DARPA ISO Sponsored Research

1999 Project Summary
FOUR-A -- Agent Adaptation and Assurance
Carnegie Mellon University

Project Website:  http://www.cs.cmu.edu/~wls/foura/ -- Additional project information provided by the performing organization 
Quad Chart:  Quad Chart
Objective: The FOUR-A Project will investigate methods for the development, analysis, and adaptation of assured software systems based on underlying techniques of advanced program analysis, annotation, and manipulation. 
Approach: The effort has two principal thrusts: (1) experimental application of tools and techniques to the improvement of software dependability, to the assurance of software dependability properties, and, as a system evolves over time, to the preservation of those properties and their assurance, (2) development of underlying core techniques for program analysis, manipulation, and annotation, including their embodiment in prototype tools for developing and improving Java programs. 

The experimental application of the prototype tools will enable exploration of how assurance and dependability can be better managed in source-level Java programs as they are developed and evolve, particularly in situations where not all of the source-code for a system is available for analysis. (In COTS-based component-oriented software engineering, it is typical not to have all code available for analysis, for reasons of trade secrecy, security, or separate development activity.) 

Recent FY-99 Accomplishments: (This project is a new start.)

 Engineering work on the tool focused on the mechanism related to managing the audit trail of changes and on the user interface architecture.

 Steps were taken to initiate the vulnerability evaluation.

FY-00 Plans: The overall schedule for FOUR-A is based on multiple iterations of (1) analysis of source-code-level dependability requirements, (2) development of manipulations and analyses, (3) engineering of the tool prototype, and (4) application in experimental case studies. As part of this e ort, the extent of tool coverage of Java language constructs will be increased. Evaluative case studies will be ongoing, starting as pen-and-paper studies and evolving to employ increasing levels of tool support.

 Specific plans for FY-00 include:

     
  • Demonstration of preliminary tool user interface for analysis and manipulation.
  •  Analysis of code-level security vulnerabilities based on experience data. 
  • Initial analysis algorithms designed and prototype-implemented to support simple semantic annotations related to one or more assurance properties. 
  • Demonstration of preservation of assurance properties through various classes of program change. 
  • Manipulations for splitting and cloning classes. 
  • Case study exercise, based on thread safety, annotation, and patterns, done manually with limited automation support. 
Technology Transition: The principal artifact resulting from the project is the prototype FOUR-A tool system and its components, which include the general-purpose IR representation, a robust and flexible Java-based user interface system based on model/view chains, and a collection of analysis algorithms and manipulations, suitably encapsulated. 

An important desiogn goal is for the tool to be easily usable in a laboratory or other evaluative setting, reducing the extent of training and technical background required for productive use. For example, many complex and deep analyses and manipulations can be ``hidden'' behind simple interfaces. 

The project will also produce results in the form of papers, talks, and collaborative relationships. 

Principal Investigator: PI Name: William L. Scherlis
Organization: Carnegie Mellon University 
Address: School of Computer Science, 5000 Forbes Avenue, Pittsburgh, PA 15213 
Phone: 412-268-8741
Fax: 412-268-7458
email: scherlis@cs.cmu.edu

Admin Contact Name: Karen Faber
Organization: Carnegie Mellon University 
Address: Office of Sponsored Research, 5000 Forbes Avenue, Pittsburgh, PA 15213
Phone: 412-268-5838
Fax: 412-268-5841
email: faber@andrew.cmu.edu

Return to the ITS Project Summary Page   ]