Constraining application behaviour by generating languages ELS 2015 - PowerPoint PPT Presentation

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Constraining application behaviour by generating languages ELS 2015 Paul van der Walt paul.vanderwalt@inria.fr INRIA Bordeaux 20 April, 2015 Paul van der Walt Constraining / Generating / DSLs. 1/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion The Problem: apps are black boxes 1 A Proposition: modularise! 2 Implementation 3 Conclusion 4 Paul van der Walt Constraining / Generating / DSLs. 2/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion What does this mobile app do? Paul van der Walt Constraining / Generating / DSLs. 3/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion On Android permissions Android has a notion of “permissions”, but Permissions apply to entire app All-or-nothing for the user To curb privacy breaches, like Advertising libraries regularly exfiltrate data, Twitter, LinkedIn apps stealing contact list, etc. Paul van der Walt Constraining / Generating / DSLs. 4/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion On Android permissions Android has a notion of “permissions”, but Permissions apply to entire app All-or-nothing for the user To curb privacy breaches, like Advertising libraries regularly exfiltrate data, Twitter, LinkedIn apps stealing contact list, etc. We can do better :) Paul van der Walt Constraining / Generating / DSLs. 4/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Paul van der Walt Constraining / Generating / DSLs. 5/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Supposedly: Takes a picture Applies sepia filter Displays it to user Paul van der Walt Constraining / Generating / DSLs. 5/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Supposedly: Takes a picture Applies sepia filter Displays it to user . . . and shows an advert Paul van der Walt Constraining / Generating / DSLs. 5/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Supposedly: Takes a picture → camera permission Applies sepia filter Displays it to user . . . and shows an advert Paul van der Walt Constraining / Generating / DSLs. 5/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Supposedly: Takes a picture → camera permission Applies sepia filter Displays it to user . . . and shows an advert → network permission Paul van der Walt Constraining / Generating / DSLs. 5/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Potential data flow What you hope: camera → your screen internet → fetch advert nothing more. Paul van der Walt Constraining / Generating / DSLs. 6/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Potential data flow What you hope: Reality: camera → your screen image → stalkme.net and internet → fetch advert nsa.gov nothing more. � − ¨ Paul van der Walt Constraining / Generating / DSLs. 6/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion How can we curb this? The Android permission model: ? ? Uses Camera Main ?? ? ? Uses ? Network Even with conservative permissions, behaviour is unpredictable. Paul van der Walt Constraining / Generating / DSLs. 8/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion How can we curb this? The Android permission model: A better way of doing it: ? Display to screen ? Uses Camera Platform Main ?? ? App ? Uses Compose ? Network Picture + Advert Even with conservative Fetch Filter picture Advert permissions, behaviour is unpredictable. Camera WWW access Paul van der Walt Constraining / Generating / DSLs. 8/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Our goals ✦ Give the user clarity via spec ✦ Force the app to conform to spec ✦ Guide the developer where possible Paul van der Walt Constraining / Generating / DSLs. 9/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion The proposed approach Provide a DSL to write up spec (encoding of flow diagram shown before) Provide another DSL based on that, to implement app I.e. , tower of languages Paul van der Walt Constraining / Generating / DSLs. 10/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Racket and #lang my-lang.rkt (define-syntax (#%module-begin stx) (syntax-case stx () [(_ stmts ...) ; .. do something with stx ])) (provide #%module-begin ...) ... uses language #lang s-exp "my-lang.rkt" stmts ... Paul van der Walt Constraining / Generating / DSLs. 11/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion #lang providing #lang Relation between specifications and implementation: Paul van der Walt Constraining / Generating / DSLs. 12/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Specifications 1 #lang s-exp "framework.rkt" 2 ;;; Specifications file, webcamspec.rkt Paul van der Walt Constraining / Generating / DSLs. 14/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Specifications 1 #lang s-exp "framework.rkt" 2 ;;; Specifications file, webcamspec.rkt 3 ( define-context Filter ; name Picture ; return type 4 [ when-provided Camera]) ; subscribed to 5 6 7 ( define-source Camera Picture) ; built-in 8 ;; ... Paul van der Walt Constraining / Generating / DSLs. 14/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Specifications 1 #lang s-exp "framework.rkt" 2 ;;; Specifications file, webcamspec.rkt 3 ( define-context Filter ; name Picture ; return type 4 [ when-provided Camera]) ; subscribed to 5 6 7 ( define-source Camera Picture) ; built-in 8 ;; ... The types allow us to generate function contracts. Paul van der Walt Constraining / Generating / DSLs. 14/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Implementation The developer does the following: 1 ;;; Implementation file, webcamimpl.rkt 2 #lang s-exp "webcamspec.rkt" Paul van der Walt Constraining / Generating / DSLs. 15/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Implementation The developer does the following: 1 ;;; Implementation file, webcamimpl.rkt 2 #lang s-exp "webcamspec.rkt" 3 ( implement Filter Paul van der Walt Constraining / Generating / DSLs. 15/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Implementation The developer does the following: 1 ;;; Implementation file, webcamimpl.rkt 2 #lang s-exp "webcamspec.rkt" 3 ( implement Filter ( lambda (pic) 4 Paul van der Walt Constraining / Generating / DSLs. 15/21

