Abstract

Heuristic search is an important part of modern dynamic symbolic execution (DSE) tools, as heuristic search can be used to effectively explore the large program input space. Searching task remains one of several research challenges due to the fact that the input space grows exponentially with the increase of program size, and different programs may have very different structures. The challenge is compounded in a cyber-physical system or cloud-based Internet of Things environment. In this paper, we propose a novel heuristic search algorithm, which analyzes the program execution history and uses the refined history information to inform the search. This paper is based on the observation that the branch and input history generated during dynamic symbolic execution can help memorize the explored input space, and infer the partial structure of the program. With a summarized branch history, the proposed heuristic search makes informed (and better) decisions about which input area to search next for better efficiency. To evaluate the search algorithm, we implement the core DSE engine, integrated with modules to perform execution history collection and analysis. To make our method practical, we incorporate taint analysis and constraint solving statistics to guide the search algorithm. Experimental results demonstrate that with the rich history information, the new search algorithm can explore the input space more effectively, thus resulting in detecting software defects faster.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.