SRC Grand Finalists 2022

GRADUATE CATEGORY

First Place:
Ziliang Lai - The Chinese University of Hong Kong
SIGMOD 2021
Title of Submission: Deterministic Concurrency Control for Private Blockchains

Second Place:
Haotiang Zhang - The University of Texas at Arlington
PLDI 2021
Title of Submission: Smaller and More Secure: Static Debloating of MIPS Firmware Shared Libraries

Third Place:
Madhurima Chakraborty - University of California, Riverside
SPLASH 2021
Title of Submission: A Study of Call Graph Effectiveness for Framework-Based Web Applications

UNDERGRADUATE CATEGORY

First Place:
Zizheng Guo - Peking University
ICCAD 2021
Title of Submission: Heterogeneous Timing Estimation, Optimization, and Verification for VLSI Circuit Design Automation

Second Place:
Yihong Zhang - University of Washington
PLDI 2021
Title of Submission: Towards a Relational E-graph

Third Place:
Chen Yang - Tianjin University
ESEC/FSE 2021
Title of Submission: Accelerating Redundancy-Based Program Repair via Code Representation Learning and Adaptive Patch Filtering

ACM Student Research Competition

The ACM Student Research Competition is an internationally recognized venue enabling undergraduate and graduate students to experience the research world, share research results and exchange ideas, rub shoulders with academic and industry luminaries, understand the practical applications of their research and gain recognition.

Graduate Category: First Place

Ziliang Lai, The Chinese University of Hong Kong
"Deterministic Concurrency Control for Private Blockchain" (SIGMOD 2021)

Private blockchain has gained popularity in inter-organization business processing (e.g., supply chain management [15] and crossborder payment [9]). It allows mutually untrusted parties to share data and mutate data in an endorsed manner. A typical private blockchain is composed of a consensus layer pipelined with an execution layer, where the organizations agree on the blocks of transactions using the consensus layer and the transaction blocks are then passed to each organization’s executor for execution. To ensure the organizations share an identical view of data, one core requirement of the executor is determinism, i.e., given the same transaction blocks and the same initial state, the executors must produce an identical new state. While the consensus layer was regarded ... [Read more]

Graduate Category: Second Place

Haotian Zhang, The University of Texas at Arlington
"Smaller and More Secure: Static Debloating of MIPS Firmware Shared Libraries"(PLDI 2021)

Over the past few years, the spotlight has been on the Internet of Things (IoT) market due to the sheer amount being deployed worldwide. With the IoT boom taking place, cyberattacks on embedded devices are now accelerating at an unprecedented rate [1]. The vulnerabilities in firmware, a class of software that is written to an embedded device to control user applications and various hardware functions, leave embedded systems open to attacks [2]. Although memory corruption vulnerabilities [3] have been around for decades, they also dominate the share of top-rated threats in embedded devices [4]. For example, buffer overflow bugs in WiFi routers and smart home devices allows remote attackers to completely take over the device and enter the home network [5]. Besides, returnoriented programming (ROP) techniques enable attackers to chain together short instruction sequences (i.e., code gadgets) already present in the program’s memory to bypass the executable-space protection... [Read more]

Graduate Category: Third Place

Madhurima Chakraborty, University of California, Riverside
"A Study of Call Graph Effectiveness for Framework-Based Web Applications" (SPLASH 2021)

Advances in technology and the internet have made web applications an integral part of businesses, enabling them to thrive in increasingly competitive environments. However, this emergence of web applications has also led to the development of sophisticated cyber-threats. As a result, insecure web applications are now highly vulnerable to cyber-threats, like malware and cyber-attacks. An attack may break the functionality of the application, preventwebsite visitors from accessing it, and even compromise customers’ personal information. Based on a data generated from more than 15 million application security scans performed by different companies throughout 2021, researchers at NTT Application Security [6] found that half of all sites had at least one serious exploitable vulnerability throughout the year. Moreover, these web applications often use JavaScript (JS) to improve the interactivity and functionality of the websites... [Read more]

Undergraduate Category: First Place

Zizheng Guo, Peking University
"Heterogeneous Timing Estimation, Optimization, and Verification for VLSI Circuit Design Automation" (ICCAD 2021)

The semiconductor industry is experiencing both a widespread supply shortage and an unprecedented surge in demand for highly-customized chip designs ranging from data centers to consumer electronics. As the process node continues to shrink down below 5nm, tens of billions of transistors have been integrated into a single chip, introducing significant challenges to the chip performance analysis and optimization flow. A typical design flow optimizes chip performance through consecutidesign stages by iteratively invoking performance estimation routines guidance. The chip is then verified against its performance target. Such a flow requires months of effort even with experienced designers and the latest electronics design automation (EDA) software... [Read more]

Undergraduate Category: Second Place

Yihong Zhang, The University of Washington
"Towards a Relational E-graph" (PLDI 2021)

The congruence closure data structure, also known as the e-graph,compactly represents a set of terms and an equivalence relation over the terms. It is a central component of equality saturationbased optimizers [13, 15]. It has been rejuvenated with the recent egg framework and proven successful in many areas, including floating-point arithmetic [12], ML compilers [16], and digital signal processors [14]. Such applications typically populate a large number of equivalence classes (or e-classes). Therefore, the performance of e-graph frameworks is key to the success of modern e-graph based applications. E-matching, the procedure of performing pattern matching over an e-graph, is a major bottleneck in these modern e-graphworkloads. In a typical application [15], e-matching is responsible for 60–90% of the overall run time. The wide variety of e-graph applications is also placing new demands on the capability of e-graph frameworks. ... [Read more]

Undergraduate Category: Third Place

Chen Yang, Tianjin University
"Accelerating Redundancy-Based Program Repair via Code Representation Learning and Adaptive Patch Filtering" (ESEC/FSE 2021)

Automated program repair (APR) has attracted extensive attention and many APR techniques have been proposed recently, in which redundancy-based techniques have achieved great success. However, they still suffer from the efficiency issue. One key problem is how to advance the generation and validation of correct patches. Traditional redundancy-based approaches often use simple methods, such as statistical-based methods, to measure code similarity.This could result in the inaccuracy of measuring code similarity, which may produce meaningless patches that hinder the generation and validation of correct patches. Recently, state-of-the-art studies demonstrate that neural models can better represent source code. Therefore, to solve this issue, we propose a novel method AccPR, which leverages neural network for code representation learning to measure code similarity accurately and employs adaptive patch filtering to accelerate redundancy-based APR. We have implemented a prototype of AccPR and integrated it with a state-of-the-art APR tool, SimFix. We conducted a preliminary study on the benchmark, Defects4J, where the average improvement of repairing efficiency is 47.85%, indicating AccPR is promising. [Read more]