Humboldt-Universität zu Berlin - Faculty of Mathematics and Natural Sciences - Software Engineering

EMPRESS

Extracting and Mining of Probabilistic Event Structures from Software Systems (2016-2021)

 

The field of specification mining aims at extracting and reconstructing models from existing software systems—models that would be precise enough to serve as specifications. Most of the current approaches abstract software behavior through models concisely representing all of the valid sequences of events that may happen during execution. However, we do not see how likely such sequences are. In EMPRESS, we want to extract probabilistic models in which transitions between events are labeled with probabilities (see for example Figure 1)

Abbildung1.png

Such probabilistic models will increase the accuracy and effectiveness of several software engineering activities: In runtime monitoring and debugging, such models uncover anomalies during execution that predict and diagnose faulty behaviors. In software testing, probabilistic models allow to focus on likely behavior, where defects will have the greatest impact, as well as unlikely behavior, where yet undiscovered defects may loom. Finally, in security and reliability, probabilistic models capture deviations from normal behavior, unveiling faulty and malicious behaviors. The central research challenges will be (1) to efficiently extract accurate probabilistic models from software systems, and (2) to find the appropriate abstraction levels for the targeted software engineering activities

 

EMPRESS aims to increase the accuracy and effectiveness of several software engineering activities:

  • In runtime monitoring and debugging, we want to uncover anomalies during execution that predict and diagnose faulty behavior.
  • In software testing, we want to focus on likely behavior, where defects will have the greatest impact, as well as unlikely behavior, where yet undiscovered defects may loom.
  • In security and reliability, we want to detect deviations from normal behavior, unveiling faulty and malicious behavior

 

The project is divided into four work packages, whose dependencies are summarized in Figure 2.

Abbildung2.png

 

Publications:

  • A Kampmann, N Havrikov, E Soremekun, A Zeller: When does my Program do this? Learning Circumstances of Software Behavior. ESEC/FSE European Software Engineering Conference and the ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE), 1228–1239, 2020.
  • E Soremekun, E Pavese, N Havrikov, L Grunske, A Zeller: Inputs from Hell: Learning Input Distributions for Grammar-Based Test Generation. IEEE Transactions on Software Engineering , early access, DOI: 10.1109/TSE.2020.3013716, 2020.
  • Y Noller, CS Pasareanu, M Böhme, Y Sun, HL Nguyen, L Grunske: HyDiff: Hybrid Differential Software Analysis. Proceedings of the International Conference on Software Engineering (ICSE), 1273–1285, 2020.
  • S Nilizadeh, Y Noller, CS Pasareanu: DifFuzz: Differential Fuzzing for Side-Channel Analysis. Proceedings of the International Conference on Software Engineering (ICSE), 176–187, 2019.
  • Y Noller, R Kersten, CS Pasareanu: Badger: Complexity Analysis with Fuzzing and Symbolic Execution. Proceedings of the International Symposium on Software Testing and Analysis, 322-332, 2019.
  • M Eberlein, Y Noller, T Vogel, L Grunske: Evolutionary Grammar-Based Fuzzing. Int. Symposium on Search Based Software Engineering (SSBSE), 105-120, 2020

Persons: