Soundness-guided security analysis for android applications. This project aims to develop a soundness-guided programme analysis to mitigate security threats caused by reflection and dynamic class loading in Android apps, without compromising precision and scalability. Both dynamic code update techniques are widely used in benign and malware apps, but state-of-the-art malware analysis tools ignore or mishandle them, missing security threats and vulnerabilities. The resulting open-source security ....Soundness-guided security analysis for android applications. This project aims to develop a soundness-guided programme analysis to mitigate security threats caused by reflection and dynamic class loading in Android apps, without compromising precision and scalability. Both dynamic code update techniques are widely used in benign and malware apps, but state-of-the-art malware analysis tools ignore or mishandle them, missing security threats and vulnerabilities. The resulting open-source security analysis tool will allow software industries and enterprises (from national security, finance, banking to healthcare, retail, telecommunications) to test their mobile software effectively for code defects or security threats early at software development time at significantly reduced cost.Read moreRead less
Micro Compilers: An Extensible Compiler Architecture for Increased Flexibility and Safety. Programming languages specialised to a particular application domain can cut software development costs and reduce programming errors. Unfortunately, most application domains cannot sustain the costly development and maintenance of the specialised compilers required to implement specialised languages. We address this problem by introducing a novel customisable compiler architecture that can be adapted to ....Micro Compilers: An Extensible Compiler Architecture for Increased Flexibility and Safety. Programming languages specialised to a particular application domain can cut software development costs and reduce programming errors. Unfortunately, most application domains cannot sustain the costly development and maintenance of the specialised compilers required to implement specialised languages. We address this problem by introducing a novel customisable compiler architecture that can be adapted to specialised languages and other special-purpose compiler requirements. Customisable compilers are especially important to a country like Australia that has only limited resources for special purpose developments. Moreover, we will train students at undergraduate and postgraduate level in the area of programming languages and compilers.Read moreRead less
Tuning parallel applications on software-defined supercomputers. Supercomputers are used by many Australian industries and laboratories to make better products and perform critical predictions, and it is essential that codes operate efficiently. This project aims to assist programmers in identifying performance bottlenecks in their code quickly and easily. The project expects to supersede the current methods, which are often complex and time-consuming, by developing innovative software tools and ....Tuning parallel applications on software-defined supercomputers. Supercomputers are used by many Australian industries and laboratories to make better products and perform critical predictions, and it is essential that codes operate efficiently. This project aims to assist programmers in identifying performance bottlenecks in their code quickly and easily. The project expects to supersede the current methods, which are often complex and time-consuming, by developing innovative software tools and techniques. The expected outcomes include novel software, verified by industry partners in real world case studies, ranging from life sciences to hypersonic transport. This should provide significant benefits, including the capacity for Australian industries to access world-class supercomputing technology.Read moreRead less
Improving the Performance, Scalability and Reliability of the Linux Operating System. This project aims to improve the scalability of the Linux operating system to large systems without loss of performance on small, embedded, systems. It will improve Linux robustness and security by de-privileging particularly error-prone code, such as device drivers, without undue impact on performance. It will improve configurability and ease tuning by making critical components, such as processor, disk and me ....Improving the Performance, Scalability and Reliability of the Linux Operating System. This project aims to improve the scalability of the Linux operating system to large systems without loss of performance on small, embedded, systems. It will improve Linux robustness and security by de-privileging particularly error-prone code, such as device drivers, without undue impact on performance. It will improve configurability and ease tuning by making critical components, such as processor, disk and memory schedulers, pluggable and their policies controllable at user level. It will investigate the feasibility and benefits of user-level file systems and processor and memory scheduling and will demonstrate that these can improve system reliability without undermining performance.Read moreRead less
Portable High-Performance Computing Based on Flattening and Fusion. We aim at simplifying the development and improving the portability of computing intensive applications, such as those from computational science and engineering, which are of growing scientific and economic relevance (e.g., drug synthesis, virtual wind tunnel, and geologic surveys). Our focus is on achieving portable high-performance for a particularly expressive high-level notation supporting irregular algorithms (like sparse ....Portable High-Performance Computing Based on Flattening and Fusion. We aim at simplifying the development and improving the portability of computing intensive applications, such as those from computational science and engineering, which are of growing scientific and economic relevance (e.g., drug synthesis, virtual wind tunnel, and geologic surveys). Our focus is on achieving portable high-performance for a particularly expressive high-level notation supporting irregular algorithms (like sparse matrices and hierarchical N-body codes). We will develop a set of program transformations and integrate them into a compiler implementing an aggressive fusion strategy optimising for the memory hierarchy. We do not propose a new programming language, but work within an existing one.Read moreRead less
