SoftWare IMmunization (SWIM) - A Combination of Static Analysis and Automatic Testing

Static program analysis uses many checkers to discover a very large number of programming issues, but with a high false alarm rate. With the aid of dynamic automatic testing, the actual severe defects can be confirmed by failures of test cases. After defects are fixed, similar types of defects tend to reoccur again. In this paper, we propose a SoftWare IMmunization (SWIM) method to combine static analysis and automatic testing results for detecting severe defects and preventing similar defects from reoccurring, i.e. to have the software immunized from the same type of defects. Three industrial trials of the technology demonstrated the feasibility and defect detection accuracy of the SWIM technology.

[1]  David M. Weiss,et al.  Code-coverage guided prioritized test generation , 2006, Inf. Softw. Technol..

[2]  Rahul Agarwal,et al.  Detecting Potential Deadlocks with Static Analysis and Run-Time Monitoring , 2005, Haifa Verification Conference.

[3]  Horatiu Jula,et al.  Deadlock Immunity: Enabling Systems to Defend Against Deadlocks , 2008, OSDI.

[4]  Sudheendra Hangal,et al.  Automatic dimension inference and checking for object-oriented programs , 2009, 2009 IEEE 31st International Conference on Software Engineering.

[5]  Gary McGraw,et al.  Static Analysis for Security , 2004, IEEE Secur. Priv..

[6]  David M. Weiss,et al.  Decision-Model-Based Code Generation for SPLE , 2008, 2008 12th International Software Product Line Conference.

[7]  David L. Olson,et al.  Advanced Data Mining Techniques , 2008 .