Phyllis G. Frankl - US grants

It is planned to investigate techniques for testing object-oriented programs. Object-oriented programming is a relatively new programming methodology which has many attractive software engineering features. While traditional programs are based on the paradigm of active procedures operating on passive data, object-oriented programming employs the the paradigm of active data objects which perform operations on themselves. To date, most research on software testing has focussed on traditional programming languages. The features of object-oriented programming suggest several additional testing techniques, which may allow for more effective testing. This research will define several families of testing techniques for object-oriented programs, build tools based on some of these techniques, and investigate the cost and effectiveness of the new techniques.

Many formal techniques for testing software have been proposed, but relatively little evidence has been gathered to indicate how effective these techniques are. The goals of this research project are 1) to compare the fault-detecting ability of various previously developed testing techniques, including control flow based, data flow based, and mutation testing techniques, and 2) to evaluate the effectiveness of partial symbolic evaluation of path expressions (PSE), a heuristic technique that addresses certain semantic analysis issues arising in testing. Fault-detecting ability of various test data adequacy criteria will be compared experimentally by generating large numbers of test sets for each of several subject programs, and measuring the proportion of adequate test sets (according to the various criteria) that expose faults. Fault-detecting ability will also be examined analytically by investigating conditions under which one criterion is guaranteed to be better than another according to certain probabilistic measures. Effectiveness of PSE will be investigated by measuring the proportion of cases in which the heuristic succeeds.

9870270 To test a piece of software, a set of possible inputs is selected, the software is executed on each of them, and the results are checked against the specification. This research addresses the following two issues involving the development of cost-effective testing techniques: evaluation of the effectiveness of existing testing techniques and development of efficient methods for checking test results against their specifications. The first provides data to help practitioners make informed choices between competing testing techniques; the second lowers the cost of testing certain types of programs, allowing more thorough testing within a given budget. The research on evaluation of cost-effectiveness of testing techniques is based on a probabilistic approach, since most testing techniques involve some random choice among alternatives. Models of cost are incorporated into several probabilistic measures of effectiveness. The work on checking test results focuses on testing data abstractions, an increasingly important kind of program unit. New techniques for partially checking test results are developed and their effectiveness is investigated analytically and through experimentation.***

Frankl, Phyllis G.
Polytechnic University, Brooklyn, NY

Techniques for Testing Database Applications

Databases play in important role in almost every modern
organization. Although considerable research effort has been devoted
to assuring correctness and efficiency of database management
systems, little attention has been paid to assuring the correctness
of the application programs that run on these systems. Failure of
database application programs can have severe economic impact, so
development of techniques for testing them is of obvious importance.
This research project involves development of software testing
techniques targeted specifically to database application programs. It
includes development of techniques for generating database states
that are useful for testing the given application and techniques for
checking the database state after running a test. The techniques
studied are partially automated, relying on the user to supply some
information and deriving other information automatically. They use
the integrity constraints described in the database schema as a
source of information to aid in test generation and checking. A
prototype testing tool is being developed. Preliminary evaluations
of the effectiveness and usability of the techniques will be
performed with the aid of the tool prototype.

Computer Science (31) This project establishes an information systems security laboratory at Polytechnic University. The primary goal of the project is to assist in meeting the national demand for qualified security professionals that can help meet the security challenges facing our national information infrastructure. This will be achieved by establishing a laboratory that becomes a national model for an experimentation environment providing hands-on experiences in topics related to information systems security at the undergraduate level.

The proposed laboratory supports a pair of project oriented courses; the first an introductory survey course in computer security and the second, a course in network security. The project adapts laboratory and course material from the Information Systems Security Laboratory (ISSL) at Iowa State University which initially started with an NSF-ILI grant and has subsequently been recognized as center of excellence in information security education by the National Security Agency (NSA). ISSL has agreed to help in the adaptation by sharing their experiences and courseware. The two teams will exchange visits to each other's facilities to facilitate the proposed adaptation.

Polytechnic University will establish a Web site which will include curricula, laboratory manuals, and other course materials. The university is committed to maintaining and updating the site after the completion of the project for national dissemination and use of the models that are developed.

This project develops the graduate level education and research program in information assurance at Polytechnic University by building on an NSF DUE CCLI project for establishment of an undergraduate laboratory in information systems security. The principal long term goals of this project are to assist in meeting the national demand for a cadre of professionals with expertise in information assurance; to create prototype curricular material in graduate information assurance education that will serve as a widely adopted national model; and to establish an information assurance laboratory that becomes a national model for an experimentation environment providing hands-on experiences in topics related to information assurance.

