Presentation is loading. Please wait.

Presentation is loading. Please wait.

Tao Xie Automated Software Engineering Group Department of Computer Science North Carolina State University https://sites.google.com/site/asergrp/

Published byLee Wilcox Modified over 9 years ago

Similar presentations

Presentation on theme: "Tao Xie Automated Software Engineering Group Department of Computer Science North Carolina State University https://sites.google.com/site/asergrp/"— Presentation transcript:

1 Tao Xie Automated Software Engineering Group Department of Computer Science North Carolina State University https://sites.google.com/site/asergrp/

2  Static Verification  Problem: API properties are not available ▪ E.g., fopen’s return needs to be NULL-CHECK  Solution: mining API properties from client code  Dynamic Verification (a.k.a. Software Testing)

3 3 Supported by NSF CSR and ARO

4 4 PARSEWeb [ASE 07] PARSEWeb Source object type & Destination object type Method-invocation sequence MAPO [ECOOP 09] API method  Frequent subsequences of API methods SpotWeb [ASE 08] Framework hotspots/coldspots

5 5 Detect deviant behavior as bugs in programs Neglected-condition bugs [ASE 09] Exception-handling bugs [ICSE 09] Error-handling bugs [FASE 09] API-sequencing bugs [ESEC/FSE 07]

6 6 Detect duplicate bug reports [ICSE 08] Identify security bug reports [MSR 10] Mine resource specifications from Javadoc [ASE 09, Best Paper Award, SIGSOFT Distinguished Paper] javax.resource.cci.Connection createInteraction():“Creates an interaction associated with this connection.” getMetaData():“Gets the information on the underlying EIS instance represented through an active connection.” close():“Initiates close of the connection handle at the application level.” Supported by IBM Jazz Award

7 = ? Outputs Expected Outputs Program + Test inputs Test Oracles  Test Generation  Generating high-quality test inputs (e.g., achieving high code coverage)  Test Oracles  Specifying high-quality test oracles (e.g., guarding against various faults)

8  Human  Expensive, incomplete, …  Brute Force  Pairwise, predefined data, etc…  Random:  Cheap, Fast  “It passed a thousand tests” feeling  Dynamic Symbolic Execution: Pex, CUTE,EXE  Automated white-box  Not random – Constraint Solving

9 Code to generate inputs for: Constraints to solve a!=null a!=null && a.Length>0 a!=null && a.Length>0 && a[0]==1234567890 void CoverMe(int[] a) { if (a == null) return; if (a.Length > 0) if (a[0] == 1234567890) throw new Exception("bug"); } void CoverMe(int[] a) { if (a == null) return; if (a.Length > 0) if (a[0] == 1234567890) throw new Exception("bug"); } Observed constraints a==null a!=null && !(a.Length>0) a!=null && a.Length>0 && a[0]!=1234567890 a!=null && a.Length>0 && a[0]==1234567890 Data null {} {0} {123…} a==null a.Length>0 a[0]==123… T T F T F F Execute&Monitor Solve Choose next path Done: There is no path left. Negated condition

10  Loops  Fitnex [DSN 09]  Generic API functions e.g., RegEx matching IsMatch(s1,regex1)  Reggae [ASE 09-sp]  Method sequences  MSeqGen [ESEC/FSE 09]  Environments e.g., file systems, network, db, …  Parameterized Mock Objects [AST 09, ASE 10-sp] Opportunities  Regression testing [ICSE 09-nier]  Developer guidance (cooperative developer testing) Supported by NSF SoD, NSF SHF, NSF CAREER, Microsoft Research Award

11  Loops  Fitnex [DSN 09]  Generic API functions e.g., RegEx matching IsMatch(s1,regex1)  Reggae [ASE 09-sp]  Method sequences  MSeqGen [ESEC/FSE 09]  Environments e.g., file systems, network, db, …  Parameterized Mock Objects [AST 09, ASE 10-sp] Applications  Test network app @Army division, Fort Hood, Texas  Test DB app of hand-held medical assistant device@FDA  Test.NET base libraries @Microsoft

12 Download counts (20 months) (Feb. 2008 - Oct. 2009 ) Academic: 17,366 Devlabs: 13,022 Total: 30,388

13

14  Various countries/regions  Software internationalization ▪ Locating constant strings to translate [ICSE 09, FSE 10] ▪ E.g., translating Megamek (a realtime strategy game)  Various programming languages  PL translation ▪ E.g., translating Java to C# [ICSE 10]

15  Various types of software  Database applications [ASE 10-sp]  Network/file-system applications [AST 09]  Game applications [ICSE 09]  Cyber-physical systems (power grid, medical device software, …)  Could applications  Social network applications  … Supported by NSF SHF, NSF CAREER

16  Various types of quality attributes  Functional correctness  Security (NIST/Fermi Lab collaboration) ▪ Testing/verification of access control policies [WWW 07, ACSAC 08, SIGMETRICS 08, IEEE TC 10] ▪ Testing/verification of firewall policies [SRDS 08/09, LISA 10 Best Student Paper ] ▪ Identification of security bug reports [MSR 10] ▪ Attack generation  Performance ▪ IBM RTP collaboration on Rational Performance Tester  … Supported by NSF CyberTrust, NIST, IBM Faculty Awards

17 http://people.engr.ncsu.edu/txie/ https://sites.google.com/site/asergrp/

Download ppt "Tao Xie Automated Software Engineering Group Department of Computer Science North Carolina State University https://sites.google.com/site/asergrp/"

Similar presentations

Leonardo de Moura Microsoft Research. Z3 is a new solver developed at Microsoft Research. Development/Research driven by internal customers. Free for.

