Eat and Dream: effective automatic testing and debugging for real-life embedded wireless communications software. Embedded software is a key enabling technology for the majority of Australian manufacturing industries, including strategically important sectors such as the automotive industry. Embedded wireless communication technologies are playing an increasingly significant role in Australia with a wide range of critical applications ranging from natural disaster early warning to personal healt ....Eat and Dream: effective automatic testing and debugging for real-life embedded wireless communications software. Embedded software is a key enabling technology for the majority of Australian manufacturing industries, including strategically important sectors such as the automotive industry. Embedded wireless communication technologies are playing an increasingly significant role in Australia with a wide range of critical applications ranging from natural disaster early warning to personal health monitoring. Embedded wireless communications software, however, is difficult to test and debug owing to the complexity of the operational environment and complications arising from the interplay between software and hardware. This project will develop an effective and automatic technology to alleviate these difficulties and achieve higher quality software.Read moreRead less
Discovery Early Career Researcher Award - Grant ID: DE170101081
Funder
Australian Research Council
Funding Amount
$360,000.00
Summary
Adaptive value-flow analysis to improve code reliability and security. This project aims to develop client-driven adaptive value-flow analysis to detect software bugs in system software written in the C/C++ programme language. Static analysis tools for automated code inspections can benefit software developers, but are imprecise, inefficient and not user-friendly for analysing real-world industrial-sized software. The project will investigate static, dynamic and user-guided value-flow analysis t ....Adaptive value-flow analysis to improve code reliability and security. This project aims to develop client-driven adaptive value-flow analysis to detect software bugs in system software written in the C/C++ programme language. Static analysis tools for automated code inspections can benefit software developers, but are imprecise, inefficient and not user-friendly for analysing real-world industrial-sized software. The project will investigate static, dynamic and user-guided value-flow analysis to efficiently and precisely analyse large-scale programs according to clients’ needs, thereby allowing compilers to generate safe, reliable and secure code. This project is expected to advance value-flow analysis for industrial-sized software, improve software reliability and security, and benefit Australian software systems and industries.Read moreRead less
Automating data placement and movement for explicitly managed memory hierarchies. Efficient management of explicitly managed memory hierarchies is essential, making a difference often by one order of magnitude in performance. Compiler-directed techniques promise to take the burden of memory management from the programmer and enable significant performance potential for a broader community, resulting in higher productivity.
Developing an active defence system to identify malicious domains and websites. This project aims to develop an innovative active defence system to effectively identify malicious Internet domains and websites. It can secure the cyberspace that is essential to the daily work of Australian people, thus addresses a fundamental problem in safeguarding Australia from cyber crime and terrorism.
Automatic Energy Tuning of Parallel Applications on a Hybrid Supercomputer. Energy efficiency is a critical challenge in building next-generation supercomputers. This project aims to provide a new energy-tuning tool integrated with Cray’s systems, to simplify the process of tuning hybrid applications and managing efficient energy use. Although hardware components play a dominant role in saving energy, heterogeneous systems offer the opportunity to exploit the extremely high concurrency with mode ....Automatic Energy Tuning of Parallel Applications on a Hybrid Supercomputer. Energy efficiency is a critical challenge in building next-generation supercomputers. This project aims to provide a new energy-tuning tool integrated with Cray’s systems, to simplify the process of tuning hybrid applications and managing efficient energy use. Although hardware components play a dominant role in saving energy, heterogeneous systems offer the opportunity to exploit the extremely high concurrency with modest energy consumption using accelerators. Accordingly, the future of parallel computing must consider the trade-off between obtaining the optimal performance and the allowed power budget. The project plans to design parallel programming environments that support energy analysis and tuning.Read moreRead less
