Yung-Pin Cheng - Academia.edu (original) (raw)
Papers by Yung-Pin Cheng
IEEE Transactions on Education, Aug 1, 2010
This paper documents several years of experimentation with a new approach to organizing and manag... more This paper documents several years of experimentation with a new approach to organizing and managing projects in a software engineering course. The initial failure and subsequent refinements that the new approach has been through since 2004 are described herein. The "constrained and guided" approach, as it is called, has helped to reduce project failure rates, increase specification fulfillment rates, and improve the design quality of student projects. It has also enabled the instructor to evaluate student projects more objectively. The questionnaire survey conducted in this study also shows that students greatly appreciated the new approach because it enabled them to manage projects more effectively.
The Open Artificial Intelligence Journal, Feb 27, 2009
We consider the assignment of program tasks to processors in distributed computing systems such t... more We consider the assignment of program tasks to processors in distributed computing systems such that system cost is minimized and resource constraints are satisfied. Several formulations for this task assignment problem (TAP) have been proposed in the literature. Most of these TAP formulations, however, are NP-complete and thus finding exact solutions is computationally intractable. Recently, some approximation methods like simulated annealing have been proposed, and simulation results exhibited the potential to solve the TAP using metaheuristics. In order to better understand the strengths and weaknesses of various metaheuristics applied to the TAP, we first propose two alternative metaheuristics-one using genetic algorithm and the other reinforcement learning algorithm-as well as their implementation details. Extensive computational evidences of the two heuristic algorithms against that of simulated annealing are presented, compared and discussed. Based on these experimental results, a hybrid strategy employing both metaheuristics is then proposed in order to solve the TAP more effectively and efficiently.
Software, ranging from firmware, BIOS, and embedded software to complex software products, can on... more Software, ranging from firmware, BIOS, and embedded software to complex software products, can only be tested by designing test cases to go through code and then verifying the results with expected outcomes. When code is changed frequently, regression testing is critical to ensure that changes do not introduce new faults. However, depending on the input types of the system under test (SUT), regression tests often require testers to drive the SUT manually, mainly by keyboard and mouse. In the meantime, testers play an important role as test oracle to determine the correctness of a test run by observing if the SUT behaves abnormally. Regression tests can be automated by programming or adopting testing tools. The most cost-effective approach supported by some commercial testing tools is capturing the testing behaviors of a human tester and then replaying the tests to assert the correctness. Unfortunately, most capture/replay tools are designed for testing the software which must be executed under a general-purpose O.S. They are inapplicable to many software systems, such as embedded software, BIOS, etc. In this paper, a capture/replay testing tool called KORAT is proposed. KORAT adopts a hardware component to intercept and emulate keyboard/mouse signals to drive an SUT as if the SUT is interacting with a human. A tester can design and operate a test case on a correct SUT to record the behaviors into a KORAT test script, in which no programming skills are required. In a regression run, the test case is replayed and the correctness is asserted automatically by analyzing SUT's video output (aka, images) and sending keyboard and mouse signals smartly. The correctness of a replay run can be asserted by image recognition, optical character recognition (OCR), and ASCII string matching via networking. Since KORAT only interfaces the video output of a SUT, it is platform independent and non-intrusive; meaning there is no performance interference caused by KORAT's capture and replay. A real application of KORAT to BIOS regression testing of industrial computer (militarized computers) manufacturing is described.
IEEE Transactions on Education, Nov 1, 2008
Most well-known instructional operating systems are complex, particularly if their companion soft... more Most well-known instructional operating systems are complex, particularly if their companion software is taken into account. It takes considerable time and effort to craft these systems, and their complexity may introduce maintenance and evolution problems. In this paper, a courseware called Awk-Linux is proposed. Awk-Linux can be crafted relatively more easily and it does not depend on any hardware simulator or platform. The basic hardware functions provided by Awk-Linux include timer interrupt and page-fault interrupt, which are simulated through program instrumentation over user programs. Course projects based on Awk-Linux provide source code extracted and simplified from a Linux kernel. Results of this study indicate that the projects helped students better to understand inner workings of operating systems.
