SlideShare una empresa de Scribd logo

Automated Program Repair Keynote talk

Abhik Roychoudhury
Abhik Roychoudhury

Keynote in 25th Australasian Software Engineering Conference, November 2018

Educación
1 de 46
Automated Program Repair Prof. Abhik Roychoudhury Professor, National University of Singapore Lead PI, Singapore Cyber-security Consortium 1
TSUNAMi 0 National Research Foundation Project 0 2015 - 2020 0 Trustworthiness in COTS-Integrated platforms 0 Trustworthy systems from un-trusted components http://www.comp.nus.edu.sg/~tsunami Vulnerability Discovery Binary Hardening Verification Data Protection Research Outputs – Publications, Tools, Academic Collaboration, Exchanges, Seminars & Workshops Education – NUS (New module) Industry Collaboration Singapore Cyber-security Consortium Agency Collaboration - DSTA, etc Enhancing Local Capabilities 2 25th ASWEC Keynote Adelaide
2016 event 3 A team of hackers won $2 million by building a machine that could hack better than they could DARPA Cyber Grand Challenge Automation of Security ~ detecting and fixing of vulnerabilities 25th ASWEC Keynote Adelaide
In the rest of the talk 0 Capsule version 0 Executive summary 0 Slightly detailed version 0 A vision for trustworthy software 25th ASWEC Keynote Adelaide 4 Technology is driving us to distraction
Repair - Why? 25thASWECKeynoteAdelaide 5 Maintaining Legacy Software Debugging Aid Education, Grading in MooCs Security Patches Self-healing systems, Drones Buggy Program Correctness Criterion Repair Patched Program
Troubles with repair 25th ASWEC Keynote Adelaide 6 • Weak description of intended behavior / correctness criterion e.g. tests • Possibility to use “Bugs as deviant behavior” philosophy • Weak applicability of repair techniques e.g. only overflow errors • Large search space of candidate patches for general-purpose repair tools. • Patch suggestions and Interactive Repair
INPUT OUTPUT EVALUATE FITNESS DISCARD ACCEPT MUTATE 7 25thASWECKeynoteAdelaide
8 1 int triangle(int a, int b, int c){ 2 if (a <= 0 || b <= 0 || c <= 0) 3 return INVALID; 4 if (a == b && b == c) 5 return EQUILATERAL; 6 if (a == b || b != c) // bug! 7 return ISOSCELES; 8 return SCALENE; 9 } Test id a b c oracle Pass 1 -1 -1 -1 INVALID pass 2 1 1 1 EQUILATERAL pass 3 2 2 3 ISOSCELES pass 4 2 3 2 ISOSCELES fail 5 3 2 2 ISOSCELES fail 6 2 3 4 SCALENES fail Correct fix (a == b || b == c || a== c) Traverse all mutations of line 6, and check Hard to generate correct fix since a==c never appears elsewhere in the program. OR Generate the constraint f(2,2,3)f(2,3,2) f(3,2,2)f(2,3,4) and get the solution f(a,b,c) = (a == b || b == c || a== c) 25th ASWEC Keynote Adelaide
Comparison Syntactic Program Repair 1. Where to fix, which line? 2. Generate patches in the candidate line 3. Validate the candidate patches against correctness criterion. Semantic Program Repair 1. Where to fix, which line(s)? 2. What values should be returned by those lines, e.g. <inp ==1, ret== 0> 3. What are the expressions which will return such values? 9 Syntax-based Schematic for e in Search-space{ Validate e against Tests } Semantics-based Schematic for t in Tests { generate repair constraint Ψt } Synthesize e from ∧tΨt 25th ASWEC Keynote Adelaide
Specification Inference 10 Test input Concrete values Expected output of program Output: Value-set or Constraint Symbolic execution Program Concrete Execution 25th ASWEC Keynote Adelaide
11 1 i f ( hbtype == TLS1 HB REQUEST) { 2 . . . 3 memcpy (bp , pl , payload ) ; 4 . . . 5 } (a) The buggy part of the Heartbleed- vulnerable OpenSSL 1 i f ( hbtype == TLS1 HB REQUEST 2 && payload + 18 < s->s3->rrec.length) { 3 . . . 4 } (b) A fix generated automatically 1 if (1 + 2 + payload + 16 > s->s3->rrec.length) 2 return 0; 3 . . . 4 i f ( hbtype == TLS1_HB_REQUEST) { 5 . . . 6 } 7 e l s e i f ( hbtype == TLS1_HB_RESPONSE) { 8 . . . 9 } 10 r e t u r n 0 ; (c) The developer-provided repair The Heartbleed Bug is a serious vulnerabilityin the popular OpenSSL cryptographicsoftware library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). --- Source: heartbleed.com 25thASWECKeynoteAdelaide
Application in education 12 Use program repair in intelligent tutoring systems to give the students’ individual attention. Detailed Study in IIT-Kanpur, India by Prof. Amey Karkare and team (FSE17) 25th ASWEC Keynote Adelaide
In the rest of the talk 0 Capsule version 0 Executive summary 0 Slightly detailed version 0 A vision for trustworthy software 25th ASWEC Keynote Adelaide 13
Trustworthy Software: Space of Problems 0 Fuzz Testing 0 Feed semi-random inputs to find hangs and crashes 0 Continuous fuzzing 0 Incrementally find new “problems” in software 0 Crash reproduction 0 Re-construct a reported crash, crashing input not included due to privacy 0 Reaching nooks and corners 0 Localizing reported observable errors 0 Patching reported errors from input-output examples 1425th ASWEC Keynote Adelaide
Space of Techniques Search 0 Random 0 Biased-random 0 Genetic (AFL Fuzzer) 0 Low set-up overhead 0 Fast, less accurate 0 Use objective function to steer Symbolic Execution 0 Dynamic Symbolic execution 0 Concolic Execution 0 Cluster paths based on symbolic expressions of variables 0 High set-up overhead 0 Slow, more accurate 0 Use logical formula to steer 1525th ASWEC Keynote Adelaide
Search & SE: Interplay (Random) Search 0 Trade-offs 0 Less systematic 0 Easy set-up, execute up to a time budget 0 Enhance the effectiveness of search, with symbolic execution as inspiration Symbolic Execution 0 Trade-offs 0 Systematic 0 More involved set-up, solver calls. 0 Explore capabilities of symbolic execution beyond directed search 1625th ASWEC Keynote Adelaide
Symbolic Execution Tree 25th ASWEC Keynote Adelaide 17 int test_me(int Climb, int Up){ int sep, upward; if (Climb > 0){ sep = Up;} else {sep = add100(Up);} if (sep > 150){ upward = 1; } else {upward = 0;} if (upward < 0){ abort; } else return upward; } Climb > 0 Up > 150 Yes 1 < 0 Yes Infeasible Climb ==1, Up == 200 1 < 0 No Infeasible Climb ==1, Up == 100 …. Yes YesNo No
Typical Use of Symbolic Execution 25th ASWEC Keynote Adelaide 18 Program Analysis for Bug Finding Concolic execution: supporting real executions [Directed Automated Random Testing] Symbolic execution tree construction e.g. KLEE [Modeling system environment] Grey-box fuzz testing for systematic path exploration inspired by concolic execution AFLFast Random Testing for Bug Finding
AFLFast [CCS16] 25th ASWEC Keynote Adelaide 19 Schematic • if (condition1) • return // short path, frequented by many inputs • else if (condition2) • exit // short paths, frequented by many inputs • else ….  Use grey-box fuzzer which keeps track of path id for a test.  Estimate whether a discovered path is higb probability or not  Higher weightage to low probability paths discovered, to gravitate to those -> discover new paths with minimal effort.  Integrated into distribution of AFL fuzzer within a year of publication (CCS16), which is used on a daily basis by corporations for finding vulnerabilities
Another use of Symbolic Execution [CCS17] 25th ASWEC Keynote Adelaide 20 Reachability Analysis Reachability of a location in the program - Traverse the symbolic execution tree using search strategies - Encode it as an optimization problem inside the genetic search of grey-box fuzzing AFLGo
Neuro-symbolic Execution NDSS19 25th ASWEC Keynote Adelaide 21
Novel use of symbolic execution 25th ASWEC Keynote Adelaide 22 In the absence of formal specifications, analyze the buggy program and its artifacts such as execution traces via various heuristics to glean a specification about how it can pass tests and what could have gone wrong! Specification Inference (TODAY!) (application: localization, synthesis, repair)
Automated Program Repair 0 Weak description of intended behavior / correctness criterion e.g. tests 0 Weak applicability of repair techniques e.g. only overflow errors 0 Large search space of candidate patches for general-purpose repair tools. 25th ASWEC Keynote Adelaide 23
Specification Inference 25th ASWEC Keynote Adelaide Test input Concrete values Expected output of program Output: Value-set or Constraint Symbolic execution Program Concrete Execution 24 ICSE13, FSE18
Example 1 int is_upward( int inhibit, int up_sep, int down_sep){ 2 int bias; 3 if (inhibit) 4 bias = down_sep; // bias= up_sep + 100 5 else bias = up_sep ; 6 if (bias > down_sep) 7 return 1; 8 else return 0; 9 } inhibit up_sep down_sep Observed output Expected Output Result 1 0 100 0 0 pass 1 11 110 0 1 fail 0 100 50 1 1 pass 1 -20 60 0 1 fail 0 0 10 0 0 pass 2525th ASWEC Keynote Adelaide