Soundness-guided security analysis for android applications. This project aims to develop a soundness-guided programme analysis to mitigate security threats caused by reflection and dynamic class loading in Android apps, without compromising precision and scalability. Both dynamic code update techniques are widely used in benign and malware apps, but state-of-the-art malware analysis tools ignore or mishandle them, missing security threats and vulnerabilities. The resulting open-source security ....Soundness-guided security analysis for android applications. This project aims to develop a soundness-guided programme analysis to mitigate security threats caused by reflection and dynamic class loading in Android apps, without compromising precision and scalability. Both dynamic code update techniques are widely used in benign and malware apps, but state-of-the-art malware analysis tools ignore or mishandle them, missing security threats and vulnerabilities. The resulting open-source security analysis tool will allow software industries and enterprises (from national security, finance, banking to healthcare, retail, telecommunications) to test their mobile software effectively for code defects or security threats early at software development time at significantly reduced cost.Read moreRead less
Securing systems against code-reuse attacks with modular pointer analysis. This project aims to build secure defences against code-reuse attacks in large-scale C++ applications with millions of lines of code, by enforcing control flow integrity with modular pointer analysis. The state-of-the-art mitigation techniques that are deployed in mainstream computer operating systems can all be bypassed by advanced code-reuse attacks, resulting in security exploits in all major web browsers. The outcomes ....Securing systems against code-reuse attacks with modular pointer analysis. This project aims to build secure defences against code-reuse attacks in large-scale C++ applications with millions of lines of code, by enforcing control flow integrity with modular pointer analysis. The state-of-the-art mitigation techniques that are deployed in mainstream computer operating systems can all be bypassed by advanced code-reuse attacks, resulting in security exploits in all major web browsers. The outcomes of this project will be an exploit mitigation technology and an open-source tool that can significantly raise the bar against advanced code-reuse attacks, thereby providing a foundation for eliminating such security threats.Read moreRead less
Sparse Demand-Driven Analysis to Improve Software Reliability and Security. Current static analysis tools can eliminate many bugs missed by traditional testing but they are still imprecise or inefficient. This project aims to develop precise pointer analyses that enable -finding clients to detect bugs efficiently in large-scale programs in C/C++ and Java, where pointers are used pervasively. The novelty lies in performing these analyses sparsely (allowing data-flow information to move directly f ....Sparse Demand-Driven Analysis to Improve Software Reliability and Security. Current static analysis tools can eliminate many bugs missed by traditional testing but they are still imprecise or inefficient. This project aims to develop precise pointer analyses that enable -finding clients to detect bugs efficiently in large-scale programs in C/C++ and Java, where pointers are used pervasively. The novelty lies in performing these analyses sparsely (allowing data-flow information to move directly from variable definitions to their potential uses) based on Context-Free-Language-reachability (enabling client queries to be answered on-demand). The outcomes aim to significantly improve the reliability and security of industrial-sized software.Read moreRead less
Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This pr ....Secure user authentication with continuous adaptive risk evaluation. Users typically authenticate to any given system only once - when they first access it (for example, through providing a password or fingerprint). The prevalence of single sign-on further allows this single authentication to be sufficient for access to multiple systems. Thus an adversary can obtain a large degree of access from stealing a single password, hijacking a user's session, or even simply borrowing their phone. This project aims to develop a continuous authentication approach based on user behaviour - typical interactions plus biometrics (for example, keystroke dynamics) - combined with a risk adaptive assessment of the resources being accessed, resulting in re-authentication requests in the event of a suspected compromise.Read moreRead less
Smart quality management for service-based systems in cloud environment. Cloud computing is a rapidly growing paradigm for Software-as-a-Service (SaaS). For enabling broad applications of a huge number of services available in the cloud, quality management for service-based systems is critical. This project aims to cover smart quality management for the whole lifetime of SaaS from service composition to service delivery. The project is expected to offer a novel solution for managing both build-t ....Smart quality management for service-based systems in cloud environment. Cloud computing is a rapidly growing paradigm for Software-as-a-Service (SaaS). For enabling broad applications of a huge number of services available in the cloud, quality management for service-based systems is critical. This project aims to cover smart quality management for the whole lifetime of SaaS from service composition to service delivery. The project is expected to offer a novel solution for managing both build-time service selection and runtime service monitoring and adaptation by inventing corresponding innovative efficient and effective strategies for quality management. Given the prediction that the SaaS market will grow from $13.5 billion in 2011 to $32.8 billion in 2016, the success of this project is anticipated to translate into scientific and economic value.Read moreRead less