Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Practical API Protocol Checking with Access Permissions

Summary: Practical API Protocol Checking
with Access Permissions
Kevin Bierho, Nels E. Beckman, and Jonathan Aldrich
Institute for Software Research, Carnegie Mellon University
5000 Forbes Avenue, Pittsburgh, PA 15213, USA
{kevin.bierhoff, nbeckman, jonathan.aldrich}@cs.cmu.edu
Abstract. Reusable APIs often dene usage protocols. We previously
developed a sound modular type system that checks compliance with
typestate-based protocols while aording a great deal of aliasing exi-
bility. We also developed Plural, a prototype tool that embodies our ap-
proach as an automated static analysis and includes several extensions
we found useful in practice. This paper evaluates our approach along the
following dimensions: (1) We report on experience in specifying relevant
usage rules for a large Java standard API with our approach. We also
specify several other Java APIs and identify recurring patterns. (2) We
summarize two case studies in verifying third-party open-source code
bases with few false positives using our tool. We discuss how tool short-
comings can be addressed either with code refactorings or extensions to
the tool itself. These results indicate that our approach can be used to
specify and enforce real API protocols in practice.


Source: Aldrich, Jonathan - School of Computer Science, Carnegie Mellon University


Collections: Computer Technologies and Information Sciences