Example 26 1 int is_upward( int inhibit, int up_sep, int down_sep){ 2 int bias; 3 if (inhibit) 4 bias = f(inhibit, up_sep, down_sep) // X 5 else bias = up_sep ; 6 if (bias > down_sep) 7 return 1; 8 else return 0; 9 } Inhibit == 1 up_sep == 11 down_sep == 110 Symbolic Execution  ( pcj  outj == expected_out(t) )  f(t) == X j  Paths Repair constraint ( (X >110  1 ==1)  (X ≤ 110  0 == 1) )  f(1,11,110) == X 25thASWECKeynote Adelaide 26
What it should have been 1 int is_upward( int inhibit, int up_sep, int down_sep){ 2 int bias; 3 if (inhibit) 4 bias = f(inhibit, up_sep, down_sep) 5 else bias = up_sep ; 6 if (bias > down_sep) 7 return 1; 8 else return 0; 9 } Inhibit == 1 up_sep == 11 down_sep == 110 Symbolic Execution f(1,11,110) > 110 25thASWECKeynote Adelaide 27
Fix the suspect 0 Accumulated constraints 0 f(1,11, 110) > 110  0 f(1,0,100) ≤ 100  0 … 0 Find a f satisfying this constraint 0 By fixing the set of operators appearing in f 0 Candidate methods 0 Search over the space of expressions 0 Program synthesis with fixed set of operators 0 Can also be achieved by second-order constraint solving 0 Generated fix 0 f(inhibit,up_sep,down_sep) = up_sep + 100 25thASWECKeynote Adelaide 28
Term = Var | Constant | Term + Term | Term – Term | Constant * Term (Second order) Synthesis 29 scanf(“%d”, &x); for(i = 0; i <10; i++){ int t = (i,x); if (t > 0) printf(“1”); else printf(“0”); } P(5)  “1110000000” expected “1111111000” Buggy Program: Sample Test: Synthesis Specification:  . i i  output = expected Solve for  directly Term = Var | Constant | Term + Term | Term – Term | Constant * Term 𝜌 0,5 > 0 𝜌 1,5 > 0 𝜌 1,5 > 0 𝜌 2,5 > 0 𝜌 2,5 > 0 𝜌 2,5 > 0 𝜌 2,5 > 0 Yes No Yes No Yes No 𝑈𝑁𝑆𝐴𝑇 Yes Term = Var | Constant | Term + Term | Term – Term | Constant * Term Existing component-based synthesis encodings provide inefficient unsatisfiability proofs, because of using linear integer arithmetic encoding. Designed a new encoding based on propositional logic for efficient unsatisfiability proofs. 25th ASWEC Keynote Adelaide
DirectFix [ICSE2015] 30 Tests Debugging DSE Synthesis Tests MaxSMT solver Conjure a function which represents minimal change to buggy program. 25th ASWEC Keynote Adelaide
Example 31 if (x > y) if (x > z) out =10; else out = 20; else out = 30; return out; if (x >= y) if (x >= z) out =10; else out = 20; else out = 30; return out; if (x > y) if (x > z) out =10; else out = 20; else out = 30; return ((x==y)? ((x==z)?10: 20)): out); SemFix DirectFix Test cases: all possible orderings of x,y,z 25th ASWEC Keynote Adelaide #Pgm Equiv Same Loc Diff SemFix 44 17% 46% 6.36 DirectFix 44 53% 95% 2.31
Angelix: Scalability [ICSE16] 32 Failing tests MaxSMT solver Minimized Mutations for Repair Failing tests DSE Concise Semantics Signature 25th ASWEC Keynote Adelaide
Angelic Forest 33 E1 E2 E3 Failing Test Angelic Paths UNSAT angelic1 angelic2 angelic3 angelic1 angelic3 25th ASWEC Keynote Adelaide Angelic forest: Patch synthesis specification based on Angelic values {Symbolic Variable name, Constant, State } Paths,Tests
(Sample) Results 34 #Fixes Del Del, Per Angelix 28 5 18% SPR 31 13 42% Subject LoC wireshark 2814K php 1046K gzip 491K gmp 145K libtiff 77K 25th ASWEC Keynote Adelaide Defect Fixed Expressions Libtiff-4a24508-cc79c2b 2 Libtiff-829d8c4-036d7bb 2 CoreUtils-00743a1f- ec48bead 3 CoreUtils-1dd8a331- d461bfd2 2 CoreUtils-c5ccf29b- a04ddb8d 3
Semgraft: Exploit artifacts [ICSE18] 35 Failing tests Symb Exec Concise Semantics Signature 25th ASWEC Keynote Adelaide Reference Program Symb Exec Verification Condition
SemGraft 36 Verification condition Counterexample Is SAT? Negate Patch found Buggy program Is SAT? Angelic forest Is SAT? Component library Candidate patch No Yes Yes Yes Buggy program Reference program Symbolic analysis 25th ASWEC Keynote Adelaide
SemGraft Results 37 Program Commit Bug Angelix SemGraft sed c35545a Handle empty match Correct Correct seq f7d1c59 Wrong output Correct Correct sed 7666fa1 Wrong output Incorrect Correct sort d1ed3e6 Wrong output Incorrect Correct seq d86d20b Don’t accepts 0 Incorrect Correct sed 3a9365e Handle s/// Incorrect Correct Program Commit Bug Angelix SemGraft mkdir f7d1c59 Segmentation fault Incorrect Correct mkfifo cdb1682 Segmentation fault Incorrect Correct mknod cdb1682 Segmentation fault Incorrect Correct copy f3653f0 Failed to copy a file Correct Correct md5sum 739cf4e Segmentation fault Correct Correct cut 6f374d7 Wrong output Incorrect Correct GNU Coreutils as reference Linux Busybox as reference 25th ASWEC Keynote Adelaide
