Browsing by Subject "Dynamic analysis"
Now showing 1 - 8 of 8
- Results Per Page
- Sort Options
Item Development of simplified dynamic response models for blast-loaded bridge components(2014-05) Sammarco, Eric Louis; Williamson, Eric B., 1968-; Bayrak, Oguzhan; Kallivokas, Loukas F; Engelhardt, Michael D; Ezekoye, Ofodike A; Stevens, David JInternational terrorist organizations have been active across the globe for decades, but attacks against public surface transportation infrastructure constitute a recent trend. Statistical data from past attacks, along with numerous threats received by United States (U.S.) Government authorities, support this claim and render U.S. transportation infrastructure security a national concern. Public highway bridges can be particularly vulnerable to a malevolent attack due predominately to their public accessibility and exposed nature. Furthermore, the sudden failure of a highway bridge located on a major transportation corridor has the potential to cause significant economic loss, human casualties, and societal distress. Motivated by the recent trend of increasing worldwide attacks and identified vulnerabilities associated with public highway bridges, considerable research in the area of bridge security has been carried out over the past decade. While much research is still needed, it is important to begin transitioning the existing knowledge and technology to the appropriate users within the bridge analysis and design community. Accordingly, the main objective of the research described in this dissertation is to facilitate this transition and advance the state of-the-practice in bridge-specific protective analysis and design by developing accurate yet fast-running dynamic response models for reinforced concrete (RC) bridge columns and tower panels subjected to blast loads. Given a threat scenario and bridge component of interest, the RC component response models characterize demand on a selected component and provide an estimate of peak dynamic response and incurred damage. Such fast-running, engineering-level models provide practicing bridge engineers with the ability to readily assess the performance of blast-loaded bridge components without having to rely on time-consuming, costly, and complex resources such as physical testing or high-fidelity finite element simulations. The proposed dynamic response models are also capable of facilitating anti-terrorist/force protection (ATFP) retrofits and rapid in-situ vulnerability assessments of existing bridge components, as well as safe designs of new bridge components. As part of a larger research effort that was chiefly managed by the author of this dissertation, the RC component response models were integrated with similar models for steel bridge towers and high-strength steel cable components to form a comprehensive, component-level vulnerability assessment software for blast-loaded bridges. Therefore, the results of this research synthesize the state-of- the-art in blast-resistant bridge analysis/design and put forth a practical, engineering-level tool to aid in the growing concern of domestic transportation infrastructure security. This contribution to the structural engineering community marks a step towards enhanced resiliency of existing and future U.S. highway bridges.Item Improving dynamic analysis with data flow analysis(2010-08) Chang, Walter Chochen; Lin, Yun Calvin; McKinley, Kathryn; Browne, James C.; Khurshid, Sarfraz; Myers, AndrewMany challenges in software quality can be tackled with dynamic analysis. However, these techniques are often limited in their efficiency or scalability as they are often applied uniformly to an entire program. In this thesis, we show that dynamic program analysis can be made significantly more efficient and scalable by first performing a static data flow analysis so that the dynamic analysis can be selectively applied only to important parts of the program. We apply this general principle to the design and implementation of two different systems, one for runtime security policy enforcement and the other for software test input generation. For runtime security policy enforcement, we enforce user-defined policies using a dynamic data flow analysis that is more general and flexible than previous systems. Our system uses the user-defined policy to drive a static data flow analysis that identifies and instruments only the statements that may be involved in a security vulnerability, often eliminating the need to track most objects and greatly reducing the overhead. For taint analysis on a set of five server programs, the slowdown is only 0.65%, two orders of magnitude lower than previous taint tracking systems. Our system also has negligible overhead on file disclosure vulnerabilities, a problem that taint tracking cannot handle. For software test case generation, we introduce the idea of targeted testing, which focuses testing effort on select parts of the program instead of treating all program paths equally. Our “Bullseye” system uses a static analysis performed with respect to user-defined “interesting points” to steer the search down certain paths, thereby finding bugs faster. We also introduce a compiler transformation that allows symbolic execution to automatically perform boundary condition testing, revealing bugs that could be missed even if the correct path is tested. For our set of 9 benchmarks, Bullseye finds bugs an average of 2.5× faster than a conventional depth-first search and finds numerous bugs that DFS could not. In addition, our automated boundary condition testing transformation allows both Bullseye and depth-first search to find numerous bugs that they could not find before, even when all paths were explored.Item Language and tool support for multilingual programs(2011-08) Lee, Byeongcheol; McKinley, Kathryn S.; Cook, William R.; Grimm, Robert; Hirzel, Martin; Kim, Miryung; Lin, CalvinProgrammers compose programs in multiple languages to combine the advantages of innovations in new high-level programming languages with decades of engineering effort in legacy libraries and systems. For language inter-operation, language designers provide two classes of multilingual programming interfaces: (1) foreign function interfaces and (2) code generation interfaces. These interfaces embody the semantic mismatch for developers and multilingual systems builders. Their programming rules are difficult or impossible