Securing systems against code-reuse attacks with modular pointer analysis. This project aims to build secure defences against code-reuse attacks in large-scale C++ applications with millions of lines of code, by enforcing control flow integrity with modular pointer analysis. The state-of-the-art mitigation techniques that are deployed in mainstream computer operating systems can all be bypassed by advanced code-reuse attacks, resulting in security exploits in all major web browsers. The outcomes ....Securing systems against code-reuse attacks with modular pointer analysis. This project aims to build secure defences against code-reuse attacks in large-scale C++ applications with millions of lines of code, by enforcing control flow integrity with modular pointer analysis. The state-of-the-art mitigation techniques that are deployed in mainstream computer operating systems can all be bypassed by advanced code-reuse attacks, resulting in security exploits in all major web browsers. The outcomes of this project will be an exploit mitigation technology and an open-source tool that can significantly raise the bar against advanced code-reuse attacks, thereby providing a foundation for eliminating such security threats.Read moreRead less
Sparse Demand-Driven Analysis to Improve Software Reliability and Security. Current static analysis tools can eliminate many bugs missed by traditional testing but they are still imprecise or inefficient. This project aims to develop precise pointer analyses that enable -finding clients to detect bugs efficiently in large-scale programs in C/C++ and Java, where pointers are used pervasively. The novelty lies in performing these analyses sparsely (allowing data-flow information to move directly f ....Sparse Demand-Driven Analysis to Improve Software Reliability and Security. Current static analysis tools can eliminate many bugs missed by traditional testing but they are still imprecise or inefficient. This project aims to develop precise pointer analyses that enable -finding clients to detect bugs efficiently in large-scale programs in C/C++ and Java, where pointers are used pervasively. The novelty lies in performing these analyses sparsely (allowing data-flow information to move directly from variable definitions to their potential uses) based on Context-Free-Language-reachability (enabling client queries to be answered on-demand). The outcomes aim to significantly improve the reliability and security of industrial-sized software.Read moreRead less
A framework for modelling feature variability and dependencies in software product lines. In most Australian software development organisations software products are developed individually rather than product line based. This project will promote the awareness of product line based software development and provide a frontier technology, the effective feature modelling approaches, to help Australian software industry transform from the single product based development to the product line based de ....A framework for modelling feature variability and dependencies in software product lines. In most Australian software development organisations software products are developed individually rather than product line based. This project will promote the awareness of product line based software development and provide a frontier technology, the effective feature modelling approaches, to help Australian software industry transform from the single product based development to the product line based development to achieve significant improvement on the productivity and the quality of the software development. This improvement will dramatically reduce the cost of software products and alleviate the pressure of skill shortage that currently threatens Australian economy.Read moreRead less
Operating systems meeting the challenges of modern computer architectures. This project will develop operating system techniques that allow extracting the best performance out of modern computer architectures. It will concentrate on the latest architecture, Itanium, whose innovative features make it a particular challenge for operating systems. The techniques will be implemented in the open source Linux operating system and will result in significantly reduced operating system overheads and enh ....Operating systems meeting the challenges of modern computer architectures. This project will develop operating system techniques that allow extracting the best performance out of modern computer architectures. It will concentrate on the latest architecture, Itanium, whose innovative features make it a particular challenge for operating systems. The techniques will be implemented in the open source Linux operating system and will result in significantly reduced operating system overheads and enhanced application performance.Read moreRead less
Detecting Asynchronous Event-Driven Order Violations in Android Apps. This project aims to develop an event-interleaving analysis for detecting asynchronous event-driven order violations in Android apps. This project therefore expects to deliver a program analysis foundation that can provide stronger security guarantees than the state of the art against advanced exploits that abuse such asynchronous vulnerabilities. The intended outcomes of this project are a new program analysis technology and ....Detecting Asynchronous Event-Driven Order Violations in Android Apps. This project aims to develop an event-interleaving analysis for detecting asynchronous event-driven order violations in Android apps. This project therefore expects to deliver a program analysis foundation that can provide stronger security guarantees than the state of the art against advanced exploits that abuse such asynchronous vulnerabilities. The intended outcomes of this project are a new program analysis technology and an industrial-strength open-source framework that can significantly raise the bar on mobile software quality and security for Android, the dominant smartphone platform accounting a current market share at 87.0% with 2.9 million apps at Google Play in December 2019.Read moreRead less