DOCSLIB.ORG

Towards Resource-Aware Security Testing of Software

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Towards Resource-Aware Security Testing of Software Towards Resource-Aware Security Testing of Software Submitted in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Electrical and Computer Engineering Sang Kil Cha B.S., Electrical Engineering, Korea University M.S., Electrical and Computer Engineering, Carnegie Mellon University Thesis Committee: Dr. David Brumley, Chair Dr. Lujo Bauer Dr. David Molnar Dr. Vyas Sekar Carnegie Mellon University Pittsburgh, PA August 10, 2015 Copyright c 2015 Sang Kil Cha For my daughter, Jaen. Abstract As software permeates every facet of life, it is imperative to assure the safety of soft- ware systems. Software vulnerabilities—exploitable software bugs—allow an attacker to destroy privacy, steal identities, and even extort money from victims. Therefore, software bugs must be discovered before an attacker can exploit them. This dissertation presents our work on mutational fuzzing, a software testing tech- nique for finding software bugs. Specifically, we argue that the efficiency of mutational fuzzing can drastically change depending on its parameters, and thus, automatic pa- rameter optimization can help in improving the fuzzing efficiency. We validate this ar- gument by designing, implementing, and evaluating several systems that employ novel techniques optimizing parameter selection for mutational fuzzing. Our specific contri- butions are that (1) we precisely define fuzzing and its parameter space; (2) we analyti- cally study the effectiveness of mutational fuzzing in terms of bug finding probability; (3) we then address three strategies in optimizing mutational fuzzing over the parame- ter space in terms of the number of bugs found; and (4) we finally show a post-fuzzing strategy that enables prioritizing security-relevant bugs under limited resources. Acknowledgments I am deeply indebted to my advisor David Brumley for his support. I came to the USA as a master student without a clue. I struggled with courses due to language barrier and cultural differences. Fortunately, I met David in one of his courses. He rekindled my passion in computer hacking and security research. I would like to say that he have turned a computer hacker into a researcher. I am grateful to Mahadev Satyanarayanan for teaching me the spirit of being a great engineer and a researcher. He has always been my role model during my graduate years, and his courses were my favorite of all time. I am thankful to Charles P. Neuman for giving me a great opportunity to think about being a good professor. I would espe- cially like to thank Weidong Cui for being a great mentor. His relentless passion to his work always inspires me. I would also like to thank my mentors David Andersen, Lujo Bauer, David Molnar, Marcus Peinado, and Vyas Sekar for their helpful feedback, and constant support. Heejo Lee gave me invaluable opportunities both in Korea and in Pittsburgh. I had the privilege of teaching a short course in Korea, which gave me a lot of inspiration. We also had fruitful discussion in Pittsburgh about life and research. Thanassis Avgerinos and Alexandre Rebert tolerated me as a collaborator and as a friend. I am incredibly fortunate to have had the opportunity to work closely with them. I will never forget the team Mayhem. John Truelove helped me get through cultural differences. He always tried to respect me even though I could not express myself, and it was one of the reasons why I could gain confidence during my master years. I am also grateful to my awesome colleagues: Tiffany Bao, Jonathan Burket, Peter Chapman, Nicholas Christine, Anupam Datta, Samantha Gottlieb, Ivan Jager, Jiyong Jang, Limin Jia, Minsuk Kang, Gihyuk Ko, Jonghyup Lee, Soobum Lee, Yanlin Li, Brent Lim, Yue-Hsun Lin, Matthew Maurer, Iulian Moraru, Brian Pak, Adrian Perrig, Edward Schwartz, Divya Sharma, Arunesh Sinha, Michael Stroucken, Spencer Whitman, and Maverick Woo. My apologies to the other people I may have likely forgotten as an oversight. In addition, I would like to thank Ramakrishna Battala and Prasanna Kumar for welcoming me into Indian culture. The first year of my master cannot be explained without my awesome Indian friends. Finally, my deep and heartfelt gratitude goes to my wife, Yeon Yim for her support, patience, constant encouragement and love. Without her, I could not have done this. Funding Acknowledgments This material was supported fully or in part by grants from the National Science Foundation, the Department of Defense, the Defense Advanced Research Projects Agency, Software Engineering Institute, CyLab Army Research Office, Lockheed Martin, and Northrop Grumman as part of the Cybersecurity Research Consortium. Any opinions, findings, and conclusions or recommendations expressed herein are those of the au- thors and do not necessarily reflect the views of the sponsors. Contents 1 Introduction 1 1.1 A Vision for Securing Software...............................1 1.2 Overview: Resource-Aware Security Testing Challenge.................2 1.3 Fuzzing for Bug Finding...................................4 1.4 Parameter Space Reduction for Resource-Aware Fuzzing................4 1.5 Parameter Inference for Resource-Aware Fuzzing.....................5 1.6 Resource-Aware Fuzzing with Dynamic Parameter Scheduling.............6 1.7 Resource-Aware Bug Prioritization.............................7 1.8 Summary of Contributions..................................8 2 Theory of Fuzzing9 2.1 Terminology.......................................... 10 2.2 Our Mathematical Model.................................. 13 2.3 Fuzzing............................................. 13 2.4 Taxonomy of Fuzzing..................................... 16 2.5 Fuzzing Algorithms...................................... 18 2.5.1 Random Fuzzing................................... 19 2.5.2 Ball-based Mutational Fuzzing........................... 19 2.5.3 Surface-based Mutational Fuzzing......................... 20 2.6 Measuring the Fuzzing Efficiency.............................. 20 2.6.1 Random Fuzzing................................... 20 2.6.2 Ball-based Mutational Fuzzing........................... 22 2.6.3 Surface-based Mutational Fuzzing......................... 23 2.6.4 Algorithmic Implementation............................ 24 3 Parameter Reduction 27 3.1 Exploiting Characteristics of Fuzzing Outcome...................... 28 3.2 Seed Selection Challenge................................... 28 3.3 Seed Selection Algorithms.................................. 30 3.4 Measuring Seed Selection Quality.............................. 33 3.4.1 ILP Formulation................................... 35 3.4.2 Optimal Seed Selection for Round-Robin..................... 36 3.5 Experiments.......................................... 37 3.5.1 Establishing Ground Truth............................. 38 3.5.2 Seed Selection Algorithms vs. Random Sampling................ 39 3.5.3 Comparison...................................... 41 3.5.4 Seed Reduction Usefulness............................. 44 3.5.5 Seed Transferability................................. 45 3.6 Discussion........................................... 48 3.7 Summary............................................ 48 4 Parameter Inference 49 4.1 Exploiting Characteristics of Fuzzing Outcome...................... 50 4.2 Input-Bit Dependence.................................... 50 4.3 Failure Rate based on Mutation Ratio............................ 52 4.4 Mutation Ratio Optimization................................ 55 4.4.1 Mutation Ratio Optimization Challenge...................... 55 4.4.2 Solving for an Optimal Mutation Ratio...................... 55 4.4.3 Estimating r ...................................... 57 4.5 Input-Bit Dependence Inference............................... 59 4.5.1 The Algorithm.................................... 60 4.5.2 Example........................................ 65 4.6 SymFuzz Design........................................ 67 4.6.1 Implementation.................................... 68 4.6.2 Symbolic Analysis.................................. 68 4.6.3 Safe Stack Hash.................................... 69 4.7 Evaluation........................................... 70 4.7.1 Experimental Setup.................................. 70 4.7.2 Mutation Ratio Optimization............................ 72 4.7.3 Distribution of b Values............................... 75 4.7.4 Estimating r ...................................... 76 4.7.5 SymFuzz Practicality................................. 77 4.8 Discussion........................................... 79 4.9 Summary............................................ 81 5 Parameter Scheduling 82 5.1 Exploiting Characteristics of Fuzzing Outcome...................... 82 5.2 Problem Setting........................................ 83 5.3 Algorithmic Considerations................................. 84 5.4 Multi-Armed Bandits..................................... 85 5.5 Fuzzing as a Weighted CCP................................. 86 5.6 Impossibility Results..................................... 88 5.7 Scheduling Algorithm Design................................ 89 5.7.1 Rule of Three..................................... 90 5.7.2 Design Space..................................... 91 5.8 Design & Implementation of FuzzSim ........................... 95 5.9 FuzzSim Evaluation...................................... 97 5.9.1 Experimental Setup.................................. 97 5.9.2 Fuzzing Data Collection............................... 98 5.9.3 Data Analysis..................................... 99 5.9.4 Simulation......................................
Load more

Recommended publications
  • Software Testing
    Software Testing PURPOSE OF TESTING CONTENTS I. Software Testing Background II. Software Error Case Studies 1. Disney Lion King 2. Intel Pentium Floating Point Division Bug 3. NASA Mars Polar Lander 4. Patriot Missile Defense System 5. Y2K Bug III. What is Bug? 1. Terms for Software Failure 2. Software Bug: A Formal Definition 3. Why do Bugs occur? and cost of bug. 4. What exactly does a Software Tester do? 5. What makes a good Software Tester? IV. Software Development Process 1. Product Components 2. What Effort Goes into a Software Product? 3. What parts make up a Software Product? 4. Software Project Staff V. Software Development Lifecycle Models 1. Big Bang Model 2. Code and Fix Model 3. Waterfall Model 4. Spiral Model VI. The Realities of Software Testing VII. Software Testing Terms and Definition 1. Precision and Accuracy 2. Verification and Validation 3. Quality Assurance and Quality Control Anuradha Bhatia Software Testing I. Software Testing Background 1. Software is a set of instructions to perform some task. 2. Software is used in many applications of the real world. 3. Some of the examples are Application software, such as word processors, firmware in an embedded system, middleware, which controls and co-ordinates distributed systems, system software such as operating systems, video games, and websites. 4. All of these applications need to run without any error and provide a quality service to the user of the application. 5. The software has to be tested for its accurate and correct working. Software Testing: Testing can be defined in simple words as “Performing Verification and Validation of the Software Product” for its correctness and accuracy of working.
    [Show full text]
  • Magma: a Ground-Truth Fuzzing Benchmark
    Magma: A Ground-Truth Fuzzing Benchmark Ahmad Hazimeh Mathias Payer EPFL EPFL ABSTRACT fuzzer is evaluated against a set of target programs. These target pro- High scalability and low running costs have made fuzz testing grams can be sourced from a benchmark suite—such as the Cyber the de-facto standard for discovering software bugs. Fuzzing tech- Grand Challenge [9], LAVA-M[12], the Juliet Test Suite [30], and niques are constantly being improved in a race to build the ultimate Google’s Fuzzer Test Suite [17], oss-fuzz [2], and FuzzBench [16]— bug-finding tool. However, while fuzzing excels at finding bugs, or from a set of real-world programs [34]. Performance metrics— comparing fuzzer performance is challenging due to the lack of including coverage profiles, crash counts, and bug counts—are then metrics and benchmarks. Crash count, the most common perfor- collected during the evaluation. Unfortunately, while such metrics mance metric, is inaccurate due to imperfections in de-duplication can provide insight into a fuzzer’s performance, they are often methods and heuristics. Moreover, the lack of a unified set of targets insufficient to compare different fuzzers. Moreover, the lackofa results in ad hoc evaluations that inhibit fair comparison. unified set of target programs makes for unfounded comparisons. We tackle these problems by developing Magma, a ground-truth Most fuzzer evaluations consider crash count a reasonable metric fuzzer evaluation framework enabling uniform evaluations and for assessing fuzzer performance. However, crash count is often comparison. By introducing real bugs into real software, Magma inflated [25], even after attempts at de-duplication (e.g., via coverage allows for a realistic evaluation of fuzzers against a broad set of profiles or stack hashes), highlighting the need for more accurate targets.
