一种自动机学习和符号化执行的软件自动测试方法

计算机科学 ›› 2013, Vol. 40 ›› Issue (8): 161-164.

一种自动机学习和符号化执行的软件自动测试方法

陈曙,叶俊民,张帆

华中师范大学计算机学院武汉430079;华中师范大学计算机学院武汉430079;杭州电子科技大学通信工程学院杭州 310018

出版日期:2018-11-16 发布日期:2018-11-16
基金资助:
本文受中央高校自主科研基金(CCNU11A01012,CCNU11A02007),湖北省自然科学基金(2010CDB04001)资助

Automatic Program Testing with Dynamic Symbolic Execution and Model Learning

CHEN Shu,YE Jun-min and ZHANG Fan

Online:2018-11-16 Published:2018-11-16

摘要/Abstract

摘要： 针对高可信软件提出一种软件脆弱性自动测试方法。与传统测试方法不同,该方法对待测试程序进行预处理,使用自动机学习算法构造软件与环境交互的抽象机模型,在符号化执行迭代过程中利用抽象机模型指导符号化执行,并动态生成测试数据,同时精化交互抽象机用于后继的符号化迭代测试。解决了传统符号化执行测试技术中缺乏指引、具有较高盲目性的问题,同时也提高了符号化执行测试的效率和代码覆盖率。

关键词: 自动机,自动测试,符号化执行,抽象机

Abstract: An automatic testing approach was proposed with dynamic symbolic execution and model learning．The model that represents I/O interaction of program with its environment was constructed by stepwise learning algorithm．With abstract interaction model,the process of dynamic execution is guided by states of the model,and test data is automatically generated．Abstract interaction model is also refined by the test data and used for further execution．The problem that traditional symbolic execution lacks guidance is solved,and its speed and code coverage rate are also improved．

Key words: Automation,Auto testing,Symbolic execution,Abstract machine

陈曙,叶俊民,张帆. 一种自动机学习和符号化执行的软件自动测试方法[J]. 计算机科学, 2013, 40(8): 161-164. https://doi.org/

CHEN Shu,YE Jun-min and ZHANG Fan. Automatic Program Testing with Dynamic Symbolic Execution and Model Learning[J]. Computer Science, 2013, 40(8): 161-164. https://doi.org/

参考文献

[1] Godefroid P,Klarlund N．DART:Directed Automated RandomTesting [C]∥PLDI05．Chicago,Illinois,USA,June 2005:12-15
[2] King J C,Wegbreit B．Symbolic Execution and Program Testing[J]．Communications of the ACM on Programming Languages,1976,19(7):385-394
[3] Sen T,Mall R．State-Model-Based Regression Test Reduction for Component-Based Software[J]．ISRN Software Enginee-ring,2012(7):15-26
[4] Alsmadi I．Advanced Automated Software Testing:Frameworks for Refined Practice [M]．Yarmouk University,Jordan,2012:209-224
[5] Cho C Y,Babi D,Poosankam P．MACE:Model-inference-Assisted Concolic Exploration for Protocol and Vulnerability Disco-very[C]∥Proceedings of the 20th USENIX conference on Security(SEC 11)．Usenix,2011:78-90
[6] Angluin D．Learning regular sets from queries and counterexamples[J]．Information and Computation,1987,75(2):87-106
[7] Shahbaz M,Groz R．Inferring Mealy machines [C]∥FM’09:Proc．of the 2nd World Congress on Formal Methods．Springer,2009:207-222
[8] Shu Guo-qiang,Lee D．Testing Security Properties of Protocol Implementations-a Machine Learning Based Approach [C]∥27th International Conference on Distributed Computing Systems(ICDCS’07)．2007:34-43
[9] Zhang Da-zhi,Liu Dong-gang,Wang Wen-hua．Detecting Vul-nerabilities in C Programs Using Trace-Based Testing[C]∥Proc．40th Annual IEEE/IFIP International Conference on Dependable Systems and Networks．IEEE Publisher,2010:241-250

Metrics

Viewed

Full text

Abstract

Cited

Shared

Discussed