Most well-known instructional operating systems are complex, particularly if their companion soft... more Most well-known instructional operating systems are complex, particularly if their companion software is taken into account. It takes considerable time and effort to craft these sys- tems, and their complexity may introduce maintenance and evo- lution problems. In this paper, a courseware called Awk-Linux is proposed. Awk-Linux can be crafted relatively more easily and it does not depend on any hardware simulator or platform. The basic hardware functions provided by Awk-Linux include timer inter- rupt and page-fault interrupt, which are simulated through pro- gram instrumentation over user programs. Course projects based on Awk-Linux provide source code extracted and simplified from a Linux kernel.Results of this study indicate that the projects helped studentsbettertounderstandinner workingsofoperating systems. Index Terms—Computer science education, courseware, oper- ating system kernels, operating systems.
Automatic verification techniques, which analyze all processes at once, typically do not scale we... more Automatic verification techniques, which analyze all processes at once, typically do not scale well for large, complex concurrent software systems because of the theoretic barrier - PSPACE complexity in worst case. In this paper, we present our tool named ARCATS (Architecture Refactoring and Compositional Analysis Tool Suite). ARCATS consists a set of tools to combat state explosion in a divide-and-conquer,
Springer eBooks, 2006
Branching bisimulation minimization is often used to obtain a smaller but equivalent model for a ... more Branching bisimulation minimization is often used to obtain a smaller but equivalent model for a complicated one. It is particularly useful in compositional analysis to replace a subsystem’s behaviors with the minimal one so that the growth of states can be controlled in a hierarchical, divide-and-conquer manner. Nonetheless, branching bisimulation minimization is typically invoked after the whole state space is
Understanding an unfamiliar program is always a daunting task for any programmer, either experien... more Understanding an unfamiliar program is always a daunting task for any programmer, either experienced or inexperienced. Many studies have shown that even an experienced programmer who is already familiar with the code may still need to rediscover the code frequently during software maintenance. The difficulties of program comprehension is much more intense when a system is completely new. One well-known solution to this notorious problem is to create effective technical documentation to make up for the lack of knowledge.The purpose of technical documentation is to achieve the transfer of knowledge. However, creating effective technical documentation has been impeded by many problems in practice [1]. In this paper, we propose a novel tool called GeekyNote to address the major challenges in technical documentation. The key ideas GeekyNote proposes are: (1) documents are annotated to versioned source code transparently; (2) formal textual writings are discouraged and screencasts (or other forms of documents) are encouraged; (3) the up-to-dateness between documents and code can be detected, measured, and managed; (4) the documentation that works like a debugging-trace is supported; (5) couplings can be easily created and managed for future maintenance needs; (6) how good a system is documented can be measured. A demo video can be accessed at https://youtu.be/cBueuPVDgWM.
In practice, in-house testing is not guaranteed to detect all software errors. A plan for extensi... more In practice, in-house testing is not guaranteed to detect all software errors. A plan for extensive testing is often constrained by resources like cost and time. So, the need for continuous monitoring software programs in production runs is always strong. Software monitoring, however, suffers from the performance overhead of the probing techniques. Unless the overhead for probing is tolerable, the
Systems composed of many identical processes can sometimes be verified inductively using a networ... more Systems composed of many identical processes can sometimes be verified inductively using a network invariant, but systems whose component processes vary in some systematic way are not amenable to direct application of that method. We describe how variations in behavior can be "factored out" into additional processes, thus enabling induction over the number of processes. The process is semi-automatic: The designer must choose from among a set of idiomatic transformations, but each transformation is applied and checked automatically.
"Bad code smell" or "spaghetti code" is a jargon used among programmers to re... more "Bad code smell" or "spaghetti code" is a jargon used among programmers to refer to source code that is difficult to maintain, evolve, and change. We consider them as symptoms of poor software engineering practice. This paper presents an application of concept of ontology to develop a bad code smell taxonomy. We develop a taxonomy hierarchy which categorizes bad code smells from the viewpoints of refactoring. A more formal format is introduced to define the bad code smells more concretely. Besides, the relations among bad code smells, called semantic relations in ontology terms, are explored and established. The ontology can be used for reasoning in other applications.
Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Companion Proceedings
Understanding an unfamiliar program is always a daunting task for any programmer, either experien... more Understanding an unfamiliar program is always a daunting task for any programmer, either experienced or inexperienced. Many studies have shown that even an experienced programmer who is already familiar with the code may still need to rediscover the code frequently during software maintenance. The difficulties of program comprehension is much more intense when a system is completely new. One well-known solution to this notorious problem is to create effective technical documentation to make up for the lack of knowledge.The purpose of technical documentation is to achieve the transfer of knowledge. However, creating effective technical documentation has been impeded by many problems in practice [1]. In this paper, we propose a novel tool called GeekyNote to address the major challenges in technical documentation. The key ideas GeekyNote proposes are: (1) documents are annotated to versioned source code transparently; (2) formal textual writings are discouraged and screencasts (or other forms of documents) are encouraged; (3) the up-to-dateness between documents and code can be detected, measured, and managed; (4) the documentation that works like a debugging-trace is supported; (5) couplings can be easily created and managed for future maintenance needs; (6) how good a system is documented can be measured. A demo video can be accessed at https://youtu.be/cBueuPVDgWM.
"ICIC Express Letters, Part B: Applications An International Journal of Research and Surveys", 2014
Most well-known instructional operating systems are complex, particularly if their companion soft... more Most well-known instructional operating systems are complex, particularly if their companion software is taken into account. It takes considerable time and effort to craft these sys- tems, and their complexity may introduce maintenance and evo- lution problems. In this paper, a courseware called Awk-Linux is proposed. Awk-Linux can be crafted relatively more easily and it does not depend on any hardware simulator or platform. The basic hardware functions provided by Awk-Linux include timer inter- rupt and page-fault interrupt, which are simulated through pro- gram instrumentation over user programs. Course projects based on Awk-Linux provide source code extracted and simplified from a Linux kernel.Results of this study indicate that the projects helped studentsbettertounderstandinner workingsofoperating systems. Index Terms—Computer science education, courseware, oper- ating system kernels, operating systems.
Automatic verification techniques, which analyze all processes at once, typically do not scale we... more Automatic verification techniques, which analyze all processes at once, typically do not scale well for large, comple x concurrent software systems because of the theoretic barrier – PSPACEhard complexity in worst case. In this paper, we present our tool named ARCATS (Architecture Refactoring and Compositional Analysis Tool Suite). ARCATS consists a set of tools to combat state explosion in a divideand-conquer, hierarchical fashion. These tools can be applied in a multi-phased manner until a balance between intractability and feasibility is reached. We build these too ls to seek out perfect combinations for analyzing large-scale , complex software system with state space growth carefully
2016 IEEE AUTOTESTCON, 2016
Software, ranging from firmware, BIOS, and embedded software to complex software products, can on... more Software, ranging from firmware, BIOS, and embedded software to complex software products, can only be tested by designing test cases to go through code and then verifying the results with expected outcomes. When code is changed frequently, regression testing is critical to ensure that changes do not introduce new faults. However, depending on the input types of the system under test (SUT), regression tests often require testers to drive the SUT manually, mainly by keyboard and mouse. In the meantime, testers play an important role as test oracle to determine the correctness of a test run by observing if the SUT behaves abnormally. Regression tests can be automated by programming or adopting testing tools. The most cost-effective approach supported by some commercial testing tools is capturing the testing behaviors of a human tester and then replaying the tests to assert the correctness. Unfortunately, most capture/replay tools are designed for testing the software which must be executed under a general-purpose O.S. They are inapplicable to many software systems, such as embedded software, BIOS, etc. In this paper, a capture/replay testing tool called KORAT is proposed. KORAT adopts a hardware component to intercept and emulate keyboard/mouse signals to drive an SUT as if the SUT is interacting with a human. A tester can design and operate a test case on a correct SUT to record the behaviors into a KORAT test script, in which no programming skills are required. In a regression run, the test case is replayed and the correctness is asserted automatically by analyzing SUT's video output (aka, images) and sending keyboard and mouse signals smartly. The correctness of a replay run can be asserted by image recognition, optical character recognition (OCR), and ASCII string matching via networking. Since KORAT only interfaces the video output of a SUT, it is platform independent and non-intrusive; meaning there is no performance interference caused by KORAT's capture and replay. A real application of KORAT to BIOS regression testing of industrial computer (militarized computers) manufacturing is described.
