Function Extraction Concepts
Function extraction (FX) is a disruptive new technology that will substantially improve the economics of software development and increase the dependability of software systems.
The complex, large-scale software systems of the future can be developed, but not with present-day software engineering, which is reaching cost and complexity limits of development technologies evolved in the first fifty years of computing. A new science for the next fifty years is required to transform software engineering into a computational discipline capable of fast and dependable software development. Other engineering disciplines have made this transformation to rigorous computational analysis of subject matter to their everlasting benefit.
But while this situation has seemed inevitable in the past, it need not be so in the future. It is vital that software engineers understand all of the behavior of the software they are creating, because unknown behavior can harbor unknown errors and vulnerabilities. What is needed is an “all cases of behavior” view of what software does, something that is simply unavailable with current software engineering technology.
The SEI’s CERT STAR*Lab is developing the emerging technology of function extraction, which applies mathematical foundations to automate calculation of the behavior of software to the maximum extent possible. The objective is to replace slow and fallible manual methods of code reading and inspection with fast and correct computation of behavior.
Computing the behavior of software requires deriving its net functional effect, that is, how it transforms inputs into outputs in all circumstances of use. That information can be presented to analysts in non-procedural behavior catalogs that define all the possible effects a program can have, essentially, the “all cases of behavior” view. The result is to move from an uncertain understanding of software derived in human time scale (days) to a precise understanding computed in machine time scale (seconds).
Controlled experimentation shows FX automation is about three orders of magnitude faster than manual methods for determining software functionality, and that programmers are about 15 times more productive in analyzing software with FX. An FX system that computes behavior for programs written in, or compiled into, Intel assembly language is currently under development.
Function Extraction Application
FX technology can be applied to any language, and promises to be particularly valuable in helping to meet dependability requirements for DoD systems. Function extraction will impact many aspects of the software engineering lifecycle, including:
Development: A few lines of code can be written and submitted to a function extractor to determine if they indeed do what is required.
Verification: Programs can be submitted to a function extractor to derive their “as-built” specifications for verification against requirements.
Security: Security properties of software can be expressed in functional form and checked against the behavior catalogs produced by function extractors.
Testing: Because function extraction computes software behavior, testing to determine whether functionality is correct can provide no additional information, and can be greatly reduced.
Legacy systems: Function extraction can be applied to legacy systems to recover specification and design information to enable informed modification and evolution.
Malware detection: Malicious code embedded within software has functional effects that are aggregated and coalesced in the behavior catalogs produced by function extractors.
Malware analysis: The functional intentions of malicious code can be quickly revealed by function extractors in order to develop countermeasures.
