English
Related papers

Related papers: Build It, Break It, Fix It: Contesting Secure Deve…

200 papers

Continuous Integration (CI) consists of an automated build process involving continuous compilation, testing, and packaging of the software system. While CI comes up with several advantages related to quality and time to delivery, CI also…

Software Engineering · Computer Science 2025-08-26 Henri Aïdasso , Mohammed Sayagh , Francis Bordeleau

There is burgeoning interest in designing AI-based systems to assist humans in designing computing systems, including tools that automatically generate computer code. The most notable of these comes in the form of the first self-described…

Cryptography and Security · Computer Science 2021-12-17 Hammond Pearce , Baleegh Ahmad , Benjamin Tan , Brendan Dolan-Gavitt , Ramesh Karri

Large language models (LLMs) have made remarkable progress in code generation, but competitive programming remains a challenge. Recent training-based methods have improved code generation by using reinforcement learning (RL) with execution…

Software Engineering · Computer Science 2026-04-08 Lingxiao Tang , Muyang Ye , Zhaoyang Chu , Xiaoxue Ren , Zhongxin Liu , Lingfeng Bao , He Ye

The advent of Artificial Intelligence (AI), particularly large language models (LLMs), has revolutionized software development by enabling developers to specify tasks in natural language and receive corresponding code, boosting…

Cryptography and Security · Computer Science 2025-11-27 Jaehwan Park , Kyungchan Lim , Seonhye Park , Doowon Kim

We argue that when it comes to producing secure code with AI, the prevailing "fighting fire with fire" approach -- using probabilistic AI-based checkers or attackers to secure probabilistically generated code -- fails to address the long…

Cryptography and Security · Computer Science 2026-02-10 Benjamin Livshits

Background: Compilers are fundamental to software development, translating high-level source code into executable software systems. Faults in compilers can have severe consequences and thus effective localization and resolution of compiler…

Software Engineering · Computer Science 2025-12-19 Yibiao Yang , Qingyang Li , Maolin Sun , Jiangchang Wu , Yuming Zhou

The software build process transforms source code into deployable artifacts, representing a critical yet vulnerable stage in software development. Build infrastructure security poses unique challenges: the complexity of multi-component…

The rise of cyber-physical systems in safety-critical domains calls for robust risk-evaluation frameworks. Assurance cases, often required by regulatory bodies, are a structured approach to demonstrate that a system meets its safety…

Software Engineering · Computer Science 2025-02-04 Usman Gohar , Michael C. Hunter , Myra B. Cohen , Robyn R. Lutz

The correctness of compilers is instrumental in the safety and reliability of other software systems, as bugs in compilers can produce programs that do not reflect the intents of programmers. Compilers are complex software systems due to…

Software Engineering · Computer Science 2021-03-22 Md Rafiqul Islam Rabin , Mohammad Amin Alipour

Incremental and parallel builds are crucial features of modern build systems. Parallelism enables fast builds by running independent tasks simultaneously, while incrementality saves time and computing resources by processing the build…

Software Engineering · Computer Science 2023-12-05 Thodoris Sotiropoulos , Stefanos Chaliasos , Dimitris Mitropoulos , Diomidis Spinellis

Sophisticated attackers find bugs in software, evaluate their exploitability, and then create and launch exploits for bugs found to be exploitable. Most efforts to secure software attempt either to eliminate bugs or to add mitigations that…

Cryptography and Security · Computer Science 2018-08-03 Zhenghao Hu , Yu Hu , Brendan Dolan-Gavitt

Bug bisection has been an important security task that aims to understand the range of software versions impacted by a bug, i.e., identifying the commit that introduced the bug. However, traditional patch-based bisection methods are faced…

Machine Learning · Computer Science 2025-10-31 Zheng Zhang , Haonan Li , Xingyu Li , Hang Zhang , Zhiyun Qian

Compilers play a foundational role in building reliable software systems, and bugs within them can lead to catastrophic consequences. The compilation process typically involves hundreds of files, making traditional automated bug isolation…

Software Engineering · Computer Science 2025-06-24 Yixian Qi , Jiajun Jiang , Fengjie Li , Bowen Chen , Hongyu Zhang , Junjie Chen

A Bug Inducing Commit (BIC) is a commit that introduces a software bug into the codebase. Knowing the relevant BIC for a given bug can provide valuable information for debugging as well as bug triaging. However, existing BIC identification…

Software Engineering · Computer Science 2023-02-16 Gabin An , Jingun Hong , Naryeong Kim , Shin Yoo

Safety-critical designs need to ensure reliable operations under hostile conditions with a certain degree of confidence. The continuously higher complexity of these designs makes them more susceptible to the risk of failure. ISO26262…

Software Engineering · Computer Science 2022-04-29 Endri Kaja , Nicolas Gerlin , Luis Rivas , Monideep Bora , Keerthikumara Devarajegowda , Wolfgang Ecker

Continuous Integration (CI) testing is a popular software development technique that allows developers to easily check that their code can build successfully and pass tests across various system environments. In order to use a CI platform,…

Software Engineering · Computer Science 2018-05-14 Mark Santolucito , Jialu Zhang , Ennan Zhai , Ruzica Piskac

Correctness-by-Construction (CbC) is an incremental program construction process to construct functionally correct programs. The programs are constructed stepwise along with a specification that is inherently guaranteed to be satisfied. CbC…

Logic in Computer Science · Computer Science 2024-02-14 Tobias Runge , Tabea Bordis , Alex Potanin , Thomas Thüm , Ina Schaefer

Awareness of cybersecurity topics facilitates software developers to produce secure code. This awareness is especially important in industrial environments for the products and services in critical infrastructures. In this work, we address…

Software Engineering · Computer Science 2021-02-11 Tiago Espinha Gasiba , Ulrike Lechner , Maria Pinto-Albuquerque

Incremental and parallel builds performed by build tools such as Make are the heart of modern C/C++ software projects. Their correct and efficient execution depends on build scripts. However, build scripts are prone to errors. The most…

Software Engineering · Computer Science 2024-04-29 Jun Lyu , Shanshan Li , He Zhang , Yang Zhang , Guoping Rong , Manuel Rigger

Scripting languages are continuously gaining popularity due to their ease of use and the flourishing software ecosystems that surround them. These languages offer crash and memory safety by design, thus, developers do not need to understand…

Cryptography and Security · Computer Science 2023-02-06 Cristian-Alexandru Staicu , Sazzadur Rahaman , Ágnes Kiss , Michael Backes