Query Processing.pptx
 
Introduction to SOFTWARE ARCHITECTURE
Introduction to SOFTWARE ARCHITECTUREIntroduction to SOFTWARE ARCHITECTURE
Introduction to SOFTWARE ARCHITECTURE
 

More from Dharmalingam Ganesan

More from Dharmalingam Ganesan (20)

.NET Deserialization Attacks
.NET Deserialization Attacks.NET Deserialization Attacks
.NET Deserialization Attacks
 
How to exploit rand()?
How to exploit rand()?How to exploit rand()?
How to exploit rand()?
 
Cyclic Attacks on the RSA Trapdoor Function
Cyclic Attacks on the RSA Trapdoor FunctionCyclic Attacks on the RSA Trapdoor Function
Cyclic Attacks on the RSA Trapdoor Function
 
An Analysis of RSA Public Exponent e
An Analysis of RSA Public Exponent eAn Analysis of RSA Public Exponent e
An Analysis of RSA Public Exponent e
 
An Analysis of Secure Remote Password (SRP)
An Analysis of Secure Remote Password (SRP)An Analysis of Secure Remote Password (SRP)
An Analysis of Secure Remote Password (SRP)
 
Thank-a-Gram
Thank-a-GramThank-a-Gram
Thank-a-Gram
 
Active Attacks on DH Key Exchange
Active Attacks on DH Key ExchangeActive Attacks on DH Key Exchange
Active Attacks on DH Key Exchange
 
Can I write to a read only file ?
Can I write to a read only file ?Can I write to a read only file ?
Can I write to a read only file ?
 
How do computers exchange secrets using Math?
How do computers exchange secrets using Math?How do computers exchange secrets using Math?
How do computers exchange secrets using Math?
 
On the Secrecy of RSA Private Keys
On the Secrecy of RSA Private KeysOn the Secrecy of RSA Private Keys
On the Secrecy of RSA Private Keys
 
Computing the Square Roots of Unity to break RSA using Quantum Algorithms
Computing the Square Roots of Unity to break RSA using Quantum AlgorithmsComputing the Square Roots of Unity to break RSA using Quantum Algorithms
Computing the Square Roots of Unity to break RSA using Quantum Algorithms
 
Analysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent dAnalysis of Short RSA Secret Exponent d
Analysis of Short RSA Secret Exponent d
 
Dependency Analysis of RSA Private Variables
Dependency Analysis of RSA Private VariablesDependency Analysis of RSA Private Variables
Dependency Analysis of RSA Private Variables
 
Analysis of Shared RSA Modulus
Analysis of Shared RSA ModulusAnalysis of Shared RSA Modulus
Analysis of Shared RSA Modulus
 
RSA Game using an Oracle
RSA Game using an OracleRSA Game using an Oracle
RSA Game using an Oracle
 
RSA Two Person Game
RSA Two Person GameRSA Two Person Game
RSA Two Person Game
 
RSA without Integrity Checks
RSA without Integrity ChecksRSA without Integrity Checks
RSA without Integrity Checks
 
RSA without Padding
RSA without PaddingRSA without Padding
RSA without Padding
 
Solutions to online rsa factoring challenges
Solutions to online rsa factoring challengesSolutions to online rsa factoring challenges
Solutions to online rsa factoring challenges
 
Security of RSA and Integer Factorization
Security of RSA and Integer FactorizationSecurity of RSA and Integer Factorization
Security of RSA and Integer Factorization
 

Recently uploaded

Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Lisi Hocke
 

Recently uploaded (20)

Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-CloudAlluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
Alluxio Monthly Webinar | Simplify Data Access for AI in Multi-Cloud
 
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
Workshop -  Architecting Innovative Graph Applications- GraphSummit MilanWorkshop -  Architecting Innovative Graph Applications- GraphSummit Milan
Workshop - Architecting Innovative Graph Applications- GraphSummit Milan
 
Software Engineering - Introduction + Process Models + Requirements Engineering
Software Engineering - Introduction + Process Models + Requirements EngineeringSoftware Engineering - Introduction + Process Models + Requirements Engineering
Software Engineering - Introduction + Process Models + Requirements Engineering
 
Weeding your micro service landscape.pdf
Weeding your micro service landscape.pdfWeeding your micro service landscape.pdf
Weeding your micro service landscape.pdf
 
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
Abortion Pill Prices Germiston ](+27832195400*)[ 🏥 Women's Abortion Clinic in...
 
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCAOpenChain Webinar: AboutCode and Beyond - End-to-End SCA
OpenChain Webinar: AboutCode and Beyond - End-to-End SCA
 
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit MilanWorkshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
Workshop: Enabling GenAI Breakthroughs with Knowledge Graphs - GraphSummit Milan
 
Test Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdfTest Automation Design Patterns_ A Comprehensive Guide.pdf
Test Automation Design Patterns_ A Comprehensive Guide.pdf
 
BusinessGPT - Security and Governance for Generative AI
BusinessGPT  - Security and Governance for Generative AIBusinessGPT  - Security and Governance for Generative AI
BusinessGPT - Security and Governance for Generative AI
 
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4jGraphSummit Milan - Visione e roadmap del prodotto Neo4j
GraphSummit Milan - Visione e roadmap del prodotto Neo4j
 
A Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdfA Deep Dive into Secure Product Development Frameworks.pdf
A Deep Dive into Secure Product Development Frameworks.pdf
 
Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024Modern binary build systems - PyCon 2024
Modern binary build systems - PyCon 2024
 
Your Ultimate Web Studio for Streaming Anywhere | Evmux
Your Ultimate Web Studio for Streaming Anywhere | EvmuxYour Ultimate Web Studio for Streaming Anywhere | Evmux
Your Ultimate Web Studio for Streaming Anywhere | Evmux
 
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
Team Transformation Tactics for Holistic Testing and Quality (NewCrafts Paris...
 
