Controlling Interactions with Libraries in Android Apps Through Runtime Enforcement

Riganelli, Oliviero; Micucci, Daniela; Mariani, Leonardo

doi:10.1145/3368087

Cited by 12 publications

(10 citation statements)

References 38 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…This section summarizes the main results we obtained with Proactive Libraries. Additional details are available in [26].…”

Section: Discussionmentioning

confidence: 99%

“…To prevent users from experiencing annoying problems caused by apps that inaccurately interact with APIs, we introduced a novel concept of library, called Proactive Library [25,26], that forces the apps to behave as the APIs require. For example, Proactive Library forces the app to release the camera every time its execution is suspended, that is, every time the onPause() callback of the activity that acquires the camera is invoked.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Proactive Libraries: Enforcing Correct Behaviors in Android Apps

Riganelli,

Fagadau,

Micucci

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

The Android framework provides a rich set of APIs that can be exploited by developers to build their apps. However, the rapid evolution of these APIs jointly with the specific characteristics of the lifecycle of the Android components challenge developers, who may release apps that use APIs incorrectly.In this demo, we present Proactive Libraries, a tool that can be used to decorate regular libraries with the capability of proactively detecting and healing API misuses at runtime. Proactive Libraries blend libraries with multiple proactive modules that collect data, check the compliance of API usages with correctness policies, and heal executions as soon as the possible violation of a policy is detected. The results of our evaluation with 27 possible API misuses show the effectiveness of Proactive Libraries in correcting API misuses with negligible runtime overhead.

show abstract

“…This section summarizes the main results we obtained with Proactive Libraries. Additional details are available in [26].…”

Section: Discussionmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Proactive Libraries: Enforcing Correct Behaviors in Android Apps

Riganelli,

Fagadau,

Micucci

et al. 2022

Preprint

Self Cite

View full text Add to dashboard Cite

show abstract

“…An overview of techniques to prevent failures by enforcing the correct behaviour at runtime has been recently published by Falcone et al [15]. Among these many domains, in this paper we focus on the Android environment, which has been already considered in the work by Falcone et al [12], who studied how to enforce privacy policies by detecting and disabling suspicious method calls, and more recently by Riganelli et al [35,36,34], who studied how to augment classic Android libraries with proactive mechanisms able to automatically suppress and insert API calls to enforce resource usage policies.…”

Section: Related Workmentioning

confidence: 99%

“…To prevent undesired behaviors that may result in software failures and crashes, runtime enforcement techniques have been used to modify the runtime behavior of software systems, forcing the systems to satisfy a set of correctness policies [16,27]. So far, runtime enforcement has been already applied to multiple domains, including security [21], resource management [35,36], and mobile computing [12,43].…”

Section: Introductionmentioning

confidence: 99%

Test4Enforcers: Test Case Generation for Software Enforcers

Guzman,

Riganelli,

Micucci

et al. 2020

Preprint

Self Cite

View full text Add to dashboard Cite

Software enforcers can be used to modify the runtime behavior of software applications to guarantee that relevant correctness policies are satisfied. Indeed, the implementation of software enforcers can be tricky, due to the heterogeneity of the situations that they must be able to handle. Assessing their ability to steer the behavior of the target system without introducing any side effect is an important challenge to fully trust the resulting system. To address this challenge, this paper presents Test4Enforcers, the first approach to derive thorough test suites that can validate the impact of enforcers on a target system. The paper also shows how to implement the Test4Enforcers approach in the DroidBot test generator to validate enforcers for Android apps.

show abstract

“…To prevent these problems, users of mobile applications can install and activate software enforcers [12,15,32,11,10] that guarantee that specific correctness policies are satisfied (e.g., the camera is always released after it has been acquired). These enforcers can be typically generated automatically from a modelbased representation of the processes involved in the policy that must be enforced.…”

Section: Introductionmentioning

confidence: 99%

Non-functional Testing of Runtime Enforcers in Android

Riganelli

Micucci

Mariani

2022

Leveraging Applications of Formal Methods, Verification and Validation. Verification Principles

Self Cite

View full text Add to dashboard Cite

Runtime enforcers can be used to ensure that running applications satisfy desired correctness properties. Although runtime enforcers that are correct-by-construction with respect to abstract behavioral models are relatively easy to specify, the concrete software enforcers generated from these specifications may easily introduce issues in the target application. Indeed developers can generate test suites to verify the functional behavior of the enforcers, for instance exploiting the same models used to specify them. However, it remains challenging and tedious to verify the behavior of enforcers in terms of non-functional performance characteristics. This paper describes a practical approach to reveal runtime enforcers that may introduce inefficiencies in the target application. The approach relies on a combination of automatic test generation and runtime monitoring of multiple key performance indicators. We designed our approach to reveal issues in four indicators for mobile systems: responsiveness, launch time, memory, and energy consumption. Experimental results show that our approach can detect performance issues that might be introduced by automatically generated enforcers.

show abstract

Controlling Interactions with Libraries in Android Apps Through Runtime Enforcement

Cited by 12 publications

References 38 publications

Proactive Libraries: Enforcing Correct Behaviors in Android Apps

Proactive Libraries: Enforcing Correct Behaviors in Android Apps

Test4Enforcers: Test Case Generation for Software Enforcers

Non-functional Testing of Runtime Enforcers in Android

Contact Info

Product

Resources

About