The research investigates a new method for detecting errors that occur at module boundaries involving complex application program interfaces. The method first dynamically observes running programs to obtain constraints that characterize successful interactions at module boundaries. It then uses symbolic dynamic taint tracing to obtain symbolic expressions that characterize how regions of the input map to specific values that appear at module boundaries. A constraint solver then generates new input regions that produce values at module boundaries that violate the observed constraints. The final step is to run the program on the resulting new inputs to see if the inputs expose errors involving interactions between modules.
The significance of the research is that many reusable modules present complex interfaces that are difficult for developers to understand. Module boundaries therefore comprise a prime location for errors and security vulnerabilities in software systems. The research promises to develop new testing techniques for finding and eliminating these errors and vulnerabilities. Broader impacts include more reliable software infrastructure for our society and the education of a skilled workforce. Intellectual merit includes a better understanding of errors in software systems and new techniques for finding and eliminating these errors.
