pliny

The Pliny project aims to develop a family of systems for automatically detecting and fixing errors in programs, and synthesizing reliable code from high-level specifications. A unique feature of Pliny is that it aims to achieve these tasks using knowledge hidden in Big Code, i.e., large corpora of existing software. Programmers rarely write code in a vacuum. An API that they want to use will likely have been used in thousands of other programs; a script that they want to write can likely reuse some of the components present in existing code. Pliny utilizes this insight by mining software repositories for information of potential use to programmers. The extracted information is stored in a special kind of statistical database, and then used in algorithms for computer-aided programming. For example, learned patterns of API usage are used to detect and fix errors a programmer’s use of an API, and mined components are stitched together to produce executable code.

Pliny is a collaboration between Rice University, University of Texas at Austin, University of Wisconsin, and Grammatech, Inc., and is funded under the DARPA MUSE program.

 

For more information about PLINY, please visit this webpage.

 

Auditr

 

The Auditr project uses program analysis to uncover resource-related security vulnerabilities in Java programs. Specifically, Auditr focuses on two kinds of security vulnerabilities related to space and time usage of programs:

  1. Availability problems: which arise when a user-provided input controls the asymptotic complexity or termination of a program component. Since attackers can substantially degrade system performance through carefully selected inputs, availability problems can be exploited by malicious parties to launch denial of service attacks.
  2. Confidentiality problems: which arise when two different user inputs result in substantially different resource usage behaviors depending on the value of some confidential data stored in the system. If the program exhibits substantially different space or time usage characteristics depending on user input, attackers can exploit this behavior to learn confidential information through side channel attacks.

 

The Auditr project is a collaboration between The University of Texas at Austin, The University of Colorado Boulder, and Kestrel Technology. The Auditr project is funded under the DARPA STAC program.

For more information about PLINY, please visit this webpage.

 

Hades

Hades Design

 

Hades is a new tool for synthesizing transformations on hierarchically structured data. Hades automatically generates executable code which performs desired tree transformation by analyzing a given set of input-output examples.

You can read more about Hades and watch a demo of using it in practice here.

 

 

SyPet

SyPet is a component-based synthesizer for large libraries that automatically synthesizes executable programs by composing API calls. It performs

  • Synthesis of program sketches: SyPet uses Petri nets to generate programs sketches from signatures of the desired method and underlying library components.
  • Completion of program sketches: SyPet generates constraints on the synthesized program with holes and uses a SAT solver to find a candidate method.

 

Hunter

Hunter is a next generation code reuse tool that finds, adapts and synthesizes common programs in large corpus with the following advantages:

  • Increase productivity: programmers can focus on more creative tasks.
  • Decrease buggy code: code reuse reduces the likelihood of buggy implementation.

hunterTry Hunter now at

Eclipse Marketplace

Demo:

 

Explorer

Explorer is a powerful tool for answering a rich class of queries about inter-procedural control flow properties, and it can help improve the productivity of programmers in various tasks including software analysis and understanding, malware detection, and etc. It has the following features:

  • Explorer allows users to formulate queries about feasible call-stack configurations using regular expressions;
  • Explorer uses a precise demand-driven refinement algorithm to answer such queries;
  • Explorer can be applied in various scenarios (even with very large code base) and answer those queries both efficiently and precisely.