35 Hits in 2.0 sec


Xi Ge, Kunal Taneja, Tao Xie, Nikolai Tillmann
2011 Proceeding of the 33rd international conference on Software engineering - ICSE '11  
Software-defect detection is an increasingly important research topic in software engineering. To detect defects in a program, static verification and dynamic test generation are two important proposed techniques. However, both of these techniques face their respective issues. Static verification produces false positives, and on the other hand, dynamic test generation is often time consuming. To address the limitations of static verification and dynamic test generation, we present an automated
more » ... efect-detection tool, called DyTa, that combines both static verification and dynamic test generation. DyTa consists of a static phase and a dynamic phase. The static phase detects potential defects with a static checker; the dynamic phase generates test inputs through dynamic symbolic execution to confirm these potential defects. DyTa reduces the number of false positives compared to static verification and performs more efficiently compared to dynamic test generation.
doi:10.1145/1985793.1985971 dblp:conf/icse/GeTXT11 fatcat:o3tt5yj6jzhwnd3q4w66b3nmlq


Kunal Taneja, Yi Zhang, Tao Xie
2010 Proceedings of the IEEE/ACM international conference on Automated software engineering - ASE '10  
Software testing has been commonly used in assuring the quality of database applications. It is often prohibitively expensive to manually write quality tests for complex database applications. Automated test generation techniques, such as Dynamic Symbolic Execution (DSE), have been proposed to reduce human efforts in testing database applications. However, such techniques have two major limitations: (1) they assume that the database that the application under test interacts with is accessible,
more » ... hich may not always be true; and (2) they usually cannot create necessary database states as a part of the generated tests. To address the preceding limitations, we propose an approach that applies DSE to generate tests for a database application. Instead of using the actual database that the application interacts with, our approach produces and uses a mock database in test generation. A mock database mimics the behavior of an actual database by performing identical database operations on itself. We conducted two empirical evaluations on both a medical device and an open source software system to demonstrate that our approach can generate, without producing false warnings, tests with higher code coverage than conventional DSE-based techniques.
doi:10.1145/1858996.1859053 dblp:conf/kbse/TanejaZX10 fatcat:js3titua7vewtbz5y2qu6vjvem

Software Engineering for the Internet of Things

Xabier Larrucea, Annie Combelles, John Favaro, Kunal Taneja
2017 IEEE Software  
doi:10.1109/ms.2017.28 fatcat:gngbo7j3krhn5csjmlwgcy5jjy


Kunal Taneja, Tao Xie, Nikolai Tillmann, Jonathan de Halleux
2011 Proceedings of the 2011 International Symposium on Software Testing and Analysis - ISSTA '11  
Software programs evolve throughout their lifetime undergoing various changes. While making these changes, software developers may introduce regression faults. It is desirable to detect these faults as quickly as possible to reduce the cost involved in fixing them. One existing solution is continuous testing, which runs an existing test suite to quickly find regression faults as soon as code changes are saved. However, the effectiveness of continuous testing depends on the capability of the
more » ... ting test suite for finding behavioral differences across versions. To address the issue, we propose an approach, called eXpress, that conducts efficient regression test generation based on a pathexploration-based test generation (PBTG) technique, such as dynamic symbolic execution. eXpress prunes various irrelevant paths with respect to detecting behavioral differences to optimize the search strategy of a PBTG technique. As a result, the PBTG technique focuses its efforts on regression test generation. In addition, eXpress leverages the existing test suite (if available) for the original version to efficiently execute the changed code regions of the program and infect program states. Experimental results on 67 versions (in total) of four programs (two from the subject infrastructure repository and two from real-world open source projects) show that, using eXpress, a state-of-the-art PBTG technique, called Pex, requires about 36% less amount of time (on average) to detect behavioral differences than without using eXpress. In addition, Pex using eXpress detects four behavioral differences that could not be detected without using eXpress (within a time bound). Furthermore, Pex requires 67% less amount of time to find behavioral differences by exploiting an existing test suite than exploration without using the test suite. A behavioral difference between two versions of a program can be reflected by the difference between the observable outputs produced by the execution of the same test (referred to as a difference-exposing test) on the two versions. 2 An earlier version [20] of this work is described in a four-page paper that appears in the NIER track of ICSE 2009. This work significantly extends the previous work in the following major ways. First, we develop techniques for exploiting the existing test suite for efficiently generating regression tests. Second, we develop more prioritization techniques. Third, we automate our approach by developing a tool. Fourth, we conduct extensive experiments to evaluate our approach.
doi:10.1145/2001420.2001422 dblp:conf/issta/TanejaXTH11 fatcat:nskk7dop2fb35egteqhaqsadfm