Computers & Electrical Engineering, 2017
Abstract In this paper, we propose a client-based solution to detect “evil twin” attacks in wirel... more Abstract In this paper, we propose a client-based solution to detect “evil twin” attacks in wireless local area networks (WLANs). An evil twin is a kind of rogue Wi-Fi access point (AP) which has the same SSID name as a legitimate one and is set up by an attacker. After a victim associates his device with an evil twin, an attacker can eavesdrop sensitive data forwarded through the evil twin. Most existing detection solutions are administrator-based, which are used by wireless network administrators to verify whether a given AP is in an authorized list or not. Such administrator-based solutions are limited, hardly maintained, and difficult to protect users 24–7. Hence, we propose a client-based detection mechanism, called evil twin detector, to detect this type of attacks. An evil twin detector changes its wireless network interface card (WNIC) to monitor mode to capture wireless TCP/IP packets. Through analyzing captured packets, our detector allows client users to easily and precisely detect an evil twin, thus avoids threats created by evil twins. Our method does not need to know any authorized AP list, and does not rely on data training or machine learning technique. Finally, we implement a detecting system on Windows 7.
Although automated finite-state verification techniques have matured considerably in the past sev... more Although automated finite-state verification techniques have matured considerably in the past several years, they are invariably applicable only to simplified, idealized models of systems. Finding the right design abstractions and organizing a model to be amenable to automated verification, avoiding the well-known state explosion problem, is a creative task that cannot be fully automated. Nonetheless, some formal relation between the
Proceedings of the 5th international symposium on Software visualization, 2010
xDIVA, a 3D debugging visualization tool, provides a platform by which visualization metaphors ar... more xDIVA, a 3D debugging visualization tool, provides a platform by which visualization metaphors are interactive, composable and decoupled from data, i.e. a complicated visualization can be composed and assembled from basic ones, each of which is independently replaceable. Based on the progress of xDIVA, this tool demo paper describes an automatic animation system to generate interpolated frames between key frames,
Lecture Notes in Computer Science, 2006
Branching bisimulation minimization is often used to obtain a smaller but equivalent model for a ... more Branching bisimulation minimization is often used to obtain a smaller but equivalent model for a complicated one. It is particularly useful in compositional analysis to replace a subsystem’s behaviors with the minimal one so that the growth of states can be controlled in a hierarchical, divide-and-conquer manner. Nonetheless, branching bisimulation minimization is typically invoked after the whole state space is
IEEE Transactions on Education, Aug 1, 2010
This paper documents several years of experimentation with a new approach to organizing and manag... more This paper documents several years of experimentation with a new approach to organizing and managing projects in a software engineering course. The initial failure and subsequent refinements that the new approach has been through since 2004 are described herein. The "constrained and guided" approach, as it is called, has helped to reduce project failure rates, increase specification fulfillment rates, and improve the design quality of student projects. It has also enabled the instructor to evaluate student projects more objectively. The questionnaire survey conducted in this study also shows that students greatly appreciated the new approach because it enabled them to manage projects more effectively.
The Open Artificial Intelligence Journal, Feb 27, 2009
We consider the assignment of program tasks to processors in distributed computing systems such t... more We consider the assignment of program tasks to processors in distributed computing systems such that system cost is minimized and resource constraints are satisfied. Several formulations for this task assignment problem (TAP) have been proposed in the literature. Most of these TAP formulations, however, are NP-complete and thus finding exact solutions is computationally intractable. Recently, some approximation methods like simulated annealing have been proposed, and simulation results exhibited the potential to solve the TAP using metaheuristics. In order to better understand the strengths and weaknesses of various metaheuristics applied to the TAP, we first propose two alternative metaheuristics-one using genetic algorithm and the other reinforcement learning algorithm-as well as their implementation details. Extensive computational evidences of the two heuristic algorithms against that of simulated annealing are presented, compared and discussed. Based on these experimental results, a hybrid strategy employing both metaheuristics is then proposed in order to solve the TAP more effectively and efficiently.
