Sample Projects

A series of training seminars and tutorials will be provided at the beginning of the summer program to help less experienced students establish necessary background knowledge and improve their technical and research skills before working on assigned research projects.

Each student will meet with the PI and other faculty mentors to determine which research project is most suitable for him or her. Multiple faculty mentors, wherever appropriate, will be assigned to each project. They not only help students set up milestones on a reasonable schedule but also work together among themselves as a team to provide collective advice based on their own expertise. In addition, we have industry experts (see the IAB members under the People section) share their experiences about how safety, security, and reliability are applied in practice. Follow-up meetings will also be organized for students to better understand the gap between the current "state-of-art" research and "state-of-practice" techniques and tool support.

Each student will have his or her own lab space and access to all required facilities (Internet, printers, library, etc.) to conduct research. He or she will also closely interact with other graduate students who are currently working on similar but more advanced projects.

In the following, we describe some projects that are specially designed for this REU site.

1) Impact of Software Dependability on Software Lifecycle

This project investigates how the introduction of additional requirements on software dependability (in terms of safety, security, and reliability) may affect the software development life cycle and answers questions such as:

• How should software processes, methods, and tool support be adjusted?
• What are the relative costs?

In particular, the effort will be spent on:

• Surveying of current practices for handling software dependability at various stages of the life cycle.
• Assessing the effects of software dependability on software development cost.

Results from these studies can help us understand whether dependable software will cost more to produce and whether safety- or security-critical software with high reliability must be more complex than software with less stringent dependability requirements.

REU students will explore the cost-effectiveness between the degree of required software dependability and the development cost.

2) An Integrated Approach for Improved Software Safety Analysis and Testing

Software safety analysis plays an essential role in the development of any software-dependent and safety-critical system. However, the analysis process used today is not based on an integrated model considering both functional and safety specifications simultaneously. It does not give a thorough analysis of all possible failures. The objective of this research is to integrate safety analysis methods with functional requirements to reduce failures inherent in performing the two independently.

We propose to use Fault Tree Analysis (FTA), which has been widely used as a way to analyze causes of hazards, and the UML state machine, the de facto standard for representing the functional specifications of a software system.

REU students are expected to work on this integrative approach and contribute in three ways:

• Identifying data/control dependencies between safety requirements and functional specifications.
• Developing an algorithm to support the integration of fault tree models and UML state machines.
• Performing case studies to further validate the benefit of using this integrated model.

3) Safety Assurance of Autonomous Driving Systems

On March 18, 2018, an Uber test vehicle, operating in self-driving mode, struck a pedestrian who later died due to the injuries sustained. Two main software-related factors were responsible for this accident: 1) failure to issue emergency braking due to misidentifying a pedestrian as a different object, and 2) not alerting the backup safety operator to take appropriate human interventions in the event of an emergency. Another reason was that some advanced driver assistance functions including a collision avoidance system were disabled when the accident occurred. This accident shows that an autonomous driving system needs to be tested against various real-world complex scenarios, which can be very expensive and labor-intensive.

Research topics for REU students on this project include:

• Designing and implementing an accident mining system to extract positions of moving objects (e.g., cars, pedestrians, and bikes) as well as other critical information (e.g., road conditions, weather, and traffic load), and using simulators to recreate scenarios that caused accidents accurately and efficiently.
• Using techniques (e.g., FTA, FMEA, and FMECA) for hazard identification, analysis, control, reduction, and elimination.
• Exploring correlations between human interventions and autonomous operations.
• Examining costs/benefits of various monitoring and assistance systems in safety-critical applications.

4) Improving Safety and Reliability of Blockchain-based Smart Contracts

Blockchains are decentralized, immutable, and append-only digital ledgers. They provide a high degree of anonymity for users’ identities and full transparency of activities recorded on the ledgers, while simultaneously ensuring data security and tamper-resistance. Smart contracts are code deployed on blockchains. They can be used to keep constant updates, empower ledger capabilities, and embed business logic (e.g., querying and transacting). Due to their immutable and unstoppable nature, smart contracts should be fully tested before being deployed to avoid significant consequences.

REU students will have their research focus on:

• Evaluating and enhancing current techniques and tools for identifying safety and reliability vulnerabilities in smart contracts.
• Developing a testing framework covering the classification of programming bugs and vulnerabilities to improve the safety and reliability of smart contracts.

5) Probing Vulnerabilities in Safety-Critical Applications

An important objective of conducting a code review is to identify safety violation-related vulnerabilities in the code and to ensure that appropriate safeguards are in place for any unsafe actions performed by the code. The majority of published studies only use static and/or process-based metrics for their hazard analysis to identify safety vulnerabilities in software. They fail to consider dynamic information, such as how each module of the software has been tested.

REU students who work on this project will focus on the following tasks:

• Develop a model to identify safety vulnerabilities in the source code, as well as validate and refine the model using real-life safety hazards.
• Provide guidance on how to write safe code to avoid possible violations of safety requirements.