Kunal Taneja, Nuo Li, Madhuri R. Marri, Tao Xie, Nikolai Tillmann
2010 Proceedings of the IEEE/ACM international conference on Automated software engineering - ASE '10  
User-input validators play an essential role in guarding a web application against application-level attacks. Hence, the security of the web application can be compromised by defective validators. To detect defects in validators, testing is one of the most commonly used methodologies. Testing can be performed by manually writing test inputs and oracles, but this manual process is often laborintensive and ineffective. On the other hand, automated test generators cannot generate test oracles in
more » ... e absence of specifications, which are often not available in practice. To address this issue in testing validators, we propose a novel approach, called MiTV, that applies Multiple-implementation Testing for Validators, i.e., comparing the behavior of a validator under test with other validators of the same type. These other validators of the same type can be collected from either open or proprietary source code repositories. To show the effectiveness of MiTV, we applied MiTV on 53 different validators (of 6 common types) for web applications. Our results show that MiTV detected real defects in 70% of the validators.
doi:10.1145/1858996.1859019 dblp:conf/kbse/TanejaLMXT10 fatcat:wyi72yfimjhvnmzotdi4ejlvhq

DiffGen: Automated Regression Unit-Test Generation

Kunal Taneja, Tao Xie
2008 2008 23rd IEEE/ACM International Conference on Automated Software Engineering  
Software programs continue to evolve throughout their lifetime. Maintenance of such evolving programs, including regression testing, is one of the most expensive activities in software development. We present an approach and its implementation called DiffGen for automated regression unit-test generation and checking for Java programs. Given two versions of a Java class, our approach instruments the code by adding new branches such that if these branches can be covered by a test generation tool,
more » ... behavioral differences between the two class versions are exposed. DiffGen then uses a coverage-based test generation tool to generate test inputs for covering the added branches to expose behavioral differences. We have evaluated DiffGen on finding behavioral differences between 21 classes and their versions. Experimental results show that our approach can effectively expose many behavioral differences that cannot be exposed by state-of-the-art techniques.
doi:10.1109/ase.2008.60 dblp:conf/kbse/TanejaX08 fatcat:xeelra7gbjh5tn66uzvhazhthu

High-confidence software evolution

Qing Gao, Jun Li, Yingfei Xiong, Dan Hao, Xusheng Xiao, Kunal Taneja, Lu Zhang, Tao Xie
2016 Science China Information Sciences  
Software continues to evolve due to changing requirements, platforms and other environmental pressures. Modern software is dependent on frameworks, and if the frameworks evolve, the software has to evolve as well. On the other hand, the software may be changed due to changing requirements. Therefore, in high-confidence software evolution, we must consider both framework evolution and client evolution, each of which may incur faults and reduce software quality. In this article, we present a set
more » ... f approaches to address some problems in high-confidence software evolution. In particular, to support framework evolution, we propose a history-based matching approach to identify a set of transformation rules between different APIs, and a transformation language to support automatic transformation. To support client evolution for high-confidence software, we propose a path-exploration-based approach to generate tests efficiently by pruning paths irrelevant to changes between versions, several coverage-based approaches to optimize test execution, and approaches to locate faults and fix memory leaks automatically. These approaches facilitate high-confidence software evolution from various aspects.
doi:10.1007/s11432-016-5572-2 fatcat:vachltlnmzhx7krpofmrzzsfei

Guided path exploration for regression test generation

Kunal Taneja, Tao Xie, Nikolai Tillmann, Jonathan de Halleux, Wolfram Schulte
2009 2009 31st International Conference on Software Engineering - Companion Volume  
Regression test generation aims at generating a test suite that can detect behavioral differences between the original and the modified versions of a program. Regression test generation can be automated by using Dynamic Symbolic Execution (DSE), a state-of-the-art test generation technique, to generate a test suite achieving high structural coverage. DSE explores paths in the program to achieve high structural coverage, and exploration of all these paths can often be expensive. However, if our
more » ... im is to detect behavioral differences between two versions of a program, we do not need to explore all paths in the program as not all these paths are relevant for detecting behavioral differences. In this paper, we propose a guided path exploration approach that avoids exploring irrelevant paths and gives priority to more promising paths (in terms of detecting behavioral differences) such that behavioral differences are more likely to be detected earlier in path exploration. Preliminary results show that our approach requires about 12.9% fewer runs on average (maximum 25%) to cause the execution of a changed statement and 11.8% fewer runs on average (maximum 31.2%) to cause program-state differences after its execution than the search strategies without guidance.
doi:10.1109/icse-companion.2009.5071009 dblp:conf/icse/TanejaXTHS09 fatcat:drdmu3yvyfgpbmmzjcrrphqfqm

