Xiaodong Yi,Ji Wang,Xuejun Yang

DOI: https://doi.org/10.1142/s0218194006002987

IF: 1.007

2006-01-01

International Journal of Software Engineering and Knowledge Engineering

Abstract:This paper presents a novel method, namely slicing execution, for model checking C programs with respect to temporal safety properties. The distinguished feature is that it shows a nice approach to the efficient reduction of state space by abstraction and symbolic representation. Slicing execution is founded on an over-approximated semantics of C programs by variable abstraction, and executes symbolically only the relevant statements under abstraction criteria to construct over-approximated finite models of programs, which may be model checked. The variable abstraction criterion begins with a proper initial set of program variables and may be iteratively refined according to spurious counterexamples generated during model checking. In general, the properties to be verified often involve only a few variables in practical programs. In these cases, significant state space reduction, as well as considerable improvement of the scalability, may be achieved. The presented method has been used to verify the initial handshake process of SSL protocol based on the C source code of openssl-0.9.6c. The experiment results confirm that slicing execution is not only practical but also effective.

XD Yi,J Wang,XJ Yang

DOI: https://doi.org/10.1109/qsic.2005.72

2005-01-01

Abstract:The paper presents a novel method, namely slicing execution, to verify C programs with respect to temporal safety properties. The distinguished feature is that it only simulates the execution of the relevant statements under abstraction criteria and checks the properties on the fly. The abstraction criterion begins with a proper initial set of program variables and may be iteratively refined according to spurious counter-examples. Provided that the properties to be verified usually involve only a few variables in practical programs, slicing execution may have the same precision as path-sensitive simulation with the cost close to standard flow-sensitive dataflow analysis. The presented method has been used to verify the initial handshake process of SSL protocol based on the C source code of openssl-0.9.6c. The experiment results confirm our claim and show that slicing execution is not only practical but also effective.

董威,王戟,齐治昌

DOI: https://doi.org/10.3321/j.issn:0254-4164.2003.03.002

2003-01-01

Jisuanji Xuebao/Chinese Journal of Computers

Abstract:Model checking is an important technology of automatic verification, and its main problem faced is space-explosion, which is usually caused by the concurrency in the system. This paper presents an efficient approach to slice concurrent programs for model checking. A set of dependence relations is defined corresponding to the characteristics of synchronization and communication in concurrent programs, such as parallel fork and joint, non-deterministic, channel, share variable, and lock. The dependence graph of concurrent program can be constructed from these dependence relations. To ensure the correctness of verification result for temporal property, the multi-points-relevant slicing criterion is extracted from the property. Then, the paper presents a method to compute the slice of concurrent program, which only includes the statements reachable from the slicing criterion in dependence graph. The correctness of the resulted slice is guaranteed with respect to the satisfaction of the desired property. The method throws away the irrelevant portions of the program corresponding to the property, which will reduce the state space to be explored in model checking. Finally, slicing is compared with partial-order reduction, another method that reduces the state space according to the property, and the similarities and differences of these two methods are discussed.

Purdue University,Wei-Tek Tsai,Raymond Paul

DOI: https://doi.org/10.1109/ISORC.2005.44

2005-01-01

Abstract:Web Services emerge as a new paradigm for distributed computing. Model checking is an important verification method to ensure the trustworthiness of composite WS. Boolean abstraction and counterexample driven refinement are major techniques for model checking software and WS. In most of the literature, the refinement is governed by the precision of the abstraction. In this paper, we present an innovative technique to distribute the precision information among proof slices, which can be selectively reused by future proofs and hence improve the performance by reducing excessive invocations of theorem provers. Moreover, the reuse approach is flexible for virtually arbitrary future extension. Our theoretical framework subsumes several existing abstraction-based model checking techniques, e.g., lazy abstraction. Besides the correctness and termination proofs, we also conducted theoretical analysis on the performance of the proof slicing algorithm.

Bixin Li,Xufang Gong

2005-01-01

Journal of Information and Computational Science

Abstract:Program slicing technique has been studied and applied for more than 20 years since it was first introduced by Mark Weiser in 1979. In order to slice object-oriented programs, many researchers paid more effort on the object-oriented extension to the two-pass graph-reachability algorithm based on traditional system dependence graph (SDG). The algorithms reduced the complexity of computing slices, which was not solved in Weiser's dataflow equation based algorithm, and the efficiency had been improved too. But one of limitations of the graph-related algorithms is that we have to construct system dependence graph for the whole program before using graph-reachability algorithm, which in fact is not necessary sometimes. To save some effort in constructing SDG, in this paper, a stepwise slicing algorithm (SSA) is proposed to slice object-oriented Java programs based on their inherent hierarchical feature. The main idea of the algorithm is to slice Java programs in a stepwise way, from package level, to class level, method level, and finally up to statement level.

