The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Constraining application behaviour by generating languages ELS 2015 Paul van der Walt paul.vanderwalt@inria.fr INRIA Bordeaux 20 April, 2015 Paul van der Walt Constraining / Generating / DSLs. 1/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion The Problem: apps are black boxes 1 A Proposition: modularise! 2 Implementation 3 Conclusion 4 Paul van der Walt Constraining / Generating / DSLs. 2/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion What does this mobile app do? Paul van der Walt Constraining / Generating / DSLs. 3/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion On Android permissions Android has a notion of “permissions”, but Permissions apply to entire app All-or-nothing for the user To curb privacy breaches, like Advertising libraries regularly exfiltrate data, Twitter, LinkedIn apps stealing contact list, etc. Paul van der Walt Constraining / Generating / DSLs. 4/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion On Android permissions Android has a notion of “permissions”, but Permissions apply to entire app All-or-nothing for the user To curb privacy breaches, like Advertising libraries regularly exfiltrate data, Twitter, LinkedIn apps stealing contact list, etc. We can do better :) Paul van der Walt Constraining / Generating / DSLs. 4/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Paul van der Walt Constraining / Generating / DSLs. 5/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Supposedly: Takes a picture Applies sepia filter Displays it to user Paul van der Walt Constraining / Generating / DSLs. 5/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Supposedly: Takes a picture Applies sepia filter Displays it to user . . . and shows an advert Paul van der Walt Constraining / Generating / DSLs. 5/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Supposedly: Takes a picture → camera permission Applies sepia filter Displays it to user . . . and shows an advert Paul van der Walt Constraining / Generating / DSLs. 5/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Running example: EvilCam! Supposedly: Takes a picture → camera permission Applies sepia filter Displays it to user . . . and shows an advert → network permission Paul van der Walt Constraining / Generating / DSLs. 5/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Potential data flow What you hope: camera → your screen internet → fetch advert nothing more. Paul van der Walt Constraining / Generating / DSLs. 6/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Potential data flow What you hope: Reality: camera → your screen image → stalkme.net and internet → fetch advert nsa.gov nothing more. � − ¨ Paul van der Walt Constraining / Generating / DSLs. 6/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion The Problem: apps are black boxes 1 A Proposition: modularise! 2 Implementation 3 Conclusion 4 Paul van der Walt Constraining / Generating / DSLs. 7/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion How can we curb this? The Android permission model: ? ? Uses Camera Main ?? ? ? Uses ? Network Even with conservative permissions, behaviour is unpredictable. Paul van der Walt Constraining / Generating / DSLs. 8/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion How can we curb this? The Android permission model: A better way of doing it: ? Display to screen ? Uses Camera Platform Main ?? ? App ? Uses Compose ? Network Picture + Advert Even with conservative Fetch Filter picture Advert permissions, behaviour is unpredictable. Camera WWW access Paul van der Walt Constraining / Generating / DSLs. 8/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Our goals ✦ Give the user clarity via spec ✦ Force the app to conform to spec ✦ Guide the developer where possible Paul van der Walt Constraining / Generating / DSLs. 9/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion The proposed approach Provide a DSL to write up spec (encoding of flow diagram shown before) Provide another DSL based on that, to implement app I.e. , tower of languages Paul van der Walt Constraining / Generating / DSLs. 10/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Racket and #lang my-lang.rkt (define-syntax (#%module-begin stx) (syntax-case stx () [(_ stmts ...) ; .. do something with stx ])) (provide #%module-begin ...) ... uses language #lang s-exp "my-lang.rkt" stmts ... Paul van der Walt Constraining / Generating / DSLs. 11/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion #lang providing #lang Relation between specifications and implementation: Paul van der Walt Constraining / Generating / DSLs. 12/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion #lang providing #lang Relation between specifications and implementation: Paul van der Walt Constraining / Generating / DSLs. 12/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion #lang providing #lang Relation between specifications and implementation: Paul van der Walt Constraining / Generating / DSLs. 12/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion #lang providing #lang Relation between specifications and implementation: Paul van der Walt Constraining / Generating / DSLs. 12/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion The Problem: apps are black boxes 1 A Proposition: modularise! 2 Implementation 3 Conclusion 4 Paul van der Walt Constraining / Generating / DSLs. 13/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Specifications 1 #lang s-exp "framework.rkt" 2 ;;; Specifications file, webcamspec.rkt Paul van der Walt Constraining / Generating / DSLs. 14/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Specifications 1 #lang s-exp "framework.rkt" 2 ;;; Specifications file, webcamspec.rkt 3 ( define-context Filter ; name Picture ; return type 4 [ when-provided Camera]) ; subscribed to 5 6 7 ( define-source Camera Picture) ; built-in 8 ;; ... Paul van der Walt Constraining / Generating / DSLs. 14/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Specifications 1 #lang s-exp "framework.rkt" 2 ;;; Specifications file, webcamspec.rkt 3 ( define-context Filter ; name Picture ; return type 4 [ when-provided Camera]) ; subscribed to 5 6 7 ( define-source Camera Picture) ; built-in 8 ;; ... The types allow us to generate function contracts. Paul van der Walt Constraining / Generating / DSLs. 14/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Implementation The developer does the following: 1 ;;; Implementation file, webcamimpl.rkt 2 #lang s-exp "webcamspec.rkt" Paul van der Walt Constraining / Generating / DSLs. 15/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Implementation The developer does the following: 1 ;;; Implementation file, webcamimpl.rkt 2 #lang s-exp "webcamspec.rkt" 3 ( implement Filter Paul van der Walt Constraining / Generating / DSLs. 15/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Implementation The developer does the following: 1 ;;; Implementation file, webcamimpl.rkt 2 #lang s-exp "webcamspec.rkt" 3 ( implement Filter ( lambda (pic) 4 Paul van der Walt Constraining / Generating / DSLs. 15/21
The Problem: apps are black boxes A Proposition: modularise! Implementation Conclusion Implementation The developer does the following: 1 ;;; Implementation file, webcamimpl.rkt 2 #lang s-exp "webcamspec.rkt" 3 ( implement Filter ( lambda (pic) 4 ( let * ([canvas (make-bitmap pic ..)]) 5 ; ... do magic, change colours or whatever 6 canvas))) 7 8 ;; ... ...which will be turned into submodules. Paul van der Walt Constraining / Generating / DSLs. 15/21
Recommend
More recommend
