125,258 research outputs found
A Survey of Symbolic Execution Techniques
Many security and software testing applications require checking whether
certain properties of a program hold for any possible usage scenario. For
instance, a tool for identifying software vulnerabilities may need to rule out
the existence of any backdoor to bypass a program's authentication. One
approach would be to test the program using different, possibly random inputs.
As the backdoor may only be hit for very specific program workloads, automated
exploration of the space of possible inputs is of the essence. Symbolic
execution provides an elegant solution to the problem, by systematically
exploring many possible execution paths at the same time without necessarily
requiring concrete inputs. Rather than taking on fully specified input values,
the technique abstractly represents them as symbols, resorting to constraint
solvers to construct actual instances that would cause property violations.
Symbolic execution has been incubated in dozens of tools developed over the
last four decades, leading to major practical breakthroughs in a number of
prominent software reliability applications. The goal of this survey is to
provide an overview of the main ideas, challenges, and solutions developed in
the area, distilling them for a broad audience.
The present survey has been accepted for publication at ACM Computing
Surveys. If you are considering citing this survey, we would appreciate if you
could use the following BibTeX entry: http://goo.gl/Hf5FvcComment: This is the authors pre-print copy. If you are considering citing
this survey, we would appreciate if you could use the following BibTeX entry:
http://goo.gl/Hf5Fv
Graphical statistics to explore the natural and anthropogenic processes influencing the inorganic quality of drinking water, ground water and surface water
Plots of cumulative distribution functions (CDF) are a simple but powerful exploratory data analysis (EDA) tool to evaluate and compare statistical data distributions. Here, empirical CDF plots are used to compare results of four large (476 to 884 samples) national- to continental-scale inorganic water chemistry data sets: (1) European surface water, (2) European tap water, (3) European bottled waters as a proxy for groundwater and (4) Norwegian crystalline bedrock rock groundwater, all analysed at the same laboratory, albeit at different times. For many parameters (e.g., Ba, Cl-, K, SO4
2-) median values and ranges are, given the differing origins and, in some cases, treatment processes of the waters, surprisingly comparable. Unusually high concentrations of some other elements (e.g., B, Be, Br, Cs, F-, Ge, Li, Rb, Te and Zr) appear to be characteristic of deeper-seated, mature groundwaters. Other influences that can be inferred include contamination from well construction or plumbing materials (Cu, Pb, Zn – in tap waters, bottled waters and Norwegian groundwaters), water treatment (Fe, Mn – in tap- and Norwegian groundwater), bottle materials (Sb - bottled waters). The empirical CDF plots also reveal analytical issues for some elements (excessive rounding, element interferences). The best reference for natural and uncontaminated ’water’ is probably provided by the mineral water samples, representing ’deep groundwater’ at the European scale
Towards Statistical Prioritization for Software Product Lines Testing
Software Product Lines (SPL) are inherently difficult to test due to the
combinatorial explosion of the number of products to consider. To reduce the
number of products to test, sampling techniques such as combinatorial
interaction testing have been proposed. They usually start from a feature model
and apply a coverage criterion (e.g. pairwise feature interaction or
dissimilarity) to generate tractable, fault-finding, lists of configurations to
be tested. Prioritization can also be used to sort/generate such lists,
optimizing coverage criteria or weights assigned to features. However, current
sampling/prioritization techniques barely take product behavior into account.
We explore how ideas of statistical testing, based on a usage model (a Markov
chain), can be used to extract configurations of interest according to the
likelihood of their executions. These executions are gathered in featured
transition systems, compact representation of SPL behavior. We discuss possible
scenarios and give a prioritization procedure illustrated on an example.Comment: Extended version published at VaMoS '14
(http://dx.doi.org/10.1145/2556624.2556635
Recommended from our members
Expert-based development of a standard in CO2 sequestration monitoring technology
Bureau of Economic Geolog
A Reduced Semantics for Deciding Trace Equivalence
Many privacy-type properties of security protocols can be modelled using
trace equivalence properties in suitable process algebras. It has been shown
that such properties can be decided for interesting classes of finite processes
(i.e., without replication) by means of symbolic execution and constraint
solving. However, this does not suffice to obtain practical tools. Current
prototypes suffer from a classical combinatorial explosion problem caused by
the exploration of many interleavings in the behaviour of processes.
M\"odersheim et al. have tackled this problem for reachability properties using
partial order reduction techniques. We revisit their work, generalize it and
adapt it for equivalence checking. We obtain an optimisation in the form of a
reduced symbolic semantics that eliminates redundant interleavings on the fly.
The obtained partial order reduction technique has been integrated in a tool
called APTE. We conducted complete benchmarks showing dramatic improvements.Comment: Accepted for publication in LMC
Automated Test Input Generation for Android: Are We There Yet?
Mobile applications, often simply called "apps", are increasingly widespread,
and we use them daily to perform a number of activities. Like all software,
apps must be adequately tested to gain confidence that they behave correctly.
Therefore, in recent years, researchers and practitioners alike have begun to
investigate ways to automate apps testing. In particular, because of Android's
open source nature and its large share of the market, a great deal of research
has been performed on input generation techniques for apps that run on the
Android operating systems. At this point in time, there are in fact a number of
such techniques in the literature, which differ in the way they generate
inputs, the strategy they use to explore the behavior of the app under test,
and the specific heuristics they use. To better understand the strengths and
weaknesses of these existing approaches, and get general insight on ways they
could be made more effective, in this paper we perform a thorough comparison of
the main existing test input generation tools for Android. In our comparison,
we evaluate the effectiveness of these tools, and their corresponding
techniques, according to four metrics: code coverage, ability to detect faults,
ability to work on multiple platforms, and ease of use. Our results provide a
clear picture of the state of the art in input generation for Android apps and
identify future research directions that, if suitably investigated, could lead
to more effective and efficient testing tools for Android
Research methodology in montanistic tourism
Research methodology in montanistic tourism involves the archival research and study of special literature, surface and underground field survey, the analysis of findings of rock fragments, mineral composition, traces of metallurgical processes, fragments of pottery, etc. A separate problem is the study and evaluation of the development of mining and post-mining landscapes, focusing on the entire supply chain of resource industries and their impact on the cultural development of the country
- …