Use Guide
This document provides procedures to run Sentinel tool on an application and provides instructions to reproduce the results shown in the paper.
Use Sentinel on an Android application
Before running Sentinel tool on an apk file, there are two environment variables need to be defined:
ADK
should be the path of Android sdkGatorRoot
should be the path that containsrunSentinel.py
file
Please define them manually:
export ADK=/path/to/android/sdk
export GatorRoot=/path/to/Sentinel
To run Sentinel tool on an Android app’s apk file:
python3 runSentinel.py /path/to/apkfile
The analysis results will be printed to stdout. For example, for app mTpms
, the last a few lines from Sentinel is:
[DEBUG]: Pattern 1 defects output to /Sentinel/sensorEnergyOutput/org.thecongers.mtpms_2.apkC1.log
[DEBUG]: Pattern 2 defects output to /Sentinel/sensorEnergyOutput/org.thecongers.mtpms_2.apkC2.log
[Dev]: template path: /Sentinel/SootAndroid/testcases/gatorTestGenBase.py
[Dev]: Number of test cases: 2
[TestGen]: UIAutomator testgen finished
[TestGen]: Testcases file location: /Sentinel/sensorEnergyOutput/org.thecongers.mtpms_2.apkTests.py
[STAT]: AppName & Classes & Jimples & Node & Edge && LP1 & LP2 &&LRP1 & LRP2 && TestsL1 & TestsL2 && Time
[STAT]: org.thecongers.mtpms_2.apk & 37 & 3148 & 20 &38 && 7 & 8 && 6 & 6 && 1 & 1 && 0.088000
The org.thecongers.mtpms_2.apkC1.log
and org.thecongers.mtpms_2.apkC2.log
indicated in the output contains the detected sensor defects information. The org.thecongers.mtpms_2.apkTests.py
indicated in the output is the test cases generated for app under test. Two lines with [STAT]
tags are statistic data for app under test, using the same format as Table 1 in AST’18 paper.
To run the test cases generated from Sentinel on an Android device or emulator, the app’s apk file requires a preprocessing step to allow debugger to attach on this app. Assuming the Android device or the Android emulator has USB debugging enabled and it is connected to the computer, the preprocessing and installation of the app can be done using following commands:
python3 exportActivities.py APK_FILE_NAME -o PATCHEDAPK_FILE_NAME
$ADK/platform-tools/adb install PATCHEDAPK_FILE_NAME
The generated test cases can be run using following command:
python3 $GatorRoot/sensorEnergyOutput/TEST_FILE.py
If a test is leaking sensor resource, the information leaked sensor resource will be output to stdout. For app mTpms
, the output will look like:
Device:marlin
test0 verified to leak following sensor resources:
Sensor: TMD4903 Light Sensor 0x00000007, Listener: org.thecongers.mtpms.MainActivity.
test0 ends
test1 verified to leak following sensor resources:
Sensor: TMD4903 Light Sensor 0x00000007, Listener: org.thecongers.mtpms.MainActivity.
test1 ends
Please note some apps require the user to finish some initialization steps, such as a first run wizard, these steps needs to be done manually before running the test cases. For a few apps, the sensors will only be enabled when certain features are enabled in app’s preference or requiring specific input in the EditText boxes. These steps can only be performed manually. For application using ActionBars, the Android OptionsMenu is no longer exist and Android no longer associate menu IDs with action bar UI menu items. This will cause an issue to the test cases generated by Sentinel as the clicks on UI widgets are performed by using their IDs. In this case, please modify the test case file to click on UI texts instead of UI IDs.
Reproduce the results in the Paper.
We evaluated our tool on both open-source apps from F-Droid and commercial apps from Google Play Store. The open-source apps that contains defects reported by Sentinel are included in Apps/
directory. Due to licensing issues, we cannot include commercial apps here. Here is the list of apps we used in the evaluation but not included under Apps/
directory.
