Abstract: A slice of a program with respect to a program point p and variable x consists of all statements of the program that might affect the value of x at point p. Slices can be extracted particularly easily from a program representation called a program dependence graph, originally introduced as an intermediate program representation for performing optimizing, vectorizing, and parallelizing transformations. Such slices are of a slightly restricted form: rather than permitting a program to be sliced with respect to program point p and an arbitrary variable, a slice must be taken with respect to a variable that is defined at or used at p.

Abstract: Software maintenance is the most expensive part of the software life-cycle. This is partially due to the fact that quite often the only reliable and available documentation about a program is its source code and all the relevant information must be extracted from it. This thesis research proposes a knowledge-based approach for automating the analysis of program source code. A prototype program analysis tool, called PAT, has been constructed to demonstrate the feasibility of the proposed approach. In PAT, we represent the program information as events and the program analysis knowledge as plans. Both events and plans are organized into a classification hierarchy based on the programming concepts that they express. The understanding of a program is implemented as an inference process in which new events (representing high-level programming concepts) are derived from the existing ones using plans. Plans also contain information for the documentation and debugging of the derived events. A justification-based truth maintenance system is used to record and maintain the facts derived from the programs and their justifications.

Abstract: The results of implementing several transferable analysis tools for the analysis and evaluation of end-use monitoring, direct-load control programs are described. These tools are the duty cycle model and the demand-side design and analysis workstation. The PC-based workstation has proved to be a viable, cost-effective means of analyzing the voluminous data used in the program evaluation. The duty cycle model, unlike other program evaluation techniques, can calculate the load impact of virtually any load-control strategy, not just those operated by the utility. Using air conditioner (AC) data from the Athens (Tennessee) automation and control experiment, it is calculated that average peak period AC load reduction is 0.92 kW under a 40% cycling strategy. >

Abstract: End-use load data analysis is assuming a growing role for utility demand-side planners around the country. This paper describes the results of implementing several transferable analysis tools for the analysis and evaluation of end-use monitoring, direct load control programs. These tools are the Duty Cycle Model and the Demand-Side Design and Analysis Workstation. The PC-based Workstation has proven itself to be a viable, cost-effective means of analyzing the voluminous data used in the program evaluation. Unlike other program evaluation techniques, the Duty Cycle Model can calculate the load impact of virtually any load control strategy, not just those operated by the utility. Using air conditioner (AC) data from the Athens (Tennessee) Automation and Control Experiment, the authors calculated that average peak period AC load reduction was 0.92 kW under a 40% cycling strategy.

Abstract: Method and apparatus for controlling an instrument which can perform a specified cyclic process. The instrument's process is controlled by a computer which has two concurrently defined tasks: an operator task for running an instrument control program, and a compiler task for compiling new instrument control programs input by the instrument's user. The currently running program is suspended and a new program's execution is begun when (a) a new program has been successfully compiled by the compiler, and (b) the current program is about to perform a jump back at the end of an instruction loop. When a main instrument control program finishes executing, a new program is run if a new program has been successfully compiled; otherwise, execution of the most recently suspended program resumes. Thus a newly compiled program interrupts the currently running program only between instruction loops, and only as long as necessary to execute its instructions. If the newly compiled program merely resets a parameter, this interruption is generally so short as to be unnoticeable. If, on the other hand, the newly compiled program is designed to control the instrument's process for a period of time, the new program takes control until it finishes execution. Thus the instrument's user is provided not only with the feel of being able to reset parameter values on the fly, but also with a flexible tool for revising an instrument control program on the fly.

Abstract: interpretation introduced the notion of formal specification of program analyses Denotational frameworks are convenient for reasoning about such specifications However, implementation considerations make denotational specifications complex and hard to develop We present a framework that facilitates the construction and understanding of denotational specifications for program analysis techniques The framework is exemplified by specifications for program analysis techniques from the literature and from our own research This approach allows program analysis techniques to be incorporated into automatically generated program synthesizers by including their specifications with the language definition

Abstract: This is the first part of a survey of iterative methods of generation of invariant equality dependences for programs over various algebras of data. Algorithms for the main problems of program invariant theory are presented and their upper bounds are derived.

