TY - JOUR
T1 - A fine-grained framework for quantifying secure management of state in object-oriented programs
AU - Stewart, Arran
AU - Cardell-Oliver, Rachel
AU - Davies, Rowan
PY - 2017
Y1 - 2017
N2 - Mismanagement of programs’ run-time state can lead to serious security vulnerabilities, and in object-oriented languages, the program state can be particularly difficult to reason about. In this paper, we outline a framework for assessing the extent to which mutable state is used in object-oriented programs, with a longer term aim of measuring the degree to which it is correlated with reported security vulnerabilities. The notion of method purity is used to characterize uses of mutable state. In previous work, several different and conflicting schemes for identifying pure methods in statically typed object-oriented languages have been proposed. Most existing tools measure only the presence or absence of a particular type of purity. This paper introduces a finer-grained classification of purity in object-oriented languages, in which five broad levels are extended with details of which additional effects (such as reading of mutable state and use of system I/O) are performed by a method. A portion of real-world code is analyzed to identify the way in which particular programming idioms make use of state. We confirm that a variety of different levels of purity occur in the analyzed packages, sometimes occurring in combination with additional computational effects (such as logging, system input, or reading from non-local, mutable state). Analysis of 46 methods from 6 classes found that 50% exhibited some level of purity, including 32% with strict purity (complete prohibition on mutation of variables). © 2016 Informa UK Limited, trading as Taylor & Francis Group
AB - Mismanagement of programs’ run-time state can lead to serious security vulnerabilities, and in object-oriented languages, the program state can be particularly difficult to reason about. In this paper, we outline a framework for assessing the extent to which mutable state is used in object-oriented programs, with a longer term aim of measuring the degree to which it is correlated with reported security vulnerabilities. The notion of method purity is used to characterize uses of mutable state. In previous work, several different and conflicting schemes for identifying pure methods in statically typed object-oriented languages have been proposed. Most existing tools measure only the presence or absence of a particular type of purity. This paper introduces a finer-grained classification of purity in object-oriented languages, in which five broad levels are extended with details of which additional effects (such as reading of mutable state and use of system I/O) are performed by a method. A portion of real-world code is analyzed to identify the way in which particular programming idioms make use of state. We confirm that a variety of different levels of purity occur in the analyzed packages, sometimes occurring in combination with additional computational effects (such as logging, system input, or reading from non-local, mutable state). Analysis of 46 methods from 6 classes found that 50% exhibited some level of purity, including 32% with strict purity (complete prohibition on mutation of variables). © 2016 Informa UK Limited, trading as Taylor & Francis Group
U2 - 10.1080/1206212X.2016.1253911
DO - 10.1080/1206212X.2016.1253911
M3 - Article
SN - 1076-5204
VL - 39
SP - 9
EP - 16
JO - International Journal of Computers and Applications
JF - International Journal of Computers and Applications
IS - 1
ER -