The problem of finding the dominators in a control-flow graph has a long history in the literature. The original algorithms suffered from a large asymptotic complexity but were easy to understand. Subsequent work improved the time bound, but generally sacrificed both simplicity and ease of implementation. This paper returns to a simple formulation of dominance as a global data-flow problem. Som...

Control-flow analysis of business process models requires to check the absence of lack of synchronization. We use workflow graphs, which may contain inclusive OR gateways, to represent the control-flow of business process models. We structurally characterize lack of synchronization in an acyclic workflow graph. Based on this characterization, we show how to detect lack of synchronization in qua...

Structural Statistical Software Testing (SSST) exploits the control flow graph of the program being tested to construct test cases. Specifically, SSST exploits the feasible paths in the control flow graph, that is, paths which are actually exerted for some values of the program input; the limitation is that feasible paths are massively outnumbered by infeasible ones. Addressing this limitation,...

We present an algorithm to extract flow graphs from Java bytecode, including exceptional control flows. We prove its correctness, meaning that the behavior of the extracted control-flow graph is a sound over-approximation of the behavior of the original program. Thus any safety property that holds for the extracted control-flow graph also holds for the original program. This makes control-flow ...

As the threat potential of Code-Reuse Attacks (CRAs) is rising we want to develop a tool that can mitigate such state-of-the-art attacks (e.g., the attack dubbed Counterfeit Object-Oriented Programming (COOP)). This attack is particularly hard to defend against since traditional Control Flow Integrity (CFI) approaches are useless. Based on source code recompilation techniques we want to harden ...

The Internet of Things (IoT) refers to the millions devices around world that are connected Internet. Insecure IoT designed without proper security features targets many threats. rapid integration into infrastructure in various areas human activity, including vulnerable critical infrastructure, makes detection malware increasingly important. Annual reports from cybersecurity companies and antiv...

The representation of the problem and the definition of the fitness function are the two key ingredients for the application of search-based optimization to software engineering problems. Therefore, a well-defined fitness function is essential to the effectiveness of search-based testing (SBT). Several search based test-data generation techniques utilized the control dependencies (CD) for guidi...