Specification inference using context-free language reachability
Proceedings of the 42nd Annual ACM SIGPLAN-SIGACT Symposium on Principles of …, 2015•dl.acm.org
We present a framework for computing context-free language reachability properties when
parts of the program are missing. Our framework infers candidate specifications for missing
program pieces that are needed for verifying a property of interest, and presents these
specifications to a human auditor for validation. We have implemented this framework for a
taint analysis of Android apps that relies on specifications for Android library methods. In an
extensive experimental study on 179 apps, our tool performs verification with only a small …
parts of the program are missing. Our framework infers candidate specifications for missing
program pieces that are needed for verifying a property of interest, and presents these
specifications to a human auditor for validation. We have implemented this framework for a
taint analysis of Android apps that relies on specifications for Android library methods. In an
extensive experimental study on 179 apps, our tool performs verification with only a small …
We present a framework for computing context-free language reachability properties when parts of the program are missing. Our framework infers candidate specifications for missing program pieces that are needed for verifying a property of interest, and presents these specifications to a human auditor for validation. We have implemented this framework for a taint analysis of Android apps that relies on specifications for Android library methods. In an extensive experimental study on 179 apps, our tool performs verification with only a small number of queries to a human auditor.
ACM Digital Library