I am aiding core developers of the Linux kernel to use mutation analysis to improve kernel systems testing methods, and to verify critical algorithms. I am also investigating the use of bounded model checking (CBMC) on Linux kernel. As an outcome of this project so far we have identified 3 bugs in the Linux kernel. I am also applying mutation analysis on sqlite3 to improve its testing.
We developed a fault-localization technique that utilized correlation-based heuristics. The technique and tool was called Tarantula. Tarantula uses the pass/fail statuses of test cases and the events that occurred during execution of each test case to offer the developer recommendations of what may be the faults that are causing test-case failures. The intuition of the approach is to find correlations between execution events and test-case outcomes --- those events that correlate most highly with failure are suggested as places to begin investigation.
Android is the dominant mobile platform with 85% market share, as of the first quarter of 2017. At the same time, the number and sophistication of malicious Android apps are increasin.
ISR has long been an internationally recognized leader in research into all aspects of open source software development. In this role, researchers at ISR along with colleagues throughout the U.S. helped to develop a new agenda that can help guide future research into open source software development.
Permission-induced attacks, i.e., security breaches enabled by permission misuse, are among the most critical and frequent issues threatening the security of Android devices. By ignoring the temporal aspects of an attack during the analysis and enforcement, the state-of-the-art approaches aimed at protecting the users against such attacks are prone to have low-coverage in detection and high-disruption in prevention of permission-induced attacks. To address the aforementioned shortcomings, we present Terminator, a temporal permission analysis and enforcement framework for Android.
Research shows that sharing one’s location can help people stay connected, coordinate daily activities, and provide a sense of comfort and safety [1]. Recently, smartphones and location-based services (LBS) have become widely available in developed countries [7], but only a small percentage of smartphone users have ever tried sharing location with other people [8]. Our work aims to understand real-world factors shaping behaviors and attitudes towards social location-sharing, especially in regards to why people avoid or abandon the technology, or limit their usage.
This research focuses on techniques for identifying and reducing the costs, streamlining the process, and improving the readiness of future workforce for the acquisition of complex software systems. Emphasis is directed at identifying, tracking, and analyzing software component costs and cost reduction opportunities within acquisition life cycle of open architecture (OA) systems, where such systems combine best-of-breed software components and software products lines (SPLs) that are subject to different intellectual property (IP) license requirements.