The Experts below are selected from a list of 258 Experts worldwide ranked by ideXlab platform
José Carlos Maldonado - One of the best experts on this subject based on the ideXlab platform.
-
Smart Debugging Software architectural design in SDL
Journal of Systems and Software, 2005Co-Authors: W. Eric Wong, Tatiana Sugeta, José Carlos MaldonadoAbstract:Statistical data show that it is much cheaper to fix Software bugs at the early design stage than the late stage of the development process where the final system has already been implemented and integrated together. The use of slicing and execution histories as an aid in Software Debugging is well established for programming languages like C and C++; however, it is rarely applied in the field of Software specification for designs. We propose a solution by applying the technology at source code level to Debugging Software designs represented in a high-level specification and description language such as SDL. More specifically, we extend execution slice-based heuristics from source code-based Debugging to the Software design specification level. Suspicious locations in an SDL specification are prioritized based on their likelihood of containing faults. Locations with a higher priority should be examined first rather than those with a lower priority as the former are more suspicious than the latter, i.e., more likely to contain the faults. A Debugging tool, SmartDSDL, with user-friendly interfaces was developed to support our method. An experiment is reported to demonstrate the feasibility of using our method to effectively debug an architectural design.
-
COMPSAC - Smart Debugging Software architectural design in SDL
Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003, 1Co-Authors: W. Eric Wong, Tatiana Sugeta, José Carlos MaldonadoAbstract:Statistical data show that it is much less expensive to correct Software bugs at the early design stage rather than the late stage of the development process when the final system has already been implemented and integrated together. The use of slicing and execution histories as an aid in Software Debugging is well established for programming languages like C and C++; however, it is rarely applied in the field of Software design specification. We propose a solution by applying the source code level technologies to Debugging Software designs represented in a high-level specification and description language such as SDL. More specifically, we extend execution slice-based heuristics from source code-based Debugging to the Software design specification level. Suspicious locations in an SDL specification are prioritized by their likelihood of containing faults. Locations with a higher priority should be examined first rather than those with a lower priority as the former are more likely to contain the faults. A Debugging tool, SmartD/sub DSL/, with user-friendly interfaces was developed to support our method. An illustration is provided to demonstrate the feasibility of using our method to effectively debug an architectural design.
W. Eric Wong - One of the best experts on this subject based on the ideXlab platform.
-
Smart Debugging Software architectural design in SDL
Journal of Systems and Software, 2005Co-Authors: W. Eric Wong, Tatiana Sugeta, José Carlos MaldonadoAbstract:Statistical data show that it is much cheaper to fix Software bugs at the early design stage than the late stage of the development process where the final system has already been implemented and integrated together. The use of slicing and execution histories as an aid in Software Debugging is well established for programming languages like C and C++; however, it is rarely applied in the field of Software specification for designs. We propose a solution by applying the technology at source code level to Debugging Software designs represented in a high-level specification and description language such as SDL. More specifically, we extend execution slice-based heuristics from source code-based Debugging to the Software design specification level. Suspicious locations in an SDL specification are prioritized based on their likelihood of containing faults. Locations with a higher priority should be examined first rather than those with a lower priority as the former are more suspicious than the latter, i.e., more likely to contain the faults. A Debugging tool, SmartDSDL, with user-friendly interfaces was developed to support our method. An experiment is reported to demonstrate the feasibility of using our method to effectively debug an architectural design.
-
COMPSAC - Smart Debugging Software architectural design in SDL
Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003, 1Co-Authors: W. Eric Wong, Tatiana Sugeta, José Carlos MaldonadoAbstract:Statistical data show that it is much less expensive to correct Software bugs at the early design stage rather than the late stage of the development process when the final system has already been implemented and integrated together. The use of slicing and execution histories as an aid in Software Debugging is well established for programming languages like C and C++; however, it is rarely applied in the field of Software design specification. We propose a solution by applying the source code level technologies to Debugging Software designs represented in a high-level specification and description language such as SDL. More specifically, we extend execution slice-based heuristics from source code-based Debugging to the Software design specification level. Suspicious locations in an SDL specification are prioritized by their likelihood of containing faults. Locations with a higher priority should be examined first rather than those with a lower priority as the former are more likely to contain the faults. A Debugging tool, SmartD/sub DSL/, with user-friendly interfaces was developed to support our method. An illustration is provided to demonstrate the feasibility of using our method to effectively debug an architectural design.
Tatiana Sugeta - One of the best experts on this subject based on the ideXlab platform.
