English
Related papers

Related papers: Build It, Break It, Fix It: Contesting Secure Deve…

200 papers

Typical security contests focus on breaking or mitigating the impact of buggy systems. We present the Build-it, Break-it, Fix-it (BIBIFI) contest, which aims to assess the ability to securely build software, not just break it. In BIBIFI,…

Cryptography and Security · Computer Science 2019-07-04 James Parker , Michael Hicks , Andrew Ruef , Michelle L. Mazurek , Dave Levin , Daniel Votipka , Piotr Mardziel , Kelsey R. Fulton

We consider repair tasks: given a critic (e.g., compiler) that assesses the quality of an input, the goal is to train a fixer that converts a bad example (e.g., code with syntax errors) into a good one (e.g., code with no syntax errors).…

Machine Learning · Computer Science 2021-06-23 Michihiro Yasunaga , Percy Liang

The correctness of complex software depends on the correctness of both the source code and the compilers that generate corresponding binary code. Compilers must do more than preserve the semantics of a single source file: they must ensure…

Programming Languages · Computer Science 2024-09-04 Luke Geeson , James Brotherston , Wilco Dijkstra , Alastair F. Donaldson , Lee Smith , Tyler Sorensen , John Wickerson

Security bugs are errors in code that, when exploited, can lead to serious software vulnerabilities. These bugs could allow an attacker to take over an application and steal information. One of the ways to address this issue is by means of…

Software Engineering · Computer Science 2021-02-23 Tiago Espinha Gasiba , Samra Hodzic , Ulrike Lechner , Maria Pinto-Albuquerque

According to a recent survey with more than 4000 software developers, less than half of developers can spot security holes. As a result, software products present a low-security quality expressed by vulnerabilities that can be exploited by…

Software Engineering · Computer Science 2021-01-07 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque , Alae Zouitni

In this paper, we take a deep dive into microarchitectural security from a hardware designer's perspective by reviewing the existing approaches to detect hardware vulnerabilities during the design phase. We show that a protection gap…

When Computer Science (CS) students try to use or extend open-source software (OSS) projects, they often encounter the common challenge of OSS failing to build on their local machines. Even though OSS often provides ready-to-build packages,…

Software Engineering · Computer Science 2025-02-25 Sunzhou Huang , Na Meng , Xueqing Liu , Xiaoyin Wang

Continuous Integration (CI) implies that a whole developer team works together on the mainline of a software project. CI systems automate the builds of a software. Sometimes a developer checks in code, which breaks the build. A broken build…

Software Engineering · Computer Science 2017-03-30 Klérisson V. R. Paixão , Crícia Z. Felício , Fernanda M. Delfim , Marcelo de A. Maia

Large language models (LLMs) have made remarkable progress in code generation, but competitive programming remains a challenge. Recent training-based methods have improved code generation by using reinforcement learning (RL) with execution…

Software Engineering · Computer Science 2026-04-08 Lingxiao Tang , Muyang Ye , Zhaoyang Chu , Xiaoxue Ren , Zhongxin Liu , Lingfeng Bao , He Ye

Software is used in critical applications in our day-to-day life and it is important to ensure its correctness. One popular approach to assess correctness is to evaluate software on tests. If a test fails, it indicates a fault in the…

Software Engineering · Computer Science 2025-04-01 Max Hort , Leon Moonen

A Bug Inducing Commit (BIC) is a code change that introduces a bug into the codebase. Although the abnormal or unexpected behavior caused by the bug may not manifest immediately, it will eventually lead to program failures further down the…

Software Engineering · Computer Science 2025-02-20 Gabin An , Jinsu Choi , Jingun Hong , Naryeong Kim , Shin Yoo

Security is a requirement of utmost importance to produce high-quality software. However, there is still a considerable amount of vulnerabilities being discovered and fixed almost weekly. We hypothesize that developers affect the…

Software Engineering · Computer Science 2021-09-14 Sofia Reis , Rui Abreu , Luis Cruz

Correctness-by-Construction (CbC) is an incremental program construction process to construct functionally correct programs. The programs are constructed stepwise along with a specification that is inherently guaranteed to be satisfied. CbC…

Logic in Computer Science · Computer Science 2024-02-14 Tobias Runge , Tabea Bordis , Alex Potanin , Thomas Thüm , Ina Schaefer

To broaden participation, competitive programming contests may include beginner-level problems that do not require knowledge of advanced Computer Science concepts (e.g., algorithms and data structures). However, since most participants have…

Computers and Society · Computer Science 2024-05-27 Mrigank Pawagi , Viraj Kumar

The detection of offensive language in the context of a dialogue has become an increasingly important application of natural language processing. The detection of trolls in public forums (Gal\'an-Garc\'ia et al., 2016), and the deployment…

Computation and Language · Computer Science 2019-08-20 Emily Dinan , Samuel Humeau , Bharath Chintagunta , Jason Weston

Sophisticated attackers find bugs in software, evaluate their exploitability, and then create and launch exploits for bugs found to be exploitable. Most efforts to secure software attempt either to eliminate bugs or to add mitigations that…

Cryptography and Security · Computer Science 2018-08-03 Zhenghao Hu , Yu Hu , Brendan Dolan-Gavitt

We argue that when it comes to producing secure code with AI, the prevailing "fighting fire with fire" approach -- using probabilistic AI-based checkers or attackers to secure probabilistically generated code -- fails to address the long…

Cryptography and Security · Computer Science 2026-02-10 Benjamin Livshits

Large language models can generate useful code from natural language, but their outputs come without correctness guarantees. Verifiable code generation offers a path beyond testing by requiring models to produce not only executable code,…

Software Engineering · Computer Science 2026-05-12 Zichen Xie , Mrigank Pawagi , Yuxin Liu , Aaditi Rai , Lize Shao , John Berberian , Sicong Che , Wenxi Wang

Continuous Integration (CI) consists of an automated build process involving continuous compilation, testing, and packaging of the software system. While CI comes up with several advantages related to quality and time to delivery, CI also…

Software Engineering · Computer Science 2025-08-26 Henri Aïdasso , Mohammed Sayagh , Francis Bordeleau

Rust is a popular programming language in building various low-level software in recent years. It aims to provide safe concurrency when implementing multi-threaded software through a suite of compiler checking rules. Unfortunately, there is…

Programming Languages · Computer Science 2019-02-07 Zeming Yu , Linhai Song , Yiying Zhang
‹ Prev 1 2 3 10 Next ›