Activities include: revising existing graduate level courses in information assurance to incorporate hands-on practical laboratory based experiences that supplement the theory and principles currently being taught in the classroom; developing new graduate level courses that complement the existing courses and result in a comprehensive curriculum in information assurance; establishing a laboratory consisting of heterogeneous platforms and multiple interconnected networks to facilitate hands-on experimentation and project work in issues related to information assurance; and developing a graduate level certication program in information assurance that focuses both on principles and practice needed to build and maintain a secure information systems infrastructure. The project also includes a detailed evaluation and dissemination plan.

This scholarship for service proposal supports three 2-year cohorts of students, 15 undergraduate and 10 graduate students. The program is based upon a strong information assurance curriculum in place combined with extensive faculty interaction with the scholarship students. Students will be closely monitored and mentored to ensure that their education meets the goals of the program to produce highly qualified federal employees in information assurance.

This proposal is to plan for a new multi-university I/UCRC that aims to promote a research program of interest to both industry and universities on technologies for wireless internet. This new multi-university center will be able to have a broad impact on the industry through having its existing resources enhanced by the addition of the partner that is also being recommended to receive a planning grant. The two partners are this University and Columbia University.

The proposed Center's goal is to work on two overlapping categories:

- Information delivery focussing on software development, addressing security and robustness, and
- Data transmission related to management of radio resources and the management of competition and cooperation between different technologies

The proposal deals with an area of significant need and by assembling the two institutions into one research team, the breadth and depth is enhanced

National Science Foundation
Distributed Systems Research
CISE/CNS

ABSTRACT

Proposal Number: 0412025/0412029
Principal Investigator(s): Schulzrinne, Henning/Frankl, Phyllis Gail
Institution(s): Columbia University and Polytechnic University of New York
Proposal Title: Collaborative Research: 7DS - A Mobile Broadband Dis-tributed System


In an ideal world, mobile users would be able to enjoy affordable broadband Internet access everywhere, including in public transportation vehicles (buses, trains and planes), in outdoor spaces not covered by Wi-Fi access points, and in disaster areas where the broadband wired infrastructure may be broken. Unfor-tunately, such Internet access Nirvana will not be available in the foreseeable future. Neither the broadband Internet nor the emerging 2.5-3G cellular data networks will provide Internet access that is at once broadband, affordable and
ubiquitous.

This project prototypes and deploys 7DS, a distributed system which brings us-ers a significant step closer to Internet access Nirvana. Bridging the gap be-tween the broadband Internet and the cellular data networks, 7DS exploits the increasing density of roaming devices that are endowed with both gigabyte stor-age and short-range, broadband wireless communication capabilities. Using asynchronous communication, 7DS provides a means for roaming users to ob-tain content affordably and at high peak rates; it also provides a means for roaming users to send content into the Internet, again affordably and suitable for large objects. The expected results include (i) a comprehensive prototype for 7DS, demonstrating the feasibility of the 7DS system; (ii) new algorithms and protocols for 7DS, which will be disseminated in major conferences and jour-nals and implemented in the prototype; (iii) actual deployment of the 7DS sys-tem on university campuses, demonstrating how 7DS can bridge the gap be-tween localized broadband Wi-Fi access and ubiquitous narrowband cellular data access.

Dr. Brett D. Fleisch
Program Director, CISE/CNS
July 20, 2004
.

This project creates a virtual laboratory in information assurance that is shared by a consortium of institutions. This laboratory can be configured remotely, allowing the consortium partners to set up the laboratory for their projects, and used remotely so that students from the consortium partners can use the lab without physical travel. The project also includes work that strengthens or adds to the information assurance work at each of the consortium partners, which include several minority-serving institutions.

This collaborative Industry/University Cooperative Research Center will perform research in three critical, overlapping areas. Cooperative Communications and Networking research will examine wireless networks build out of nodes that cooperate at the physical and network layers. Cooperative networks offer enhanced capacity, reliability and efficiency relative to infrastructure and ad hoc networks. The second area of research focuses on extending the battery life of portable terminals thereby removing a major enhancing the convenience and value of wireless terminals and sensors. The third research area is Wireless Applications and associated Information Delivery mechanisms. Wireless Applications under investigation include content distribution, applications that leverage the ubiquity of wireless infrastructure with location awareness, and applications that adapt to the capacity limitations of the wireless vis-a'-vis the wired network. Each project focuses on a specific mode of wireless connectivity of the Internet to portable mobile information devices. In addition to developing and evaluating protocols and applications, Information Delivery research addresses security and robustness.

This project is extending the current Scholarship for Service (SFS) program at Polytechnic University. It is leveraging the resources and improving the infrastructure generated by the current SFS program. The project is supporting an educational program that relies on a number of high-quality courses in the area of information assurance (IA), participation in research projects supervised by faculty, hands-on experience both at Polytechnic University and during summer internships, and state of the art infrastructure for IA research. The graduates of this program are becoming valuable members of the federal work force in charge of protecting information and technological infrastructure of our country. Polytechnic has been a host University to the SFS program since September 2002 and has graduated 25 students as of May 2005.

