Abstract
In this paper we consider reusability of software component binaries. Reuse of code at the binary level is important because usually only the machine code for system components is available; vendors do not want to share their source code for proprietary reasons. We develop necessary and sufficient conditions for ensuring that software binaries are reusable and relate them to the coding standards that have been developed in the industry to ensure binary code reusability. These coding standards, in essence, discourage the (i) use of hard-coded pointers, and (ii) writing of non-reentrant code. Checking that binary code satisfies these standards/conditions, however, is undecidable, in general. We thus develop static analysis based methods for checking if a software binary satisfies these conditions. This static analysis rests on the abstract interpretation framework. We illustrate our approach by showing how we statically analyze the presence of hard coded pointer variables in assembly code obtained from binaries of digital signal processing applications. The analyzer we have developed takes the binary to be checked for reuse as input, disassembles it, builds the flow graph, and statically analyzes the flow graph to check for the presence of code that will hinder its reuse.
Authors have been partially supported by grants from the National Science Foundation, the Department of Education, and the Environmental Protection Agency.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Abramsky, S., Hankin, C.: Abstract Interpretation of Declarative Languages, Ellis Horwood (1987)
Aho, A.V., Sethi, R., Ullman, J.D.: Compilers: Principles, Techniques, and Tools. Addison-Wesley, Reading (1988)
Bergeron, J., Debbabi, M., Erhioui, M.M., Ktari, B.: Static Analysis of Binary Code to Isolate Malicious Behaviors. In: IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, Palo Alto, California (1999)
Blonstein, S.: (Texas Instruments). Personal Communication
Chen, H., Shapiro, J.S.: Exploring Static Checking for Software Assurance. SRL Technical Report SRL-2003-06
Chess, B.V.: Improving computer security using extending static checking. In: IEEE Symposium on Security and Privacy (2002)
Cousot, P., Cousot, R.: Abstract Interpretation: A Unified Lattice Model for Static Analysis of Programs by Construction of Approximation of Fixpoints. In: Fourth Annual ACM Symp. on Principles of Programming Languages, pp. 238–252 (1977)
Christodorescu, M., Jha, S.: Static Analysis of Executables to Detect Malicious Patterns. In: 12th USENIX Security Symposium (August 2003)
Debray, S., Muth, R., Weippert, M.: Alias analysis of executable code. In: POPL (1998)
Fernandez, M., Espasa, R.: Speculative alias analysis for executable code. In: International Conference on Parallel Architectures and Compilation Techniques (2002)
Frake, W., Terry, C.: Software Reuse: Metrics and Models. ACM Computing Surveys 28(2) (1996)
Garey, M.R., Johnson, D.S.: Computers and Intractability. W. H. Freeman and Company, New York (1979)
Gates, B.: The Future of Programming in a World of Web Services (keynote address). In: 17th Annual ACM Conference on Object-Oriented Programming, Systems, Languages and Application Seattle, Washington Friday, November 8 (2002)
Heintze, N., Tardieu, O.: Demand-Driven Pointer Analysis. In: Conference on Programming Language Design and Implementation (2001)
Holzmann, G.J.: Static Source Code Checking for User-defined Properties. In: Conference on Integrated Design and Process Technology, IDPT (2002)
Landi, W., Ryder, B.G.: A Safe Approximate Algorithm for Interprocedural Pointer Aliasing. In: Proc. SIGPLAN PLDI 1992, pp. 235–248 (1992)
Licheter, H., Riedinger, G.: Improving software quality by static program analysis. In: Proc. of SPI 1997 software process improvement, Barcelona (1997)
Venkitaraman, R., Gupta, G.: Static Program Analysis of Embedded Executable Assembly Code. In: Compilers, Architecture, and Synthesis for Embedded Systems (ACM CASES), September 2004, pp. 157–166 (2004)
Wagner, D.A.: Static analysis and computer security: New techniques for Software Assurance. University of California at Berkley Phd Dissertation (December 2000)
Weihl, W.E.: Interprocedural data flow analysis in the presence of pointers, procedure variables, and label variables. In: Proc. ACM POPL, January 1980, pp. 83–94 (1980)
Texas Instruments Code Composer Studio and XDAIS/TMS320 Algorithmic Standards Literature (No: SPRU509C, No: SPRU301C, No: SPRU352D, No: SPRU189F)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Venkitaraman, R., Gupta, G. (2004). Framework for Safe Reuse of Software Binaries. In: Ghosh, R.K., Mohanty, H. (eds) Distributed Computing and Internet Technology. ICDCIT 2004. Lecture Notes in Computer Science, vol 3347. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30555-2_33
Download citation
DOI: https://doi.org/10.1007/978-3-540-30555-2_33
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24075-4
Online ISBN: 978-3-540-30555-2
eBook Packages: Computer ScienceComputer Science (R0)