Tue 6 Nov 2018 15:52 - 16:15 at Horizons 6-9F - Security Chair(s): Lucas Bang

A fundamental challenge of software testing is the statistically well-grounded extrapolation from program behaviors observed during testing. For instance, a security researcher who has run the fuzzer for a week has currently no means (1) to estimate the total number of feasible program branches, given that only a fraction has been covered so far; (2) to estimate the additional time required to cover 10% more branches (or to estimate the coverage achieved in one more day, respectively); or (3) to assess the residual risk that a vulnerability exists when no vulnerability has been discovered. Failing to discover a vulnerability does not mean that none exists—even if the fuzzer was run for a week (or a year). Hence, testing provides no formal correctness guarantees.

Tue 6 Nov

fse-2018-research-papers
15:30 - 17:00: Research Papers - Security at Horizons 6-9F
Chair(s): Lucas Bang
fse-2018-Journal-First15:30 - 15:52
Talk
Fayola PetersLero - The Irish Software Research Centre and University of Limerick, Thein Than Tun, Yijun YuThe Open University, UK, Bashar NuseibehThe Open University (UK) & Lero (Ireland)
DOI
fse-2018-Journal-First15:52 - 16:15
Talk
Marcel BöhmeMonash University
DOI
fse-2018-research-papers16:15 - 16:37
Talk
James C. DavisVirginia Tech, USA, Christy A. CoghlanVirginia Tech, USA, Francisco ServantVirginia Tech, Dongyoon LeeVirginia Tech, USA
fse-2018-research-papers16:37 - 17:00
Talk
Feng DongBeijing University of Posts and Telecommunications, China, Haoyu Wang, Li LiMonash University, Australia, Yao GuoPeking University, Tegawendé F. BissyandéUniversity of Luxembourg, Luxembourg, Tianming LiuBeijing University of Posts and Telecommunications, China, Guoai Xu , Jacques KleinUniversity of Luxembourg, SnT