PackageName | Version Code | Version Name | MD5 | SHA-1 |
---|---|---|---|---|
com.fingersoft.nightvisioncamera | 39 | 1.1.5 | 1d189e9a9eab9efbd777bf93db35c08a | f9e5810c90cbd97eb131733710e13becb48cce13 |
com.voxofon | 600 | 6.0.0 | 93d25a6b8fab73151f7a68cfbdbdef20 | 3921222749649ffd7d1bbfe83d323582333c243a |
com.abg.VRVideoPlayer | 212 | 2.11 | 60609b1540053c511cbc0c0e702bdaa1 | 04d30c64d7deff0f014bdd479d0c7d65819e3683 |
com.mobincube.android.sc_3H53X5 | 2 | 2.0.0 | badc8dd35a586b79f43f5d4929db6f3f | 8143d77f07e57525383485bdf23616f98dbf85fe |
com.calculator.vault | 30 | 7.3 | 83188373c292465b6e7d033bb6e58eca | 2625cc6f5b5039fd5f80275d90da0c6291fe7455 |
com.groggy.comebacks | 8 | 2.2 | 41a56fa950cd05628f39cc5f29d4eca0 | d689de6912c6136cafa2c11dbaaa1d8878def7a7 |
com.northpark.pushups | 60 | 3.175.60 | ab1281ff466ff8da38dd62d449b0cb78 | a36b65d30d298755beaea6baf1c0318cf9cf697d |
com.mobeezio.android.dogwhistler | 57 | 2.3.10 | 7d756264a45c5cc7e949c911e6818d46 | 15c743e096485c902324ba65571345bc35e0389f |
com.hideitpro | 20151122 | 5.4 | 97c86d485a8bd0e8a4fb3556b1a8e044 | 2987f6ddf49436bfaacd24b48a9ad68b935708c8 |
com.likethatapps.garden | 16 | 1.1.5 | f4e3b9213ad8abebaa481261f225974d | 73eed704e924b7aa189d9f5e6bcb99157cdaec14 |
net.mercy.mymercy | 35 | 4.1.3 | 5e2a6c461f5ac6a31b32df44dc719264 | 4d01151360e66d02cc7729562194f583b79a92ff |
These apps can be easily downloaded from Internet using their version number and hashes.
The steps to run Sentinel on evaluation apps and to run generated test cases are the same as the ones mentioned in the previous section. Please note the results from current Sentinel will differ slightly from the Table 1 in the AST’18 submission. Some differences are due to minor changes in the underlying GATOR tool (e.g., revised handling of
For false positives and non-executable test cases, please refer to the Section 3.4 and 3.5 of Haowei Wu’s PhD dissertation.
Necessary manual steps
There are a few apps in the evaluation requires additional manual steps to allow generated tests to be run successfully on testing device.
App com.voxofon and com.csipsimple
These two apps are SIP service applications. Therefore, a SIP service account is required to use these two apps. For either of these two apps, the defective activity will only show up when there is an ongoing SIP phone call. In our evaluation, we use the generated test cases as guidance to test this application manually, since there is no way to mock a SIP phone call in an automated test.
App com.calculator.vault
This application requires user to go through a wizard when it is started for the first time. Please finish the wizard and set up a PIN. The field “TO_DO_SET_YOUR_OWN_TEXT” in the generated test cases should be replaced with the PIN. In our evaluation, we use “1234” as the PIN, but it should work with any PIN as long as the one in the test cases is the same as the one in the initial wizard.
2 out of 4 test cases generated for this app (the ones open “CalculatorActivity”) require option “Shake to Unlock” in the app’s preference to be enabled. Please enable this option before running these 2 test cases.
App com.mobeezio.android.dogwhistler
The test cases generated for this app require the “Mode” in the menu is set to “Timer”. Please perform this step before running the generated test cases.
App com.hideitpro
This application requires user to go through a wizard when it is started for the first time as well. To enable sensor usage, option “Shake Phone to logout” in the app’s preference needs to be enabled. Please finish these two steps before running the generated test cases.