-
Smart Debugging Software architectural design in SDL
Journal of Systems and Software, 2005Co-Authors: W. Eric Wong, Tatiana Sugeta, José Carlos MaldonadoAbstract:Statistical data show that it is much cheaper to fix Software bugs at the early design stage than the late stage of the development process where the final system has already been implemented and integrated together. The use of slicing and execution histories as an aid in Software Debugging is well established for programming languages like C and C++; however, it is rarely applied in the field of Software specification for designs. We propose a solution by applying the technology at source code level to Debugging Software designs represented in a high-level specification and description language such as SDL. More specifically, we extend execution slice-based heuristics from source code-based Debugging to the Software design specification level. Suspicious locations in an SDL specification are prioritized based on their likelihood of containing faults. Locations with a higher priority should be examined first rather than those with a lower priority as the former are more suspicious than the latter, i.e., more likely to contain the faults. A Debugging tool, SmartDSDL, with user-friendly interfaces was developed to support our method. An experiment is reported to demonstrate the feasibility of using our method to effectively debug an architectural design.
-
COMPSAC - Smart Debugging Software architectural design in SDL
Proceedings 27th Annual International Computer Software and Applications Conference. COMPAC 2003, 1Co-Authors: W. Eric Wong, Tatiana Sugeta, José Carlos MaldonadoAbstract:Statistical data show that it is much less expensive to correct Software bugs at the early design stage rather than the late stage of the development process when the final system has already been implemented and integrated together. The use of slicing and execution histories as an aid in Software Debugging is well established for programming languages like C and C++; however, it is rarely applied in the field of Software design specification. We propose a solution by applying the source code level technologies to Debugging Software designs represented in a high-level specification and description language such as SDL. More specifically, we extend execution slice-based heuristics from source code-based Debugging to the Software design specification level. Suspicious locations in an SDL specification are prioritized by their likelihood of containing faults. Locations with a higher priority should be examined first rather than those with a lower priority as the former are more likely to contain the faults. A Debugging tool, SmartD/sub DSL/, with user-friendly interfaces was developed to support our method. An illustration is provided to demonstrate the feasibility of using our method to effectively debug an architectural design.
Robert E. Thomas - One of the best experts on this subject based on the ideXlab platform.
-
Debugging Software Patents: Increasing Innovation and Reducing Uncertainty in the Judicial Reform of Software Patent Law
Santa Clara High Technology Law Journal, 2008Co-Authors: Robert E. ThomasAbstract:I. INTRODUCTION The issue of patentability and patent infringement are among the most contentious areas of intellectual property law. (1) Whereas attempts to reform patent law in Congress face a protracted and questionable fate, recent decisions indicate that the courts may precede Congress on this front. For example, in eBay, Inc. v. MercExchange, L.L.C., (2) Justice Kennedy questioned both the strategic use of patents and the validity of some business method patents as reasons for making injunctive relief more difficult to obtain in patent infringement cases. (3) Although Justice Kennedy's concerns are legitimate, the genesis of the problem is more fundamental. Historically, policy makers have recognized that excessive use of patent exclusivity can have a deleterious effect on commercial activities. Therefore, Congress and the courts had traditionally been reticent to expand patent subject matter. (4) However, during the last few decades this cautious approach has subsided, leading to the wholesale recognition of controversial areas of innovation that provide society with little or no benefit. (5) This paper argues that the expansive recognition of certain types of innovation--namely computer Software and business methods---impedes innovation, and that the courts are in the best position to address this problem. (6) Although, the U.S. Court of Appeals for the Federal Circuit (CAFC) has taken an initial step to resolve these concerns in its recent In re Bilski (7) decision, it may take Supreme Court action to fully address the problems that multiple CAFC decisions have created by recognizing Software patents. (8) Software innovation requires little investment, so patents are not needed to promote this type of innovation. Instead, patent-generated Software monopolies dramatically increase competitors' research and development (R&D) costs, resulting in an overall decline in innovation. The Supreme Court has the ability to dramatically refocus Software patent policy in a socially beneficial direction by reinvigorating its existing precedents. These precedents require process claims containing Software to transform or reduce "an article to a different state or thing." (9) A strict interpretation and application of this test (the physical-transformation test) would render most pure Software and business method patent claims unpatentable. A shift in patent policy away from the CAFC's overly inclusive interpretation of patent subject matter will both promote innovation and reduce Software patent infringement litigation. Moreover, if existing patents are grandfathered under this policy shift, the Court can minimize damages to settled expectations and existing patent holders. The analysis begins with a review of the judicial treatment of Software patent law. With its 1981 Diamond v. Diehr (10) decision, the Supreme Court ended its efforts to provide guidelines for patent coverage of Software innovations. (11) The CAFC, revealing a pro-patent-expansion bias, chipped away at this restraint, eventually removing all limitations to patent coverage of Software and business methods. (12) To promote innovation and reduce litigation, courts should adopt policies that not only advance social welfare but also do not increase legal uncertainty. Using this theoretical framework, I provide reform recommendations that balance judicial and theoretical considerations and explain why some previously advanced recommendations are likely to produce more problems than they solve. II. THE SUPREME COURT AND THE DETERMINATION OF STATUTORY SUBJECT MATTER A. The Development of Statutory-Subject-Matter Jurisprudence Although patent policy is within Congress' domain, the courts have long played a pivotal role in determining patent policy. The constitutional authorization for patents (the "Patent Clause") is parsimonious. (13) While providing Congress with a single tool--periods of exclusivity--to promote innovation, the Patent Clause fails to provide detailed guidance about the limits of innovative activity entitled to constitutional protection. …
-
Debugging Software Patents: Increasing Innovation and Reducing Uncertainty in the Judicial Reform of Software Patent Law
2008Co-Authors: Robert E. ThomasAbstract:Software patents not only do no promote innovation, they instead reduce it. The U.S. Executive branch has recommended against recognizing Software patents, and the Supreme Court has never rejected a test (its physical-transformation test) that would invalidate pure business method and Software patents. In this paper, I review the genesis of the patentability of Software patents, analyze the social welfare implications of recognizing Software as patentable subject matter and examine recommendations for reform. Others have suggested, among other things, enhancing Software patent claim disclosure requirements to address social welfare losses. I conclude that altering disclosure requirements would dramatically increase litigation while reducing the value of most Software patents. Instead, the only way to optimally reform Software patent law without destroying settled expectations of current Software patent holders, is for the Supreme Court to reinstate and apply prospectively its physical-transformation test.
