GGrantIndex
← Search

SHF: Small: Scalable and Practical Detection of Invariants for Software Inspection

$499,999FY2017CSENSF

University Of California-San Diego, La Jolla CA

Investigators

Abstract

Due to the intractability of completely testing software, code review by humans remains an important contributor to software assurance.  Current tools for code review provide relatively simple information, such as a listing of the differences between the current source code and the previous version.  Consequently, many code reviews miss important implications of the differences, such as inadequate testing or a software bug.  This research is investigating richer representations of the difference between two software versions, with the goal of making it easier to spot defects and keep them out of software slated for release.  The approach hinges on using runtime analysis for mining software repositories, making it an exemplar of a "big data" approach to quantitative software engineering. Specifically, the research is exploring the promise of a foundational technology called invariant detection, which gathers data from the software's runs and produces a summary of the behavioral properties of its components.  In the context of code review, these properties, if they disagree with expectations, reveal inadequate testing or actual software defects.  Because the properties are not just syntactic, they can highlight the impact of code changes on the behavior of unmodified code.  Because property summaries can be voluminous, they are presented as a difference between the properties of the current software version and the previous one.  The research is also addressing challenges to practical application of the approach.  Novel techniques are being developed for improving test suite adequacy, efficiently acquiring traces, and calculating invariants.  Core to the approach is that the version-to-version changes to software are often incremental and contained, permitting substantial reuse of data from prior runs.  In the course of addressing these challenges, the research is developing and extending a scalable, automated code review infrastructure, enabling practical validation of the approach in both laboratory experiments and case studies.  Ultimately, the research holds the promise to put new tools in the hands of practicing software developers, helping them find bugs and improve their test suites.

View original record on NSF Award Search →