to verify. As a direct consequence, multilingual programs are full of bugs at interface boundaries, and debuggers cannot assist developers across these lines. This dissertation shows how to use composition of single language systems and interposition to improve the safety of multilingual programs. Our compositional approach is scalable by construction because it does not require any changes to single-language systems, and it leverages their engineering efforts. We show it is effective by composing a variety of multilingual tools that help programmers eliminate bugs. We present the first concise taxonomy and formal description of multilingual programming interfaces and their programming rules. We next compose three classes of multilingual tools: (1) Dynamic bug checkers for foreign function interfaces. We demonstrate a new approach for automatically generating a dynamic bug checker by interposing on foreign function interfaces, and we show that it finds bugs in real-world applications including Eclipse, Subversion, and Java Gnome. (2) Multilingual debuggers for foreign function interfaces. We introduce an intermediate agent that wraps all the methods and functions at language boundaries. This intermediate agent is sufficient to build all the essential debugging features used in single-language debuggers. (3) Safe macros for code generation interfaces. We design a safe macro language, called Marco, that generates programs in any language and demonstrate it by implementing checkers for SQL and C++ generators. To check the correctness of the generated programs, Marco queries single-language compilers and interpreters through code generation interfaces. Using their error messages, Marco points out the errors in program generators. In summary, this dissertation presents the first concise taxonomy and formal specification of multilingual interfaces and, based on this taxonomy, shows how to compose multilingual tools to improve safety in multilingual programs. Our results show that our compositional approach is scalable and effective for improving safety in real-world multilingual programs.Item Modeling the post shear failure behavior of reinforced concrete columns(2012-05) LeBorgne, Matthew Ronald; Ghannoum, Wassim M.; Wood, Sharon L.; Aggarwal, J K.; Bayrak, Oguzhan; Jirsa, James O.Numerous reinforced concrete buildings vulnerable to earthquake induced collapse have been constructed in seismic zones prior to the 1970s. A major contributor to building collapse is the loss of axial load carrying capacity in non-seismically detailed columns. Experimental investigations have shown that non-seismically detailed columns will only experience axial failure after shear failure and subsequent lateral shear strength degradation have occurred. Therefore, column shear failure and degrading behavior must be modeled accurately before axial collapse algorithms can be properly implemented. Furthermore, accurate modeling of the degrading lateral-load behavior of columns is needed if lateral load sharing between structural elements is to be assessed with reasonable accuracy during seismic analyses. A calibrated analytical model was developed that is capable of estimating the lateral strength degrading behavior of RC columns prone to shear failure. Existing analytical models poorly approximate nonlinear column behavior and require several nonphysical damage parameters to be defined. In contrast, the proposed calibrated model provides the engineering community with a valuable tool that only requires the input of column material and geometric properties to simulate column behavior up to loss of lateral strength. In developing the model, a database of RC columns was compiled. Parameters extracted from database column-tests were scrutinized for trends and regression models relating damage parameters to column physical properties and boundary conditions were produced. The regression models were implemented in the degrading analytical framework that was developed in this project. Two reinforced concrete columns exhibiting significant inelastic deformations prior to failing in shear were tested in support of the analytical work. A newly developed Vision System was used to track a grid of targets on the column face with a resolution of three-thousands of an inch. Surface column deformations were measured to further the understanding of the fundamental changes in column behavior that accompany shear and axial failure and validate the proposed analytical model. This research provides the engineering community with an analytical tool that can be used to perform nonlinear dynamic analysis of buildings that are at risk of collapse and help engineers improve retrofit techniques. Further insight into shear behavior attained through this project is an important step toward the development of better shear and axial degradation models for reinforced concrete columns.Item SHM Racer : dynamic race condition detection using shared memory traps(2021-05-06) Hoganson, Alexander Joshua; Shi, August (August Wang)This project investigated different types of data races that can exist within C code, and then incrementally built a race condition detector, SHM Racer, using an assortment of thread safety violation/data race violation detection methods. The objective of this report was to demonstrate the tradeoffs/benefits of certain race condition finding tools, and construct a tool that could minimize false positive race errors while maximizing the number of found data races. Race condition detection using static analysis can log false positives/false negatives due to a missed understanding of complex synchronization patterns. Dynamic analysis can often minimize false positives, but its ability to slow runtime performance can make this type of analysis impractical. The decided approach was to develop SHM Racer: a shared memory library that provides a shared memory access interface to multiple threads. SHM Racer would also use its knowledge of thread contexts and near-miss analysis data to dynamically modify its shared memory response performance with the intent of expanding critical sections. The aim of this approach was to increase the likelihood of race condition occurrence without significantly altering runtime performance. Test observations demonstrated that while expanding critical sections does increase the probability of detecting data races without producing false positives, there are