Analysis Strategies for Configurable Systems

Day - Time: 19 February 2015, h.10:30
Place: Area della Ricerca CNR di Pisa - Room: C-40
  • Alexander von Rhein (University of Passau, Germania)

Stefania Gnesi


The advent of variability management and generator technology enables users to derive individual system variants from a given configurable system just based on a selection of desired configuration options. To cope with the possibly huge configuration space, researchers are developing analysis approaches that follow different strategies to incorporate (static) variability.

One popular strategy, often applied in practice, is to use sampling (i.e., analyzing just a few variants). While sampling reduces the analysis effort significantly, the information obtained is necessarily incomplete.

A second strategy is to look at the variable parts of the system and analyze each part seperately (feature-based strategy). From these bits partial results one can often infer information on all variants of the entire system.

As a third strategy, researchers have begun to develop variability-aware analyses that analyze the code base of the configurable system directly (rather than the system variants or parts of the system), exploiting the similarities among individual variants to reduce analysis effort.

We designed a framework which used these three strategies as dimensions. We analyze single apps (corresponding to features) and extract inter-app control-flow information. Based on the condensed information of multiple apps we implement variability-aware taint propagation to determine which app combinations can leak private data to untrusted sites.