A systematic mapping study on the combination of static and dynamic quality assurance techniques
CONTEXT: A lot of different quality assurance techniques exist to ensure high quality
products. However, most often they are applied in isolation. A systematic combination of …
products. However, most often they are applied in isolation. A systematic combination of …
Enemy of the state: A {state-aware}{black-box} web vulnerability scanner
Black-box web vulnerability scanners are a popular choice for finding security vulnerabilities
in web applications in an automated fashion. These tools operate in a point-and-shoot …
in web applications in an automated fashion. These tools operate in a point-and-shoot …
Sound empirical evidence in software testing
Several promising techniques have been proposed to automate different tasks in software
testing, such as test data generation for object-oriented software. However, reported studies …
testing, such as test data generation for object-oriented software. However, reported studies …
Darwin: An approach to debugging evolving programs
Bugs in programs are often introduced when programs evolve from a stable version to a new
version. In this article, we propose a new approach called DARWIN for automatically finding …
version. In this article, we propose a new approach called DARWIN for automatically finding …
Collaborative verification and testing with explicit assumptions
Many mainstream static code checkers make a number of compromises to improve
automation, performance, and accuracy. These compromises include not checking certain …
automation, performance, and accuracy. These compromises include not checking certain …
Ballerina: Automatic generation and clustering of efficient random unit tests for multithreaded code
Testing multithreaded code is hard and expensive. A multithreaded unit test creates two or
more threads, each executing one or more methods on shared objects of the class under …
more threads, each executing one or more methods on shared objects of the class under …
A framework to compare alert ranking algorithms
S Allier, N Anquetil, A Hora… - 2012 19th Working …, 2012 - ieeexplore.ieee.org
To improve software quality, rule checkers statically check if a software contains violations of
good programming practices. On a real sized system, the alerts (rule violations detected by …
good programming practices. On a real sized system, the alerts (rule violations detected by …
[HTML][HTML] Static program analysis assisted dynamic taint tracking for software vulnerability discovery
The evolution of computer science has exposed us to the growing gravity of security
problems and threats. Dynamic taint analysis is a prevalent approach to protect a program …
problems and threats. Dynamic taint analysis is a prevalent approach to protect a program …
Cooperative testing and analysis: Human-tool, tool-tool and human-human cooperations to get work done
T Xie - 2012 IEEE 12th International Working Conference on …, 2012 - ieeexplore.ieee.org
Tool automation to reduce manual effort has been an active research area in various sub
fields of software engineering such as software testing and analysis. To maximize the value …
fields of software engineering such as software testing and analysis. To maximize the value …
Test input generation using dynamic programming
R Nokhbeh Zaeem, S Khurshid - Proceedings of the ACM SIGSOFT 20th …, 2012 - dl.acm.org
Constraint-based input generation is an effective technique for testing programs, such as
compilers and web browsers, which have complex inputs. However, efficient generation of …
compilers and web browsers, which have complex inputs. However, efficient generation of …