Specification Inference [FSE18] x = (… ); Test input Concrete values Expected output of program Output: Value-set or Constraint Symbolic execution Program Concrete Execution 38 𝜋1 𝜋2 𝜋 𝑛 Program Tests or Property Environment ModelingLibrary Buggy Program Patched Program Tests or Property Repair 25th ASWEC Keynote Adelaide
Application in Library Modeling 0 Modeling libraries for symbolic execution of application program. 0 Do not manually provide libraries for symbolic analysis. 0 Instead, they can be partially synthesized. 25th ASWEC Keynote Adelaide 39 void main (int argc , char * argv []) { int a = atoi( argv [1]) ; printf ("%dn", 16 / a); } void atoi_sketch ( char *arr []) { int acc; for (i = 0; i < strlen (arr); i++) acc = (acc , arr[i]); return acc; } Second order reasoning  = xy. 10 x + y - 48 P(“4")  “4"; P(“16")  “1" Tests Use this  and symbolic execution to find crashing inputs e.g. “0”
Application in education FSE17 40 Use program repair in intelligent tutoring systems to give the students’ individual attention. Detailed Study in IIT-Kanpur, (FSE17, and ongoing) 25th ASWEC Keynote Adelaide The fact that student programs are often significantly incorrect makes it difficult to fix those programs. P:8 F:2 P:5 F:5 P:6 F:4 P:9 F:1partial repair P:10 F: 0 P: # of passing tests F: # of failing tests APR (symbolic execution) Test 1 Test 2 Test 3 Test 4 Test 5 Test 1 Test 2 Test 3 Test 4 Test 5 Test 1 Test 2 Test 3 Test 4 Test 5 + if (true) { S; + } (search) + if (E) { S; + }
Application in Education 25th ASWEC Keynote Adelaide 41 43 buggy student submissions from dataset Across 8 unique problems 37 TA graders volunteered for study Each TA gets all 43 submissions to grade With repair hints for half the submissions
Acknowledgments 42 Discussions: Umair Ahmed & Amey Karkare (IIT-K) Marcel Boehme (Monash), Cristian Cadar (Imperial) Satish Chandra (Facebook), Kenneth Cheong & Chia Yuan Cho (DSO), Claire Le Goues (CMU), Lars Grunske & Yannic Noller(Humboldt) Sergey Mechtaev (University College London) Martin Monperrus (KTH) HDT Nguyen and Dawei Qi Manh-Dung Nguyen & Van-Thuan Pham (NUS) Michael Pradel (Darmstadt) Mukul Prasad & Hiroaki Yoshida (Fujitsu), Shin Hwei Tan (SUSTech) Jooyong Yi (Innopolis) Relevant papers: http://www.comp.nus.edu.sg/~abhik/projects/Repair/index.html http://www.comp.nus.edu.sg/~abhik/projects/Fuzz/ 25th ASWEC Keynote Adelaide
JOINT R&D Seed funding (Industry-Academia pair) Infrastructure sharing TECHNOLOGY TALKS Latest technologies and trends Project showcases WILD & CRAZY IDEAS (WACI) DAY Research ideas Problem statements SPECIAL INTEREST GROUPS Knowledge and idea exchange R&D partnership exploration CYBERSECURITY CAMP Workshop, Industry talks Hackathons CYBERSECURITY LEAN LAUNCHPAD Business + Technical Discussions Engage via training Engage via discussions and advice Engage via research collaboration SCYFI Research Showcase Research Presentations Talks SG Cyber-security Consortium 40 companies, 10 platinum member companies (>100M) 25th ASWEC Keynote Adelaide 43
Special Interest Groups (SIGs) Future possibilities Threat Intelligence and Incident Response Led by Data Protection and Privacy Led by System and Software Security Led by Mobile Security Led by Cybercrime and Investigation Led by Led by Cyber-Physical System (CPS) and IoT Security Regular meetings organized in-between major events Discussions leading to formulation of grant calls 25th ASWEC Keynote Adelaide 44
Deployment 0 Grey-box Fuzzing 0 Enhanced and (more) systematic path coverage & directed-ness in grey- box fuzzing. 0 AFLFast integrated into main AFL distribution after discussions. 0 Automated Program Repair 0 Infer specifications about repairing a program to meet correctness requirements. 0 Angelix tool used for scalable program repair ~ 80 groups 0 Automated grading, and hints for programming assignments from partial repairs 0 Moving forward 0 Fuzzing and repair tightly integrated for self-healing software. 0 Software can morph to respond to changes in environment. 0 Built-in Self Test (BIST) for autonomous software systems 0 Global as well as local usage via SG Cyber-security Consortium 25th ASWEC Keynote Adelaide 45
BIST for Software Common in critical systems such as avionics, military and others, supplemented by a repair. Can autonomous software test and repair itself autonomously to cater for corner cases? Can autonomous software repair itself subject to changes in environment? ?

