TUM Logo

Typestates Learning from Code-Property Graphs

Typestates Learning from Code-Property Graphs

Supervisor(s): Florian Wendland
Status: finished
Topic: Others
Author: Dmytro Honcharevskyi
Submission: 2021-02-15
Type of Thesis: Masterthesis
Thesis topic in co-operation with the Fraunhofer Institute for Applied and Integrated Security AISEC, Garching


A typestate describes the possible state of an object and how operations cause transitions between states.
The analysis of typestates is a method that can validate correct sequences of operations on objects. It can reveal
coding errors and vulnerabilities in programs. The construction of typestates from source code is still an open problem.

This thesis contributes to the problem of learning typestate of an object from a given code property graph. The main
purpose of this work is a correct determining of the overall structure of an object in terms of a typestate. This thesis finds
an approximate outline of a delegate object. It’s behavior is described by a built object typestate in which delegate object is
used. It tracks method call sequences inside different object’s typestate in order to approximate a delegate object behavior.

The result is represented as a graph with nodes stating internal fields values and edges stating methods changing the internal
fields object values or keeping them. The delegate objects structure are listed as a set of execution paths for which several analysis
on mutual dependence or independence can be performed. The implementation and testing is done for a Java source code.

The obtained results can be applied in the scenarios of defining incorrect implementations of an object and finding correct usage
of an unknown object.