1. Mads Chr. Olesen, René Rydhof Hansen, Julia L. Lawall, and Nicolas Palix. Coccinelle: Tool support for automated {CERT} C Secure Coding Standard certification. Science of Computer Programming, pp 28, November 2012. ISSN: 0167-6423. Keyword(s): Automated tool support, CERT C Secure Coding, Certification. Abstract:

   Writing correct C programs is well-known to be hard, not least due to the many low-level language features intrinsic to C. Writing secure C programs is even harder and, at times, seemingly impossible. To improve this situation the \{US\} \{CERT\} has developed and published a set of coding standards, the “CERT C Secure Coding Standard�, that (currently) enumerates 122 rules and 180 recommendations, with the aim of making C programs (more) secure. The large number of rules and recommendations makes automated tool support essential for certifying that a given system complies with the standard. In this paper, we report on ongoing work on adapting the Coccinelle bug-finder and program transformation tool, into a tool for analysing and certifying C programs according to, e.g., the \{CERT\} C Secure Coding Standard or the \{MISRA\} (the Motor Industry Software Reliability Association) C standard. We argue that such a tool must be highly adaptable and customisable to each software project as well as to the certification rules required by a given standard. Furthermore, we present current work on integrating Clang (the \{LLVM\} C front-end) as a program analysis component into Coccinelle. Program analysis information, e.g., from data-flow or pointer analysis, is necessary both for more precise compliance checking, i.e., with fewer false positives, and also for enabling more complete checking, i.e., with fewer false negatives, e.g., resulting from pointer aliasing.

   
   

   @article{scp:Olesen2012,
   title = "Coccinelle: Tool support for automated \{CERT\} C Secure Coding Standard certification ",
   journal = "Science of Computer Programming ",
   volume = "",
   number = "",
   pages = "28",
   month = {November},
   year = "2012",
   note = "",
   issn = "0167-6423",
   doi = "10.1016/j.scico.2012.10.011",
   url = "http://www.sciencedirect.com/science/article/pii/S0167642312002031",
   author = "Mads Chr. Olesen and René Rydhof Hansen and Julia L. Lawall and Nicolas Palix",
   keywords = {Automated tool support, \{CERT\} C Secure Coding, Certification},
   abstract = "Writing correct C programs is well-known to be hard, not least due to the many low-level language features intrinsic to C. Writing secure C programs is even harder and, at times, seemingly impossible. To improve this situation the \{US\} \{CERT\} has developed and published a set of coding standards, the “CERT C Secure Coding Standard�, that (currently) enumerates 122 rules and 180 recommendations, with the aim of making C programs (more) secure. The large number of rules and recommendations makes automated tool support essential for certifying that a given system complies with the standard. In this paper, we report on ongoing work on adapting the Coccinelle bug-finder and program transformation tool, into a tool for analysing and certifying C programs according to, e.g., the \{CERT\} C Secure Coding Standard or the \{MISRA\} (the Motor Industry Software Reliability Association) C standard. We argue that such a tool must be highly adaptable and customisable to each software project as well as to the certification rules required by a given standard. Furthermore, we present current work on integrating Clang (the \{LLVM\} C front-end) as a program analysis component into Coccinelle. Program analysis information, e.g., from data-flow or pointer analysis, is necessary both for more precise compliance checking, i.e., with fewer false positives, and also for enabling more complete checking, i.e., with fewer false negatives, e.g., resulting from pointer aliasing. " 
   }
   

1. D. Puschini, J. Mottin, N. Palix, L. Apostol, and C. Fabre. Integrated architecture exploration workflow: A NoC-based case study. In Rapid System Prototyping (RSP), 2012 23rd IEEE International Symposium on, pages 135-141, 2012. ISSN: 2150-5500. Keyword(s): hardware-software codesign, integrated circuit design, network-on-chip, NoC-based heterogeneous multicore platform, compute intensive applications, integrated architecture exploration workflow, integrated design flow, network-on-chip, space exploration mapping, telecommunication application, Computer architecture, Generators, Hardware, IP networks, Software, Space exploration, Standards. Abstract:

   Compute-intensive applications can greatly benefit from the flexibility of NoC-based heterogeneous multi-core platforms. However, mapping applications on such MPSoC is becoming increasingly complex and requires integrated design flows. We conducted a case study to evaluate the benefits of an integrated design flow for the mapping space exploration of a real telecommunication application on a NoC-based heterogeneous platform. Thanks to the flow, we simulated several virtual platforms and several mappings of our application on each. This approach drastically lowers the required skills and the time needed for design space exploration. An improvement of several weeks have been observed.

   
   

   @INPROCEEDINGS{6380702,
   author={Puschini, D. and Mottin, J. and Palix, N. and Apostol, L. and Fabre, C.},
   booktitle={Rapid System Prototyping (RSP), 2012 23rd IEEE International Symposium on},
   title={Integrated architecture exploration workflow: A NoC-based case study},
   year={2012},
   pages={135-141},
   abstract={Compute-intensive applications can greatly benefit from the flexibility of NoC-based heterogeneous multi-core platforms. However, mapping applications on such MPSoC is becoming increasingly complex and requires integrated design flows. We conducted a case study to evaluate the benefits of an integrated design flow for the mapping space exploration of a real telecommunication application on a NoC-based heterogeneous platform. Thanks to the flow, we simulated several virtual platforms and several mappings of our application on each. This approach drastically lowers the required skills and the time needed for design space exploration. An improvement of several weeks have been observed.},
   keywords={hardware-software codesign;integrated circuit design;network-on-chip;NoC-based heterogeneous multicore platform;compute intensive applications;integrated architecture exploration workflow;integrated design flow;network-on-chip;space exploration mapping;telecommunication application;Computer architecture;Generators;Hardware;IP networks;Software;Space exploration;Standards},
   doi={10.1109/RSP.2012.6380702},
   ISSN={2150-5500} 
   }
   

This material is presented to ensure timely dissemination of scholarly and technical work. Copyright and all rights therein are retained by authors or by other copyright holders. All person copying this information are expected to adhere to the terms and constraints invoked by each author's copyright. In most cases, these works may not be reposted without the explicit permission of the copyright holder.

Les documents contenus dans ces répertoires sont rendus disponibles par les auteurs qui y ont contribué en vue d'assurer la diffusion à temps de travaux savants et techniques sur une base non-commerciale. Les droits de copie et autres droits sont gardés par les auteurs et par les détenteurs du copyright, en dépit du fait qu'ils présentent ici leurs travaux sous forme électronique. Les personnes copiant ces informations doivent adhérer aux termes et contraintes couverts par le copyright de chaque auteur. Ces travaux ne peuvent pas être rendus disponibles ailleurs sans la permission explicite du détenteur du copyright.

This document was translated from BibT_EX by bibtex2html