96 research outputs found

    A Survey of Symbolic Execution Techniques

    Get PDF
    Many security and software testing applications require checking whether certain properties of a program hold for any possible usage scenario. For instance, a tool for identifying software vulnerabilities may need to rule out the existence of any backdoor to bypass a program's authentication. One approach would be to test the program using different, possibly random inputs. As the backdoor may only be hit for very specific program workloads, automated exploration of the space of possible inputs is of the essence. Symbolic execution provides an elegant solution to the problem, by systematically exploring many possible execution paths at the same time without necessarily requiring concrete inputs. Rather than taking on fully specified input values, the technique abstractly represents them as symbols, resorting to constraint solvers to construct actual instances that would cause property violations. Symbolic execution has been incubated in dozens of tools developed over the last four decades, leading to major practical breakthroughs in a number of prominent software reliability applications. The goal of this survey is to provide an overview of the main ideas, challenges, and solutions developed in the area, distilling them for a broad audience. The present survey has been accepted for publication at ACM Computing Surveys. If you are considering citing this survey, we would appreciate if you could use the following BibTeX entry: http://goo.gl/Hf5FvcComment: This is the authors pre-print copy. If you are considering citing this survey, we would appreciate if you could use the following BibTeX entry: http://goo.gl/Hf5Fv

    ASSINATURA DO TESTE ESTRUTURAL (ATE) - MÉTRICA BASEADA EM TESTE FLUXO DE DADOS E ANÁLISE DE MUTANTES SIGNATURE OF THE STRUCTURAL TEST (SST) - METRIC BASED ON DATA FLOW TEST AND MUTANT ANALYSIS

    Get PDF
    The structural test makes it possible to guarantee the quality of the software  by  analyzing  the  source  code.  In  this  sense,  this  paper presents a new method of structural testing with the application of data   flow   testing   and   mutant   analysis   techniques.   It   is   an arithmetic  model  called  Signature  of  the  Structural  Test  (SSt), which  receives parameters such as variables, operands, operators and   commands,   determines   a   metric   with   the   objective   of detecting   possible   semantic   and   logical   errors   between   the definitions of variables and their uses, such as also, reducing the test paths in the data graph and the mutants generated. The result was favorable to the continuation of the research with other testsand guidance for the construction of an appropriate tool.O teste estrutural possibilita garantir a qualidade do software pela análise do código fonte. Nesse sentido, este trabalho apresenta um novo método de teste estrutural com a aplicação das técnicas teste fluxo de dados e análise de mutantes. Trata-se de um modelo aritmético intitulado Assinatura do Teste  Estrutural  (AtE),  que recebe parâmetros como variáveis, operandos, operadores e comandos, determina  uma métrica com objetivos de  detectar possíveis erros semânticos e lógicos entre  as definições de variáveis e seus usos, como também, reduzir os caminhos de testes no grafo de dados e os mutantes gerados. O resultado mostrou-se favorável à continuação da pesquisa com outros ensaios edirecionamento para construção de ferramenta apropriada

    Test generation for high coverage with abstraction refinement and coarsening (ARC)

    Get PDF
    Testing is the main approach used in the software industry to expose failures. Producing thorough test suites is an expensive and error prone task that can greatly benefit from automation. Two challenging problems in test automation are generating test input and evaluating the adequacy of test suites: the first amounts to producing a set of test cases that accurately represent the software behavior, the second requires defining appropriate metrics to evaluate the thoroughness of the testing activities. Structural testing addresses these problems by measuring the amount of code elements that are executed by a test suite. The code elements that are not covered by any execution are natural candidates for generating further test cases, and the measured coverage rate can be used to estimate the thoroughness of the test suite. Several empirical studies show that test suites achieving high coverage rates exhibit a high failure detection ability. However, producing highly covering test suites automatically is hard as certain code elements are executed only under complex conditions while other might be not reachable at all. In this thesis we propose Abstraction Refinement and Coarsening (ARC), a goal oriented technique that combines static and dynamic software analysis to automatically generate test suites with high code coverage. At the core of our approach there is an abstract program model that enables the synergistic application of the different analysis components. In ARC we integrate Dynamic Symbolic Execution (DSE) and abstraction refinement to precisely direct test generation towards the coverage goals and detect infeasible elements. ARC includes a novel coarsening algorithm for improved scalability. We implemented ARC-B, a prototype tool that analyses C programs and produces test suites that achieve high branch coverage. Our experiments show that the approach effectively exploits the synergy between symbolic testing and reachability analysis outperforming state of the art test generation approaches. We evaluated ARC-B on industry relevant software, and exposed previously unknown failures in a safety-critical software component

    Integration of Fault Localization into your GitHub Repository

    Get PDF
    Com a crescente complexidade e escala do software, existe uma forte necessidade de técnicas que auxiliem os desenvolvedores de software a localizar falhas com o mínimo de intervenção humana possível. O objetivo desta dissertação é analisar o uso de abordagens de localização de falhas baseadas em espectro para ajudar a descobrir falhas em programas Java, bem como o uso de bots no ciclo de vida do desenvolvimento de um software. As técnicas de localização de falhas baseadas em espectro foram escolhidas na área de pesquisa de localização de falhas de software devido aos seus baixos custos de execução e popularidade. Três ferramentas (GZoltar, FLACOCO e Jaguar) destacaram-se como as principais escolhas para a localização de falhas baseada em espectro em Java, de acordo com a pesquisa, e embora todas produzissem resultados comparáveis, o GZoltar foi preferido. Foi criada uma Action do GitHub que, quando integrada com o GZoltar, permite a análise de relatórios de localização de falhas baseada em espectro em qualquer repositório Java no GitHub. O resultado é um relatório detalhado das linhas de código potencialmente com falhas, personalizável pelo utilizador. Esta Action foi avaliada tanto em um repositório de exemplo como em vários projetos open-source. Embora a integração tenha sido bem sucedida no repositório de exemplo, as limitações do GZoltar impedem a sua integração na maioria dos projetos open-source, destacando a necessidade de atualizações e testes adicionais de compatibilidade.With the increased complexity and scale of software, there is a strong demand for techniques to guide software engineers to locate faults with less human intervention as possible. The purpose of this dissertation is to look into the usage of Spectrum-based Fault Localization approaches to help discover faults in Java programs, as well as the use of bots in the software development lifecycle. Spectrum-based Fault Localization techniques were found to be chosen in the research area of software fault localization due to their low execution costs and popularity. Three tools (GZoltar, FLACOCO, and Jaguar) stood out as the top choices for spectrum-based fault localization in Java according to the research, and even though all produced comparable outcomes, GZoltar was preferred. A GitHub Action was created that, when integrated with GZoltar, allows analysis of Spectrum-based Fault Localization reports in any Java repository on GitHub. The outcome of it is a detailed report of potentially faulty lines of code, customizable by the user. This action is tested in both a sample repository and several open-source projects. While successful integration is achieved with the sample repository, limitations of GZoltar hinder its integration with most open-source projects, highlighting the need for updates and further compatibility testing
    corecore