Software, ranging from firmware, BIOS, and embedded software to complex software products, can on... more Software, ranging from firmware, BIOS, and embedded software to complex software products, can only be tested by designing test cases to go through code and then verifying the results with expected outcomes. When code is changed frequently, regression testing is critical to ensure that changes do not introduce new faults. However, depending on the input types of the system under test (SUT), regression tests often require testers to drive the SUT manually, mainly by keyboard and mouse. In the meantime, testers play an important role as test oracle to determine the correctness of a test run by observing if the SUT behaves abnormally. Regression tests can be automated by programming or adopting testing tools. The most cost-effective approach supported by some commercial testing tools is capturing the testing behaviors of a human tester and then replaying the tests to assert the correctness. Unfortunately, most capture/replay tools are designed for testing the software which must be executed under a general-purpose O.S. They are inapplicable to many software systems, such as embedded software, BIOS, etc. In this paper, a capture/replay testing tool called KORAT is proposed. KORAT adopts a hardware component to intercept and emulate keyboard/mouse signals to drive an SUT as if the SUT is interacting with a human. A tester can design and operate a test case on a correct SUT to record the behaviors into a KORAT test script, in which no programming skills are required. In a regression run, the test case is replayed and the correctness is asserted automatically by analyzing SUT's video output (aka, images) and sending keyboard and mouse signals smartly. The correctness of a replay run can be asserted by image recognition, optical character recognition (OCR), and ASCII string matching via networking. Since KORAT only interfaces the video output of a SUT, it is platform independent and non-intrusive; meaning there is no performance interference caused by KORAT's capture and replay. A real application of KORAT to BIOS regression testing of industrial computer (militarized computers) manufacturing is described.
IEEE Transactions on Education, Nov 1, 2008
Most well-known instructional operating systems are complex, particularly if their companion soft... more Most well-known instructional operating systems are complex, particularly if their companion software is taken into account. It takes considerable time and effort to craft these systems, and their complexity may introduce maintenance and evolution problems. In this paper, a courseware called Awk-Linux is proposed. Awk-Linux can be crafted relatively more easily and it does not depend on any hardware simulator or platform. The basic hardware functions provided by Awk-Linux include timer interrupt and page-fault interrupt, which are simulated through program instrumentation over user programs. Course projects based on Awk-Linux provide source code extracted and simplified from a Linux kernel. Results of this study indicate that the projects helped students better to understand inner workings of operating systems.
Most well-known instructional operating systems are complex, particularly if their companion soft... more Most well-known instructional operating systems are complex, particularly if their companion software is taken into account. It takes considerable time and effort to craft these sys- tems, and their complexity may introduce maintenance and evo- lution problems. In this paper, a courseware called Awk-Linux is proposed. Awk-Linux can be crafted relatively more easily and it does not depend on any hardware simulator or platform. The basic hardware functions provided by Awk-Linux include timer inter- rupt and page-fault interrupt, which are simulated through pro- gram instrumentation over user programs. Course projects based on Awk-Linux provide source code extracted and simplified from a Linux kernel.Results of this study indicate that the projects helped studentsbettertounderstandinner workingsofoperating systems. Index Terms—Computer science education, courseware, oper- ating system kernels, operating systems.
Automatic verification techniques, which analyze all processes at once, typically do not scale we... more Automatic verification techniques, which analyze all processes at once, typically do not scale well for large, complex concurrent software systems because of the theoretic barrier - PSPACE complexity in worst case. In this paper, we present our tool named ARCATS (Architecture Refactoring and Compositional Analysis Tool Suite). ARCATS consists a set of tools to combat state explosion in a divide-and-conquer,
Springer eBooks, 2006
Branching bisimulation minimization is often used to obtain a smaller but equivalent model for a ... more Branching bisimulation minimization is often used to obtain a smaller but equivalent model for a complicated one. It is particularly useful in compositional analysis to replace a subsystem’s behaviors with the minimal one so that the growth of states can be controlled in a hierarchical, divide-and-conquer manner. Nonetheless, branching bisimulation minimization is typically invoked after the whole state space is
Understanding an unfamiliar program is always a daunting task for any programmer, either experien... more Understanding an unfamiliar program is always a daunting task for any programmer, either experienced or inexperienced. Many studies have shown that even an experienced programmer who is already familiar with the code may still need to rediscover the code frequently during software maintenance. The difficulties of program comprehension is much more intense when a system is completely new. One well-known solution to this notorious problem is to create effective technical documentation to make up for the lack of knowledge.The purpose of technical documentation is to achieve the transfer of knowledge. However, creating effective technical documentation has been impeded by many problems in practice [1]. In this paper, we propose a novel tool called GeekyNote to address the major challenges in technical documentation. The key ideas GeekyNote proposes are: (1) documents are annotated to versioned source code transparently; (2) formal textual writings are discouraged and screencasts (or other forms of documents) are encouraged; (3) the up-to-dateness between documents and code can be detected, measured, and managed; (4) the documentation that works like a debugging-trace is supported; (5) couplings can be easily created and managed for future maintenance needs; (6) how good a system is documented can be measured. A demo video can be accessed at https://youtu.be/cBueuPVDgWM.
