Weak-Assert: A Weakness-Oriented Assertion Recommendation Toolkit for Program Analysis
| Title | Weak-Assert: A Weakness-Oriented Assertion Recommendation Toolkit for Program Analysis |
| Publication Type | Conference Paper |
| Year of Publication | 2018 |
| Authors | Wang, C., Jiang, Y., Zhao, X., Song, X., Gu, M., Sun, J. |
| Conference Name | 2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion) |
| Date Published | may |
| ISBN Number | 978-1-4503-5663-3 |
| Keywords | assertion recommendation, formal program verifcation, Hardware, Human Behavior, Metrics, Pattern matching, policy-based governance, program testing, program weakness, pubcrawl, resilience, security, security weaknesses, Software, Syntactics, Testing, Tools |
| Abstract | Assertions are helpful in program analysis, such as software testing and verification. The most challenging part of automatically recommending assertions is to design the assertion patterns and to insert assertions in proper locations. In this paper, we develop Weak-Assert, a weakness-oriented assertion recommendation toolkit for program analysis of C code. A weakness-oriented assertion is an assertion which can help to find potential program weaknesses. Weak-Assert uses well-designed patterns to match the abstract syntax trees of source code automatically. It collects significant messages from trees and inserts assertions into proper locations of programs. These assertions can be checked by using program analysis techniques. The experiments are set up on Juliet test suite and several actual projects in Github. Experimental results show that Weak-Assert helps to find 125 program weaknesses in 26 actual projects. These weaknesses are confirmed manually to be triggered by some test cases. |
| URL | https://ieeexplore.ieee.org/document/8449447 |
| Citation Key | wang_weak-assert:_2018 |