skip to main content
10.1145/2804322.2804325acmconferencesArticle/Chapter ViewAbstractPublication PagesisstaConference Proceedingsconference-collections
research-article

EvoSE: evolutionary symbolic execution

Published: 30 August 2015 Publication History

Abstract

Search Based Software Testing (SBST) and Symbolic Execution (SE) have emerged as the most effective among the fully automated test input generation techniques. However, none of the two techniques satisfactorily solves the problem of generating test cases that exercise specific code elements, as it is required for example in security vulnerability testing. This paper proposes EvoSE, an approach that combines the strengths of SBST and SE. EvoSE implements an evolutionary algorithm that searches the program control flow graph for symbolic paths that traverse the minimum number of unsatisfiable branch conditions. Preliminary evaluation shows that EvoSE outperforms state-of-the-art SE search strategies when targeting specific code elements.

References

[1]
S. Anand, E. K. Burke, T. Y. Chen, J. Clark, M. B. Cohen, W. Grieskamp, M. Harman, M. J. Harrold, and P. Mcminn. An orchestrated survey of methodologies for automated software test case generation. J. of Systems and Software, 86(8):1978–2001, 2013.
[2]
A. Arcuri. It really does matter how you normalize the branch distance in search-based software testing. Software Testing, Verification and Reliability, 23(2):119–147, 2013.
[3]
A. Baars, M. Harman, Y. Hassoun, K. Lakhotia, P. McMinn, P. Tonella, and T. Vos. Symbolic search-based testing. In Automated Software Engineering (ASE), 2011 26th IEEE/ACM International Conference on, pages 53–62, Nov 2011.
[4]
M. Baluda, P. Braione, G. Denaro, and M. Pezzè. Enhancing structural software coverage by incrementally computing branch executability. Software Quality Journal, 19(4):725–751, 2011.
[5]
P. Dinges and G. Agha. Solving complex path conditions through heuristic search on induced polytopes. In Proceedings of the 22Nd ACM SIGSOFT International Symposium on Foundations of Software Engineering, FSE 2014, pages 425–436, New York, NY, USA, 2014. ACM.
[6]
A. E. Eiben and J. E. Smith. Introduction to Evolutionary Computing. SpringerVerlag, 2003.
[7]
G. Fraser and A. Arcuri. Whole test suite generation. IEEE Transactions on Software Engineering, 39(2):276 –291, feb. 2013.
[8]
J. P. Galeotti, G. Fraser, and A. Arcuri. Improving search-based test suite generation with dynamic symbolic execution. In IEEE International Symposium on Software Reliability Engineering, 2013.
[9]
P. Godefroid and S. Khurshid. Exploring very large state spaces using genetic algorithms. In J.-P. Katoen and P. Stevens, editors, Tools and Algorithms for the Construction and Analysis of Systems, volume 2280 of Lecture Notes in Computer Science, pages 266–280. Springer Berlin Heidelberg, 2002.
[10]
H. Ishibuchi, T. Yoshida, and T. Murata. Balance between genetic search and local search in memetic algorithms for multiobjective permutation flowshop scheduling. Evolutionary Computation, IEEE Transactions on, 7(2):204–223, April 2003.
[11]
P. Larra˜ naga, C. Kuijpers, R. Murga, I. Inza, and S. Dizdarevic. Genetic algorithms for the travelling salesman problem: A review of representations and operators. Artificial Intelligence Review, 13(2):129–170, 1999.
[12]
K.-K. Ma, K. Y. Phang, J. S. Foster, and M. Hicks. Directed symbolic execution. In Proceedings of the 18th International Conference on Static Analysis, SAS’11, pages 95–111, Berlin, Heidelberg, 2011. Springer-Verlag.
[13]
P. D. Marinescu and C. Cadar. Katch: High-coverage testing of software patches. In Proceedings of the 2013 9th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2013, pages 235–245, New York, NY, USA, 2013. ACM.
[14]
S. Sidiroglou-Douskos, E. Lahtinen, N. Rittenhouse, P. Piselli, F. Long, D. Kim, and M. Rinard. Targeted automatic integer overflow discovery using goal-directed conditional branch enforcement. SIGPLAN Not., 50(4):473–486, Mar. 2015.
[15]
N. Tracey, J. Clark, K. Mander, and J. McDermid. An automated framework for structural test-data generation. In Proceedings of the 13th IEEE International Conference on Automated Software Engineering, ASE ’98, Washington, DC, USA, 1998. IEEE Computer Society.
[16]
P. Tsankov, W. Jin, A. Orso, and S. Sinha. Execution hijacking: Improving dynamic analysis by flying off course. In Proceedings of the 2011 Fourth IEEE International Conference on Software Testing, Verification and Validation, ICST ’11, pages 200–209, Washington, DC, USA, 2011. IEEE Computer Society.
[17]
T. Xie, N. Tillmann, P. de Halleux, and W. Schulte. Fitness-guided path exploration in dynamic symbolic execution. In Proceedings of the 39th Annual IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2009), pages 359–368, June-July 2009.

Cited By

View all

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences
A-TEST 2015: Proceedings of the 6th International Workshop on Automating Test Case Design, Selection and Evaluation
August 2015
46 pages
ISBN:9781450338134
DOI:10.1145/2804322
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 30 August 2015

Permissions

Request permissions for this article.

Check for updates

Author Tags

  1. Test automation
  2. search-based software testing
  3. symbolic execution

Qualifiers

  • Research-article

Conference

ESEC/FSE'15
Sponsor:

Upcoming Conference

ISSTA '25

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • Downloads (Last 12 months)6
  • Downloads (Last 6 weeks)1
Reflects downloads up to 21 Jan 2025

Other Metrics

Citations

Cited By

View all
  • (2024)Parallel program analysis on path rangesScience of Computer Programming10.1016/j.scico.2024.103154238:COnline publication date: 1-Dec-2024
  • (2024)An Empirical Study on Automated Test Generation Tools for Java: Effectiveness and ChallengesJournal of Computer Science and Technology10.1007/s11390-023-1935-539:3(715-736)Online publication date: 1-May-2024
  • (2024)A systematic literature review on software security testing using metaheuristicsAutomated Software Engineering10.1007/s10515-024-00433-031:2Online publication date: 23-May-2024
  • (2023)Parallel Program Analysis via Range SplittingFundamental Approaches to Software Engineering10.1007/978-3-031-30826-0_11(195-219)Online publication date: 20-Apr-2023
  • (2021)Cooperative verifier-based testing with CoVeriTestInternational Journal on Software Tools for Technology Transfer10.1007/s10009-020-00587-8Online publication date: 25-Apr-2021
  • (2018)Worst-Case Execution Time Testing via Evolutionary Symbolic Execution2018 IEEE 29th International Symposium on Software Reliability Engineering (ISSRE)10.1109/ISSRE.2018.00019(76-87)Online publication date: Oct-2018
  • (2017)Combining symbolic execution and search-based testing for programs with complex heap inputsProceedings of the 26th ACM SIGSOFT International Symposium on Software Testing and Analysis10.1145/3092703.3092715(90-101)Online publication date: 10-Jul-2017

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media