Data Driven Modelling of Nuclear Power Plant Performance Data as Finite State Machines

Kshirasagar Naik, Mahesh D. Pandey, Anannya Panda, Abdurhman Albasir, Kunal Taneja
2021 Modelling  
Accurate modelling and simulation of a nuclear power plant are important factors in the strategic planning and maintenance of the plant. Several nonlinearities and multivariable couplings are associated with real-world plants. Therefore, it is quite challenging to model such cyberphysical systems using conventional mathematical equations. A visual analytics approach which addresses these limitations and models both short term as well as long term behaviour of the system is introduced. Principal
more » ... Component Analysis (PCA) followed by Linear Discriminant Analysis (LDA) is used to extract features from the data, k-means clustering is applied to label the data instances. Finite state machine representation formulated from the clustered data is then used to model the behaviour of cyberphysical systems using system states and state transitions. In this paper, the indicated methodology is deployed over time-series data collected from a nuclear power plant for nine years. It is observed that this approach of combining the machine learning principles with the finite state machine capabilities facilitates feature exploration, visual analysis, pattern discovery, and effective modelling of nuclear power plant data. In addition, finite state machine representation supports identification of normal and abnormal operation of the plant, thereby suggesting that the given approach captures the anomalous behaviour of the plant.
doi:10.3390/modelling2010003 fatcat:p5azd57ajrcppehmlxl56u3efq

Search-based inference of dialect grammars

Massimiliano Di Penta, Pierpaolo Lombardi, Kunal Taneja, Luigi Troiano
2007 Soft Computing - A Fusion of Foundations, Methodologies and Applications  
Building parsers is an essential task for the development of many tools, from software maintenance tools to any kind of business-specific, programmable environment having a command-line interface. Whilst grammars for many programming languages are available, these are, very often, almost useless because of the large diffusion of dialects and variants not contemplated by standard grammars. Writing a grammar by hand is clearly feasible, however it can be a tedious and error-prone task, requiring
more » ... ppropriate skills not always available. Grammar inference is a possible, challenging approach for obtaining suitable grammars from program examples. However, inference from scratch poses serious scalability issues and tends to produce correct, but meaningless grammars, hard to be understood and used to build tools. This paper describes an approach, based on genetic algorithms, for evolving existing grammars towards target (dialect) grammars, inferring changes from examples written using the dialect. Results obtained experimenting the inference of C dialect rules show that the algorithm is able to successfully evolve the grammar. Inspections indicated that the changes automatically made to the grammar during its evolution preserved its meaningfulness, and were comparable to what a developer could have done by hand.
doi:10.1007/s00500-007-0216-5 fatcat:33wo24imqrdjrc4y6pidh5vwju

Automated detection of api refactorings in libraries

Kunal Taneja, Danny Dig, Tao Xie
2007 Proceedings of the twenty-second IEEE/ACM international conference on Automated software engineering - ASE '07  
Software developers often do not build software from scratch but reuse software libraries. In theory, the APIs of a library should be stable, but in practice they do change and thus require changes in software that reuses the library. Our previous study of five reusable components shows that more than 80% of these API changes are caused by refactorings. If these refactorings could be automatically detected, they could be used to automatically upgrade applications. In this paper, we present a
more » ... hnique and its supporting tool, RefacLib, to automatically detect refactorings in libraries. Refac Lib uses syntactic analysis in the first phase to quickly detect refactoring candidates across two versions of a library. In the second phase, RefacLib uses various heuristics to refine the results. We used RefacLib to detect refactorings in five open source libraries and frameworks. The experiments show that RefacLib can process realistic code bases and detects refactorings with practical accuracy.
doi:10.1145/1321631.1321688 dblp:conf/kbse/TanejaDX07 fatcat:6oe34zawljc5tk6dqb6fg6q3lq

