17-654/17-754 Analysis of Software Artifacts Syllabus

Spring 2006
Mondays/Thursdays 5:00-6:20pm
Newell-Simon Hall 1305
12 units
Professor Jonathan Aldrich
aldrich+ at cs.cmu.edu
Office Hours: Wednesday 2-3pm, Wean 8212
Also after class, or by appointment
TA Thomas LaToza
latoza at gmail.com
Office Hours: Monday 11am-12pm, Doherty Hall 4301-C
TA Gabriel Zenarosa
gzen+ at cs.cmu.edu
Office Hours: Tuesday 5-6pm, SCRG (407 S. Craig St.) conference room

Course Syllabus and Policies

Covers course overview and objectives, evaluation, time management, late work policy, and collaboration policy

Announcements


Schedule of Topics, Readings, and Assignments

Date
Topic
Slides
Reading
Assignment
Jan 16
No Class - Martin Luther King Jr. Day
Introduction and Theory



Jan 19
Overview of Analysis Techniques and Applications; Program Representations
1-course-intro.pdf; 1-program-representations.pdf


Jan 23
Program Semantics and Representations
2-semantics.pdf
2-semantics-notes.pdf, 2-semantics-latex-src.zip

Jan 24



11:59pm: asst0.pdf
Jan 26
Hoare Logic: Reasoning about Correctness
3-hoare.pdf
3-hoare-notes.pdf; 3-hoare.tex; An Axiomatic Basis for Computer Programming
5pm: asst1.pdf
Jan 30
ESC/Java: Code Verification
4-escjava.pdf; Multiply.java; Multiply-full.java (contains annotations); SimpleSet.java; SimpleSet-full.java
Extended Static Checking for Java (read); ESC/Java User's Manual (for reference)

Feb 2
Fluid: Incremental Concurrency Analysis 5-fluid.pdf
Assuring and Evolving Concurrent Programs: Annotations and Policy 5pm: asst2.pdf, asst2-latex-src.zip
Feb 6
Introduction to Data Flow Analysis
6-dataflow.pdf
dataflow-notation.pdf; dataflow-notation.tex

Feb 9
Data Flow Framework; Worklist Algorithm; Constant Propagation
7-dataflow.pdf

5pm: asst3.pdf; Stack.java; StackCheck.java
Feb 13
Condition Sensitivity; Set-based Analyses; Termination
8-dataflow.pdf


Analysis Tools



Feb 16
Dataflow Soundness; PREfix (Microsoft tool) 9-prefix.pdf
A Static Analyzer for Finding Dynamic Programming Errors 5pm: Reading Questions 1 (PREfix and Metal)
Feb 20 Interprocedural Analysis in PREfix; Crystal  10-interprocedural.pdf
Checking System Rules Using System-Specific, Programmer-Written Compiler Extensions 5pm: asst4.pdf; asst4.tex
Feb 23 Metal: User-defined property checking (Coverity tool); General Interprocedural Analysis 11-metal.pdf
The Fugue Protocol Checker: Is Your Software Baroque? 5pm: Reading Questions 2 (Fugue)
Feb 27 Fugue: Sound Checking of Component Protocols (Microsoft tool); Alias analysis 12-fugue.pdf
Dynamically Discovering Likely Program Invariants to Support Program Evolution 5pm: Reading Questions 3 (Daikon)
Mar 2
Daikon: Dynamic Analysis of Program Behavior (MIT tool) 13-daikon.pdf

5pm: asst5.pdf; asst5.tex; ZATest.java; TestNull.java
Model Checking


Mar 6
Introduction to Model Checking
14-model-checking.pdf
Clarke et al., Model Checking, ch. 1-4
Mar 9
Model Checking and Dataflow Analysis
15-model-checking.pdf


Mar 13, 16
No Class -- Spring Break
Mar 20
Blast: Model Checking Code 16-blast.pdf
Checking Memory Safety with Blast

Testing



Mar 23
Testing Overview (Functional & Unit testing, etc.)
17-testing.pdf

asst6.pdf
Mar 27
Test Coverage Techniques


read4.pdf
Mar 30
Regression Test Prioritization
19-test-prioritization.pdf
Effectively Prioritizing Tests in Development Environment
Apr 3
Testing Techniques



Analysis Across the Software Lifecycle



Apr 6 Code Reviews
21-reviews.pdf


Apr 10 Security Analysis: Attack Graphs
22-attack-graphs.pdf

asst7.pdf, asst7.doc, other files on BB
Apr 13 Design Analysis: Design Structure Matricies
23-dsms.pdf


Apr 17
Reengineering Analysis; Quality at Microsoft
24-reflexion-models.pdf; 24-quality-at-microsoft.pdf

Mini project 1 proposals due
Apr 20
No class -- Spring Carnival and CS 50
Wrap-Up


Apr 24
Tool Experience Presentations
tools-day-1.pdf

project.pdf; Tool list; Powerpoint template
Apr 27
Tool Experience Presentations tools-day-2.pdf


May 1
Statistical Debugging; Ph.D. projects
27-statistical-debugging.pdf; ownership-domains.pdf


May 4
Ph.D. projects

qa-plan.pdf
May 8, 5-8pm
QA Plan Presentations and Review


QA review documents, QA plan presentations
May 15



Revised Test Plan

Reliability analysis
Memory Usage Analysis
Real-Time Analysis
Performance Analysis
Attack Graphs: Design-level Security Analysis
Code-level Security Analysis
Reengineering Analysis
Reverse Engineering and Architectural Recovery Analysis
Defect Prediction