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Implementation The developer does the following: 1 ;;; Implementation file, webcamimpl.rkt 2 #lang s-exp "webcamspec.rkt" 3 ( implement Filter ( lambda (pic) 4 ( let * ([canvas (make-bitmap pic ..)]) 5 ; ... do magic, change colours or whatever 6 canvas))) 7 8 ;; ... ...which will be turned into submodules. Paul van der Walt Constraining / Generating / DSLs. 15/21

Constraining application behaviour by generating languages ELS 2015 - PowerPoint PPT Presentation

The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Constraining application behaviour by generating languages ELS 2015 Paul van der Walt paul.vanderwalt@inria.fr INRIA Bordeaux 20 April, 2015 Paul van

State-Based Testing Part A Modeling states Generating test cases for complex behaviour

State-Based Testing Part B Error Identification Generating test cases for complex behaviour

State-Based Testing Part B Error Identification Generating test cases for complex behaviour

State-Based Testing Part C Test Cases Generating test cases for complex behaviour

State-Based Testing Part C Test Cases Generating test cases for complex behaviour Reference:

Session 14 Introduction to Behaviour that Challenges SECTION 5: 1 Behaviour Behaviour that is

Early History on the Application of Probability Methods in the Evaluation of Generating Capacity

Generating Hypergraph Languages by (Context-dependent) Fusion Grammars and Splitting/Fusion

Generating Image Distortion Maps Using Convolutional Autoencoders with Application to No

A New Algorithm for Generating Quadrilateral Meshes and Its Application to FE-Based Image

Recursive Definitions Generating Functions Lecture 18 Generating Functions A generating

Type A Water Licence Renewal Application for the Jackfish Lake Generating Station in

CS108 Lecture 21: Web Applications Web Application Architecture Generating HTML from Python

TALTSON TWIN GORGES GENERATING STATION Renewal of Water License N1L4-0154 Application No:

Constraining Dark Matter Properties From A Gamma-Ray Detection S ergio Palomares-Rui z Centro de

A Framework for Generating Data to Simulate Application Scoring Credit Scoring and Credit Control

ANTI SOCIAL BEHAVIOUR WHAT IS ANTISOCIAL WHAT IS ANTISOCIAL BEHAVIOUR BEHAVIOUR Bullying

CONSTRAINING NEUTRINOS WITH BBN (WITH A LITTLE HELP FROM THE CMB) GGI NEUTRINO

t n e m Behaviour Influences Behaviour u c o D y c a g e L g n i Pearlcatchers

State-Based Testing Part B Error Identification Generating test cases for complex

Modeling social behaviour in an uncertain environment, application in epidemiology Laetitia

Catherine Lennox EDPS 650 What is prosocial behaviour? How is prosocial behaviour related to

Constraining anomalous HVV interac2ons at proton and lepton

Session 15 Understanding Challenging Behaviour SECTION 5: 1 Behaviour There are many possible