Project Summary

The Problem

Over the past decade, the Open Source Software (OSS) phenomenon has had a global impact on the way software systems and software-based services are developed, distributed and deployed. Widely acknowledged benefits of OSS include reliability, low development and maintenance costs, as well as rapid code turnover. Linux distributions, Apache and MySQL, serve among many other examples, as a testimony to its success and resilience.

Companies become aware that integrating OSS into commercial products (made available by liberal OSS licences) reduce development costs while offering high-quality, extensively tested components. Furthermore, Governments become aware of growing dependence on proprietary formats and software in their administration, and regard OSS as a warranty of technological independence (which turns out to a strategic advantage, mainly in the developing world).

However, state-of-the-art OSS, by the very nature of its open, unconventional, distributed development model, makes software quality assessment, let alone full certification, particularly hard to achieve and raises important challenges both from the technical/methodological and the managerial points of view.

This makes the use of OSS, and its integration within industrial-strength applications, with stringent security requirements, a risk. This state of affairs has been identified either in the OSS (as witnessed, for example, in an increasing number of mentions in recent editions of the IFIP Conf. on OSS) and in the Formal Methods communities (OSS as a target domain for FM appears was recognised in recent editions of FM and SEFM international conferences). A series of workshops promoted by the United Nations University, with the acronym OpenCert, have addressed specifically this challenge since 2007. Finally, the relevance of this problem is further emphasised by a number of panels organised in OSS forums (eg, the OSS Watcher) and industry oriented initiatives.

The vision

In such a context, the aim of this project is twofold:

(1) Developing new program understanding and analysis techniques and combine them for quality assessment of open source code. The nature of OSS entails the need for integration of techniques spanning the "micro" to the "macro" levels (e.g., from slicing to architectural recovery) and with different levels of formality (e.g. from statistical analysis based on code metrics to the identification and formal verification of hidden invariants).

(2) Smoothly integrating such techniques into the OSS very peculiar development process without disturbing its collaborative, distributed and heterogeneous character.

The first objective implies to scale up program understanding techniques, and their combination with formal verification methods, to OSS.

Achieving the second, means to establish feedback loops in OSS development, making publicly available a number of interrelated analysis tools, to enhance the overall software quality, but without disturbing the peculiar, but very successful, OSS development life-cycle. The project intends to design and implement an online infrastructure -- the certification portal -- in which independently developed analysis tools (with different levels of sophistication) are to be inserted for monitoring, assessment and, at a later stage, certification of OSS products. Such an infrastructure will allow for the registration of OSS projects, their source code visualisation and analysis at different levels, as well as the rendering of analysis results in suitable, flexible formats to both OSS developers and users.

Such a strategy has potential for a long-term impact on the integration of trustworthy, OSS components, in large, complex systems. The CROSS project will, therefore, develop in interaction with Multicert, one of the leading portuguese companies, using OSS in landmark projects such as electronic voting and the recent Portuguese Citizen Card initiative.

The Team

The team has a mature record in high-level research both in Formal Methods for software certification, a area it pioneered in Portugal 25 years ago, and Program Understanding. Recently, its involvement in the PURe project (2003-06) contributed with several techniques and tools for code analysis and program understanding, with more than 40 papers published. Team members will also build on the experience carried out in the context of the IVY and RESCUE FCT-funded projects, and CACE, EU FP7 project, working on both functional and security requirements in cryptographic software implementations.

Team members are the founders of the successful series of summer schools on Generative and Transformational Techniques in Software Engineering (GTTSE), organized in 2005, 2007 and 2009 in Braga (LNCS, vols. 4143 and 5235, Springer).

On the other hand, the team has been involved in the ongoing debate on OSS certification, having organised, with the United Nations University, the first OpenCert workshop at ETAPS´07, and serving on the steering committee of the follow-up network.