Python-learning

Repository to store attempted python exercises

readings

Resources related to software engineering (and some thoughts)

Decision tables:
https://www.hillelwayne.com/decision-tables/

Z3 solver:
https://rise4fun.com/z3/tutorial

Dramatically Reducing Software Vulnerabilities (2016) on formal methods:
https://nvlpubs.nist.gov/nistpubs/ir/2016/NIST.IR.8151.pdf

Software analysis approaches based on mathematics and logic include parsing, type checking, correctness proofs, model-based development and correct-by-construction.
Advances in algorithms for solving Boolean Satisfiability(SAT) problems, satisfiability modulo theories(SMT) and reasoning models(e.g., abstract interpretation and separation logic) dramatically slashed resources required to answer questions about software.
Model checkers can be used to check for vulnerabilities and potential bugs in the system.
However, formal methods are less effective if there are no clear software requirements or what constitutes as the expected behaviour.

Sound Static Program Analysis

Static analysis: Examination of software for specific properties without executing it.
Heuristic analysis: Trial-and-error
Hybrid is potentially better as it can check for properties that are absent in the individual analysis
Source code analysis: self-explanatory; most mature

Model Checkers, SAT Solvers and Other "Light Weight" Decision Algorithms

These algorithms can answer questions about desirable higher level properties.
These algorithms can also be applied to analyze detailed design artifacts, such as finite (and infinite) state machines.
In other words; constraint solvers.
However, a potential issue is the size of the problem.

Assertions, Pre- and Postconditions, Invariants, Aspects and Contracts

Automated aids, such as Counterexample-Guided Abstraction Refinement(CEGAR), can help produce statements. These statements are activated("compiled in") during development and testing, then may be deactivated before release.
Tests may be generated directly from assertions.
However, must check that preconditions do not conflict with the model checker constraints.

Correct-by-Construction and Model-Based Development

Behaviour may be specified in a higher-level or domain-specific language or model, and then code is automatically generated.
Keyword: code synthesis, test suites or oracles

Directory of Verified Tools and Verified Code

As a code or "live" instantiation of a repository, the Open Web Application Security Project(OWASP) foundation coordinated a project to develop a shared application program interface (API) that encapsulated key security operation, called Enterprise Security API (ESAPI).

Name		Name	Last commit message	Last commit date
Latest commit History 19 Commits
actions		actions
data		data
models		models
pyChat		pyChat
rasa_nlu		rasa_nlu
tests		tests
z3		z3
README.md		README.md
config.yml		config.yml
credentials.yml		credentials.yml
domain.yml		domain.yml
endpoints.yml		endpoints.yml
events.db		events.db
events.db-shm		events.db-shm
events.db-wal		events.db-wal
ngrok		ngrok
rasa.db		rasa.db
story_graph.dot		story_graph.dot
workspace.code-workspace		workspace.code-workspace