CSCE 710: Fundamental Software Analysis

  • Location: HRBB 126
  • Time: TR 8:00-9:15am
  • Credits: 3
  • Instructor: Jeff Huang
  • Office: HRBB 416
  • Office Hours: By appointment
Course Schedule

NEWS
  • [08/26] Welcome to CSCE 710! Please go to Google Classroom for all class activities.

Course Description

The goal of this course is to introduce how various analysis techniques can be used to manage the quality of a software application. Students will acquire fundamental knowledge of program abstraction, features, verification, testing, debugging, concurrency, reliability, security, and fault detection. The course will also discuss how to carry out the empirical experimentation for program analysis. Wherever applicable, concepts will be complemented by tools developed in academia and industry. This enables students to understand the maturity and limitations of various analysis techniques.

Course Goal

The intent of this course is to offer the in-depth introduction to graduate students on a wide range of software analysis concepts and techniques. The topics can be explored at different levels of depths depending on the interests of the class. The content of the course is roughly divided into two general themes: program representation and program analysis. Following the first theme, we study different abstractions, representations, and interpretations of a software program itself. Following the second, we study how analysis techniques and algorithms can help interpret the runtime meaning of the program and, in turn, help us monitor and improve the quality of the software programs.

If you are interested in doing research in the area of software analysis, this course can help you get started; if you are currently involved in research in other areas such as operating system, networking, security, and database, this course can help you apply the techniques learned in this course to your research area.

Workload and Evaluation

This course will have homework assignments, paper readings and presentations, a final exam and a final project. The following grading policy will be used:

90-100: A
80-89: B
70-79: C
60-69: D
<60: F

Class participation: 10%
Paper review and presentation: 10%
Assignment: 15%
Final exam: 15%
Final project: 50%

Late Policy: Late submission will have 2% penalty for each hour after the due time.

Assignment

We'll have three homework assignments. These assignments will help you understand some basic principles of program analysis.

Paper Presentation

We will discuss a few important research papers selected from top programming language, software engineering, and computer systems conferences. For each paper, one student will be the designated presenter and start off the discussions. Each presentation should be within 20 minutes to cover the following key points of the paper:

Everyone is expected to read all papers that will be discussed and participate actively in the discussions. Course participants will be able to indicate their preferences for papers that they want to present, and an effort will be made to respect everyone's preferences.

You are required to write a short summary for each paper you read. The summary can include:

The summaries are to be done individually and each summary is due before the midnight prior to the corresponding lecture (submit on Google Classroom).

Project

The final project is the key of this course. It is essentially a mini research project that may involve building a new system, designing a new algorithm, improving an existing technique, applying an existing technique to a new domain, or performing a large case study. You are encouraged to come up with a topic of your own, which I'll help refine; alternatively, you can choose one of the projects I suggest. You must work on your project individually. The tentative timeline of the project is as follows:

Prerequisite

There are no formal prerequisites, but it will help to have some background in programming languages, compilers, software engineering, and/or operating systems in general; and program analysis, parallel/concurrent programming, and/or software reliability in particular.

Enrollment

The enrollment is open to PhD and MS students. If you are an undergraduate and would like to take the course, please email the instructor for special permission.

Materials

All relevant materials will be made available online.

There is no required textbook, but the following two books are recommended:

  • Nielson, Nielson, and Hankin. Principles of Program Analysis (PPA). ISBN 3- 540-65410-0. Published by Springer, 2005
  • Alfred V. Aho. Monica S. Lam. Ravi Sethi. Jeffrey D. Ullman. "Dragon Book" -- Compilers: Principles, Techniques, and Tools (2nd Edition). ISBN-13: 978-0321486813. Published by Addison-Wesley, 2006.
  • Ethics & Academic Integrity

    We will study/discuss threats and attacks in the class/lab. You should be fully aware of ethics when studying these techniques. If in any context you are not sure about where to draw the line, come talk to me first.

    "An Aggie does not lie, cheat, or steal or tolerate those who do." For additional information, please visit: http://aggiehonor.tamu.edu.

    Upon accepting admission to Texas A&M University, a student immediately assumes a commitment to uphold the Honor Code, to accept responsibility for learning, and to follow the philosophy and rules of the Honor System. Students will be required to state their commitment on examinations, research papers, and other academic work. Ignorance of the rules does not exclude any member of the TAMU community from the requirements or the processes of the Honor System.

    Americans with Disabilities Act (ADA) Statement

    The Americans with Disabilities Act (ADA) is a federal anti-discrimination statute that provides comprehensive civil rights protection for persons with disabilities. Among other things, this legislation requires that all students with disabilities be guaranteed a learning environment that provides for reasonable accommodation of their disabilities. If you believe you have a disability requiring an accommodation, please contact Disability Services, in Cain Hall, Room B118, or call 845-1637. For additional information visit http://disability.tamu.edu.



    Tentative schedule


    Week Topic Readings Speakers
    1 Overview Dr. Huang
    Static and Dynamic Analyses Coverity, AddressSanitizer, Static and Dynamic analysis Dr. Huang
    2 Program Analysis Frameworks Soot, WALA, LLVM, Pin Dr. Huang
    3 Data-flow Analysis PPA (Ch 2) Dr. Huang
    4 Proposal Presentation
    Pointer Analysis Points-to Tutorial Dr. Huang
    5 Call Graph Construction Call Graph Tutorial Dr. Huang
    Symbolic Execution Symbolic Execution: Three Decades Later, KLEE Dr. Huang
    6 Taint Analysis Dynamic Taint Analysis and Forward Symbolic Execution Dr. Huang
    Concurrency Concurrency bug study, Golang race detection Dr. Huang
    7 Program Synthesis Flashfill Dr. Huang
    Program Verification Smart Contracts Verification Dr. Huang
    8 Paper Presentation RaceFuzzer, Golang Concurrency Bugs Yahui, Osama
    DEEPSEC, Data Flow Integrity Yulin, Grace
    9 WebAssembly, Gradual Typing for Python Chongzhi, Diego
    VerX, ThreadSanitizer Jianwei, TBD
    10 Project Progress Demo
    11 Paper Presentation Meltdown, SQLizer Jon, Yi
    Delta Debugging, Debugging Reinvented Cheng, Luochao
    12 Bugs as Deviant Behavior, Continuous Bug Reasoning Dalton, Siwei
    Project Day Happy hacking!
    13 Final Project Presentation Exciting project demos!
    14 Thanksgiving holiday!
    15 Course Review