Recomendados

Naive bayes
Naive bayesNaive bayes
Naive bayesAshraf Uddin
 
Survey on Software Defect Prediction
Survey on Software Defect PredictionSurvey on Software Defect Prediction
Survey on Software Defect PredictionSung Kim
 
Mining software repositories
Mining software repositoriesMining software repositories
Mining software repositoriesRafael Rossi
 
The Rise of the LLMs - How I Learned to Stop Worrying & Love the GPT!
The Rise of the LLMs - How I Learned to Stop Worrying & Love the GPT!The Rise of the LLMs - How I Learned to Stop Worrying & Love the GPT!
The Rise of the LLMs - How I Learned to Stop Worrying & Love the GPT!taozen
 
Recommendation Systems - Why How and Real Life Applications
Recommendation Systems - Why How and Real Life ApplicationsRecommendation Systems - Why How and Real Life Applications
Recommendation Systems - Why How and Real Life ApplicationsLiron Zighelnic
 
Unit VI
Unit VI Unit VI
Unit VI Bhavsingh Maloth
 
Machine learning
Machine learningMachine learning
Machine learningAmit Kumar Rathi
 
Chapter - 5 Data Mining Concepts and Techniques 2nd Ed slides Han &amp; Kamber
Chapter - 5 Data Mining Concepts and Techniques 2nd Ed slides Han &amp; KamberChapter - 5 Data Mining Concepts and Techniques 2nd Ed slides Han &amp; Kamber
Chapter - 5 Data Mining Concepts and Techniques 2nd Ed slides Han &amp; Kambererror007
 

Recomendados

Naive bayes
Naive bayesNaive bayes
Naive bayesAshraf Uddin
 
Survey on Software Defect Prediction
Survey on Software Defect PredictionSurvey on Software Defect Prediction
Survey on Software Defect PredictionSung Kim
 
Mining software repositories
Mining software repositoriesMining software repositories
Mining software repositoriesRafael Rossi
 
The Rise of the LLMs - How I Learned to Stop Worrying & Love the GPT!
The Rise of the LLMs - How I Learned to Stop Worrying & Love the GPT!The Rise of the LLMs - How I Learned to Stop Worrying & Love the GPT!
The Rise of the LLMs - How I Learned to Stop Worrying & Love the GPT!taozen
 
