The presence of vulnerable statements in the source code is a crucial problem for maintainers: properly monitoring and, if necessary, removing them is highly desirable to ensure h...
Massimiliano Di Penta, Luigi Cerulo, Lerina Aversa...
Static software checking tools are useful as an additional automated software inspection step that can easily be integrated in the development cycle and assist in creating secure,...
Whitebox fuzzing is a novel form of security testing based on dynamic symbolic execution and constraint solving. Over the last couple of years, whitebox fuzzers have found many ne...
Taint analysis, a form of information-flow analysis, establishes whether values from untrusted methods and parameters may flow into security-sensitive operations. Taint analysis...
Omer Tripp, Marco Pistoia, Stephen J. Fink, Manu S...
A key problem for effective unit testing is the difficulty of partitioning large software systems into appropriate units that can be tested in isolation. We present an approach th...