Leonardo de Moura Microsoft Research. Z3 is a new solver developed at Microsoft Research. Development/Research driven by internal customers. Free for.
Tutorial Pex4Fun: Teaching and Learning Computer Science via Social Gaming Nikolai Tillmann, Jonathan de Halleux, Judith Bishop, Michal.

Tutorial Pex4Fun: Teaching and Learning Computer Science via Social Gaming Nikolai Tillmann, Jonathan de Halleux, Judith Bishop, Michal.
Tao Xie North Carolina State University In collaboration with Nikolai Tillmann, Peli de Halleux, Wolfram Research and

Tao Xie North Carolina State University In collaboration with Nikolai Tillmann, Peli de Halleux, Wolfram Research and
Tao Xie University of Illinois at Urbana-Champaign Part of the research work described in this talk was done in collaboration with the Pex team (Nikolai.

Tao Xie University of Illinois at Urbana-Champaign Part of the research work described in this talk was done in collaboration with the Pex team (Nikolai.
Kai Pan, Xintao Wu University of North Carolina at Charlotte Generating Program Inputs for Database Application Testing Tao Xie North Carolina State University.

Kai Pan, Xintao Wu University of North Carolina at Charlotte Generating Program Inputs for Database Application Testing Tao Xie North Carolina State University.
Programming Languages Language Design Issues Why study programming languages Language development Software architectures Design goals Attributes of a good.

Programming Languages Language Design Issues Why study programming languages Language development Software architectures Design goals Attributes of a good.
Pexxxx White Box Test Generation for

Pexxxx White Box Test Generation for
1 Software Testing and Quality Assurance Lecture 30 - Introduction to Software Testing.

1 Software Testing and Quality Assurance Lecture 30 - Introduction to Software Testing.
CS590 Z Software Defect Analysis Xiangyu Zhang. CS590F Software Reliability What is Software Defect Analysis  Given a software program, with or without.

CS590 Z Software Defect Analysis Xiangyu Zhang. CS590F Software Reliability What is Software Defect Analysis  Given a software program, with or without.
Chair of Software Engineering Automatic Verification of Computer Programs.

Chair of Software Engineering Automatic Verification of Computer Programs.
Outline Types of errors Component Testing Testing Strategy

Outline Types of errors Component Testing Testing Strategy
WARNING These slides are not optimized for printing or exam preparation. These are for lecture delivery only. These slides are made for PowerPoint 2010.

WARNING These slides are not optimized for printing or exam preparation. These are for lecture delivery only. These slides are made for PowerPoint 2010.
CS527: (Advanced) Topics in Software Engineering Overview of Software Quality Assurance Tao Xie ©D. Marinov, T. Xie.

CS527: (Advanced) Topics in Software Engineering Overview of Software Quality Assurance Tao Xie ©D. Marinov, T. Xie.
Human-Tool, Tool-Tool, and Human-Human Cooperations to Get the Job Done Tao Xie North Carolina State University Raleigh, NC, USA.

Human-Tool, Tool-Tool, and Human-Human Cooperations to Get the Job Done Tao Xie North Carolina State University Raleigh, NC, USA.
System/Software Testing

System/Software Testing
Deep Dive into Pex How Pex works, implications for design of Code Hunt puzzles Nikolai Tillmann Principal Software Engineering Manager Microsoft, Redmond,

Deep Dive into Pex How Pex works, implications for design of Code Hunt puzzles Nikolai Tillmann Principal Software Engineering Manager Microsoft, Redmond,
Separation of Concerns Tao Xie Peking University, China North Carolina State University, USA In collaboration with Nikolai Tillmann, Peli de Halleux, Wolfram.

Separation of Concerns Tao Xie Peking University, China North Carolina State University, USA In collaboration with Nikolai Tillmann, Peli de Halleux, Wolfram.
Tao Xie North Carolina State University Supported by CACC/NSA Related projects supported in part by ARO, NSF, SOSI.

Tao Xie North Carolina State University Supported by CACC/NSA Related projects supported in part by ARO, NSF, SOSI.
Automated Testing of System Software (Virtual Machine Monitors) Tao Xie Department of Computer Science North Carolina State University

Automated Testing of System Software (Virtual Machine Monitors) Tao Xie Department of Computer Science North Carolina State University
Tao Xie (North Carolina State University) Nikolai Tillmann, Jonathan de Halleux, Wolfram Schulte (Microsoft Research, Redmond WA, USA)

Tao Xie (North Carolina State University) Nikolai Tillmann, Jonathan de Halleux, Wolfram Schulte (Microsoft Research, Redmond WA, USA)

Similar presentations

Ads by Google