Recommendation Systems - Why How and Real Life Applications
Recommendation Systems - Why How and Real Life ApplicationsRecommendation Systems - Why How and Real Life Applications
Recommendation Systems - Why How and Real Life ApplicationsLiron Zighelnic
 
Unit VI
Unit VI Unit VI
Unit VI Bhavsingh Maloth
 
Machine learning
Machine learningMachine learning
Machine learningAmit Kumar Rathi
 
Chapter - 5 Data Mining Concepts and Techniques 2nd Ed slides Han &amp; Kamber
Chapter - 5 Data Mining Concepts and Techniques 2nd Ed slides Han &amp; KamberChapter - 5 Data Mining Concepts and Techniques 2nd Ed slides Han &amp; Kamber
Chapter - 5 Data Mining Concepts and Techniques 2nd Ed slides Han &amp; Kambererror007
 
Genetic algorithms in Data Mining
Genetic algorithms in Data MiningGenetic algorithms in Data Mining
Genetic algorithms in Data MiningAtul Khanna
 
Machine Learning and its Applications
Machine Learning and its ApplicationsMachine Learning and its Applications
Machine Learning and its ApplicationsDr Ganesh Iyer
 
generative-ai-fundamentals and Large language models
generative-ai-fundamentals and Large language modelsgenerative-ai-fundamentals and Large language models
generative-ai-fundamentals and Large language modelsAdventureWorld5
 
Feature selection
Feature selectionFeature selection
Feature selectionDong Guo
 
Support Vector Machines (SVM)
Support Vector Machines (SVM)Support Vector Machines (SVM)
Support Vector Machines (SVM)FAO
 
Machine Learning and Real-World Applications
Machine Learning and Real-World ApplicationsMachine Learning and Real-World Applications
Machine Learning and Real-World ApplicationsMachinePulse
 
Genetic algorithm
Genetic algorithmGenetic algorithm
Genetic algorithmmanalishipra
 
ARTIFICIAL INTELLIGENCE
ARTIFICIAL INTELLIGENCEARTIFICIAL INTELLIGENCE
ARTIFICIAL INTELLIGENCESabique Khan
 
MACHINE LEARNING - GENETIC ALGORITHM
MACHINE LEARNING - GENETIC ALGORITHMMACHINE LEARNING - GENETIC ALGORITHM
MACHINE LEARNING - GENETIC ALGORITHMPuneet Kulyana
 
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...Simplilearn
 
AI and ML Series - Introduction to Generative AI and LLMs - Session 1
AI and ML Series - Introduction to Generative AI and LLMs - Session 1AI and ML Series - Introduction to Generative AI and LLMs - Session 1
AI and ML Series - Introduction to Generative AI and LLMs - Session 1DianaGray10
 
Word Embeddings, why the hype ?
Word Embeddings, why the hype ? Word Embeddings, why the hype ?
Word Embeddings, why the hype ? Hady Elsahar
 
Scope - Static and Dynamic
Scope - Static and DynamicScope - Static and Dynamic
Scope - Static and DynamicSneh Pahilwani
 
Linear regression
Linear regressionLinear regression
Linear regressionMartinHogg9
 
How ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundlyHow ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundlyPekka Abrahamsson / Tampere University
 
lecun-01.ppt
lecun-01.pptlecun-01.ppt
lecun-01.pptVenkyChinna8
 
Linear regression with gradient descent
Linear regression with gradient descentLinear regression with gradient descent
Linear regression with gradient descentSuraj Parmar
 
NAIVE BAYES CLASSIFIER
NAIVE BAYES CLASSIFIERNAIVE BAYES CLASSIFIER
NAIVE BAYES CLASSIFIERKnoldus Inc.
 
Generative AI at the edge.pdf
Generative AI at the edge.pdfGenerative AI at the edge.pdf
Generative AI at the edge.pdfQualcomm Research
 
An Overview of Naïve Bayes Classifier
An Overview of Naïve Bayes Classifier An Overview of Naïve Bayes Classifier
An Overview of Naïve Bayes Classifier ananth
 
APSEC2020 Keynote
APSEC2020 KeynoteAPSEC2020 Keynote
APSEC2020 KeynoteAbhik Roychoudhury
 
Automated Program Repair, Distinguished lecture at MPI-SWS
Automated Program Repair, Distinguished lecture at MPI-SWSAutomated Program Repair, Distinguished lecture at MPI-SWS
Automated Program Repair, Distinguished lecture at MPI-SWSAbhik Roychoudhury
 