-
Debugging Software Patents: Increasing Innovation and Reducing Uncertainty in the Judicial Design of Optimal Software Patent Law
SSRN Electronic Journal, 2008Co-Authors: Robert E. ThomasAbstract:Software patents not only do no promote innovation, they instead reduce it. The U.S. Executive branch has recommended against recognizing Software patents, and the Supreme Court has never rejected a test (its physical-transformation test) that would invalidate pure business method and Software patents. In this paper, I review the genesis of the patentability of Software patents, analyze the social welfare implications of recognizing Software as patentable subject matter and examine recommendations for reform. Others have suggested, among other things, enhancing Software patent claim disclosure requirements to address social welfare losses. I conclude that altering disclosure requirements would dramatically increase litigation while reducing the value of most Software patents. Instead, the only way to optimally reform Software patent law without destroying settled expectations of current Software patent holders, is for the Supreme Court to reinstate and apply prospectively its physical-transformation test.
Bjorn De Sutter - One of the best experts on this subject based on the ideXlab platform.
-
Resilient Self-Debugging Software Protection
arXiv: Cryptography and Security, 2020Co-Authors: Bert Abrath, Bart Coppens, Ilja Nevolin, Bjorn De SutterAbstract:Debuggers are a popular reverse engineering and tampering tool. Self-Debugging is an effective technique for applications to defend themselves against hostile debuggers. In penetration tests on state-of-the-art self-Debugging, we observed several opportunities through which it could be attacked, however. We therefore improved upon the existing technique, making it more resilient by introducing reciprocal Debugging and making the transfers of control between protected application and self-debugger more stealthy. This paper presents the improved self-Debugging design, and details our research efforts into realizing reciprocal Debugging. In our evaluation we show that the improved design is significantly harder for attackers to defeat.
-
tightly coupled self Debugging Software protection
Proceedings of the 6th Workshop on Software Security Protection and Reverse Engineering, 2016Co-Authors: Bert Abrath, Bart Coppens, Stijn Volckaert, Joris Wijnant, Bjorn De SutterAbstract:Existing anti-Debugging protections are relatively weak. In existing self-debugger approaches, a custom debugger is attached to the main application, of which the control flow is obfuscated by redirecting it through the debugger. The coupling between the debugger and the main application is then quite loose, and not that hard to break by an attacker. In the tightly-coupled self-Debugging technique proposed in this paper, full code fragments are migrated from the application to the debugger, making it harder for the attacker to reverse-engineer the program and to deconstruct it into the original unprotected program to attach a debugger or to collect traces. We evaluate a prototype implementation on three complex, real-world Android use cases and present the results of tests conducted by professional penetration testers.
-
SSPREW@ACSAC - Tightly-coupled self-Debugging Software protection
Proceedings of the 6th Workshop on Software Security Protection and Reverse Engineering - SSPREW '16, 2016Co-Authors: Bert Abrath, Bart Coppens, Stijn Volckaert, Joris Wijnant, Bjorn De SutterAbstract:Existing anti-Debugging protections are relatively weak. In existing self-debugger approaches, a custom debugger is attached to the main application, of which the control flow is obfuscated by redirecting it through the debugger. The coupling between the debugger and the main application is then quite loose, and not that hard to break by an attacker. In the tightly-coupled self-Debugging technique proposed in this paper, full code fragments are migrated from the application to the debugger, making it harder for the attacker to reverse-engineer the program and to deconstruct it into the original unprotected program to attach a debugger or to collect traces. We evaluate a prototype implementation on three complex, real-world Android use cases and present the results of tests conducted by professional penetration testers.
