Information-flow and data-flow analysis of while-programs

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Information-flow and data-flow analysis of while-programs

Full text

Pdf (1.57 MB)

Source

ACM Transactions on Programming Languages and Systems (TOPLAS) archive
Volume 7 , Issue 1 (January 1985) table of contents

Pages: 37 - 61

Year of Publication: 1985

ISSN:0164-0925

Authors

Jean-Francois Bergeretti	Univ. of Southampton
Bernard A. Carré	Univ. of Southampton

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): , Downloads (12 Months): , Citation Count: 29

Additional Information:

abstract references cited by index terms review collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/2363.2366 What is a DOI?

ABSTRACT

Until recently, information-flow analysis has been used primarily to verify that information transmission between program variables cannot violate security requirements. Here, the notion of information flow is explored as an aid to program development and validation. Information-flow relations are presented for while-programs, which identify those program statements whose execution may cause information to be transmitted from or to particular input, internal, or output values. It is shown with examples how these flow relations can be helpful in writing, testing, and updating programs; they also usefully extend the class of errors which can be detected automatically in the “static analysis” of a program.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Alfred V. Aho , John E. Hopcroft, The Design and Analysis of Computer Algorithms, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1974
	2	Alfred V. Aho , Jeffrey D. Ullman, Theory of Parsing, Translation and Compiling, Prentice Hall Professional Technical Reference, 1973
	3	F. E. Allen , J. Cocke, A program data flow analysis procedure, Communications of the ACM, v.19 n.3, p.137, March 1976 [doi>10.1145/360018.360025]
	4	Gregory R. Andrews , Richard P. Reitman, An Axiomatic Approach to Information Flow in Programs, ACM Transactions on Programming Languages and Systems (TOPLAS), v.2 n.1, p.56-76, Jan. 1980 [doi>10.1145/357084.357088]
	5	CARRIe, B.A. Graphs and Networks. Oxford University Press, New York, 1979.
	6	COHEN, E. Information transmission in sequential programs. In Foundations of Secure Computation, R. A. Demillo et al., Ed. Academic Press, New York, 1978, pp. 297-335.
	7	Dorothy E. Denning , Peter J. Denning, Certification of programs for secure information flow, Communications of the ACM, v.20 n.7, p.504-513, July 1977 [doi>10.1145/359636.359712]
	8	FARROW, R., KENNEDY, K., AND ZUCCONI, L. Graph grammars and global program flow analysis. In Proceedings of the 17th Annual IEEE Symposium on Foundations of Computer Science (Houston, Tex., Nov.). IEEE, New York, 1975, pp. 42-56.
	9	FOSDICK L.D., AND OSTERWEIL, L.J. Validation and global optimization of programs. In Proceedings of the 4th Texas Conference on Computing Systems (Austin, Tex.). 1975. Sponsored by the IEEE Computer Society.
	10	Lloyd D. Fosdick , Leon J. Osterweil, Data Flow Analysis in Software Reliability, ACM Computing Surveys (CSUR), v.8 n.3, p.305-330, Sept. 1976 [doi>10.1145/356674.356676]
	11	Susan L. Graham , Mark Wegman, A Fast and Usually Linear Algorithm for Global Flow Analysis, Journal of the ACM (JACM), v.23 n.1, p.172-202, Jan. 1976 [doi>10.1145/321921.321939]
	12	Matthew S. Hecht, Flow Analysis of Computer Programs, Elsevier Science Inc., New York, NY, 1977
	13	HUANG, J.C. Detection of data flow anomaly through program instrumentation. IEEE Trans. So{tw. Eng. SE-5, 3 (May 1979), 226-236.
	14	Kathleen Jensen , Niklaus Wirth, Pascal-User Manual and Report, Springer-Verlag New York, Inc., Secaucus, NJ, 1975
	15	KENNEDY, K. A survey of data flow analysis techniques. In Program Flow Analysis: Theory and Applications, S. S. Muchnick and N. D. Jones, Eds. Prentice-Hall, Englewood Cliffs, N.J., 1981, pp. 5-54.
	16	Gary A. Kildall, A unified approach to global program optimization, Proceedings of the 1st annual ACM SIGACT-SIGPLAN symposium on Principles of programming languages, p.194-206, October 01-03, 1973, Boston, Massachusetts [doi>10.1145/512927.512945]
	17	MUNRO, I. Efficient determination of the transitive closure of a directed graph. Inf. Process. Lett. I (1971), 56-58.
	18	OSTERWEIL, L.J. Using data flow tools in software engineering. In Program Flow Analysis: Theory and Applications, S. S. Muchnick and N. D. Jones, Eds. Prentice-Hall, Englewood Cliffs, N.J., 1981, pp. 237-263.
	19	G. J. Popek , J. J. Horning , B. W. Lampson , J. G. Mitchell , R. L. London, Notes on the design of Euclid, Proceedings of an ACM conference on Language design for reliable software, p.11-18, March 28-30, 1977, Raleigh, North Carolina
	20	Barry K. Rosen, High-level data flow analysis, Communications of the ACM, v.20 n.10, p.712-724, Oct. 1977 [doi>10.1145/359842.359849]
	21	STRASSEN, V. Gaussian elimination is not optimal. Numer. Math. 13 (1969).
	22	Stephen Warshall, A Theorem on Boolean Matrices, Journal of the ACM (JACM), v.9 n.1, p.11-12, Jan. 1962 [doi>10.1145/321105.321107]
	23	Mark Weiser, Programmers use slices when debugging, Communications of the ACM, v.25 n.7, p.446-452, July 1982 [doi>10.1145/358557.358577]
	24	WITTEN, I.H. Algorithms for adaptive linear prediction. Comput. J. 23, i (Feb. 1980), 78-84.