Bi-Xin Li,Xiao-Cong Fan,Jun Pang,Jian-Jun Zhao

DOI: https://doi.org/10.1007/bf02973448

IF: 1.871

2004-01-01

Journal of Computer Science and Technology

Abstract:Program slicing can be effectively used to debug, test, analyze, understand and maintain object-oriented software. In this paper, a new slicing model is proposed to slice Java programs based on their inherent hierarchical feature. The main idea of hierarchical slicing is to slice programs in a stepwise way, from package level, to class level, method level, and finally up to statement level. The stepwise slicing algorithm and the related graph reachability algorithms are presented, the architecture of the Java program Analyzing TOol (JATO) based on hierarchical slicing model is provided, the applications and a small case study are also discussed.

Ju Qian,Baowen Xu

DOI: https://doi.org/10.1145/1363686.1363861

2008-01-01

Abstract:Slicing is an important decomposition technique for program understanding. However, traditional slicing methods tend to produce too large slices for human inspection as modem programs are often huge and static program analyses are hard to be precise enough. One possible solution to such problem could be combining other program decomposition techniques together with program slicing. With such inspiration, this paper proposes a scenario oriented program slicing method to slice programs under specified execution scenarios. The scenarios provide a clear and easy understanding functional decomposition for the system, while the new slicing method can help figure out how a computation is implemented in a given scenario by effectively reducing the amount of code that a user needs to inspect.

Baowen Xu,Ju Qian,Xiaofang Zhang,Zhongqiang Wu,Lin Chen

DOI: https://doi.org/10.1145/1050849.1050865

2005-01-01

Abstract:Program slicing is a technique to extract program parts with respect to some special computation. Since Weiser first proposed the notion of slicing in 1979, hundreds of papers have been presented in this area. Tens of variants of slicing have been studied, as well as algorithms to compute them. Different notions of slicing have different properties and different applications. These notions vary from Weiser's syntax-preserving static slicing to amorphous slicing which is not syntax-preserving, and the algorithms can be based on dataflow equations, information-flow relations or dependence graphs.Slicing was first-developed to facilitate debugging, but it is then found helpful in many aspects of the software development life cycle, including program debugging, software testing, software measurement, program comprehension, software maintenance, program parallelization and so on.Over the last two decades, several surveys on program slicing have been presented. However, most of them only reviewed parts of researches on program slicing or have now been out of date. People who are interested in program slicing need more information about the up to date researches. Our survey fills this gap. In this paper, we briefly review most of existing slicing techniques including static slicing, dynamic slicing and the latest slicing techniques. We also discuss the contribution of each work and compare the major difference between them. Researches on slicing are classified by the research hot spots such that people can be kept informed of the overall program slicing researches.

Anirban Majumdar,Stephen Drape,Clark Thomborson

DOI: https://doi.org/10.1145/1314276.1314290

2007-01-01

Abstract:The goal of obfuscation is to transform a program, without affecting its functionality, such that some secret information within the program can be hidden for as long as possible from an adversary armed with reverse engineering tools. Slicing is a form of reverse engineering which aims to abstract away a subset of program code based on a particular program point and is considered to be a potent program comprehension technique. Thus, slicing could be used as a way of attacking obfuscated programs. It is challenging to manufacture obfuscating transforms that are provably resilient to slicing attacks.We show in this paper how we can utilise the information gained from slicing a program to aid us in designing obfuscations that are more resistant to slicing. We extend a previously proposed technique and provide proofs of correctness for our transforms. Finally, we illustrate our approach with a number of obfuscating transforms and provide empirical results using software engineering metrics.