Intellectual merit: The nature of the SFS program is primarily educational. This project is using the infrastructure and environment to prepare high-quality information assurance professionals who can be effective in protecting the information technology infrastructure of the Federal government. Polytechnic is innovating in information assurance education, in particular placing a stronger emphasis on research projects by the SFS students. This effort is sharpening the students' ability for creative thinking, making them better information assurance professionals.

Broader impact: The SFS program at Polytechnic is training information assurance professionals for positions in agencies of the Federal government. Using knowledge and skills obtained in the program, the graduates are well prepared to meet challenges of protecting the information and infrastructure resources of the United States. The SFS program at Polytechnic is continuing to attract female students at a higher percentage than the larger Polytechnic student population. Further, the revised program is enhancing outreach efforts to continue to broaden participation. These efforts include an alumni mentoring program, an assessment and evaluation component, and partnerships with NY city industry, government and voluntary organizations.

Proposal number: 0541087
PI: Phyllis Gail Frankl
Polytechnic University of New York

TITLE: Test Generation and Coverage for Database Applications


Database application programs play a central role in our information based society. Given the ubiquitous and, in many cases, critical nature of these systems, testing whether they behave correctly is of great importance. Until recently, there has been little research focused on how to do this effectively. This research project aims to enhance and evaluate a set of testing techniques for database applications.

Challenges in testing such systems include the large number of database states that must be considered and the need to check whether applications modify the database state correctly. This research builds on previous work, in which tools were developed to generate database states suitable for testing, generate inputs to the application, and check the results of executing the application on those inputs. The first phase of the research
focuses on improving the input generation technique, further automating analysis of the application code, and developing new measures of test data adequacy. The second phase focuses on empirical evaluation of how
effectively these techniques detect faults in database applications.

There is a growing national recognition of the importance of diversifying the workforce, both to fill the huge demand for qualified employees in computer science related professions, including cybersecurity, and to promote diversity of thought and experience, to support improved problem-solving. This project aims to build on and extend the success of the current CyberCorps(R) Scholarship for Service (SFS) program at New York University, including implementing several creative modifications and enhancements to the SFS program to increase gender diversity in NYU's cybersecurity program. Additional aspects of the program will include mentorship programs and campus visits by alums to advice and help place students in the executive branch of the federal government; placing a stronger emphasis on research projects by the SFS students, and deeply technical as well as interdisciplinary learning experiences depending on the student's preparation and aspiration. These efforts will sharpen the student's ability for creative thinking, making them better cybersecurity professionals. Using knowledge and skills obtained in the program, the graduates will be well prepared to meet challenges of protecting the information and infrastructure resources of our nation.

This renewal project will leverage and improve the resources and infrastructure generated by the current SFS program. The program will be run by NYU's Cyber Security Center (CCS) which brings together complementary expertise, faculty innovation, and student enthusiasm from different schools at NYU to enhance the state of knowledge and practical application of security and privacy. This center includes faculty from Tandon (Engineering), Law, Steinhardt (Ethics, Philosophy, Education), Wagner (Public Policy), Stern (Business and Economics) and NYU Abu Dhabi (Engineering). The best qualified SFS students will be admitted from across all the schools. The project will support an educational program that relies on a number of high-quality courses in cybersecurity, participation in research projects supervised by faculty, hands-on experience both at NYU and during summer internships at the government, semester for-credit internships in New York City, participation in curricular activities including competitions and badges with industry partners of the broader cybersecurity center, and outreach activities through CSAW, the largest student run security event in the world.

This award reflects NSF's statutory mission and has been deemed worthy of support through evaluation using the Foundation's intellectual merit and broader impacts review criteria.

This project at the Polytechnic University of New York (NYU-Poly) is training a cadre of two-year and four-year faculty in cyber security. The faculty, who are recruited from urban inner-cities with socially diverse, economically disadvantaged, and underrepresented students, engage in an intensive six-week summer cyber-security course and also participate in on-going, cutting-edge cyber-security research projects with their mentors from NYU-Poly. The program provides the faculty with arc of experience starting from knowledge acquisition in the summer workshop, application and integration of the knowledge in a research project, transmission of this knowledge as they teach their classes, mentoring of their student teams for the Capture the Flag challenge, and finally the culmination of their experience in the national Capture the Flag challenge conducted by NYU-Poly that attracts thousands of students. Faculty develop and hone their research, communication, and presentation skills, which are critical to their professional growth and success. The faculty are introduced to a topic of critical national need and mentored to develop and offer courses that, in turn, introduce their students to concepts and challenges in cyber security. The project team is disseminating the results of project through the competitions and the TeachEngineering digital library, for adoption by others.