欢迎您!东篱公司
退出
-
申报数据库
-
立项数据库
-
成果数据库
-
项目获奖数据库
中文摘要:
混合执行测试(concolic testing)是一种将具体执行与符号执行相结合的自动化测试方法.由于混合执行测试从程序本身出发,未将目标缺陷的先验知识作为指导,会导致生成和执行大量不能发现缺陷的测试输入,从发现缺陷的角度看浪费了时间和计算资源开销.这个问题在具有时间、成本及资源约束的实际测试任务中更加突出.为解决这一问题,文中提出了一种结合静态分析和混合执行测试技术的目标制导的混合执行测试方法:使用静态分析工具分析待测程序中可能含有缺陷的可疑语句及其缺陷类型,并将静态分析所报告的可疑语句作为目标指导测试.目标制导的混合执行测试技术分为3个步骤:首先,计算从程序各分支到待检测缺陷语句的可达性;其次,对待测试程序进行插装以支持混合执行测试;第三,使用静态分析的结果和可达性信息作为指导,只生成和执行可能会覆盖待检测缺陷语句的测试输入,以避免生成和执行不能发现缺陷的测试输入.基于此方法,作者实现了一个测试缓冲区溢出缺陷的原型工具:TARGET,并在一组C语言基准程序上进行了对比实验.实验结果表明与原有的混合执行测试技术相比较,TARGET能在更短的时间内发现程序中更多的缺陷.
英文摘要:
Concolic testing is an automatic testing technique which combines concrete execution and symbolic execution together. Concolic testing only focuses on programs under test, and lacks the prior knowledge of target faulty statements. From the perspective of detecting defects, time is wasted in generating and executing test inputs that cannot find defects. Furthermore, the limitation of time, budgets, and resources in practical test tasks make this problem even worse. To address this problem, this paper proposes a target-directed testing approach to combine static a- nalysis with concolic testing techniques, the program under test is statically analyzed before tes- ting to identify types and positions of suspicious defects~ then, the program is tested with the guidance of the static analysis results. The target-directed testing technique is consisted by 3 steps: Firstly, calculate the reachability relationships from branches to the suspicious state- ments; Secondly, instrument the program under test for concolic testing~ Thirdly, use static a- nalysis information and reachability relationships to guide concolic testing, only generate test in- puts can cover suspicious statements, in order to avoid generating test inputs that cannot detect defects. A prototype tool, TARGET, has been implemented based on the proposed technique to test buffer overflows. The authors have experimentally evaluated TARGET on a set of C bench-marks, and the results show that TARGET can find more defects with less time overhead than o riginal concolic testing techniques.
同期刊论文项目
同项目期刊论文
Web services property sequence chart monitor: A tool chain for monitoring BPEL-based web service com
Identity based encryption and biometric authentication scheme for secure data access in cloud comput
An Incremental Online Semi-Supervised Active Learning Algorithm Based On Self-Organizing Incremental
A Qos-Aware Service Discovery Method For Elastic Cloud Computing In An Unstructured Peer-To-Peer Net
ProHet: A probabilistic routing protocol with assured delivery rate in wireless heterogeneous sensor
TRASMIL: A local anomaly detection framework based on trajectory segmentation and multi-instance lea
期刊信息
位置: