Modern software is plagued by elusive corner-case bugs (e.g., security vulnerabilities). There are no scalable, automated ways of finding them, therefore such bugs can remain hidden until software is deployed in production. This thesis proposes approaches to solve this problem. First, we present black-box and white-box fault injection mechanisms, which allow developers to test the behavior of their code in the face of failures in external components, e.g., in libraries, in the kernel, or in remote nodes of a distributed system. We describe a feedback-guided exploration algorithm that prioritizes black-box fault injection tests based on their estimated impact, thus discovering more bugs than random injection. For white-box testing, we propos...
The current software ecosystem is exceptionally complex. A key defining feature of this complexity i...
Reproducing bug symptoms is a prerequisite for performing automatic bug diagnosis. Do bugs have char...
Software bugs are everywhere. Not only do they infest software during development, but they escape o...
Modern software is plagued by elusive corner-case bugs (e.g., security bugs). Because there are no s...
Trojan messages are messages that seem correct to the re-ceiver but cannot be generated by any corre...
We present a platform for software security testing primarily designed to support human testers in d...
We present a platform for software security testing primarily designed to support human testers in d...
Identifying software vulnerabilities is becoming more important as critical and sensitive systems in...
Fault injection-a key technique for testing the robustness of software systems-ends up rarely being ...
Software vulnerabilities are mistakes in software such that its execution can violate the security p...
Security bugs in network-based applications allow an attacker to compromise a system from the networ...
Failures in computing systems are unavoidable. Therefore, it is important to detect and diagnose fai...
International audienceFault injection is a well known method to test the robustness and security vul...
Abstract—The increasing reliance put on networked computer systems demands higher levels of dependab...
Software assurance is of paramount importance given the increasing impact of software on our lives. ...
The current software ecosystem is exceptionally complex. A key defining feature of this complexity i...
Reproducing bug symptoms is a prerequisite for performing automatic bug diagnosis. Do bugs have char...
Software bugs are everywhere. Not only do they infest software during development, but they escape o...
Modern software is plagued by elusive corner-case bugs (e.g., security bugs). Because there are no s...
Trojan messages are messages that seem correct to the re-ceiver but cannot be generated by any corre...
We present a platform for software security testing primarily designed to support human testers in d...
We present a platform for software security testing primarily designed to support human testers in d...
Identifying software vulnerabilities is becoming more important as critical and sensitive systems in...
Fault injection-a key technique for testing the robustness of software systems-ends up rarely being ...
Software vulnerabilities are mistakes in software such that its execution can violate the security p...
Security bugs in network-based applications allow an attacker to compromise a system from the networ...
Failures in computing systems are unavoidable. Therefore, it is important to detect and diagnose fai...
International audienceFault injection is a well known method to test the robustness and security vul...
Abstract—The increasing reliance put on networked computer systems demands higher levels of dependab...
Software assurance is of paramount importance given the increasing impact of software on our lives. ...
The current software ecosystem is exceptionally complex. A key defining feature of this complexity i...
Reproducing bug symptoms is a prerequisite for performing automatic bug diagnosis. Do bugs have char...
Software bugs are everywhere. Not only do they infest software during development, but they escape o...