Improving software reliability and productivity via mining program source code

Tao Xie, Mithun Acharya, Suresh Thummalapenta, Kunal Taneja
2008 Proceedings, International Parallel and Distributed Processing Symposium (IPDPS)  
A software system interacts with third-party libraries through various APIs. Insufficient documentation and constant refactorings of third-party libraries make API library reuse difficult and error prone. Using these library APIs often needs to follow certain usage patterns. These patterns aid developers in addressing commonly faced programming problems such as what checks should precede or follow API calls, how to use a given set of APIs for a given task, or what API method sequence should be
more » ... sed to obtain one object from another. Ordering rules (specifications) also exist between APIs, and these rules govern the secure and robust operation of the system using these APIs. These patterns and rules may not be well documented by the API developers. Furthermore, usage patterns and specifications might change with library refactorings, requiring changes in the software that reuse the library. To address these issues, we develop novel techniques (and their supporting tools) based on mining source code, assisting developers in productively reusing third party libraries to build reliable and secure software. 1
doi:10.1109/ipdps.2008.4536384 dblp:conf/ipps/XieATT08 fatcat:gonnrcx3f5fw3ht6ayujoz2ssy


Sangmin Park, B. M. Mainul Hossain, Ishtiaque Hussain, Christoph Csallner, Mark Grechanik, Kunal Taneja, Chen Fu, Qing Xie
2012 Proceedings of the ACM SIGSOFT 20th International Symposium on the Foundations of Software Engineering - FSE '12  
Test coverage is an important metric of software quality, since it indicates thoroughness of testing. In industry, test coverage is often measured as statement coverage. A fundamental problem of software testing is how to achieve higher statement coverage faster, and it is a difficult problem since it requires testers to cleverly find input data that can steer execution sooner toward sections of application code that contain more statements. We created a novel fully automatic approach for
more » ... ing higher stAtement coveRage FASTer (CarFast), which we implemented and evaluated on twelve generated Java applications whose sizes range from 300 LOC to one million LOC. We compared CarFast with several popular test case generation techniques, including pure random, adaptive random, and Directed Automated Random Testing (DART). Our results indicate with strong statistical significance that when execution time is measured in terms of the number of runs of the application on different input test data, CarFast outperforms the evaluated competitive approaches on most subject applications.
doi:10.1145/2393596.2393636 dblp:conf/sigsoft/ParkHHCGTFX12 fatcat:s2ucm7pncrdflhjqfp77rh6wou

Towards a Framework for Differential Unit Testing of Object-Oriented Programs

Tao Xie, Kunal Taneja, Shreyas Kale, Darko Marinov
2007 Second International Workshop on Automation of Software Test (AST '07)  
Software developers often face the task of determining how the behaviors of one version of a program unit differ from (or are the same as) the behaviors of a (slightly) different version of the same program unit. In such situations, developers would like to generate tests that exhibit the behavioral differences between the two versions, if any differences exist. We call this type of testing differential unit testing. Some examples of differential unit testing include regression testing,
more » ... n testing, and mutation testing. We propose a framework, called Diffut, that enables differential unit testing of object-oriented programs. Diffut enables "simultaneous" execution of the pairs of corresponding methods from the two versions: methods can receive the same inputs (consisting of the object graph reachable from the receiver and method arguments), and Diffut compares their outputs (consisting of the object graph reachable from the receiver and method return values). Given two versions of a Java class, Diffut automatically synthesizes annotations (in the form of preconditions and postconditions) in the Java Modeling Language (JML) and inserts them into the unit under test to allow the simultaneous execution of the corresponding methods.
doi:10.1109/ast.2007.15 dblp:conf/icse/XieTKM07 fatcat:2ezn5xts35fltepemsl4hmjob4

Testing software in age of data privacy

Kunal Taneja, Mark Grechanik, Rayid Ghani, Tao Xie
2011 Proceedings of the 19th ACM SIGSOFT symposium and the 13th European conference on Foundations of software engineering - SIGSOFT/FSE '11  
Database-centric applications (DCAs) are common in enterprise computing, and they use nontrivial databases. Testing of DCAs is increasingly outsourced to test centers in order to achieve lower cost and higher quality. When proprietary DCAs are released, their databases should also be made available to test engineers. However, different data privacy laws prevent organizations from sharing this data with test centers because databases contain sensitive information. Currently, testing is performed
more » ... with anonymized data, which often leads to worse test coverage (such as code coverage) and fewer uncovered faults, thereby reducing the quality of DCAs and obliterating benefits of test outsourcing. To address this issue, we offer a novel approach that combines program analysis with a new data privacy framework that we design to address constraints of software testing. With our approach, organizations can balance the level of privacy with needs of testing. We have built a tool for our approach and applied it to nontrivial Java DCAs. Our results show that test coverage can be preserved at a higher level by anonymizing data based on their effect on corresponding DCAs.
doi:10.1145/2025113.2025143 dblp:conf/sigsoft/TanejaGGX11 fatcat:ttsk3jgpqjfr5ksricntrgek6y
« Previous Showing results 1 — 15 out of 35 results