资源描述
Click to edit Master title style,Click to edit Master text styles,Second level,Third level,Fourth level,Fifth level,*,*,Secure Systems Research Group - FAU,Design/Architecture Pattern Detection,A look at methods of detecting the presence of patterns within a programs source code with a possible goal to verify the correct use of security patterns.,Dr. Michael VanHilst,1 September 2007,1,Task of Pattern Detection,Given a set of patterns, P,Given a program, X,Identify the presence of all patterns p in X, where p is an element of P,Our potential objective,Given sets of security patterns for specific security concerns,Confirm use of a known security pattern for each concern,2,Not “Pattern Mining”,Given a set of successful applications,Identify recurring patterns that solve interesting problems,This is not matching,Robert Martin,Discovering patterns in existing applications, Pattern Languages of Program Design, 1995,3,Structural Pattern Matching,Candidate matches to structural patterns,Graph matching,(pattern = microarchitecture),Nodes are classes,Arcs are relationships,Inheritance, aggregation, association,Add delegation/call relation,Extracted from class & sequence diagram,creational & behavioral patterns harder,4,Variations on Structure Matching,Various parsing strategies to generate class and call graphs from code,Different matching criteria,Different search algorithms,The fact that classes in a pattern have direct relationships to each other greatly reduces state explosions in many search algorithms,5,Structure Matching Papers,Rudolf K. Keller , Reinhard Schauer , Sbastien Robitaille , Patrick Pag,Pattern-based reverse-engineering of design components, Proceedings of the 21st international conference on Software engineering, p.226-235, May 16-22, 1999, Los Angeles, California, United States,Jochen Seemann , Jrgen Wolff von Gudenberg,Pattern-based design recovery of Java software, ACM SIGSOFT Software Engineering Notes, v.23 n.6, p.10-16, Nov. 1998,G. Antoniol , R. Fiutem , L. Cristoforetti,Design Pattern Recovery in Object-Oriented Software, Proceedings of the 6th International Workshop on Program Comprehension, p.153, June 24-26, 1998 (most cited paper),Istituto per la Ricerca Scientifica e Tecnologica Povo (Trento), Italy,J. Bansiya.,Automating design-pattern identication - DP+ is a tool for C+ programs,. Dr. Dobbs Journal, 1998.,Brown, K. (1997).,Design reverse-engineering and automated design pattern detection in Smalltalk,. thesis,Christian Kramer , Lutz Prechelt,Design Recovery by Automated Search for Structural Design Patterns in Object-Oriented Software, Proceedings of the 3rd Working Conference on Reverse Engineering (WCRE 96), p.208, November 08-10, 1996 (delegation check was manual),Uni Karlsruhe,6,Pattern Ambiguity,Abstraction,Operation(),VirtualImplementor,Virtual,OperationImp(),ConcreteImplementor,Concrete,OperationImp(),Invoker,Operation(),VirtualCommand,Virtual,Execute(),ConcreteCommand,Concrete,Execute(),Client,action(),Client,command(),Receiver,action(),Command,Bridge,7,MAISA,General structure recognition tool using constraint satisfaction,Add more constraints to improve accuracy,Parse code to intermediate UML models,Define constraints on model properties,(works for select structure patterns, not behavior),J. Gustafsson, L. Nenonen, and J. Paakki, University of Helsinki, 2000 many papers,8,Pattern Fingerprints,Extend property characterizations to prune candidate classes in a pattern,Booleans for large/small class, deep/shallow inheritance, mostly class/instance variables, etc.,Train pattern recognizer on tagged corpus,Claim greater accuracy (80% vs. 40%),Y.G. Gueheneuc, H. Sahraoui, F. Zaidi,Fingerprinting design patterns, 11th Working Conference on Reverse Engineering (WCRE04), pp. 172181. (University of Montreal, many papers),9,Behavior Matching,Query by Logic Meta Programming,Founded in Abstract Interpretation,Queries can have abstract/fuzzy values,Keeps structure models and properties,Adds execution trace,Recognizes Visitor based on its visit-then-execute trace,Coen De Roover, Kris Gybels, Theo DHondt:,Towards Abstract Interpretation for Recovering Design Information,. Electr. Notes Theor. Comput. Sci. 131: 15-25 (2005) (Free University, Brussels),10,Formal Content Analysis,Concepts have complete partial orders that form lattices,Concept lattices allow variations,not all mammals have legs,all legless mammals share other properties,Properties are still class relations and characteristics,Similar patterns form neighborhoods,Frank Buchli,Detecting Software Patterns Using Formal Concept Analysis, thesis, University of Bern, 2003 (advisor Oscar Nierstrasz).,11,Detecting Patterns in Comments,“,To identify the application of a pattern we search the log messages for the pattern name co-occurring with keywords taken from the patterns intend (italic words in the appendix) or the word pattern.”,Michael Hasler, “,A Quantitative Study of the Application of Design Patterns in Java,”, Working Papers on Information Processing and Information Management Nr. 01/2003, Institute of Information Processing and Information Management,12,Theorem Prover,Uses sigma calculus denotational semantics,Theorem prover based on reduction rules,Reduction rules make it easier to express equivalence variations (reduce this to that),Reduction rules scale to patterns of patterns,Richer property and relationship semantics,J. M. Smith and D. Stotts.,SPQR: flexible automated design pattern extraction from source code,. In Proc. Of the 18th IEEE International Conference on Automated Software Engineering, pages 215-224, October 2003. (UNC, results?),13,Basic Pattern Components,Objectifier,Virtual,Operation(),ConcreteObjectifier,Concrete,Operation(),Handler,handleRequest,(),Recursor,handleRequest,(),Client,action(),Initiator,makeRequest(),Object Recursion,Objectifier,Terminator,handleRequest,(),14,Task of Pattern Detection,Given a set of patterns, P,Given a program, X,Identify the presence of all patterns p in X, where p is an element of P,Our potential objective,Given sets of security patterns for specific security concerns,Confirm use of a known security pattern for each concern,15,Security Pattern Verification?,Probabilistic matching doesnt give much assurance (bad),SPQR is formal and gives proof (good),SPQR requires writing denotational semantics (bad),Most work demonstrate only simple examples,Security patterns are large, perhaps less prone to ambiguity,We know what we seek (small search space),16,
展开阅读全文