Software Reliability (440)

Reading List

The course features required reading, which is part of the core course material, some coursework reading that you may find useful in giving you inspiration for the fuzzer that you are going to build, and some recommended reading that we encourage you to undertake to gain a deeper knowledge of the topics we cover.

Advice on Studying Papers

Take a look at this short paper on How to Read a Paper. This paper suggests an effective scheme for quickly getting to grips with a paper. You may find this useful when looking at the papers below. However, if you do follow this advice then consider limiting your “third pass”: the paper suggests that this may take 4-5 hours per paper, which is a bit much for this course.

You are strongly encouraged to study these papers collaboratively, with colleagues on the course.

Required Reading

  • Xi Wang, Nickolai Zeldovich, M. Frans Kaashoek, Armando Solar-Lezama: Towards optimization-safe systems: analyzing the impact of undefined behavior. SOSP 2013: 260-275. Download PDF.
  • Barton P. Miller, Louis Fredriksen, Bryan So: An Empirical Study of the Reliability of UNIX Utilities. Technical report 1990 Download PDF., Communications of the ACM 33:12, Dec. 1990 Download (use the Imperial network).
  • Barton P. Miller, David Koski, Cjin Pheow Lee, Vivekananda Maganty, Ravi Murthy, Ajitkumar Natarajan, Jeff Steidl: Fuzz Revisited: A Re-examination of the Reliability of UNIX Utilities and Services. Technical report. Download PDF.
  • Alex Groce, Chaoqiang Zhang, Eric Eide, Yang Chen, John Regehr: Swarm Testing. International Symposium on Software Testing and Analysis (ISSTA 2009) Download PDF.
  • Michal Zalewski. American Fuzzy Lop README. American Fuzzy Lop “whitepaper”.
  • Robert Brummayer, Armin Biere: Fuzzing and delta-debugging SMT solvers. The International Workshop on Satisfiability Modulo Theories (SAT 2009). Download PDF.
  • Zhi Quan Zhou, D. H. Huang, T. H. Tse, Zongyuan Yang, Haitao Huang, T. Y. Chen: Metamorphic Testing and its Applications. Proceedings of the 8th International Symposium on Future Software Technology (ISFST 2004). Download PDF
  • Topic: Introduction. Al Bessey, Ken Block, Ben Chelf, Andy Chou, Bryan Fulton, Seth Hallem, Charles Henri-Gros, Asya Kamsky, Scott McPeak, Dawson Engler: A Few Billion Lines of Code Later: Using Static Analysis to Find Bugs in the Real World. Communications of the ACM, 2010. Download PDF (use the Imperial network.)
  • Topic: Derived Test Oracles/Compiler Testing. Vu Le, Mehrdad Afshari, Zhendong Su: Compiler validation via equivalence modulo inputs. PLDI 2014. Download PDF.
  • Topic: Derived Test Oracles/Compiler Testing. Christopher Lidbury, Andrei Lascu, Nathan Chong, Alastair F. Donaldson: Many-core compiler fuzzing. PLDI 2015. Download PDF.
  • Topic: Derived Test Oracles/Compiler Testing. Earl T. Barr, Mark Harman, Phil McMinn, Muzammil Shahbaz, Shin Yoo: The Oracle Problem in Software Testing: A Survey. TSE 2014. Download PDF.
  • Topic: Safe C Compilers. Richard W M Jones, Paul H J Kelly: Backwards-compatible bounds checking for arrays and pointers in C programs. AADEBUG 1997. Download PDF.
  • Topic: Safe C Compilers. Olatunji Ruwase, Monica S. Lam: A Practical Dynamic Buffer Overflow Detector. NDSS 2004. Download PDF.
  • Topic: Safe C Compilers. Martin Rinard, Cristian Cadar, Daniel Dumitran, Daniel M. Roy, Tudor Leu: A Dynamic Technique for Eliminating Buffer Overflow Vulnerabilities (and Other Memory Errors). ACSAC 2004. Download PDF.
  • Topic: Compiler Sanitizers. Konstantin Serebryany, Derek Bruening, Alexander Potapenko, Dmitry Vyukov: AddressSanitizer: A Fast Address Sanity Checker USENIX Annual Technical Conference (USENIX ATC 2012): Download PDF
  • Topic: Dynamic Symbolic Execution (and SMT Solvers). Cristian Cadar, Vijay Ganesh, Peter M. Pawlowski, David L. Dill, Dawson R. Engler: EXE: automatically generating inputs of death. ACM Conference on Computer and Communications Security 2006: 322-335. Download PDF.
  • Topic: Dynamic Symbolic Execution. Cristian Cadar, Daniel Dunbar, Dawson R. Engler: KLEE: Unassisted and Automatic Generation of High-Coverage Tests for Complex Systems Programs. OSDI 2008: 209-224. Download PDF.
  • Topic: Dynamic Symbolic Execution. Peter Boonstoppel, Cristian Cadar, Dawson R. Engler: RWSet: Attacking Path Explosion in Constrained-Based Test Generation. TACAS 2008: 351-366. Download PDF.
  • Topic: Data Flow Analysis. iAho, Alfred V. and Lam, Monica S. and Sethi, Ravi and Ullman, Jeffrey D.: Chapters 9.2 and 9.3 - Compilers: Principles, Techniques, and Tools (2nd Edition).