In practice, in-house testing is not guaranteed to detect all software errors. A plan for extensi... more In practice, in-house testing is not guaranteed to detect all software errors. A plan for extensive testing is often constrained by resources like cost and time. So, the need for continuous monitoring software programs in production runs is always strong. Software monitoring, however, suffers from the performance overhead of the probing techniques. Unless the overhead for probing is tolerable, the
Systems composed of many identical processes can sometimes be verified inductively using a networ... more Systems composed of many identical processes can sometimes be verified inductively using a network invariant, but systems whose component processes vary in some systematic way are not amenable to direct application of that method. We describe how variations in behavior can be "factored out" into additional processes, thus enabling induction over the number of processes. The process is semi-automatic: The designer must choose from among a set of idiomatic transformations, but each transformation is applied and checked automatically.
"Bad code smell" or "spaghetti code" is a jargon used among programmers to re... more "Bad code smell" or "spaghetti code" is a jargon used among programmers to refer to source code that is difficult to maintain, evolve, and change. We consider them as symptoms of poor software engineering practice. This paper presents an application of concept of ontology to develop a bad code smell taxonomy. We develop a taxonomy hierarchy which categorizes bad code smells from the viewpoints of refactoring. A more formal format is introduced to define the bad code smells more concretely. Besides, the relations among bad code smells, called semantic relations in ontology terms, are explored and established. The ontology can be used for reasoning in other applications.
Proceedings of the ACM/IEEE 42nd International Conference on Software Engineering: Companion Proceedings
Understanding an unfamiliar program is always a daunting task for any programmer, either experien... more Understanding an unfamiliar program is always a daunting task for any programmer, either experienced or inexperienced. Many studies have shown that even an experienced programmer who is already familiar with the code may still need to rediscover the code frequently during software maintenance. The difficulties of program comprehension is much more intense when a system is completely new. One well-known solution to this notorious problem is to create effective technical documentation to make up for the lack of knowledge.The purpose of technical documentation is to achieve the transfer of knowledge. However, creating effective technical documentation has been impeded by many problems in practice [1]. In this paper, we propose a novel tool called GeekyNote to address the major challenges in technical documentation. The key ideas GeekyNote proposes are: (1) documents are annotated to versioned source code transparently; (2) formal textual writings are discouraged and screencasts (or other forms of documents) are encouraged; (3) the up-to-dateness between documents and code can be detected, measured, and managed; (4) the documentation that works like a debugging-trace is supported; (5) couplings can be easily created and managed for future maintenance needs; (6) how good a system is documented can be measured. A demo video can be accessed at https://youtu.be/cBueuPVDgWM.
"ICIC Express Letters, Part B: Applications An International Journal of Research and Surveys", 2014
Most well-known instructional operating systems are complex, particularly if their companion soft... more Most well-known instructional operating systems are complex, particularly if their companion software is taken into account. It takes considerable time and effort to craft these sys- tems, and their complexity may introduce maintenance and evo- lution problems. In this paper, a courseware called Awk-Linux is proposed. Awk-Linux can be crafted relatively more easily and it does not depend on any hardware simulator or platform. The basic hardware functions provided by Awk-Linux include timer inter- rupt and page-fault interrupt, which are simulated through pro- gram instrumentation over user programs. Course projects based on Awk-Linux provide source code extracted and simplified from a Linux kernel.Results of this study indicate that the projects helped studentsbettertounderstandinner workingsofoperating systems. Index Terms—Computer science education, courseware, oper- ating system kernels, operating systems.
