Software Analysis Overview

Questions and Answers

What syntax is required at the end of statements in Java?

• Comma
• Colon
• Semicolon (correct)
• Period

How does Java handle variable types at compile time?

• Types are known only at runtime
• Types must be declared explicitly (correct)
• Types are inferred randomly
• Types can change after declaration

What is a characteristic of dynamic typing as seen in Python?

• Types are determined at compile time
• Types are defined explicitly by the user
• Types cannot change once declared
• Types are inferred during runtime (correct)

Which of the following is a primitive type in Java?

Char (A)

What type of error does static checking find before the program runs?

Syntax errors (C)

Which of the following is an example of dynamic checking?

Invalid method arguments (A)

What is NOT a characteristic of Java's variable types?

Types can change dynamically (B)

Which of these statements regarding the scope of block statements in Java is true?

Requires braces to define blocks (D)

What is the primary difference between static and dynamic software analysis?

Static analysis analyzes program without execution. (A)

What can dynamic software analysis help identify that static analysis might miss?

Potential bugs during program execution. (A)

What does the control flow graph represent in static software analysis?

The structure of the program based on intermediate representation. (C)

What is a limitation of both static and dynamic checking?

They can miss bugs that were not anticipated. (A)

Which testing method includes analyzing the program's structure?

Structural testing. (B)

Why is completeness abandoned in static software analysis?

To simplify the control flow graph. (B)

What characterizes explicit data flow in software programs?

Information is copied or used directly in operations. (D)

Which of the following statements is true regarding testing methods?

Behavioral testing assesses a program's functionality based on specifications. (C)

What will be the value of variable 'c' after the statement 'c -= 3' in the first example?

9 (A)

What can be inferred from the variable 'b' in the second example if 'a' is deduced to be 0?

b will be 0 (C)

In which scenario does implicit information flow occur based on the examples provided?

When the program's behavior indicates a certain value of 'a' (C)

What will happen in the first line of the last example if 'a' is less than 0?

An exception will be thrown (B)

In the third example, what is the purpose of the while loop?

To execute 'doSomething()' infinitely if 'a' is negative (D)

What is the expected behavior when the value of 'a' changes from negative to non-negative in the third example?

The loop exits and the program continues (D)

Which statement about implicit data flow is correct based on the examples?

It can be deduced from program executions and variable behaviors (A)

In the second example, what is the significance of the value returned from 'getValue()'?

It determines if 'b' is set to 1 or 0 (D)

Flashcards

Dynamically typed

A language where the type of an expression is resolved at runtime, meaning the code does not need to be explicitly typed.

Type

A set of values with specific operations that can be performed on them. For example, integers, floats, and booleans.

Statically typed

A language where the type of an expression is checked before the program runs, ensuring type safety.

Java Syntax

Java uses curly braces to define blocks of code and semicolons at the end of statements.

Python Syntax

Python uses indentation to define blocks of code and does not require semicolons.

Runtime errors

Mistakes that occur during runtime, like dividing by zero or accessing non-existent array elements.

Compile-time errors

Errors detected during compilation, like incorrect syntax, missing semicolons, or type mismatches.

Logic errors

Mistakes that occur when a program's logic is flawed, leading to incorrect results.

Implicit Information Flow

Implicit information flow occurs when sensitive data is unintentionally revealed through program behavior or variable values.

Control Flow Leakage

Control flow statements (like if-else and while loops) can unintentionally convey information about sensitive input values.

Timing Channel

Implicit data flow occurs when program execution time varies based on a sensitive input, potentially revealing information about that input.

Exception Handling Leakage

Implicit data flow happens when exceptions occur during program execution due to sensitive data, indirectly revealing the data's existence or content.

Memory Usage Leakage

Sensitive information can be derived from the program's memory consumption, which can vary depending on the content of the input.

Attackers Exploiting Leaks

This is a security risk, as attackers can exploit these leaks to gain unauthorized access to sensitive data.

Example 1

Example 1: Checking the value of 'a' and setting 'b' accordingly leaks information about 'a'.

Example 2

Example 2: The program loops as long as 'a' is negative, revealing information about its value.

Static Software Analysis

Finding bugs in a program without actually running it. It involves analyzing the source code to identify potential issues.

Dynamic Software Analysis

Finding bugs in a program by running it with various inputs and observing its behavior. It involves monitoring variables and execution flow.

Control Flow Graph

A graph that represents the possible execution paths of a program. It shows how different parts of the code can be reached and executed.

Intermediate Representation

A simplified representation of a program that is used for analysis. It typically removes some parts of the code that are not relevant for the analysis.

Explicit Data Flow

Data movement that is directly traceable in the program's code. It happens when data is explicitly copied, assigned, or used in calculations.

Testing

A testing method that aims to ensure the correct functioning of a program by executing it with various test cases.

Software Analysis

A type of program analysis that aims to uncover hidden bugs by considering the context and intended behavior of the software. It goes beyond simply checking for technical correctness.

Checking techniques

Software analysis techniques that aim to find bugs in programs. They include static, dynamic, and behavioral testing. However, no method can catch all bugs.

Study Notes

Software Analysis

• Software analysis aims to identify unintended behaviors, even if a program is technically correct. It considers contextual information.
• Static analysis examines the source code without running the program.
• Dynamic analysis executes the program to analyze its behavior.

Static Analysis

• The program needs translation into an intermediate representation.
• A control flow graph is built from the representation, but the intermediate representation doesn't include all possible program states.

Dynamic Analysis

• A control flow graph can quickly become complex.
• Dynamic analysis executes the program with different inputs to track the values of variables.

Explicit Information Flow

• Explicit flow occurs when information is copied or used in direct operations, like assigning a value.
• Consider example involving integer variables, assignments & calculations.

Implicit Information Flow

• Implicit flow is deduced from program behavior or variable values.
• If the program terminates, it might be possible to deduce the sign of a variable.
• The execution time can also convey information, even if the program ultimately finishes.
• An exception thrown reveals information about variables.

Java vs. Python

• Java uses static typing, meaning variable types are known at compile time.
• Python is dynamically typed, with type determination occurring at runtime.
• Java requires semicolons at statement endings and uses curly braces around code blocks.
• In Java, operators can be infix (between operands), prefix (before an operand), or postfix (after an operand).

Types in Java

• Java supports primitive types like boolean, byte, short, int, long, float, double, and char.
• Operations on these types are functions.
• Operators and methods work on objects.
• There are pre-defined functions in Java.

Description

Explore the fundamental concepts of software analysis, including static and dynamic analysis, and the distinction between explicit and implicit information flow. This quiz covers essential techniques for evaluating program behavior and understanding control flow graphs.