English
Related papers

Related papers: Evaluating SZZ Implementations Through a Developer…

200 papers

BACKGROUND: Software engineers must be vigilant in preventing and correcting vulnerabilities and other critical bugs. In servicing this need, numerous tools and techniques have been developed to assist developers. Fuzzers, by autonomously…

Software Engineering · Computer Science 2023-05-22 Brandon Keller , Andrew Meneely , Benjamin Meyers

Software fuzzing has become a cornerstone in automated vulnerability discovery, yet existing mutation strategies often lack semantic awareness, leading to redundant test cases and slow exploration of deep program states. In this work, I…

Cryptography and Security · Computer Science 2025-11-07 Shiyin Lin

Fuzz testing has enjoyed great success at discovering security critical bugs in real software. Recently, researchers have devoted significant effort to devising new fuzzing techniques, strategies, and algorithms. Such new ideas are…

Cryptography and Security · Computer Science 2018-10-22 George Klees , Andrew Ruef , Benji Cooper , Shiyi Wei , Michael Hicks

Critical open source software systems undergo significant validation in the form of lengthy fuzz campaigns. The fuzz campaigns typically conduct a biased random search over the domain of program inputs, to find inputs which crash the…

Cryptography and Security · Computer Science 2024-11-22 Yuntong Zhang , Jiawei Wang , Dominic Berzin , Martin Mirchev , Dongge Liu , Abhishek Arya , Oliver Chang , Abhik Roychoudhury

We present a coverage-guided testing algorithm for distributed systems implementations. Our main innovation is the use of an abstract formal model of the system that is used to define coverage. Such abstract models are frequently developed…

Software Engineering · Computer Science 2025-09-03 Ege Berkay Gulcan , Burcu Kulahcioglu Ozkan , Rupak Majumdar , Srinidhi Nagendra

In recent years, there has been a notable surge in attention towards hardware security, driven by the increasing complexity and integration of processors, SoCs, and third-party IPs aimed at delivering advanced solutions. However, this…

Cryptography and Security · Computer Science 2024-03-20 Raghul Saravanan , Sai Manoj Pudukotai Dinakarrao

Fuzzing technologies have evolved at a fast pace in recent years, revealing bugs in programs with ever increasing depth and speed. Applications working with complex formats are however more difficult to take on, as inputs need to meet…

Cryptography and Security · Computer Science 2020-08-13 Andrea Fioraldi , Daniele Cono D'Elia , Emilio Coppa

Background. The popularity of tools for analyzing Technical Debt, and particularly the popularity of SonarQube, is increasing rapidly. SonarQube proposes a set of coding rules, which represent something wrong in the code that will soon be…

Software Engineering · Computer Science 2019-12-20 Valentina Lenarduzzi , Francesco Lomio , Heikki Huttunen , Davide Taibi

This paper develops automated testing and debugging techniques for answer set solver development. We describe a flexible grammar-based black-box ASP fuzz testing tool which is able to reveal various defects such as unsound and incomplete…

Artificial Intelligence · Computer Science 2010-07-20 Robert Brummayer , Matti Järvisalo

Fuzzing has proven to be a highly effective approach to uncover software bugs over the past decade. After AFL popularized the groundbreaking concept of lightweight coverage feedback, the field of fuzzing has seen a vast amount of scientific…

\'Sliwerski, Zimmermann, and Zeller (SZZ) just won the 2026 ACM SIGSOFT Impact Award for asking: When do changes induce fixes? Their paper from 2005 served as the foundation for a wide array of approaches aimed at identifying…

Software Engineering · Computer Science 2026-04-01 Niklas Risse , Marcel Böhme

Online Just-In-Time Software Defect Prediction (O-JIT-SDP) uses an online model to predict whether a new software change will introduce a bug or not. However, existing studies neglect the interaction of Software Quality Assurance (SQA)…

Software Engineering · Computer Science 2023-08-29 Xutong Liu , Yufei Zhou , Yutian Tang , Junyan Qian , Yuming Zhou

Rigorous software testing is crucial for developing and maintaining high-quality code, making automated test generation a promising avenue for both improving software quality and boosting the effectiveness of code generation methods.…

Software Engineering · Computer Science 2025-02-10 Niels Mündler , Mark Niklas Müller , Jingxuan He , Martin Vechev

Continuous fuzzing is an increasingly popular technique for automated quality and security assurance. Google maintains OSS-Fuzz: a continuous fuzzing service for open source software. We conduct the first empirical study of OSS-Fuzz,…

Software Engineering · Computer Science 2021-03-23 Zhen Yu Ding , Claire Le Goues

Efficient bug triaging procedures are an important precondition for successful collaborative software engineering projects. Triaging bugs can become a laborious task particularly in open source software (OSS) projects with a large base of…

Software Engineering · Computer Science 2013-03-04 Marcelo Serrano Zanetti , Ingo Scholtes , Claudio Juan Tessone , Frank Schweitzer

Modern fuzzers scale to large, real-world software but often fail to exercise the program states developers consider most fragile or security-critical. Such states are typically deep in the execution space, gated by preconditions, or…

Cryptography and Security · Computer Science 2026-02-12 Viet Hoang Luu , Amirmohammad Pasdar , Wachiraphan Charoenwet , Toby Murray , Shaanan Cohney , Van-Thuan Pham

Fuzzing -- testing programs with random inputs -- has become the prime technique to detect bugs and vulnerabilities in programs. To generate inputs that cover new functionality, fuzzers require execution feedback from the program -- for…

Software Engineering · Computer Science 2020-12-29 Rahul Gopinath , Bachir Bendrissou , Björn Mathis , Andreas Zeller

Open Source Software (OSS) has become a very important and crucial infrastructure worldwide because of the value it provides. OSS typically depends on contributions from developers across diverse backgrounds and levels of experience. Making…

Software Engineering · Computer Science 2025-10-08 Elijah Kayode Adejumo , Brittany Johnson

Software-defined networks (SDN) enable flexible and effective communication systems that are managed by centralized software controllers. However, such a controller can undermine the underlying communication network of an SDN-based system…

Software Engineering · Computer Science 2024-01-25 Raphaël Ollando , Seung Yeob Shin , Lionel C. Briand

Fixing bugs in a timely manner lowers various potential costs in software maintenance. However, manual bug fixing scheduling can be time-consuming, cumbersome, and error-prone. In this paper, we propose the Schedule and Dependency-aware Bug…

Software Engineering · Computer Science 2022-08-01 Hadi Jahanshahi , Mucahit Cevik