    [Show full text]
  • 9<HTOFPA=Hjdjfd>
    34 Computer Science Springer News 6/2008 springer.com/booksellers P. Abrahamsson, VTT, Finland; R. Baskerville, W. Abramowicz, Poznan University of Economics, R. Adams, Nanaimo, BC, Canada; S. Gibson, Georgia State University, Atlanta, GA, USA; Poznan, Poland; D. Fensel, STI Innsbruck, Austria University of Victoria, VIC, Canada; S. Müller Arisona, K. Conboy, Lero, NUI Galway, Ireland; B. Fitzgerald, (Eds.) University of California, Santa Barbara, CA, USA (Eds.) L. Morgan, X. Wang, Lero, University of Limerick, Ireland (Eds.) Business Information Systems Transdisciplinary Digital Art. Agile Processes in Software 11th International Conference, Sound, Vision and the New BIS 2008, Innsbruck, Austria, Screen Engineering and Extreme May 5–7, 2008, Proceedings Programming Digital Art Weeks and Interactive Futures 2006/2007, Zürich, Switzerland and Victoria, 9th International Conference, XP 2008, BC, Canada, Selected Papers Limerick, Ireland, June 11–14, 2008, This book contains the refereed proceedings of the 11th International Conference on Business Proceedings Information Systems, BIS 2008, held in Innsbruck, Austria, in May 2008. This volume collects selected papers from the The 41 revised full papers were carefully reviewed past two instances of Digital Art Weeks (Zurich, This book constitutes the refereed proceedings and selected inclusion in the book. The contri- Switzerland) and Interactive Futures (Victoria, BC, of the 8th International Conference on Agile butions cover research trends as well as current Canada), two parallel festivals of digital media art. Processes in Software Engineering and eXtreme achievements and cutting edge developments in The work represented in Transdisciplinary Digital Programming, XP 2008, held in Limerick, Ireland, the area of modern business information systems. Art is a confirmation of the vitality and breadth in June 2008.
    [Show full text]
  • Balloons Could Outperform Spacecraft by Surfing the Stratosphere. We Go
    AVIATION WORKFORCE 40 SPACE POWER 34 ROBOTICS 12 Attract the best and brightest Meet ROSA, the Roll Out Solar Array The case for telepresence at Mars Satellite envy Balloons could outperform spacecraft by surfi ng the stratosphere. We go deep on one company’s plan. PAGE 24 OCTOBER 2017 | A publication of the American Institute of Aeronautics and Astronautics | aerospaceamerica.aiaa.org CALL FOR TECHNICAL BRIEFINGS The AIAA Defense and Security Forum (AIAA DEFENSE 2018) brings together the contractor, acquisition, and R&D communities for classifi ed and unclassifi ed discussions of critical technical, programmatic, and policy topics in a SECRET/NoFORN unbiased, nonpartisan environment. Nearly 200 experts will present the latest innovative technological breakthroughs that will integrate with current and next-generation defense systems. Advanced Prototypes Aerospace and Defense Computing Systems Countermeasures Directed Energy Weapons Estimation, Guidance, Navigation and Control Hypersonic Systems and Technologies Innovative Concepts and Technologies Missile Defense Robotic and Unmanned Weapon Systems Space Systems Strategic Missile Systems – Ground Based Strategic Missile Systems – Sea Based Deterrent Survivability Systems and Decision Analysis for National Security Tactical Missiles Weapon System Performance Analysis, Modeling and Simulation Weapon System Test and Evaluation Abstract Deadline: 30 November 2017 FEATURES | October 2017 MORE AT aerospaceamerica.aiaa.org 16 34 24 Ka-boom! Unrolling innovation Stratosphere surfi ng How a mission to smash a spacecraft Meet the solar array that could One company says its balloons can do into a moonlet may help defend Earth disrupt the spacecraft market. from asteroids and comets. what conventional satellites can do, By Debra Werner and then some.
    [Show full text]
  • Free Linux Based Ftp Server
    Free linux based ftp server Graphical UI based FTP Servers; Terminal/Console based FTP Servers Linux, AIX, UNIX, IBM i, VMware, EC2, Azure, Mac OS, Free FTP server with ​Graphical · ​Console/terminal-based · ​Summary board. The same source code compiles and runs on Linux, OpenBSD, NetBSD, one- disk router), ROOT Linux, Gentoo Linux and almost every other free operating system. Pure-FTPd can act as private FTP server and disallow all anonymous. Learn How FTP Server Works, Setup Open Source vsftpd Server in Linux, On Debian based distros like Ubuntu, you can install it like this. Welcome to the home of CrossFTP Server, the free secure FTP server for Windows, Mac, Linux, and more. almost everything: OS X - +, WinXP - Win+, Linux, Solaris, BSD, Unix, etc! CrushFTP is a robust file transfer server that makes it easy to setup secure is web based allowing you the ability to manage and monitor the server from You can see things like the number of active connections, free drive space. Download the latest and greatest of Linux FTP Server Software here. glFTPd is a free FTP server software for Linux and UNIX based systems. It is highly. Is there any sort of made for Linux FTP server software that features a GUI? I am a total newbie and I am getting my butt kicked by VSFTPD. vsftpd is a GPL licensed FTP server for UNIX systems, including Linux. It is secure and extremely fast. It is stable. Don't take my word for it, though. Below, we will. A glance at the common Linux ftp servers.
    [Show full text]
  • 1 KONFIGURACE GLFTPD a PZS-NG 1.1 Zadání 1.2 Teoretický
    1 KONFIGURACE GLFTPD A PZS-NG 1.1 Zadání 1. Proveďte nastavení portů pro pasivní režim přenosu. 2. Proveďte vytvoření uživatele a nastavení jeho hodnot ratio, num_logins. 3. Proveďte zabezpečení GlFTPd pomocí SSL/TLS. 4. Nakonfigurujte PZS-NG pro ověřování kontrolních součtů a propojte jejsFTP démonem GlFTPd. 1.2 Teoretický úvod FTP (File Transfer Protocol) je aplikačním protokolem vrstvového modelu TCP/IP (Transmission Control Protocol/Internet Protocol). Využívá dvě TCP spojení trans- portní vrstvy označované jako řídící (kontrolní) a datové.[1, 2] Jedná se o textově orientovaný protokol pracující na principu klient-server, tzn. existuje server, kam jsou připojeni jednotliví klienti (například osobní počítače). Textové příkazy jsou posílány v paketech, které mohou být odchyceny a bez větších problémů přečteny. Nejedná se o nový protokol. FTP byl definován v RFC 114 (Request for Comments). Aktuální je definice v RFC 959[1], které vyšlo v říjnu roku 1985 a s použitím aktu- alizačních RFC je dnes stále využíváno převážně ke sdílení souborů.[1] 1.2.1 Aktivní režim Jedná se většinou o preferovaný režim přenosu, jelikož server nemusí otevírat porty a nemůže být přetížen mnoha žádostmi o data. Jak je zobrazeno na obr. 1.1. Přes řídící spojení je mezi klientem a serverem dohodnuto, na jaké IP adrese a portu budou data k dispozici (pomocí příkazu PORT). Spojení je navázáno ze serveru na sdělenou IP a port, kde se stáhne nebo nahraje soubor. Role serveru a klienta jsou tedy pro datové spojení vyměněny.[2] Tento režim však může být problematický při používání NAT (Network Address Translation) nebo firewallu, kdy je bráněno otevření portu na klientovi a následnému připojení serveru.[2] 1.2.2 Pasivní režim Problém NATu, který je způsoben nemožností připojení na klienta, a firewallu je vyřešen přenosem v pasivním režimu, kdy si klient se serverem nevymění role, ty zůstanou zachovány.
    [Show full text]
  • Using CMMI Together with Agile Software Development
    Information and Software Technology 58 (2015) 20–43 Contents lists available at ScienceDirect Information and Software Technology journal homepage: www.elsevier.com/locate/infsof Using CMMI together with agile software development: A systematic review ⇑ Fernando Selleri Silva a,b, , Felipe Santana Furtado Soares a,c, Angela Lima Peres a,d, Ivanildo Monteiro de Azevedo a,b, Ana Paula L.F. Vasconcelos a,b, Fernando Kenji Kamei a,e, Silvio Romero de Lemos Meira a,c a Center of Informatics (CIn), Federal University of Pernambuco (UFPE), Recife, PE, Brazil b Computer Science Course (FACET), Mato Grosso State University (UNEMAT), Barra do Bugres, MT, Brazil c Recife Center of Advanced Studies and Systems (C.E.S.A.R), Recife, PE, Brazil d Cesmac University Center, Maceió, AL, Brazil e Federal Institute of Alagoas (IFAL), Arapiraca, AL, Brazil article info abstract Article history: Background: The search for adherence to maturity levels by using lightweight processes that require low Received 18 April 2014 levels of effort is regarded as a challenge for software development organizations. Received in revised form 21 August 2014 Objective: This study seeks to evaluate, synthesize, and present results on the use of the Capability Matu- Accepted 27 September 2014 rity Model Integration (CMMI) in combination with agile software development, and thereafter to give an Available online 6 October 2014 overview of the topics researched, which includes a discussion of their benefits and limitations, the strength of the findings, and the implications for research and practice. Keywords: Methods: The method applied was a Systematic Literature Review on studies published up to (and Software process improvement including) 2011.
    [Show full text]
  • Managing Defects in an Agile Environment
    Managing Defects in an Agile environment Auteur Ron Eringa Managing Defects in an Agile environment Introduction Injecting passion, Agility Teams often struggle with answering the following and quality into your question: “How to manage our Defects in an organisation. Agile environment?”. They start using Scrum as a framework for developing their software and while implementing, they experience trouble on how to deal with the Defects they find/cause along the way. Scrum is a framework that does not explicitly tell you how to handle Defects. The strait forward answer is to treat your Defects as Product Backlog Items that should be added to the Product Backlog. When the priority is set high enough by the Product Owner, they will be picked up by the Development Team in the next Sprint. The application of this is a little bit more difficult and hence should be explained in more detail. RON ERINGA 1. What is a defect? AGILE COACH Wikipedia: “A software bug (or defect) is an error, flaw, After being graduated from the Fontys failure, or fault in a computer program or system that University in Eindhoven, I worked as a Software produces an incorrect or unexpected result, or causes Engineer/Designer for ten years. Although I it to behave in unintended ways. Most bugs arise have always enjoyed technics, helping people from mistakes and errors made by people in either a and organizations are my passion. Especially program’s source code or its design, or in frameworks to deliver better quality together. When people and operating systems used by such programs, and focus towards a common goal, interaction is a few are caused by compilers producing incorrect increasing and energy is released.
    [Show full text]
  • Servicios De Red E Internet
    SERVICIOS DE RED E INTERNET Autor: Miguel Ángel García Felipe IES GREGORIO PRIETO Servicios de Transferencia de Ficheros SERVICIOS DE RED E INTERNET SERVICIOS DE TRANSFERENCIA DE FICHEROS ÍNDICE 1. Funcionalidad del servicio de transferencia de archivos. - Características. Componentes y funcionamiento. - Protocolo FTP. - Tipos de usuarios y accesos al servicio: Acceso anónimo y acceso autorizado. - Configuración del servicio de transferencia de archivos. Permisos y cuotas. - Conexiones y modos: Conexión de control y conexión de datos. Modos activo y pasivo. - Tipos de transferencia de archivos: ASCII y Binario. - Clientes FTP: en línea de comandos, entornos “gráficos” y navegadores / exploradores. - Monitorización y registro del servicio de transferencia de archivos. - Seguridad en FTP. - FTPS (FTP/SSL): FTPS Implícito. FTPS Explícito (FTPES) - Protocolo FXP (File eXchange Protocol). 2. Servicio TFTP (Trivial File Transfer Protocol). 3. Servicios SFTP/SCP. 4. Transferencia o distribución de archivos entre iguales (peer-to-peer). - Características. Protocolos. Software. Configuración. 2 SERVICIOS DE RED E SERVICIOS DE TRANSFERENCIA DE FICHEROS INTERNET 1. Funcionalidad del servicio de transferencia de archivos. - Características. Componentes y funcionamiento. Es una utilidad que permite la copia de un archivo desde un ordenador a otro a través de una red de computadoras. El servicio más usado para realizar este movimiento es el FTP (File Transfer Protocol), el cual consiste en un programa FTP alojado en un servidor -llamado FTP daemon- el cual se encarga de gestionar las transacciones que solicita el cliente. Los movimientos que podemos realizar a la hora de transferir archivos de un equipo a otro son: "download" (bajada de archivos de Internet), "upload" (subida de archivos a Internet), o intercambio de objetos entre dos o más usuarios.
    [Show full text]
  • A Study of Static Bug Detectors
    How Many of All Bugs Do We Find? A Study of Static Bug Detectors Andrew Habib Michael Pradel [email protected] [email protected] Department of Computer Science Department of Computer Science TU Darmstadt TU Darmstadt Germany Germany ABSTRACT International Conference on Automated Software Engineering (ASE ’18), Sep- Static bug detectors are becoming increasingly popular and are tember 3–7, 2018, Montpellier, France. ACM, New York, NY, USA, 12 pages. widely used by professional software developers. While most work https://doi.org/10.1145/3238147.3238213 on bug detectors focuses on whether they find bugs at all, and on how many false positives they report in addition to legitimate 1 INTRODUCTION warnings, the inverse question is often neglected: How many of all Finding software bugs is an important but difficult task. For average real-world bugs do static bug detectors find? This paper addresses industry code, the number of bugs per 1,000 lines of code has been this question by studying the results of applying three widely used estimated to range between 0.5 and 25 [21]. Even after years of static bug detectors to an extended version of the Defects4J dataset deployment, software still contains unnoticed bugs. For example, that consists of 15 Java projects with 594 known bugs. To decide studies of the Linux kernel show that the average bug remains in which of these bugs the tools detect, we use a novel methodology the kernel for a surprisingly long period of 1.5 to 1.8 years [8, 24]. that combines an automatic analysis of warnings and bugs with a Unfortunately, a single bug can cause serious harm, even if it has manual validation of each candidate of a detected bug.
    [Show full text]
  • Bug Detection, Debugging, and Isolation Middlebox for Software-Defined Network Controllers
    BuDDI: Bug Detection, Debugging, and Isolation Middlebox for Software-Defined Network Controllers Rohit Abhishek1, Shuai Zhao1, Sejun Song1, Baek-Young Choi1, Henry Zhu2, Deep Medhi1 1University of Missouri-Kansas City, 2Cisco Systems frabhishek, shuai.zhao, songsej, choiby, dmedhi)@umkc.edu, [email protected] Abstract—Despite tremendous software quality assurance ef- forts made by network vendors, chastising software bugs is a difficult problem especially, for the network systems in operation. Recent trends towards softwarization and opensourcing of net- work functions, protocols, controls, and applications tend to cause more software bug problems and pose many critical challenges to handle them. Although many traditional redundancy recovery mechanisms are adopted to the softwarized systems, software bugs cannot be resolved with them due to unexpected failure behavior. Furthermore, they are often bounded by common mode failure and common dependencies (CMFD). In this paper, we propose an online software bug detection, debugging, and iso- lation (BuDDI) middlebox architecture for software-defined net- work controllers. The BuDDI architecture consists of a shadow- controller based online debugging facility and a CMFD mitigation module in support of a seamless heterogeneous controller failover. Our proof-of-concept implementation of BuDDI is on the top of OpenVirtex by using Ryu and Pox controllers and verifies that the heterogeneous controller switchover does not cause any Fig. 1. BuDDI N + 2 Reliability additional performance overhead. I. INTRODUCTION mechanisms alone as software bugs can cause unexpected root Software faults in the operating network systems can cause cause failures, baffle failure detections, and hinder recovery not only critical system failures [5] but also various unexpected mechanisms.
    [Show full text]
  • Software Development a Practical Approach!
    Software Development A Practical Approach! Hans-Petter Halvorsen https://www.halvorsen.blog https://halvorsen.blog Software Development A Practical Approach! Hans-Petter Halvorsen Software Development A Practical Approach! Hans-Petter Halvorsen Copyright © 2020 ISBN: 978-82-691106-0-9 Publisher Identifier: 978-82-691106 https://halvorsen.blog ii Preface The main goal with this document: • To give you an overview of what software engineering is • To take you beyond programming to engineering software What is Software Development? It is a complex process to develop modern and professional software today. This document tries to give a brief overview of Software Development. This document tries to focus on a practical approach regarding Software Development. So why do we need System Engineering? Here are some key factors: • Understand Customer Requirements o What does the customer needs (because they may not know it!) o Transform Customer requirements into working software • Planning o How do we reach our goals? o Will we finish within deadline? o Resources o What can go wrong? • Implementation o What kind of platforms and architecture should be used? o Split your work into manageable pieces iii • Quality and Performance o Make sure the software fulfills the customers’ needs We will learn how to build good (i.e. high quality) software, which includes: • Requirements Specification • Technical Design • Good User Experience (UX) • Improved Code Quality and Implementation • Testing • System Documentation • User Documentation • etc. You will find additional resources on this web page: http://www.halvorsen.blog/documents/programming/software_engineering/ iv Information about the author: Hans-Petter Halvorsen The author currently works at the University of South-Eastern Norway.
    [Show full text]