Language-Based Software Testing
Abstract
Constraints over grammar elements can make test generation easier than ever.
References
[1]
Aschermann, C. et al. NAUTILUS: Fishing for deep bugs with grammars. In Proceedings of 2019 Network and Distributed System Security Symp.; https://bit.ly/3uRisTx
[2]
Barr, E.T. et al. The oracle problem in software testing: A survey. IEEE Trans Softw Eng. 41, 5 (2014), 507--525
[3]
Böhme, M., Pham, V.T., and Roychoudhury, A. Coverage-based greybox fuzzing as Markov Chain. In Proceedings of the ACM SIGSAC Conf. Computer and Communications Security (Vienna, Austria, 2016). ACM, New York, NY, USA, 1032--1043
[4]
Booch, G. The Unified Modeling Language User Guide. Addison Wesley, 2005.
[5]
Briand, L.C. and Labiche, Y. A UML-based approach to system testing. Intern. Conf. on the Unified Modeling Language, Modeling Languages, Concepts, and Tools. Springer, 2001, 194--208
[6]
Claessen, K. and Hughes, J. QuickCheck: A lightweight tool for random testing of Haskell programs. In Proceedings of the 5th ACM SIGPLAN Intern. Conf. Functional Programming. ACM, New York, NY, USA, 2000, 268--279
[7]
Durumeric, Z. et al. The matter of Heartbleed. In Proceedings of the 2014 Conf. Internet Measurement. (Vancouver, BC, Canada). ACM, New York, NY, USA, 475--488
[8]
Eberlein, M. et al. Semantic debugging. In Proceedings of the 31st ACM Joint European Softw. Eng. Conf. and Symp. Foundations of Softw. Eng. (San Francisco, CA, USA, 2023), K. Blincoe and P. Tonella, eds. ACM, New York, NY; preprint https://publications.cispa.saarland/3988/
[9]
Ernst, M.D. et al. Dynamically discovering likely program invariants to support program evolution. IEEE Trans. Softw. Eng. 27, 2 (Feb. 2001), 99--123
[10]
Godefroid, P., Kiezun, A., and Levin, M.Y. Grammar-based whitebox fuzzing. In Proceedings of ACM SIGPLAN Conf. on Programming Language Design and Implementation (Tucson, AZ, USA, 2008). ACM, 206--215
[11]
Gopinath, R., Mathis, B., and Zeller, A. Mining input grammars from dynamic control flow. In Proceedings of the 2020 Joint Meeting of the European Softw. Eng. Conf. and the ACM SIGSOFT Symp. Foundations of Softw. Eng.; https://publications.cispa.saarland/3101/
[12]
Holler, C., Herzig, K., and Zeller, A. Fuzzing with code fragments. In Proceedings of the 2012 USENIX Security Symp. USENIX Assoc., Bellevue, WA, 38--38; https://bit.ly/41oj8Mv
[13]
Höschele, M. and Zeller, A. Mining input grammars from dynamic taints. In Proceedings of the IEEE/ACM Intern. Conf. Automated Softw. Eng. (Singapore, 2016), 720--725
[14]
Hunter, T. and de Vynck, G. "most serious security breach ever" is unfolding right now. WSJ (Dec. 20, 2021); https://www.washingtonpost.com/technology/2021/12/20/log4j-hack-vulnerability-java/
[15]
Jones, B., Harman, M., and Danicic, S. Automated Construction of Input and Output Grammars. Technical Report. University of North London, 1999; https://bit.ly/3TqEcQv.
[16]
Kent, S. Model driven engineering. In Proceedings of the 2002 Intern. Conf. Integrated Formal Methods. Springer, 286--298
[17]
LibFuzzer; https://llvm.org/docs/LibFuzzer.html.
[18]
Mathis, B. et al. Parser-directed fuzzing. In Proceedings of the ACM SIGPLAN Conf. Programming Language Design and Implementation (Phoenix, AZ, USA, 2019). ACM, 548--560
[19]
McMinn, P. Search-based software testing: Past, present and future. In Proceedings of the IEEE 2011 4th Intern. Conf. Softw. Testing, Verification and Validation Workshops. IEEE, 153--163.
[20]
Miller, B.P., Fredriksen, L., and So, B. An empirical study of the reliability of UNIX utilities. Commun. ACM 33, 12 (Dec. 1990), 32--44
[21]
Mussa, M., Ouchani, S., Al Sammane, W., and Hamou-Lhadj, A. A survey of model-driven testing techniques. In Proceedings of the 2009 9th Intern. Conf. Quality Softw., 167--172
[22]
Perlis, A.J. Epigrams on programming. ACM SIGPLAN Notices 17, 9 (1982), 7--13
[23]
Pham, V.-T. et al. Smart greybox fuzzing. IEEE Trans. Softw. Eng. 47, 9 (2019), 1980--1997
[24]
Rosenblum, D.S. A practical approach to programming with assertions. IEEE Trans. Softw. Eng. 21, 1 (1995), 19--31
[25]
Steinhöfel, D. and Zeller, A. Input invariants. In Proceedings of the 30th ACM Joint European Softw. Engineering Conf. and Symp. the Foundations of Softw. Eng. (Singapore, 2022). ACM, New York, NY, USA, 2022, 583--594
[26]
Williams, M., Tüxen, M., and Robin Seggelmann, R. Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension. RFC 6520 IETF, 2012; https://datatracker.ietf.org/doc/rfc6520/.
[27]
Załewski, M. American fuzzy lop; https://lcamtuf.coredump.cx/afl/
[28]
Zeller, A. and Hildebrandt, R. Simplifying and isolating failure-inducing input. IEEE Trans. Softw. Eng. 28, 2 (Feb. 2002), 183--200
Index Terms
- Language-Based Software Testing
Recommendations
Testing of Component-Based Software: A Metamorphic Testing Methodology
UIC-ATC '10: Proceedings of the 2010 Symposia and Workshops on Ubiquitous, Autonomic and Trusted ComputingIn the process of testing Component-based software, Oracle problem comes into existence frequently because of the diversity of component running environment and complicated interactions among components. In this paper, we exploit the features of the ...
Comments
Information & Contributors
Information
Published In
Copyright © 2024 Owner/Author.
This work is licensed under a Creative Commons Attribution International 4.0 License.
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 25 March 2024
Online First: 20 March 2024
Published in CACM Volume 67, Issue 4
Check for updates
Qualifiers
- Research-article
Funding Sources
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 2,605Total Downloads
- Downloads (Last 12 months)2,605
- Downloads (Last 6 weeks)157
Reflects downloads up to 15 Oct 2024
Other Metrics
Citations
Cited By
View allView Options
View options
View or Download as a PDF file.
PDFeReader
View online with eReader.
eReaderDigital Edition
View this article in digital edition.
Digital EditionHTML Format
View this article in HTML Format.
HTML FormatGet Access
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in