SubsidieMeestersTesting Program Analyzers Ad Absurdum
MirandaTesting aims to develop a systematic methodology for testing program analyzers to detect critical bugs, enhancing software reliability in safety-critical applications.
Projectdetails
Introduction
Program analyzers act as guards for ensuring the reliability of modern-day software. But who guards the guards themselves? Due to their high complexity and sophisticated algorithms, analyzers are likely to contain critical bugs, which we define as those leading to wrong results, e.g., returning correct for incorrect software. Such bugs may have detrimental consequences, especially in safety-critical settings. It is, therefore, imperative to be able to detect them.
Problem Statement
Verifying the absence of critical bugs in a program analyzer is prohibitively expensive. Contrary to verification, automated test generation can be used to effectively find such bugs. Existing testing approaches, however, are still in their infancy for this application domain.
Project Goals
To address this issue, MirandaTesting will develop the first principled methodology for testing a wide range of program analyzers. At its core, our methodology exposes more information about why an analyzer computes a particular result; it then uses this information to interrogate the analyzer aiming to force it into a contradiction, thus revealing a critical bug. The project has the following goals:
- Design a general framework for testing program analyzers using the MirandaTesting methodology.
- Develop interrogation strategies pertaining to eleven prevalent classes of program analyzers.
- Demonstrate the effectiveness of concrete instantiations of the general framework and interrogation strategies for several popular program analyzers from each class.
- Focus on disseminating our methodology and infrastructure.
Expected Outcomes
If successful, MirandaTesting will enable systematic testing of entire program-analyzer classes. As a result, analyzers will exhibit fewer critical bugs, potentially preventing catastrophic outcomes in safety-critical domains.
Financiële details & Tijdlijn
Financiële details
| Subsidiebedrag | € 1.499.991 |
| Totale projectbegroting | € 1.499.991 |
Tijdlijn
| Startdatum | 1-7-2023 |
| Einddatum | 30-6-2028 |
| Subsidiejaar | 2023 |
Partners & Locaties
Projectpartners
- TECHNISCHE UNIVERSITAET WIENpenvoerder
Land(en)
Vergelijkbare projecten binnen European Research Council
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Semantics of Software SystemsThe project aims to automate software testing, debugging, and monitoring by developing bots that learn system behavior and generate oracles, enhancing developer productivity and software reliability. | ERC Advanced... | € 2.500.000 | 2023 | Details |
Realizing the benefits of safety-security co-analysis through effective tool supportRUBICON aims to develop a proof-of-concept software tool for integrated safety-security risk analysis in technology, enhancing decision-making through advanced algorithms and multi-objective optimization. | ERC Proof of... | € 150.000 | 2024 | Details |
Self-Optimizing Static Program AnalysisSOSA aims to revolutionize static program analysis by creating self-adaptive analyses that optimize performance and precision, enhancing software security and developer efficiency. | ERC Advanced... | € 2.500.000 | 2024 | Details |
A Deductive Verifier for Probabilistic ProgramsThe project aims to commercialize a novel deductive verifier for probabilistic programs by integrating invariant synthesis and program slicing, targeting users and conducting market analysis. | ERC Proof of... | € 150.000 | 2024 | Details |
CertiFOX: Certified First-Order Model ExpansionThis project aims to develop methodologies for ensuring 100% correctness in combinatorial optimization solutions by providing end-to-end proof logging from user specifications to solver outputs. | ERC Consolid... | € 1.999.928 | 2024 | Details |
Semantics of Software Systems
The project aims to automate software testing, debugging, and monitoring by developing bots that learn system behavior and generate oracles, enhancing developer productivity and software reliability.
Realizing the benefits of safety-security co-analysis through effective tool support
RUBICON aims to develop a proof-of-concept software tool for integrated safety-security risk analysis in technology, enhancing decision-making through advanced algorithms and multi-objective optimization.
Self-Optimizing Static Program Analysis
SOSA aims to revolutionize static program analysis by creating self-adaptive analyses that optimize performance and precision, enhancing software security and developer efficiency.
A Deductive Verifier for Probabilistic Programs
The project aims to commercialize a novel deductive verifier for probabilistic programs by integrating invariant synthesis and program slicing, targeting users and conducting market analysis.
CertiFOX: Certified First-Order Model Expansion
This project aims to develop methodologies for ensuring 100% correctness in combinatorial optimization solutions by providing end-to-end proof logging from user specifications to solver outputs.
Vergelijkbare projecten uit andere regelingen
| Project | Regeling | Bedrag | Jaar | Actie |
|---|---|---|---|---|
Academic Language Checker (ALC)Het project onderzoekt de haalbaarheid van een slimme Academic Language Checker om academische schrijfproblemen van studenten met taalbeheersingsproblemen te identificeren en te verhelpen. | Mkb-innovati... | € 20.000 | 2021 | Details |
Onderzoek geautomatiseerde runtime verificatie van gamesHet project ontwikkelt geautomatiseerde performance tests voor kleine gamestudio's om sneller en efficiënter bugs op meerdere consoles op te sporen, wat leidt tot verbeterde gamekwaliteit en omzetgroei. | Mkb-innovati... | € 20.000 | 2020 | Details |
Integrated Safety for Deeply Embedded Systems Software (ISAFE)Het ISAFE-project ontwikkelt een geïntegreerde aanpak voor de kwalificatie van softwaretools in veiligheid kritische systemen, gericht op het voldoen aan veiligheidsstandaarden en het verbeteren van softwareontwikkeling. | Mkb-innovati... | € 160.200 | 2016 | Details |
Academic Language Checker (ALC)
Het project onderzoekt de haalbaarheid van een slimme Academic Language Checker om academische schrijfproblemen van studenten met taalbeheersingsproblemen te identificeren en te verhelpen.
Onderzoek geautomatiseerde runtime verificatie van games
Het project ontwikkelt geautomatiseerde performance tests voor kleine gamestudio's om sneller en efficiënter bugs op meerdere consoles op te sporen, wat leidt tot verbeterde gamekwaliteit en omzetgroei.
Integrated Safety for Deeply Embedded Systems Software (ISAFE)
Het ISAFE-project ontwikkelt een geïntegreerde aanpak voor de kwalificatie van softwaretools in veiligheid kritische systemen, gericht op het voldoen aan veiligheidsstandaarden en het verbeteren van softwareontwikkeling.