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
Abortion Pill Prices Jane Furse ](+27832195400*)[ 🏥 Women's Abortion Clinic i...
 
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
Navigation in flutter – how to add stack, tab, and drawer navigators to your ...
 
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
Wired_2.0_CREATE YOUR ULTIMATE LEARNING ENVIRONMENT_JCON_16052024
 
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
Abortion Clinic Pretoria ](+27832195400*)[ Abortion Clinic Near Me ● Abortion...
 
Lessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdfLessons Learned from Building a Serverless Notifications System.pdf
Lessons Learned from Building a Serverless Notifications System.pdf
 
Microsoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdfMicrosoft365_Dev_Security_2024_05_16.pdf
Microsoft365_Dev_Security_2024_05_16.pdf
 

Reverse Architecting using Relation Algebra.pdf

  • 1. Dharma Ganesan Reverse Architecting using Relation Algebra
  • 2. 2 What’s On The Agenda ● Software Architecture ● Reverse Architecting ● A little bit math - I promise ● Extract-Abstract-Present to Reverse Architecting ● Demos (during the presentation) ● Some References
  • 3. 3 Software Architecture ● Software architecture deals with the design of the high-level structure of the software ● Assembly of architectural elements in some well-chosen forms to satisfy requirements ● (including Reliability, Scalability, Portability, etc) ● Software architecture deals with ● abstraction ● decomposition and composition ● styles (pipe-and-filter, publish-subscribe, etc.)
  • 4. 4 Describing Software Architecture using Views ● How to best describe Software Architecture is a topic of on-going R&D ● In literature, views are used to describe Software Architecture ● Each view address one concern, for example: ● Structural view shows the decomposition of system ● Behavioral view shows how components interact at run-time ● Deployment view shows how components are assigned to hardware elements
  • 5. 5 Reverse Architecting Informally, extracting architecture information from source code (including makefiles, docs, test cases, etc.) Some challenges: ● Software architecture is an invisible one ● It is difficult to “see” architecture in source code ● Real-world systems have a lot of code Goal of reverse architecting: Semi-automatically extract architecture from source code
  • 6. 6 Some questions we ask ● What are the entry-points to the system? ● Which classes inherit from this class? ● Which files deal with network communication? ● Is this function reachable from ‘main’? ● Are there missing code not in repo? ● Which functions are dead? ● etc. etc. etc. All these questions can be be viewed as relational algebra questions!
  • 7. 7 Just a bit of math (I promise) What do we mean by Relation Algebra? Three things: Set - an unordered collection E.g., set of files {f1.c, f2.c, …} Binary Relation - an unordered set of pairs E.g., {<main, run>, <run, execute>, …, } Multi-Relation - Weighted Binary Relation E.g., {<caller, callee, 5>, …}
  • 8. 8 Relation Algebra Queries They are made of set-theory operators only For example, union, intersection, complement, etc. Compose two relations using join (a.k.a., comp) part_of= {<a A}, <b B>, <c C>} call = {<a b>, <b, c>} E.g: inverse(part_of) comp (call) comp (part_of)?
  • 9. 9 Relation Algebra Toolset Made of small utilities for each set-theory operator Combine utilities using pipe-and-filter style rel_inv part_of | rel_comp call - | rel_comp - part_of I personally used RA tools for several reverse architecting projects My Phd thesis has more details
  • 10. 10 A Reverse Architecting Approach (Philips in 1990s) Extraction: semi-automated extraction of different relations (import, inherit, call, etc.) Abstraction: rise the level of abstraction using relational algebra queries (imagine SQL) Presentation: visualize using graphs, tables, etc. (These were published by Philips)
  • 11. 11 Extraction ● Language-specific parsers to extract different relations: inherit, call, include, etc. ○ Code need not compile or link ● Each relation is stored in database/files ● Depending on the goal, more custom parsers have to be developed to extract code relations ● For example, if your goal is to extract inter-task RPC views, you need to ○ extract tasks, queue names, which function writes to or read from queues, etc.
  • 12. 12 Abstraction A suite of relation algebra operators was developed for abstraction (see demos) Again, depending on the goal one could apply different abstraction operators Some common abstraction (examples): ● Lift class-level dependencies to package-level ● Filter out irrelevant information for your goal ○ For example, show all Java packages that depend on Crypto packages ● Abstraction of runtime structure to show inter-task communication (more details later)
  • 14. 14 A medical device case study Goal: Extract architecture from source code Visualize inter-task and msg queue communication Approach: Extract relations from code Abstraction using Relation Algebra Visualize using our graph visualization tools
  • 15. 15 Extracted relations/sets Our parser extracts names of tasks, queues, semaphores, etc by pattern matching of library calls
  • 16. 16 Abstraction We write SQL-like queries using join, inverse, and other operations on the extracted relations Output is also relations/sets
  • 17. 17 Presentation We visualize relations as graphs or tables in general For inter-task structure, we have something like this from abstracted relations:
  • 18. 18 Conclusion/Takeaways ● Reverse architecting is a challenging problem ● Extract-Abstract-Present using relational algebra can help with reverse architecting ● Many of the analysis questions can be reformulated as relational algebra questions! ● The key is to have a goal for your reverse architecting effort - to filter out irrelevant data
  • 19. 19 Some Reverse Engineering Papers (not complete at all) https://www.win.tue.nl/~wstomv/edu/2ii45/yea r-0910/Maintaining_a_Legacy.pdf https://www.cs.cmu.edu/~aldrich/courses/654-s p05/ReengineeringTaxonomy.pdf https://ieeexplore.ieee.org/document/5959691 https://ieeexplore.ieee.org/document/5071104 …