Abstract: The author explores the issues involved with program recognition by reviewing in some detail three systems epitomizing current techniques in program recognition research: the Program Recognizer, Talus, and Proust. The Program Recognizer recognizes occurrences of stereotyped computational fragments in computer programs. Talus analyzes programs involving the recursive definition of data structures, permitting recursion on three data types: list, tree, and number. Proust is a program for debugging Pascal programs. The author concludes the most promising direction for future research would be to combine the best elements of all three programs. >

Abstract: Chapter 5 drew attention to the dangers in using “standard” programming languages and explained how, for a few of them at least, programming could be made more reliable by confining it to a sublanguage, and employing annotations (formal comments) to provide information not directly expressible in the standard language. The necessary connection between the annotations and the executable code was made by additional language rules, and conformance to those rules was checked at the same time as syntax and static semantics, by a tool similar to the “front end” of a compiler.

Abstract: M.H. Halstead's theory (1977) has been validated for different languages, but Pascal programs seem to fit only partially with the theory. D.B. Johnston and A.M. Lister (1981) first recognized the lack of operators due to the structure of this language and proposed a modification of Halstead's formula. The article confirms their results but suggests a correction to their formula, which is particularly necessary for large programs. Experimental results, obtained by examining about 550 Pascal programs, represent the widest test to date of Halstead theory with regard to Pascal programs. >

Abstract: A high level of complexity is involved in program dynamics. A number of tools have been developed to assist the programmer in mastering this complexity in the various phases of software development. However, these tools are specifically oriented towards the monitoring of particular aspects of program behaviour. This paper presents the results of a systematic attempt at defining the user interface to an environment for program debugging, program performance evaluation and program structure analysis. This environment can be used to implement many common debugging techniques, and to evaluate important program performance indexes and program structure statistics. It supports both sequential and concurrent block-oriented high-level languages.

Abstract: Advanced programming environments being developed to support ambitious program optimization and parallelization will perform extensive program analysis to gather facts used in performing complex program transformations. The need for timely response to the programmer's incremental modifications suggests that the program analysis database and transformed program be updated incrementally. Hand-coding these systems in conventional programming languages is both tedious and error prone. This paper presents a phase-oriented approach to incremental transformation system development in which transformations and analyses are separated into phases that interact only through explicit transmission of data. We will demonstrate how this approach can be applied within an attribute grammar setting in which a transformation system is non- procedurally specified and then automatically generated from its specification. Through the description of an incremental optimizer and an incremental parallelizing tool we demonstrate how this approach significantly simplifies the modification and extension of incremental transformation systems.

Abstract: PURPOSE: To speedily change specification by synthesizing a flow analysis model which can analyze a whole channel from the characteristic of the channel form of a die, sequentially executing a prescribed program analysis so as to execute analysis and evaluation to the channel form, a flow control condition, a material and the like. CONSTITUTION: An input means 22 inputs the channel form of the die, the material physical property value of a forming material and the flow control condition in a system. A model synthesis means 26 extracts the characteristic of the form from the inputted channel form, judges compatibility with the analysis model from the characteristic and synthesizes the flow analysis model which can analyze the whole channel. A program execution means 28 takes out the program corresponding to respective synthesized flow analysis model from an analysis library, sets information required for executing the program from the inputted material physical property value and the flow control condition, sequentially executes the program so as to execute analysis and evaluation to the channel form, the flow control condition and the material. COPYRIGHT: (C)1990,JPO&Japio

Abstract: A replay mechanism which uses the recorded execution history to control the replay of program behavior and guarantees the reproduction of program errors is presented. Based on this approach, a non-interference monitoring architecture has been developed to collect the program execution data of a target system without affecting its execution. The replay mechanism has been designed to control the reproduction of the program behavior as well as the examination of the states and behavior of the target system. >

Abstract: One of the most common tasks performed by programmers is attempting to understand the low-level workings of a program. Large programs require some sort of automated support in order to perform this task effectively. The typical approach is to provide tools such as cross references and structure chart generators which statistically analyze a source program, and present a certain subset of the information they obtain in some fixed manner. We propose an alternate method which involves separating the collection of the information (i.e. the static analysis) and its presentation. This results in a much more flexible tool than most which are currently available.

Abstract: interpretation is one of the popular techniques used in doing program analysis. In this paper, we define an abstract interpretation of polymorphic functions which may be used to perform strictness analysis. The abstract functions of polymorphic functions are again polymorphic. Finally it is proved that the abstract interpretation is safe.