significant performance/race condition detection impacts if the critical sections are expanded without accommodating for happens-before and already found race errors. Using a combination of near miss analysis and dangerous pair pruning, there was an observable performance improvement in analyzed code performance. However, while there were no false positives detected by SHM Racer, there were still missed race violations due to the tool’s effects on thread synchronization patterns. Even though SHM Racer did miss finding race violations, its false positive minimization and configurable delay thresholds make it very effective at catching basic data races without having to learn synchronization patterns.Item Systematic techniques for efficiently checking Software Product Lines(2013-12) Kim, Chang Hwan Peter; Batory, Don S., 1953-; Khurshid, SarfrazA Software Product Line (SPL) is a family of related programs, which of each is defined by a combination of features. By developing related programs together, an SPL simultaneously reduces programming effort and satisfies multiple sets of requirements. Testing an SPL efficiently is challenging because a property must be checked for all the programs in the SPL, the number of which can be exponential in the number of features. In this dissertation, we present a suite of complementary static and dynamic techniques for efficient testing and runtime monitoring of SPLs, which can be divided into two categories. The first prunes programs, termed configurations, that are irrelevant to the property being tested. More specifically, for a given test, a static analysis identifies features that can influence the test outcome, so that the test needs to be run only on programs that include these features. A dynamic analysis counterpart also eliminates configurations that do not have to be tested, but does so by checking a simpler property and can be faster and more scalable. In addition, for runtime monitoring, a static analysis identifies configurations that can violate a safety property and only these configurations need to be monitored. When no configurations can be pruned, either by design of the test or due to ineffectiveness of program analyses, runtime similarity between configurations, arising due to design similarity between configurations of a product line, is exploited. In particular, shared execution runs all the configurations together, executing bytecode instructions common to the configurations just once. Deferred execution improves on shared execution by allowing multiple memory locations to be treated as a single memory location, which can increase the amount of sharing for object-oriented programs and for programs using arrays. The techniques have been evaluated and the results demonstrate that the techniques can be effective and can advance the idea that despite the feature combinatorics of an SPL, its structure can be exploited by automated analyses to make testing more efficient.Item Toward better server-side Web security(2014-05) Son, Sooel; Shmatikov, Vitaly; McKinley, Kathryn S.Server-side Web applications are constantly exposed to new threats as new technologies emerge. For instance, forced browsing attacks exploit incomplete access-control enforcement to perform security-sensitive operations (such as database writes without proper permission) by invoking unintended program entry points. SQL command injection attacks (SQLCIA) have evolved into NoSQL command injection attacks targeting the increasingly popular NoSQL databases. They may expose internal data, bypass authentication or violate security and privacy properties. Preventing such Web attacks demands defensive programming techniques that require repetitive and error-prone manual coding and auditing. This dissertation presents three methods for improving the security of server-side Web applications against forced browsing and SQL/NoSQL command injection attacks. The first method finds incomplete access-control enforcement. It statically identifies access-control logic that mediates security-sensitive operations and finds missing access-control checks without an a priori specification of an access-control policy. Second, we design, implement and evaluate a static analysis and program transformation tool that finds access-control errors of omission and produces candidate repairs. Our third method dynamically identifies SQL/NoSQL command injection attacks. It computes shadow values for tracking user-injected values and then parses a shadow value along with the original database query in tandem with its shadow value to identify whether user-injected parts serve as code. Remediating Web vulnerabilities and blocking Web attacks are essential for improving Web application security. Automated security tools help developers remediate Web vulnerabilities and block Web attacks while minimizing error-prone human factors. This dissertation describes automated tools implementing the proposed ideas and explores their applications to real-world server-side Web applications. Automated security tools are effective for identifying server-side Web application security holes and a promising direction toward better server-side Web security.Item Transient response of rotor on rolling element bearings with clearance(2006-10) Fleming, D.P.; Murphy, B.T.; Sawicki, J.T.; Poplawski, J.V.Internal clearance in rolling element bearings is usually present to allow for radial and axial growth of the rotor-bearing system and to accommodate bearing fit-up. The presence of this clearance also introduces a “dead band” into the load-deflection behavior of the bearing. Previous studies demonstrated that the presence of dead band clearance might have a significant effect on synchronous rotor response. In this work, the authors investigate transient response of a rotor supported on rolling element bearings with internal clearance. In addition, the stiffness of the bearings varies nonlinearly with bearing deflection and with speed. Bearing properties were accurately calculated with a state of the art rolling bearing analysis code. The subsequent rotordynamics analysis shows that for rapid acceleration rates the maximum response amplitude may be less than predicted by steady-state analysis. The presence of clearance may shift the critical speed location to lower speed values. The rotor vibration response exhibits subharmonic components which are more prominent with bearing clearance.