CITED BY 29

	Hiralal Agrawal, On slicing programs with jump statements, ACM SIGPLAN Notices, v.29 n.6, p.302-312, June 1994
	Janusz Laski , William Stanley , Jim Hurst, Dependency analysis of Ada programs, ACM SIGAda Ada Letters, v.XVIII n.6, p.263-275, Nov./Dec. 1998
	Bernard Carré , Jonathan Garnsworthy, SPARK—an annotated Ada subset for safety-critical programming, Proceedings of the conference on TRI-ADA '90, p.392-402, December 03-06, 1990, Baltimore, Maryland, United States
	A. Podgurski , L. Clarke, The implications of program dependencies for software testing, debugging, and maintenance, ACM SIGSOFT Software Engineering Notes, v.14 n.8, p.168-178, Dec. 1989
	Anthony Hall , Roderick Chapman, Correctness by Construction: Developing a Commercial Secure System, IEEE Software, v.19 n.1, p.18-25, January 2002
	Donglin Liang , Mary Jean Harrold, Equivalence analysis and its application in improving the efficiency of program slicing, ACM Transactions on Software Engineering and Methodology (TOSEM), v.11 n.3, p.347-383, July 2002
	Hiralal Agrawal , Richard A. DeMillo , Eugene H. Spafford, Dynamic slicing in the presence of unconstrained pointers, Proceedings of the symposium on Testing, analysis, and verification, p.60-73, October 08-10, 1991, Victoria, British Columbia, Canada
	Peter Amey , Roderick Chapman, Industrial strength exception freedom, ACM SIGAda Ada Letters, v.XXIII n.1, p.1-9, March 2003
	Daniel Jackson, Aspect: detecting bugs with abstract dependences, ACM Transactions on Software Engineering and Methodology (TOSEM), v.4 n.2, p.109-145, April 1995
	Daniel Jackson , Eugene J. Rollins, A new model of program dependences for reverse engineering, ACM SIGSOFT Software Engineering Notes, v.19 n.5, p.2-10, Dec. 1994
	P. N. Amey , B. J. Dobbing, Static analysis of Ravenscar programs, ACM SIGAda Ada Letters, v.XXIII n.4, p.58-64, December 2003
	Janusz Laski , William Stanley , Pawel Podgorski, Beyond ASIS: program data bases and tool-oriented queries, ACM SIGAda Ada Letters, v.XXI n.4, December 2001
	Roderick Chapman , Adrian Hilton, Enforcing security and safety models with an information flow analysis tool, ACM SIGAda Ada Letters, v.XXIV n.4, p.39-46, December 2004
	M. Young , R. M. Taylor, Combining Static Concurrency Analysis with Symbolic Execution, IEEE Transactions on Software Engineering, v.14 n.10, p.1499-1511, October 1988
	Keith Brian Gallagher , James R. Lyle, Using Program Slicing in Software Maintenance, IEEE Transactions on Software Engineering, v.17 n.8, p.751-761, August 1991
	Steve King , Jonathan Hammond , Rod Chapman , Andy Pryor, Is Proof More Cost-Effective Than Testing?, IEEE Transactions on Software Engineering, v.26 n.8, p.675-686, August 2000
	Baowen Xu , Ju Qian , Xiaofang Zhang , Zhongqiang Wu , Lin Chen, A brief survey of program slicing, ACM SIGSOFT Software Engineering Notes, v.30 n.2, March 2005
