Dominic Steinhöfel
Andreas Zeller
Skip Abstract Section
Abstract
Constraints over grammar elements can make test generation easier than ever.
- Aschermann, C. et al. NAUTILUS: Fishing for deep bugs with grammars. In Proceedings of 2019 Network and Distributed System Security Symp.; https://bit.ly/3uRisTxGoogle Scholar
- Barr, E.T. et al. The oracle problem in software testing: A survey. IEEE Trans Softw Eng. 41, 5 (2014), 507--525 Google ScholarDigital Library
- Böhme, M., Pham, V.T., and Roychoudhury, A. Coverage-based greybox fuzzing as Markov Chain. In Proceedings of the ACM SIGSAC Conf. Computer and Communications Security (Vienna, Austria, 2016). ACM, New York, NY, USA, 1032--1043 Google ScholarDigital Library
- Booch, G. The Unified Modeling Language User Guide. Addison Wesley, 2005.Google ScholarDigital Library
- Briand, L.C. and Labiche, Y. A UML-based approach to system testing. Intern. Conf. on the Unified Modeling Language, Modeling Languages, Concepts, and Tools. Springer, 2001, 194--208 Google ScholarDigital Library
- Claessen, K. and Hughes, J. QuickCheck: A lightweight tool for random testing of Haskell programs. In Proceedings of the 5th ACM SIGPLAN Intern. Conf. Functional Programming. ACM, New York, NY, USA, 2000, 268--279 Google ScholarDigital Library
- Durumeric, Z. et al. The matter of Heartbleed. In Proceedings of the 2014 Conf. Internet Measurement. (Vancouver, BC, Canada). ACM, New York, NY, USA, 475--488 Google ScholarDigital Library
- Eberlein, M. et al. Semantic debugging. In Proceedings of the 31st ACM Joint European Softw. Eng. Conf. and Symp. Foundations of Softw. Eng. (San Francisco, CA, USA, 2023), K. Blincoe and P. Tonella, eds. ACM, New York, NY; preprint https://publications.cispa.saarland/3988/Google ScholarDigital Library
- Ernst, M.D. et al. Dynamically discovering likely program invariants to support program evolution. IEEE Trans. Softw. Eng. 27, 2 (Feb. 2001), 99--123 Google ScholarDigital Library
- Godefroid, P., Kiezun, A., and Levin, M.Y. Grammar-based whitebox fuzzing. In Proceedings of ACM SIGPLAN Conf. on Programming Language Design and Implementation (Tucson, AZ, USA, 2008). ACM, 206--215 Google ScholarDigital Library
- Gopinath, R., Mathis, B., and Zeller, A. Mining input grammars from dynamic control flow. In Proceedings of the 2020 Joint Meeting of the European Softw. Eng. Conf. and the ACM SIGSOFT Symp. Foundations of Softw. Eng.; https://publications.cispa.saarland/3101/Google Scholar
- Holler, C., Herzig, K., and Zeller, A. Fuzzing with code fragments. In Proceedings of the 2012 USENIX Security Symp. USENIX Assoc., Bellevue, WA, 38--38; https://bit.ly/41oj8MvGoogle Scholar
- Höschele, M. and Zeller, A. Mining input grammars from dynamic taints. In Proceedings of the IEEE/ACM Intern. Conf. Automated Softw. Eng. (Singapore, 2016), 720--725 Google ScholarDigital Library
- Hunter, T. and de Vynck, G. "most serious security breach ever" is unfolding right now. WSJ (Dec. 20, 2021); https://www.washingtonpost.com/technology/2021/12/20/log4j-hack-vulnerability-java/Google Scholar
- Jones, B., Harman, M., and Danicic, S. Automated Construction of Input and Output Grammars. Technical Report. University of North London, 1999; https://bit.ly/3TqEcQv.Google Scholar
- Kent, S. Model driven engineering. In Proceedings of the 2002 Intern. Conf. Integrated Formal Methods. Springer, 286--298 Google ScholarDigital Library
- LibFuzzer; https://llvm.org/docs/LibFuzzer.html.Google Scholar
- Mathis, B. et al. Parser-directed fuzzing. In Proceedings of the ACM SIGPLAN Conf. Programming Language Design and Implementation (Phoenix, AZ, USA, 2019). ACM, 548--560 Google ScholarDigital Library
- McMinn, P. Search-based software testing: Past, present and future. In Proceedings of the IEEE 2011 4th Intern. Conf. Softw. Testing, Verification and Validation Workshops. IEEE, 153--163.Google Scholar
- Miller, B.P., Fredriksen, L., and So, B. An empirical study of the reliability of UNIX utilities. Commun. ACM 33, 12 (Dec. 1990), 32--44 Google ScholarDigital Library
- Mussa, M., Ouchani, S., Al Sammane, W., and Hamou-Lhadj, A. A survey of model-driven testing techniques. In Proceedings of the 2009 9th Intern. Conf. Quality Softw., 167--172 Google ScholarDigital Library
- Perlis, A.J. Epigrams on programming. ACM SIGPLAN Notices 17, 9 (1982), 7--13 Google ScholarDigital Library
- Pham, V.-T. et al. Smart greybox fuzzing. IEEE Trans. Softw. Eng. 47, 9 (2019), 1980--1997 Google ScholarCross Ref
- Rosenblum, D.S. A practical approach to programming with assertions. IEEE Trans. Softw. Eng. 21, 1 (1995), 19--31 Google ScholarDigital Library
- Steinhöfel, D. and Zeller, A. Input invariants. In Proceedings of the 30th ACM Joint European Softw. Engineering Conf. and Symp. the Foundations of Softw. Eng. (Singapore, 2022). ACM, New York, NY, USA, 2022, 583--594 Google ScholarDigital Library
- Williams, M., Tüxen, M., and Robin Seggelmann, R. Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension. RFC 6520 IETF, 2012; https://datatracker.ietf.org/doc/rfc6520/.Google Scholar
- Załewski, M. American fuzzy lop; https://lcamtuf.coredump.cx/afl/Google Scholar
- Zeller, A. and Hildebrandt, R. Simplifying and isolating failure-inducing input. IEEE Trans. Softw. Eng. 28, 2 (Feb. 2002), 183--200 Google ScholarDigital Library
Index Terms
- Language-Based Software Testing
Recommendations
Testing of Component-Based Software: A Metamorphic Testing Methodology
UIC-ATC '10: Proceedings of the 2010 Symposia and Workshops on Ubiquitous, Autonomic and Trusted ComputingIn the process of testing Component-based software, Oracle problem comes into existence frequently because of the diversity of component running environment and complicated interactions among components. In this paper, we exploit the features of the ...
Comments