6) AI-Enhanced Software Security

Today, enhancing software security faces two challenges: (1) Complexity: As the software continues to play an increasingly integral role in our daily lives, solving complex problems and fulfilling various needs, it has become more sophisticated, which in turn, makes the software’s attack surfaces more complicated. (2) Volume: Developers widely embrace open-source libraries to efficiently implement various functionalities. For example, a report suggests that 76% of the total code in their study is open-source code. As a result, a single security flaw in a basic open-source library can rapidly propagate to many downstream software applications.

Most existing techniques fail to handle the evolving software security issues, generate excessive false positive reports, and rely heavily on human expertise to assess complicated software codebases, resulting in prolonged detection and remediation cycles.

REU students will contribute in the following ways:

• Conduct a study on current works of machine/deep learning-based vulnerability detection tools.
• Perform a usability study to evaluate the quality of LLM-generated vulnerability explanations.
• Design a prompt-enhanced software vulnerability fixing system using LLM-based chatbot.

7) Reliability Modeling, Calibration, and Composition

REU students will research the difficulty and challenges of using existing models to predict software reliability. The dilemma is that no universally acceptable model can be applied in all circumstances. They will also learn how to select a model that best fits a particular set of failure data and examine which factors influence the accuracy of the model. Special attention must be given to assumptions adopted by each model, its limitations, and its robustness.

REU students will conduct research on how to reduce the potential inaccuracy (especially, the overestimate) of software reliability predicted by using existing software reliability-growth models.

Reliability composition focuses on how the reliability of a system can be predicted based on the reliability of its components. This has become a significant challenge for many large complex systems that are decomposed into parts, with each developed by a different team either in-house or via outsourcing. Drawbacks of existing approaches include: 1) assuming failures in different components are independent and not considering correlations between multiple failures, 2) not prioritizing components in terms of their importance with respect to global reliability, 3) failing to identify components that cause the most problems to the system and allocate more efforts to improve those components. REU students will research to find reasonable solutions in response to each of these problems.

---

Selected Projects from Previous Years

Evaluation of Software Safety Standards

To build software systems with high safety requirements, it is important to approach the process in a certain way to maintain efficiency and ensure with a high degree of confidence that the requirements are met effectively. Software safety standards are commonly used to closely guide the development of such systems. However, given the existence of multiple competing safety standards, it is critical to select the one that is most appropriate for a given project. We have developed a set of 15 criteria to evaluate each standard in terms of usage, strengths and limitations.

REU students are expected to contribute in the following ways:

• Conduct a cross-comparison of software standards using previously defined criteria and propose new criteria, whenever appropriate.
• Create a repository of pragmatic issues related to applying safety standards in practice and lessons learned to help prevent similar mistakes from occurring again in the future.
• Perform an analysis of the evolution of safety standards.

Testing for Software Safety

Testing for consistency between implementation and functional specifications does not provide safety assurance. It is difficult to generate tests for safety testing by only using the hazard analysis results presented in the fault tree models, because of the lack of an explicit and common description of the relationship between a fault tree and the corresponding functional specifications and safety requirements.

Our research objectives are twofold: to integrate functional specifications with fault tree models for testable safety analysis and to generate safety tests from the integrated specifications. The first objective allows potential components and system failures to be specified explicitly together with the intended behaviors of a system. The second objective aims at detection of potential failures through systematic safety-driven testing. We note that this research focuses on testing whether or not the hazardous conditions identified by design-level fault tree analysis will occur in the target implementation. Functional specifications often focus on intended behaviors of a system and are intrinsically incomplete. If complete interactions between hazardous conditions and intended behaviors are specified, they can be used to generate safety tests. Research along this line remains to be seen, however, due to the heterogeneity of functional specifications and fault models (e.g., statecharts versus fault trees). A critical problem is that some basic events in a fault tree may have no counterpart in the corresponding functional specifications.

The approach consists of three major parts:

• Integration of fault tree models into functional specifications to identify testable interactions between intended behaviors and hazardous conditions.
• A test generator that produces not only functional tests but also safety tests for a target implementation. The generated safety tests cover all the failure paths of a given fault tree model.
• A testing environment for executing generated functional and safety tests and evaluating test results against expected behaviors or hazardous conditions. It includes a test harness as well as an environment simulation of external events and conditions.

An Enhanced Study of the Culpability of Software in Recent Catastrophic Accidents

Studies conducted from our previous summer programs have suggested that an error in software or an error in its use can cause catastrophic accidents resulting in severe consequences.

One example of accidents which caused human casualty was the crash of American Airlines Flight 965 in 1995 with 159 deaths. If the pilot enters an initial instead of the full name of the destination, the flight management system selects the destination which has the highest usage frequency among all the destinations starting with that initial. Since the system did not provide any feedback once the destination had been selected, a course was set to an incorrect airport and caused the crash.

We will extend our study to include a more recent cross-section of accidents drawn from aeronautics, astronautics, medicine, nuclear power generation, transportation, finance, military, etc. The emphasis is on a cross comparison between various software-related accidents to derive common lessons that could be learned as well as the context of each lesson and the circumstances under which they are applicable. Such information can be used to help prevent future accidents.