Abstract: A description is given of CPU, a program analysis tool that converts programs into formal specifications. CPU takes as input a program plus a knowledge base of programming plans and finds instances of plans in the code. A technique called transformational analysis is used in which plans that are recognized in the code are replaced by descriptions of their goals. Both procedural plans and data-structuring plans can be recognized. The result of a transformational analysis is a hierarchical derivation of the program, where the topmost layer constitutes a formal specification for the input program, the bottommost layer is the original code, and the intermediate layers denote plans that were recognized in the program. This derivation can be used to generate summaries of the code and to answer questions about it. >

Abstract: PURPOSE:To improve the working accuracy by dividing a storage area of the data analyzed by a program analyzing part into plural blocks CONSTITUTION:A storage area 75 is divided into N pieces for storage of the analysis data on N pieces of program blocks Each of these divided areas stores an area identification number, the processing status showing the area application status and the analysis data on the program block respectively The distribution of pulses is started so that the distribution of pulses and the program analysis are carried out in parallel with each other In the pulse distribution process, the pointers J are increased one by one up to N from 1 to show the storage areas of the analysis data for distribution of pulses and at the same time the analysis data on the areas of the corresponding identification numbers are also used The process status of the area where the analysis is through is rewritten to show a pulse distributed state

Abstract: Basis is a program development system for scientific programs. The Basis system includes two major components, a program development system and a runtime package. The runtime package provides the Basis language interpreter, through which the user does input, output, and plotting, and controls the program's subroutines and functions. Variables in the scientific packages are known to this interpreter, so that the user may arbitrarily print, plot, and calculate with any major program variables. Also provided are facilities for dynamic memory management, terminal logs, error recovery, text-file I/O, and the attachment of non-Basis-developed packages. A Basis program consists of the runtime system with zero or more independently developed packages attached. A configuration program controls which packages are loaded together to make the program. Thus, different portions of the program can be developed separately, and packages can be reused from one program to another. >

Abstract: We investigate how, in a natural deduction setting, we can specify concisely a wide variety of tasks that manipulate programs as data objects. This study will provide us with a better understanding of various kinds of manipulations of programs and also an operational understanding of numerous features and properties of a rich functional programming language. We present a technique, inspired by structural operational semantics and natural semantics, for specifying properties of, or operations on, programs. Specifications of this sort are presented as sets of inference rules and are encoded as clauses in a higher-order, intuitionistic meta-logic. Program properties are then proved by constructing proofs in this meta-logic. We argue the following points regarding these specifications and their proofs: (i) the specifications are clear and concise and they provide intuitive descriptions of the properties being described; (ii) a wide variety of program analysis tools can be specified in a single unified framework, and thus we can investigate and understand the relationship between various tools; (iii) proof theory provides a well-established and formal setting in which to examine metatheoretic properties of these specifications; and (iv) the meta-logic we use can be implemented naturally in an extended logic programming language and thus we can produce experimental implementations of the specifications. We expect that our efforts will provide new perspectives and insights for many program manipulation tasks. Comments University of Pennsylvania Department of Computer and Information Science Technical Report No. MSCIS-89-07. This technical report is available at ScholarlyCommons: http://repository.upenn.edu/cis_reports/776 PROOF-THEORETIC METHODS FOR ANALYSIS OF FUNCTIONAL PROGRAMS (Dissertation Proposal) , John 3. Hannan MS-CIS-89-07 LlNC LAB 142 Department of Computer and Information Science School of Engineering and Applied Science University of Pennsylvania Philadelphia, PA 191 04

Abstract: Program recognition is a program understanding technique in which stereotypic computational structures are identified in a program From this identification and the known relationships between the structures, a hierarchical description of the program's design is recovered The feasibility of this technique for small programs has been shown by several researchers However, it seems unlikely that the existing program recognition systems will scale up to realistic, full-sized programs without some guidance (eg, from a person using the recognition system as an assistant) One reason is that there are limits to what can be recovered by a purely code-driven approach Some of the information about the program that is useful to know for common software engineering tasks, particularly maintenance, is missing from the code Another reason guidance must be provided is to reduce the cost of recognition To determine what guidance is appropriate, therefore, we must know what information is recoverable from the code and where the complexity of program recognition lies I propose to study the limits of program recognition, both empirically and analytically First, I will build an experimental system that performs recognition on realistic programs on the order of thousands of lines This will allow me to characterize the information that can be recovered by recognizing the code and will provide insights into what cannot be recovered by this code-driven technique Second, I will formally analyze the complexity of the recognition process This will help determine how guidance can be applied most profitably to improve the efficiency of program recognition

