Árpád Beszédes

Columbus - reverse engineering tool and schema for C++

One of the most critical issues in large-scale software development and maintenance is the rapidly growing size and complexity of software systems. As a result of this rapid growth there is a need to better understand the relationships between the different parts of a large software system. In this paper we present a reverse engineering framework called Columbus that is able to analyze large C++ projects, and a schema for C++ that prescribes the form of the extracted data. The flexible architecture of the Columbus system with a powerful C++ analyzer and schema makes it a versatile and readily extendible toolset for reverse engineering. This tool is free for scientific and educational purposes and we fervently hope that it will assist academic persons in any research work related to C++ re- and reverse engineering.

An efficient relevant slicing method for debugging

Dynamic program slicing methods are widely used for debugging, because many statements can be ignored in the process of localizing a bug. A dynamic program slice with respect to a variable contains only those statements that actually had an influence on this variable. However, during debugging we also need to identify those statements that actually did not affect the variable but could have affected it had they been evaluated differently. A relevant slice includes these potentially affecting statements as well, therefore it is appropriate for debugging. In this paper a forward algorithm is introduced for the computation of relevant slices of programs. The space requirement of this method does not depend on the number of different dynamic slices nor on the size of the execution history, hence it can be applied for real size applications.

Survey of code-size reduction methods

Program code compression is an emerging research activity that is having an impact in several production areas such as networking and embedded systems. This is because the reduced-sized code can have a positive impact on network traffic and embedded system costs such as memory requirements and power consumption. Although code-size reduction is a relatively new research area, numerous publications already exist on it. The methods published usually have different motivations and a variety of application contexts. They may use different principles and their publications often use diverse notations. To our knowledge, there are no publications that present a good overview of this broad range of methods and give a useful assessment. This article surveys twelve methods and several related works appearing in some 50 papers published up to now. We provide extensive assessment criteria for evaluating the methods and offer a basis for comparison. We conclude that it is fairly hard to make any fair comparisons of the methods or draw conclusions about their applicability.

Dynamic slicing method for maintenance of large C programs

Different program slicing methods are used for maintenance, reverse engineering, testing and debugging. Slicing algorithms can be classified as static slicing and dynamic slicing methods. In several applications the computation of dynamic slices is preferable, since it can produce more precise results. In this paper, we introduce a new forward global method for computing backward dynamic slices of C programs. In parallel to the program execution, the algorithm determines the dynamic slices for any program instruction. We also propose a solution for some problems specific to the C language (such as pointers and function calls). The main advantage of our algorithm is that it can be applied to real-size C programs, because its memory requirements are proportional to the number of different memory locations used by the program (which is in most cases far smaller than the size of the execution history which is, in fact, the absolute upper bound of our algorithm).

Data exchange with the columbus schema for c

To successfully carry out a software maintenance or reengineering task, a suitably assembled set of tools is required, which interoperate seaminglessly. To achieve this goal, an exchange format is needed that can be used to represent the facts extracted from a software system in a standardized way; serving as an output of one tool and as an input for other tools. In this paper we propose a modular schema for C++, called the Columbus schema. The schema has been implemented in the Columbus/CAN front end framework tool and is already utilized in several usages, one of which is its representation in the GXL form.

Columbus schema for C/C++ preprocessing

File inclusion, conditional compilation and macro processing has made the C/C++ preprocessor a powerful tool for programmers. However, program code with lots of directives often causes difficulties in program understanding and maintenance. The main source of the problem is the difference between the code that the programmer sees and the preprocessed code that the compiler gets. To aid program comprehension we designed a C/C++ preprocessor schema (supplementing the Columbus schema for C++) and implemented a preprocessor which produces both preprocessed files and schema instances. The instances of the schema may be used to model: (1) preprocessor constructs in the original source code, (2) the preprocessed compilation unit, and (3) the transformations made by the preprocessor.

Static Execute After/Before as a replacement of traditional software dependencies

The paper explores Static Execute After (SEA) dependencies in the program and their dual Static Execute Before (SEB) dependencies. It empirically compares the SEA/SEB dependencies with the traditional dependencies that are computed by System Dependence Graph (SDG) and program slicers. In our case study we use about 30 subject programs that were previously used by other authors in empirical studies of program analysis. We report two main results. The computation of SEA/SEB is much less expensive and much more scalable than the computation of the SDG. At the same time, the precision declines only very slightly, by some 4% on average. In other words, the precision is comparable to that of the leading traditional algorithms, while intuitively a much larger difference would be expected. The paper then discusses whether based on these results the computation of the SDG should be replaced in some applications by the computation of the SEA/SEB.

Predictive complex event processing: a conceptual framework for combining complex event processing and predictive analytics

Complex Event Processing deals with the detection of complex events based on rules and patterns defined by domain experts. Many complex events require real-time detection in order to have enough time for appropriate reactions. However, there are several events (e.g. credit card fraud) that should be prevented proactively before they occur, not just responded after they happened. In this paper, we briefly describe Complex Event Processing (CEP) and Predictive Analytics (PA). Afterwards, we focus on a major future direction of CEP, namely the inclusion of PA technologies into CEP tools and applications. Involving PA opens a wide range of possibilities in several application fields. However, we have observed that only few solutions apply PA techniques. In this paper, we define a conceptual framework which combines CEP and PA and which can be the basis of generic design pattern in the future. The conceptual framework is demonstrated in a proof--of--concept experiment. Finally we provide the results and lessons learned.

Computation of Static Execute After Relation with Applications to Software Maintenance

In this paper, we introduce static execute after (SEA) relationship among program components and present an efficient analysis algorithm. Our case studies show that SEA may approximate static slicing with perfect recall and high precision, while being much less expensive and more usable. When differentiating between explicit and hidden dependencies, our case studies also show that SEA may correlate with direct and indirect class coupling. We speculate that SEA may find applications in computation of hidden dependencies and through it in many maintenance tasks, including change propagation and regression testing.

Code coverage-based regression test selection and prioritization in WebKit

Automated regression testing is often crucial in order to maintain the quality of a continuously evolving software system. However, in many cases regression test suites tend to grow too large to be suitable for full re-execution at each change of the software. In this case selective retesting can be applied to reduce the testing cost while maintaining similar defect detection capability. One of the basic test selection methods is the one based on code coverage information, where only those tests are included that cover some parts of the changes. We experimentally applied this method to the open source web browser engine project WebKit to find out the technical difficulties and the expected benefits if this method is to be introduced into the actual build process. Although the principle is simple, we had to solve a number of technical issues, so we report how this method was adapted to be used in the official build environment. Second, we present results about the selection capabilities for a selected set of revisions of WebKit, which are promising. We also applied different test case prioritization strategies to further reduce the number of tests to execute. We explain these strategies and compare their usefulness in terms of defect detection and test suite reduction.