	M. Moriconi , T. C. Winkler, Approximate Reasoning About the Semantic Effects of Program Changes, IEEE Transactions on Software Engineering, v.16 n.9, p.980-992, September 1990
	John Clark, CONVERSE: a family-oriented software development process for engine controllers, Systems engineering for business process change: new directions, Springer-Verlag New York, Inc., New York, NY, 2002
	Karl Lermer , Colin J. Fidge , Ian J. Hayes, A theory for execution-time derivation in real-time programs, Theoretical Computer Science, v.346 n.1, p.3-27, 23 November 2005
	A. Podgurski , L. A. Clarke, A Formal Model of Program Dependences and its Implications for Software Testing, Debugging, and Maintenance, IEEE Transactions on Software Engineering, v.16 n.9, p.965-979, September 1990
	B. Korel, Automated Software Test Data Generation, IEEE Transactions on Software Engineering, v.16 n.8, p.870-879, August 1990
	Jehad Al Dallal, An efficient algorithm for computing all program static slices, Proceedings of the 4th WSEAS International Conference on Software Engineering, Parallel & Distributed Systems, p.1-5, February 13-15, 2005, Salzburg, Austria
	Roderick Chapman, Industrial experience with SPARK, ACM SIGAda Ada Letters, v.XX n.4, p.64-68, Dec., 2000
	Jehad Al Dallal, Using computing-all-slices algorithm in measuring functional cohesion, Proceedings of the 25th conference on IASTED International Multi-Conference: Software Engineering, p.198-203, February 13-15, 2007, Innsbruck, Austria
	Janusz Laski, Programming faults and errors: Towards a theory of software incorrectness, Annals of Software Engineering, 4, p.79-114, 1997
	Andrew Ireland , Bill J. Ellis , Andrew Cook , Roderick Chapman , Janet Barnes, An Integrated Approach to High Integrity Software Verification, Journal of Automated Reasoning, v.36 n.4, p.379-410, April 2006
	Torben Amtoft , Anindya Banerjee, Verification condition generation for conditional information flow, Proceedings of the 2007 ACM workshop on Formal methods in security engineering, p.2-11, November 02-02, 2007, Fairfax, Virginia, USA
	Neil D. Jones , Lars Kristiansen, A flow calculus of mwp-bounds for complexity analysis, ACM Transactions on Computational Logic (TOCL), v.10 n.4, p.1-41, August 2009

INDEX TERMS

Classification:
D. Software
D.2 SOFTWARE ENGINEERING
D.2.4 Software/Program Verification
Subjects: Assertion checkers

General Terms:
Documentation, Languages, Verification

REVIEW

"Richard N. Taylor : Reviewer"

Three binary information flow relations are defined for while-programs. &lgr; relates variables to expressions, stating whether the value of variable v, as defined on entry to statement S, may be used in the evalua more...

Collaborative Colleagues:

Jean-Francois Bergeretti: colleagues

Bernard A. Carré: colleagues

Adobe Acrobat

QuickTime

Windows Media Player

Real Player