English
Related papers

Related papers: Symmaries: Automatic Inference of Formal Security …

200 papers

We propose a new formal criterion for evaluating secure compilation schemes for unsafe languages, expressing end-to-end security guarantees for software components that may become compromised after encountering undefined behavior---for…

Automated source code summarization is a task that generates summarized information about the purpose, usage, and--or implementation of methods and classes to support understanding of these code entities. Multiple approaches and techniques…

Software Engineering · Computer Science 2021-11-30 AmirHossein Naghshzan , Latifa Guerrouj , Olga Baysal

When analyzing programs, large libraries pose significant challenges to static points-to analysis. A popular solution is to have a human analyst provide points-to specifications that summarize relevant behaviors of library code, which can…

Programming Languages · Computer Science 2018-05-23 Osbert Bastani , Rahul Sharma , Alex Aiken , Percy Liang

Automatically generating formal specifications including loop invariants, preconditions, and postconditions for legacy code is critical for program understanding, reuse and verification. However, the inherent complexity of control and data…

Software Engineering · Computer Science 2026-01-21 Fanpeng Yang , Xu Ma , Shuling Wang , Xiong Xu , Qinxiang Cao , Naijun Zhan , Xiaofeng Li , Bin Gu

Progress has recently been made on specifying instruction set architectures (ISAs) in executable formalisms rather than through prose. However, to date, those formal specifications are limited to the functional aspects of the ISA and do not…

Programming Languages · Computer Science 2024-01-09 Sander Huyghebaert , Steven Keuchel , Coen De Roover , Dominique Devriese

We present an efficient and expressive tool for the instrumentation of Java programs at the bytecode-level. BISM (Bytecode-Level Instrumentation for Software Monitoring) is a light-weight Java bytecode instrumentation tool that features an…

Programming Languages · Computer Science 2021-06-04 Chukri Soueidi , Marius Monnier , Ali Kassem , Yliès Falcone

In this paper, we describe a novel approach for checking safety specifications of a dynamical system with exogenous inputs over infinite time horizon that is guaranteed to terminate in finite time with a conclusive answer. We introduce the…

Optimization and Control · Mathematics 2008-01-04 Amit Bhatia , Emilio Frazzoli

Generating meaningful assert statements is one of the key challenges in automated test case generation, which requires understanding the intended functionality of the tested code. Recently, deep learning-based models have shown promise in…

Software Engineering · Computer Science 2024-01-22 Yuwei Zhang , Zhi Jin , Zejun Wang , Ying Xing , Ge Li

Abridged: Programmer attention represents the visual focus of programmers on parts of the source code in pursuit of programming tasks. We conducted an in-depth human study with 10 Java programmers, where each programmer generated summaries…

Software Engineering · Computer Science 2025-03-27 Robert Wallace , Aakash Bansal , Zachary Karas , Ningzhi Tang , Yu Huang , Toby Jia-Jun Li , Collin McMillan

Several code summarization techniques have been proposed in the literature to automatically document a code snippet or a function. Ideally, software developers should be involved in assessing the quality of the generated summaries. However,…

Software Engineering · Computer Science 2023-12-27 Antonio Mastropaolo , Matteo Ciniselli , Massimiliano Di Penta , Gabriele Bavota

An eye-tracking study of 18 developers reading and summarizing Java methods is presented. The developers provide a written summary for methods assigned to them. In total, 63 methods are used from five different systems. Previous studies on…

Software Engineering · Computer Science 2019-03-11 Nahla J. Abid , Bonita Sharif , Natalia Dragan , Hend Alrasheed , Jonathan I. Maletic

Nowadays, the correct use of cryptography libraries is essential to ensure the necessary information security in different kinds of applications. A common practice in software development is the use of static application security testing…

Software Engineering · Computer Science 2022-07-08 Markus Haug Ana Cristina Franco Da Silva , Stefan Wagner

Source code summarization is a process of generating summaries that describe software code, the majority of source code summarization usually generated manually, where the summaries are written by software developers. Recently, new…

Software Engineering · Computer Science 2019-01-07 Ra'Fat Al-Msie'deen , Anas H. Blasi

With the growing popularity of Large Language Models (LLMs) in software engineers' daily practices, it is important to ensure that the code generated by these tools is not only functionally correct but also free of vulnerabilities. Although…

Software Engineering · Computer Science 2024-09-06 Mohammed Latif Siddiq , Joanna C. S. Santos , Sajith Devareddy , Anna Muller

Enforcing security requirements in networked information systems relies on security controls to mitigate the risks from increasingly dangerous threats. Configuring security controls is challenging; even nowadays, administrators must perform…

Cryptography and Security · Computer Science 2025-01-14 Cataldo Basile , Gabriele Gatti , Francesco Settanni

Source code summarizing is a task of writing short, natural language descriptions of source code behavior during run time. Such summaries are extremely useful for software development and maintenance but are expensive to manually…

Machine Learning · Computer Science 2020-04-03 Vivek Gupta

We propose a light-weight approach for certification of monitor inlining for sequential Java bytecode using proof-carrying code. The goal is to enable the use of monitoring for quality assurance at development time, while minimizing the…

Logic in Computer Science · Computer Science 2010-12-15 Mads Dam , Andreas Lundblad

Existing studies show that code summaries help developers understand and maintain source code. Unfortunately, these summaries are often missing or outdated in software projects. Code summarization aims to generate natural language…

Software Engineering · Computer Science 2023-09-08 Jia Li , Yongmin Li , Ge Li , Xing Hu , Xin Xia , Zhi Jin

Security of software supply chains is necessary to ensure that software updates do not contain maliciously injected code or introduce vulnerabilities that may compromise the integrity of critical infrastructure. Verifying the integrity of…

Safety-Critical Java (SCJ) is a version of Java whose goal is to support the development of real-time, embedded, safety-critical software. In particular, SCJ supports certification of such software by introducing abstractions that enforce a…

Logic in Computer Science · Computer Science 2016-06-08 Alvaro Miyazawa , Ana Cavalcanti