English
Related papers

Related papers: Towards Build Verifiability for Java-based Systems

200 papers

Understanding how software defects manifest and evolve in production environments is critical for improving reliability. While previous research has largely focused on pre-release defects, the nature of residual faults, i.e., those escaping…

Software Engineering · Computer Science 2026-04-30 Domenico Cotroneo , Giuseppe De Rosa , Cristina Improta , Benedetta Gaia Varriale

Many tools and libraries are readily available to build and operate distributed Web applications. While the setup of operational environments is comparatively easy, practice shows that their continuous secure operation is more difficult to…

Cryptography and Security · Computer Science 2012-07-13 Matteo Maria Casalino , Michele Mangili , Henrik Plate , Serena Elisa Ponta

Java applications include third-party dependencies as bytecode. To keep these applications secure, researchers have proposed tools to re-identify dependencies that contain known vulnerabilities. Yet, to allow such re-identification, one…

Software Engineering · Computer Science 2024-07-26 Stefan Schott , Wolfram Fischer , Serena Elisa Ponta , Jonas Klauke , Eric Bodden

Automated tests play an important role in software evolution because they can rapidly detect faults introduced during changes. In practice, code-coverage metrics are often used as criteria to evaluate the effectiveness of test suites with…

Software Engineering · Computer Science 2016-11-23 Rainer Niedermayr , Elmar Juergens , Stefan Wagner

Typical security contests focus on breaking or mitigating the impact of buggy systems. We present the Build-it Break-it Fix-it BIBIFI contest which aims to assess the ability to securely build software not just break it. In BIBIFI teams…

Cryptography and Security · Computer Science 2018-08-31 Andrew Ruef , Michael Hicks , James Parker , Dave Levin , Michelle L. Mazurek , Piotr Mardziel

Certifying neural network robustness against adversarial examples is challenging, as formal guarantees often require solving non-convex problems. Hence, incomplete verifiers are widely used because they scale efficiently and substantially…

Machine Learning · Computer Science 2026-02-05 Mohammadreza Maleki , Rushendra Sidibomma , Arman Adibi , Reza Samavi

Build systems are an essential part of modern software engineering projects. As software projects change continuously, it is crucial to understand how the build system changes because neglecting its maintenance can lead to expensive build…

Software Engineering · Computer Science 2017-03-27 Christian Macho , Shane McIntosh , Martin Pinzger

In the past two decades, significant research and development effort went into the development of verification tools for individual languages, such asC, C++, and Java. Many of the used verification approaches are in fact language-agnostic…

Programming Languages · Computer Science 2025-11-27 Dirk Beyer , Gidon Ernst , Martin Jonáš , Marian Lingsch-Rosenfeld

Nowadays, an increasing number of applications uses deserialization. This technique, based on rebuilding the instance of objects from serialized byte streams, can be dangerous since it can open the application to attacks such as remote code…

Cryptography and Security · Computer Science 2022-08-18 Imen Sayar , Alexandre Bartel , Eric Bodden , Yves Le Traon

Identity-based software signing tools aim to make software artifact provenance verifiable while reducing the operational burden of long-lived key management. However, there is limited cross-tool longitudinal evidence about which usability…

Software Engineering · Computer Science 2026-03-19 Kelechi G. Kalu , Hieu Tran , Santiago Torres-Arias , Sooyeon Jeong , James C. Davis

This paper presents composable attestation as a generalized cryptographic framework for Continuous and Incremental Trust in Distributed Systems,such as Artificial Intelligence (AI) computation, and Open Source Software (OSS) supply chain…

Cryptography and Security · Computer Science 2026-03-04 Sheng Sun , Sarah Evans

The dependency on the correct functioning of embedded systems is rapidly growing, mainly due to their wide range of applications, such as micro-grids, automotive device control, health care, surveillance, mobile devices, and consumer…

Logic in Computer Science · Computer Science 2017-03-01 Lucas Cordeiro

It is challenging to verify that the planned security mechanisms are actually implemented in the software. In the context of model-based development, the implemented security mechanisms must capture all intended security properties that…

Software Engineering · Computer Science 2022-03-21 Katja Tuma , Sven Peldszus , Daniel Strüber , Riccardo Scandariato , Jan Jürjens

The cutting edge in systems development today is in the area of "systems of systems" (SoS) large networks of inter-related systems that are developed and managed separately, but that also perform collective activities. Such large systems…

Software Engineering · Computer Science 2013-11-15 Eric Honour

Test resources are usually limited and therefore it is often not possible to completely test an application before a release. Therefore, testers need to focus their activities on the relevant code regions. In this paper, we introduce an…

Software Engineering · Computer Science 2018-05-04 Rainer Niedermayr , Tobias Röhm , Stefan Wagner

C programs can use compiler builtins to provide functionality that the C language lacks. On Linux, GCC provides several thousands of builtins that are also supported by other mature compilers, such as Clang and ICC. Maintainers of other…

Programming Languages · Computer Science 2019-07-02 Manuel Rigger , Stefan Marr , Bram Adams , Hanspeter Mössenböck

JBMC is an open-source SAT- and SMT-based bounded model checking tool for verifying Java bytecode. JBMC relies on an operational model of the Java libraries, which conservatively approximates their semantics, to verify assertion violations,…

Software Engineering · Computer Science 2023-02-07 Romain Brenguier , Lucas Cordeiro , Daniel Kroening , Peter Schrammel

Software Bill of Materials (SBOM) provides new opportunities for automated vulnerability identification in software products. While the industry is adopting SBOM-based Vulnerability Scanning (SVS) to identify vulnerabilities, we…

Software Engineering · Computer Science 2025-12-22 Martin Rosso , Muhammad Asad Jahangir Jaffar , Alessandro Brighente , Mauro Conti

Software supply chain attacks, which exploit the build process or artifacts used in the process of building a software product, are increasingly of concern. To combat these attacks, one must be able to check that every artifact that a…

Software Engineering · Computer Science 2024-02-15 Bharathi Seshadri , Yongkui Han , Chris Olson , David Pollak , Vojislav Tomasevic

As software becomes more complex and assumes an even greater role in our lives, formal verification is set to become the gold standard in securing software systems into the future, since it can guarantee the absence of errors and entire…

Human-Computer Interaction · Computer Science 2021-11-17 Carolina Carreira , João F. Ferreira , Alexandra Mendes , Nicolas Christin