Más contenido relacionado

La actualidad más candente

Genetic algorithms in Data Mining
Genetic algorithms in Data MiningGenetic algorithms in Data Mining
Genetic algorithms in Data MiningAtul Khanna
 
Machine Learning and its Applications
Machine Learning and its ApplicationsMachine Learning and its Applications
Machine Learning and its ApplicationsDr Ganesh Iyer
 
generative-ai-fundamentals and Large language models
generative-ai-fundamentals and Large language modelsgenerative-ai-fundamentals and Large language models
generative-ai-fundamentals and Large language modelsAdventureWorld5
 
Feature selection
Feature selectionFeature selection
Feature selectionDong Guo
 
Support Vector Machines (SVM)
Support Vector Machines (SVM)Support Vector Machines (SVM)
Support Vector Machines (SVM)FAO
 
Machine Learning and Real-World Applications
Machine Learning and Real-World ApplicationsMachine Learning and Real-World Applications
Machine Learning and Real-World ApplicationsMachinePulse
 
ARTIFICIAL INTELLIGENCE
ARTIFICIAL INTELLIGENCEARTIFICIAL INTELLIGENCE
ARTIFICIAL INTELLIGENCESabique Khan
 
MACHINE LEARNING - GENETIC ALGORITHM
MACHINE LEARNING - GENETIC ALGORITHMMACHINE LEARNING - GENETIC ALGORITHM
MACHINE LEARNING - GENETIC ALGORITHMPuneet Kulyana
 
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...Simplilearn
 
AI and ML Series - Introduction to Generative AI and LLMs - Session 1
AI and ML Series - Introduction to Generative AI and LLMs - Session 1AI and ML Series - Introduction to Generative AI and LLMs - Session 1
AI and ML Series - Introduction to Generative AI and LLMs - Session 1DianaGray10
 
Word Embeddings, why the hype ?
Word Embeddings, why the hype ? Word Embeddings, why the hype ?
Word Embeddings, why the hype ? Hady Elsahar
 
Scope - Static and Dynamic
Scope - Static and DynamicScope - Static and Dynamic
Scope - Static and DynamicSneh Pahilwani
 
Linear regression
Linear regressionLinear regression
Linear regressionMartinHogg9
 
How ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundlyHow ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundlyPekka Abrahamsson / Tampere University
 
Linear regression with gradient descent
Linear regression with gradient descentLinear regression with gradient descent
Linear regression with gradient descentSuraj Parmar
 
NAIVE BAYES CLASSIFIER
NAIVE BAYES CLASSIFIERNAIVE BAYES CLASSIFIER
NAIVE BAYES CLASSIFIERKnoldus Inc.
 
Generative AI at the edge.pdf
Generative AI at the edge.pdfGenerative AI at the edge.pdf
Generative AI at the edge.pdfQualcomm Research
 
An Overview of Naïve Bayes Classifier
An Overview of Naïve Bayes Classifier An Overview of Naïve Bayes Classifier
An Overview of Naïve Bayes Classifier ananth
 

La actualidad más candente (20)

Genetic algorithms in Data Mining
Genetic algorithms in Data MiningGenetic algorithms in Data Mining
Genetic algorithms in Data Mining
 
Machine Learning and its Applications
Machine Learning and its ApplicationsMachine Learning and its Applications
Machine Learning and its Applications
 
generative-ai-fundamentals and Large language models
generative-ai-fundamentals and Large language modelsgenerative-ai-fundamentals and Large language models
generative-ai-fundamentals and Large language models
 
Feature selection
Feature selectionFeature selection
Feature selection
 
Support Vector Machines (SVM)
Support Vector Machines (SVM)Support Vector Machines (SVM)
Support Vector Machines (SVM)
 
Machine Learning and Real-World Applications
Machine Learning and Real-World ApplicationsMachine Learning and Real-World Applications
Machine Learning and Real-World Applications
 
Genetic algorithm
Genetic algorithmGenetic algorithm
Genetic algorithm
 
ARTIFICIAL INTELLIGENCE
ARTIFICIAL INTELLIGENCEARTIFICIAL INTELLIGENCE
ARTIFICIAL INTELLIGENCE
 
MACHINE LEARNING - GENETIC ALGORITHM
MACHINE LEARNING - GENETIC ALGORITHMMACHINE LEARNING - GENETIC ALGORITHM
MACHINE LEARNING - GENETIC ALGORITHM
 
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...
Machine Learning Algorithms | Machine Learning Tutorial | Data Science Algori...
 