Abstract: Several attempts have been made to construct integral support for parallel program analysis in multiprocessor systems. The literature on the design tradeoffs encountered in such an effort is sparse as few experiments have been attempted to explore them. This is especially true for issues related to the design of the event collection mechanism. Further, many studies of program analysis tools are directed toward a specific programming style or multiprocessor architecture. This makes it difficult to compare tools and techniques. The method of making collected performance information available to the programmer often overshadows the discussion of the techniques used to collect the information. This thesis examines the trade-offs encountered in the design of a general purpose event collection tool for parallel program analysis. The discussion includes a definition of the event collector design problem and a description of the approaches taken by other efforts. An integral event collection system implemented in hardware as part of the M31 VAX multiprocessor is described and used to evaluate the most promising event collection techniques. The insight from the design and use of the M31 instrumentation system and the evaluation of collection techniques is then applied to describing the architecture of an economical hybrid collector that may be constructed as part of a shared bus multiprocessor.

Abstract: A control program for a turbojet engine has been implemented on a four processor computer, achieving a speedup of 3.38 times the speed of a sequential version of the same program on a single processor. The concurrent program was produced from a sequential program by subjecting the sequential program to global, hierarchical interprocedural data-flow analysis and timing measurements. A static schedule for the constituent tasks of the control program on the four processors was determined using a heuristic algorithm based on the critical path method. The program is implemented on a bus-based multiprocessor with private memory for each processor's code and data, and shared memory for data passed between processors. An application-independent supervisor program on each processor controls the execution of tasks by ensuring that all data dependencies are met and copying values from shared memory before execution of each task, then copying values to shared memory and notifying tasks on other processors after a task has completed execution. This work is significant for the largely automated transformation of a sequential program via coarse-grain data-flow analysis to an efficient parallel implementation. The approach should be applicable to a variety of control and related programs where iterative tasks with well-bounded execution times are computed in systems with hard real-time requirements.

Abstract: A software experimental analysis approach that unifies static and dynamic techniques is presented. The goal was to develop practical means to obtain precise, in-depth, and relevant performance information, especially execution time, for guiding design decisions. First, computation cost functions of a program are derived. This is done by modeling the program using the computation structure model and then applying a flow analysis technique to derive the program's cost function. In addition, program instrumentation techniques are employed to measure control flows and to trace program variables. Finally, precise execution-time information is computed by evaluating the cost function against the measured control flows. The three classes of parameters (execution time, control flow and program variables) can be analyzed selectively and interactively; this gives much insight about an individual design alternative's actual behavior. To cope with tedious and frequent analyses of large and complex software, a tool COPES, was built that automates the static and dynamic techniques required. The implementation and usage of this tool are illustrated. >

Abstract: Proving claims about behavior of software is essential for the qualification of computer-based systems used in the control of nuclear reactors. For this Problem Corner, we select one of the verification conditions for a C program that initializes an array to zero. We add assertions about the initial conditions and state of the program and about the expected behavior of the program in terms of its state. The modeling and specification technique is the inductive assertion technique of Floyd-Hoare. The program with assertions is then transformed by the source-to-source program transformation system TAMPR into a set of separate verification conditions to be proven by the automated reasoning system. Our experience with this program demonstrates the typical automated reasoning problems we have encountered and illustrates how we have approached solutions to the problems.

Abstract: Program analysis algorithms take a program as input and output information about static and dynamic properties of the program. Flow analysis algorithms form an important class of analysis algorithms and have been used extensively in implementation of programming languages. Recent developments in programming environments have resulted in language-based editors that carry out many tasks that were once traditionally considered as compiler functions. In addition to various flow analysis algorithms, other kinds of program analysis algorithms such as type inference or complexity analysis can be used to provide powerful interactive programming environments. The growing sophistication of these analysis algorithms necessitates a structured approach to their design to ease their development as well as to ensure their correctness. Currently, analysis algorithms are either developed in operational frameworks that make formal verification difficult or specified in theoretical frameworks that do not translate easily into implementations. This thesis bridges the gap between theory and practice by developing a framework to specify program analysis algorithms. The feasibility of the framework is demonstrated by the construction of a tool based on the framework. This thesis: (1) Demonstrates the feasibility of developing a wide variety of analysis algorithms through high-level specifications. (2) Identifies certain characteristics of program analysis algorithms and documents their impact on the design of a denotational specification language. (3) Proposes a specification language with features that allow analysis algorithms to be expressed in a clear and concise fashion. (4) Provides a formal semantics for the specification language. (5) Develops guidelines for deriving correctness proofs for analysis algorithms. (6) Provides a tool that can be used for rapid prototyping of analysis algorithms.