Model-based dynamic analysis -- pushing the envelope on automated software quality assurance

Talk
Prof. Atif Memon
Talk Series: 
Time: 
09.29.2014 16:00 to 17:00
Location: 

CSI Room 3117

Many software analysis techniques involve dynamic analysis - executing a software application in order to infer information about it. For example, to determine that an Android app is malicious because it sends GPS coordinates to a covert server; that a desktop application crashes when given certain input; or that recent changes to a server have broken previously-working features of a web application. My research focuses on tools and techniques for automated model-based dynamic analysis, which is based on automatically generated models of a software system. I create these models using the software’s static artifacts such as code and documentation, or its run-time behavior; and then use the models to guide various forms of dynamic analysis. In this talk I will present some of my recent work on model-based dynamic analysis and present three exciting applications: (1) vetting Android applications for security, (2) automated patch testing guided by workflow coverage and (3) using missing test coverage to improve software specifications.