YZ Zhang,BW Xu,JEL Gayo

DOI: https://doi.org/10.1109/aswec.2005.7

2005-01-01

Abstract:Program slicing is a well-known program analysis technique that extracts the elements of a program related to a particular computation. Based on modular monadic semantics of a programming language, this paper presents a new formal method for slicing, called modular monadic slicing, by abstracting the computation of slicing as a slice monad transformer. With the use of slice transformer, the feature of program slicing can be combined in a modular way into semantic descriptions of the program analyzed According to these, this paper gives both monadic dynamic and static slicing algorithms. They compute program slices directly on abstract syntax, without the needs to explicitly construct intermediate structures such as dependence graphs, or to record an execution history in dynamic slicing algorithm.

Ju Qian,Baowen Xu

DOI: https://doi.org/10.1145/1361213.1361216

2008-01-01

ACM SIGPLAN Notices

Abstract:Slicing is an important decomposition technique for program understanding. However, traditional slicing methods tend to produce too large slices for human inspection as modern programs are often huge and static program analyses are hard to be precise enough. According to the state-of-the art research and our own experience, we believe a possible solution to such problem could be incorporating UML scenario models into program slicing. This paper presents a detail discussion on how scenarios can benefit slicing relevant program analyses and proposes a general scenario specified program slicing method. The analyses indicate that scenario specified program slicing may obtain smaller slices for program understanding.

Zq Chen,Bw Xu

DOI: https://doi.org/10.1145/375431.375420

2001-01-01

ACM SIGPLAN Notices

Abstract:Program slicing is an important approach to testing, understanding and maintaining programs. The paper presents a slicing algorithm for concurrent Java programs. Because the execution process of concurrent programs is unpredictable, there are many problems to be solved when slicing. To slice concurrent Java programs, we present concurrent control flow graphs and concurrent program dependence graph to represent concurrent Java programs. Based on these models. we design an efficient static slicing algorithm for concurrent Java programs. The algorithm may get more precise slices than previous approaches we know.

Isabella Mastroeni,Damiano Zanardini

DOI: https://doi.org/10.48550/arXiv.1605.05104

2016-05-17

Logic in Computer Science

Abstract:In the present paper we formally define the notion of abstract program slicing, a general form of program slicing where properties of data are considered instead of their exact value. This approach is applied to a language with numeric and reference values, and relies on the notion of abstract dependencies between program components (statements). The different forms of (backward) abstract slicing are added to an existing formal framework where traditional, non-abstract forms of slicing could be compared. The extended framework allows us to appreciate that abstract slicing is a generalization of traditional slicing, since traditional slicing (dealing with syntactic dependencies) is generalized by (semantic) non-abstract forms of slicing, which are actually equivalent to an abstract form where the identity abstraction is performed on data. Sound algorithms for computing abstract dependencies and a systematic characterization of program slices are provided, which rely on the notion of agreement between program states.

H Huang,WT Tsai,S Subramanian

1996-01-01

Abstract:Program slicing often produces large slices that are still difficult to understand and manipulate, and large program slices usually contain out-of-focus code that distracts the programmer's attention. To overcome these limitations, this paper proposes three ways to extend program slicing: 1) hierarchical slicing, 2) constrained slicing, and 3) recursive slicing. These three extensions facilitate a divide-and-conquer strategy to understand large programs. In addition, this paper also proposes a set of operations for slices, such as union, intersection, and complement of slices, which are useful for a variety of software maintenance activities. We have implemented these extensions in a prototype tool called BRE, which has been demonstrated at several industrial software maintenance sites.

Torben Amtoft,Anindya Banerjee

DOI: https://doi.org/10.48550/arXiv.1711.02246

2017-11-07

Abstract:We present a theory for slicing probabilistic imperative programs -- containing random assignments, and ``observe'' statements (for conditioning) -- represented as probabilistic control-flow graphs (pCFGs) whose nodes modify probability distributions. We show that such a representation allows direct adaptation of standard machinery such as data and control dependence, postdominators, relevant variables, etc to the probabilistic setting. We separate the specification of slicing from its implementation: first we develop syntactic conditions that a slice must satisfy; next we prove that any such slice is semantically correct; finally we give an algorithm to compute the least slice. To generate smaller slices, we may in addition take advantage of knowledge that certain loops will terminate (almost) always. A key feature of our syntactic conditions is that they involve two disjoint slices such that the variables of one slice are probabilistically independent of the variables of the other. This leads directly to a proof of correctness of probabilistic slicing. In a companion article we show adequacy of the semantics of pCFGs with respect to the standard semantics of structured probabilistic programs.

Programming Languages

Ruoyu Zhang,Yudi Zheng,Shan Huang,Zhengwei Qi

DOI: https://doi.org/10.1109/CAMAN.2011.5778759

2011-01-01

Abstract:Program slicing has been proven to be an effective approach to aid program understanding in recent years. A dynamic program slicer computes the set of instructions that may have affected or been affected by the given variable in certain location of the instruction stream. In this paper, we implement a dynamic forward slicer SPS which can extract the part of the code which is influenced by the user, and organize our result with the call graph of the program. Our experiments show that SPS has not only achieved high efficiency, but also provides clearer slicing results than traditional methods.

Wang Lulu,Li Bixin,Kong Xianglong

DOI: https://doi.org/10.1016/j.infsof.2020.106369

IF: 3.9

2020-01-01

Information and Software Technology

Abstract:Context: Program slicing is very useful in program analysis and software engineering. It computes the slice, which is a part of program and contains all the statements related to the given slicing criterion. The more accurate a slicing technique could be, the smaller the slice is. Objective: This paper aims to improve the current slicing accuracy for object-oriented programs. The slicing accuracy is mainly related to three factors, the dependency graph (which extracts the inner relationships of source code), the slicing criterion (which determines the slicing requirement), and the slicing algorithm (which computes the slice for the criterion from the dependency graph). Method: Our method consists of three parts. First, we present a Sub-Statement Level Dependence Graph (SSLDG), which computes finer-grained dependences for object-oriented programs than mostly-used statement level graph. Second, we present a new type slicing criterion called (Sub-statement) Type Slicing Criterion (STSC), which supports the user to specify not only the statement and object variable, but also the type of object among its polymorphic types. At last, a corresponding slicing algorithm called (Sub-statement) Type Slicing (STS) is designed to perform the slicing process. Results: We implement STS on Java programs as MyJavaSlicer, and run it with ten open source projects and random slicing criteria. The results show that STS slicing algorithm as well as SSLDG would make slices 35.90% smaller than traditional two-phase slicing; additionally using STSC would make the slices 48.4% further smaller; STSC also helps traditional two-phase slices reduced by 56.90%. Conclusions: STS could provide more accurate slices than traditional two-phase slicing, and it also runs faster on most cases; STSC helps specify the slicing requirement, and roughly halves the size of slices for both slicing algorithms.

Xiaofang Qi,Baowen Xu

2006-01-01

Abstract:Summary Program slicing is an important technique applied in many software engineering activities, such as program debugging, testing, maintenance, measurement, reengineering and etc. This paper presents an effective representation for concurrent Ada programs, which is called task communication reachability graph (TCRG). Based on TCRG, we can precisely determine various dependences in concurrent Ada programs and construct a new dependence graph (MSPDG) which vertex is a pair composed of program state and statement. Dependence relation in MSPDG is precise and transitive. By traversing MSPDG, we can obtain high-precision slice for concurrent Ada programs. Compared with other high- precision slicing methods, the slice based on MSDG is more precise and its efficiency is higher in worst case.

Junyan Qian,Baowen Xu

2006-01-01

WSEAS TRANSACTIONS ON COMPUTERS

Abstract:Model checking has been interest in applying model checking to software. However, the major problem of software model checking is the state space explosion problem. For model checking software, abstraction is a key issue. We present a methodology for automatically constructing an abstraction of C programs based on finite state machine. Firstly eliminate unneeded variables using program slicing technique and restrict C program to a simple intermediate form before constructing an abstract model of program. And then automatically extract a finite model from C source code using predicate abstraction and theorem proving. Finally, in order to reduce time complexities, we partition the set of candidate predicates into subsets, and construct abstract model independently.

Yingzhou Zhang,Baowen Xu,Liang Shi,Bixin Li,Hongji Yang

DOI: https://doi.org/10.1109/CMPSAC.2004.1342807

2004-01-01

Abstract:Program slicing is widely used in applications such as program comprehension, software testing, debugging, measurement, and reengineering. This paper proposes a new approach for program slicing, called modular monadic slicing, basing on modular monadic semantics of the program analysed. We abstract the computation of program slicing as a language-independence entity: slice monad transformer. On the basis of this, we present and illustrate modular monadic dynamic and static slice algorithm in detail. We conclude that modular monadic slicing has excellent flexibility and reusability properties comparing with the existing program slicing algorithms. It computes program slices on abstract syntax directly without intermediate structures such as dependence graphs.