Joseph P. Near

Learn More
The last decade has seen a dramatic growth in the use of constraint solvers as a computational mechanism, not only for analysis of software, but also at runtime. Solvers are available for a variety of logics but are generally restricted to first-order formulas. Some tasks, however, most notably those involving synthesis, are inherently higher order; these(More)
In an object-oriented language such as Java, every class requires implementations of two special methods, one for determining equality and one for computing hash codes. Although the specification of these methods is usually straightforward, they can be hard to code (due to subclassing, delegation, cyclic references, and other factors) and often harbor(More)
We extend the Alloy language with the standard imperative constructs; we show the mix of declarative and imperative constructs to be useful in modeling dynamic systems. We present a translation from our extended language to the existing first-order logic of the Alloy Analyzer, allowing for efficient analysis of models.
A <i>dependability case</i> is an explicit, end-to-end argument, based on concrete evidence, that a system satisfies a critical property. We report on a case study constructing a dependability case for the control software of a medical device. The key novelty of our approach is a lightweight code analysis that generates a list of side conditions that(More)
The last decade has seen a dramatic growth in the use of constraint solvers as a computational mechanism, not only for analysis and synthesis of software, but also at runtime. Solvers are available for a variety of logics but are generally restricted to first-order formulas. Some tasks, however, most notably those involving synthesis, are inherently higher(More)
We present αleanTAP , a declarative tableau-based theorem prover written as a pure relation. Like leanTAP, on which it is based, αleanTAP can prove ground theorems in first-order classical logic. Since it is declarative, αleanTAP generates theorems and accepts non-ground theorems and proofs. The lack of mode restrictions also allows the user to provide(More)
We propose a specification-free technique for finding missing security checks in web applications using a <i>catalog of access control patterns</i> in which each pattern models a common access control use case. Our implementation, S<scp>pace</scp>, checks that every data exposure allowed by an application's code matches an allowed exposure from a security(More)
Symbolic execution of a language is traditionally achieved by replacing the language’s interpreter with an entirely new interpreter. This may be an unnecessary burden, and it is tempting instead to try to use as much of the existing interpret infrastructure as possible, both for handling aspects of the computation that are not symbolic, and for propagating(More)