The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
We propose Guided Random Testing (GRT), which uses static and dynamic analysis to include information on program types, data, and dependencies in various stages of automated test generation. Static analysis extracts knowledge from the system under test. Test coverage is further improved through state fuzzing and continuous coverage analysis. We evaluated GRT on 32 real-world projects and found that...
A security-related bug is a programming error that introduces a potentially exploitable weakness into a computer system. This weakness could lead to a security breach with unfortunate consequences. Version control systems provide an accurate historical record of the software code's evolution. In this paper we examine the frequency of the security-related bugs throughout the evolution of a software...
We demonstrate the value analysis of Frama-C. Frama-C is an Open Source static analysis framework for the C language. In Frama-C, each static analysis technique, approach or idea can be implemented as a new plug-in, with the opportunity to obtain information from other plug-ins, and to leave the verification of difficult properties to yet other plug-ins. The new analysis may in turn provide access...
Python is a powerful dynamically typed programming language. Dynamic typing brings great flexibility for programming. However, lack of static type checking, it is hard to detect some bugs before run time. We present a constraint framework based on Pythonpsilas structural equivalence type system. The framework does not introduce any new language features, thus without losing benefits of Pythonpsilas...
This paper presents an exploratory study of ten feature location techniques that use various combinations of textual, dynamic, and static analyses. Unlike previous studies, the approaches are evaluated in terms of finding multiple relevant methods, not just a single starting point of a feature's implementation. Additionally, a new way of applying textual analysis is introduced by which queries are...
Recent research has tried to identify changes in source code repositories that fix bugs by linking these changes to reports in issue tracking systems. These changes have been traced back to the point in time when they were previously modified as a way of identifying bug introducing changes. But we observe that not all changes linked to bug tracking systems are fixing bugs; some are enhancing the code...
In recent years, there has been a growing need for tools that an analyst can use to understand the workings of COTS software as well as malicious code. Static analysis provides techniques that can help with such problems; however, there are several obstacles that must be overcome, including the absence of source code and the difficulty of analyzing machine code. We have created CodeSurfer/x86, a prototype...
Automatically detecting bugs in programs has been a long-held goal in software engineering. Many techniques exist, trading-off varying levels of automation, thoroughness of coverage of program behavior, precision of analysis, and scalability to large code bases. This paper presents the Calysto static checker, which achieves an unprecedented combination of precision and scalability in a completely...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.