Automatic verification techniques, which analyze all processes at once, typically do not scale we... more Automatic verification techniques, which analyze all processes at once, typically do not scale well for large, comple x concurrent software systems because of the theoretic barrier – PSPACEhard complexity in worst case. In this paper, we present our tool named ARCATS (Architecture Refactoring and Compositional Analysis Tool Suite). ARCATS consists a set of tools to combat state explosion in a divideand-conquer, hierarchical fashion. These tools can be applied in a multi-phased manner until a balance between intractability and feasibility is reached. We build these too ls to seek out perfect combinations for analyzing large-scale , complex software system with state space growth carefully
2016 IEEE AUTOTESTCON, 2016
Software, ranging from firmware, BIOS, and embedded software to complex software products, can on... more Software, ranging from firmware, BIOS, and embedded software to complex software products, can only be tested by designing test cases to go through code and then verifying the results with expected outcomes. When code is changed frequently, regression testing is critical to ensure that changes do not introduce new faults. However, depending on the input types of the system under test (SUT), regression tests often require testers to drive the SUT manually, mainly by keyboard and mouse. In the meantime, testers play an important role as test oracle to determine the correctness of a test run by observing if the SUT behaves abnormally. Regression tests can be automated by programming or adopting testing tools. The most cost-effective approach supported by some commercial testing tools is capturing the testing behaviors of a human tester and then replaying the tests to assert the correctness. Unfortunately, most capture/replay tools are designed for testing the software which must be executed under a general-purpose O.S. They are inapplicable to many software systems, such as embedded software, BIOS, etc. In this paper, a capture/replay testing tool called KORAT is proposed. KORAT adopts a hardware component to intercept and emulate keyboard/mouse signals to drive an SUT as if the SUT is interacting with a human. A tester can design and operate a test case on a correct SUT to record the behaviors into a KORAT test script, in which no programming skills are required. In a regression run, the test case is replayed and the correctness is asserted automatically by analyzing SUT's video output (aka, images) and sending keyboard and mouse signals smartly. The correctness of a replay run can be asserted by image recognition, optical character recognition (OCR), and ASCII string matching via networking. Since KORAT only interfaces the video output of a SUT, it is platform independent and non-intrusive; meaning there is no performance interference caused by KORAT's capture and replay. A real application of KORAT to BIOS regression testing of industrial computer (militarized computers) manufacturing is described.
Computers & Electrical Engineering, 2017
Abstract In this paper, we propose a client-based solution to detect “evil twin” attacks in wirel... more Abstract In this paper, we propose a client-based solution to detect “evil twin” attacks in wireless local area networks (WLANs). An evil twin is a kind of rogue Wi-Fi access point (AP) which has the same SSID name as a legitimate one and is set up by an attacker. After a victim associates his device with an evil twin, an attacker can eavesdrop sensitive data forwarded through the evil twin. Most existing detection solutions are administrator-based, which are used by wireless network administrators to verify whether a given AP is in an authorized list or not. Such administrator-based solutions are limited, hardly maintained, and difficult to protect users 24–7. Hence, we propose a client-based detection mechanism, called evil twin detector, to detect this type of attacks. An evil twin detector changes its wireless network interface card (WNIC) to monitor mode to capture wireless TCP/IP packets. Through analyzing captured packets, our detector allows client users to easily and precisely detect an evil twin, thus avoids threats created by evil twins. Our method does not need to know any authorized AP list, and does not rely on data training or machine learning technique. Finally, we implement a detecting system on Windows 7.
Although automated finite-state verification techniques have matured considerably in the past sev... more Although automated finite-state verification techniques have matured considerably in the past several years, they are invariably applicable only to simplified, idealized models of systems. Finding the right design abstractions and organizing a model to be amenable to automated verification, avoiding the well-known state explosion problem, is a creative task that cannot be fully automated. Nonetheless, some formal relation between the
Proceedings of the 5th international symposium on Software visualization, 2010
xDIVA, a 3D debugging visualization tool, provides a platform by which visualization metaphors ar... more xDIVA, a 3D debugging visualization tool, provides a platform by which visualization metaphors are interactive, composable and decoupled from data, i.e. a complicated visualization can be composed and assembled from basic ones, each of which is independently replaceable. Based on the progress of xDIVA, this tool demo paper describes an automatic animation system to generate interpolated frames between key frames,
Lecture Notes in Computer Science, 2006
Branching bisimulation minimization is often used to obtain a smaller but equivalent model for a ... more Branching bisimulation minimization is often used to obtain a smaller but equivalent model for a complicated one. It is particularly useful in compositional analysis to replace a subsystem’s behaviors with the minimal one so that the growth of states can be controlled in a hierarchical, divide-and-conquer manner. Nonetheless, branching bisimulation minimization is typically invoked after the whole state space is