SESep 12, 2019
Detecting Architectural Erosion using Runtime VerificationDiego Marmsoler, Ana Petrovska
The architecture of a system captures important design decisions for the system. Over time, changes in a system's implementation may lead to violations of specific design decisions. This problem is common in industry and known as architectural erosion. Since it may have severe consequences on the quality of a system, research has focused on the development of tools and techniques to address the presented problem. As of today, most of the approaches to detect architectural erosion employ static analysis techniques. While these techniques are well-suited for the analysis of static architectures, they reach their limit when it comes to dynamic architectures. Thus, in this paper, we propose an alternative approach based on runtime verification. To this end, we propose a systematic way to translate a formal specification of architectural constraints to monitors, which can be used to detect violations of these constraints. The approach is implemented in Eclipse/EMF, demonstrated through a running example, and evaluated using two case studies.
SEDec 19, 2017
An Exploratory Survey of Hybrid Testing Techniques Involving Symbolic Execution and FuzzingSaahil Ognawala, Ana Petrovska, Kristian Beckers
Recent efforts in practical symbolic execution have successfully mitigated the path-explosion problem to some extent with search-based heuristics and compositional approaches. Similarly, due to an increase in the performance of cheap multi-core commodity computers, fuzzing as a viable method of random mutation-based testing has also seen promise. However, the possibility of combining symbolic execution and fuzzing, thereby providing an opportunity to mitigate drawbacks in each other, has not been sufficiently explored. Fuzzing could, for example, expedite path-exploration in symbolic execution, and symbolic execution could make seed input generation in fuzzing more efficient. There have only been, in our view, very few hybrid solution proposals with symbolic execution and fuzzing at their centre. By analyzing 77 relevant and systematically selected papers, we (1) present an overview of hybrid solution proposals of symbolic execution and fuzzing, (2) perform a gap analysis in research of hybrid techniques to improve both, plain symbolic execution and fuzzing, (3) propose new ideas for hybrid test-case generation techniques.