AI and ML Series - Introduction to Generative AI and LLMs - Session 1
AI and ML Series - Introduction to Generative AI and LLMs - Session 1AI and ML Series - Introduction to Generative AI and LLMs - Session 1
AI and ML Series - Introduction to Generative AI and LLMs - Session 1
 
Word Embeddings, why the hype ?
Word Embeddings, why the hype ? Word Embeddings, why the hype ?
Word Embeddings, why the hype ?
 
Scope - Static and Dynamic
Scope - Static and DynamicScope - Static and Dynamic
Scope - Static and Dynamic
 
Linear regression
Linear regressionLinear regression
Linear regression
 
How ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundlyHow ChatGPT and AI-assisted coding changes software engineering profoundly
How ChatGPT and AI-assisted coding changes software engineering profoundly
 
lecun-01.ppt
lecun-01.pptlecun-01.ppt
lecun-01.ppt
 
Linear regression with gradient descent
Linear regression with gradient descentLinear regression with gradient descent
Linear regression with gradient descent
 
NAIVE BAYES CLASSIFIER
NAIVE BAYES CLASSIFIERNAIVE BAYES CLASSIFIER
NAIVE BAYES CLASSIFIER
 
Generative AI at the edge.pdf
Generative AI at the edge.pdfGenerative AI at the edge.pdf
Generative AI at the edge.pdf
 
An Overview of Naïve Bayes Classifier
An Overview of Naïve Bayes Classifier An Overview of Naïve Bayes Classifier
An Overview of Naïve Bayes Classifier
 

Similar a Automated Program Repair Keynote talk

Automated Program Repair, Distinguished lecture at MPI-SWS
Automated Program Repair, Distinguished lecture at MPI-SWSAutomated Program Repair, Distinguished lecture at MPI-SWS
Automated Program Repair, Distinguished lecture at MPI-SWSAbhik Roychoudhury
 
Model-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptModel-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptRajuRaju183149
 
JavaOne 2017 CON2902 - Java Code Inspection and Testing Power Tools
JavaOne 2017 CON2902 - Java Code Inspection and Testing Power ToolsJavaOne 2017 CON2902 - Java Code Inspection and Testing Power Tools
JavaOne 2017 CON2902 - Java Code Inspection and Testing Power ToolsJorge Hidalgo
 
Cloud Reliability: Decreasing outage frequency using fault injection
Cloud Reliability: Decreasing outage frequency using fault injectionCloud Reliability: Decreasing outage frequency using fault injection
Cloud Reliability: Decreasing outage frequency using fault injectionJorge Cardoso
 
Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...
Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...
Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...knowdiff
 
OpenPOWER Webinar from University of Delaware - Title :OpenMP (offloading) o...
OpenPOWER Webinar from University of Delaware - Title :OpenMP (offloading) o...OpenPOWER Webinar from University of Delaware - Title :OpenMP (offloading) o...
OpenPOWER Webinar from University of Delaware - Title :OpenMP (offloading) o...Ganesan Narayanasamy
 
Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis Engineering Software Lab
 
Quality Assurance
Quality AssuranceQuality Assurance
Quality AssuranceKiran Kumar
 
香港六合彩 &raquo; SlideShare
香港六合彩 &raquo; SlideShare香港六合彩 &raquo; SlideShare
香港六合彩 &raquo; SlideShareyayao
 
REMOTE TRIGGERED SOFTWARE DEFINED RADIO
REMOTE TRIGGERED SOFTWARE DEFINED RADIOREMOTE TRIGGERED SOFTWARE DEFINED RADIO
REMOTE TRIGGERED SOFTWARE DEFINED RADIOKunal Bidkar
 
Towards Automated Engineering for Collective Adaptive Systems: Vision and Res...
Towards Automated Engineering for Collective Adaptive Systems: Vision and Res...Towards Automated Engineering for Collective Adaptive Systems: Vision and Res...
Towards Automated Engineering for Collective Adaptive Systems: Vision and Res...Roberto Casadei
 
Testes? Mas isso não aumenta o tempo de projecto? Não quero...
Testes? Mas isso não aumenta o tempo de projecto? Não quero...Testes? Mas isso não aumenta o tempo de projecto? Não quero...
Testes? Mas isso não aumenta o tempo de projecto? Não quero...Comunidade NetPonto
 
STAR: Stack Trace based Automatic Crash Reproduction
STAR: Stack Trace based Automatic Crash ReproductionSTAR: Stack Trace based Automatic Crash Reproduction
STAR: Stack Trace based Automatic Crash ReproductionSung Kim
 
Software Testing Tecniques
Software Testing TecniquesSoftware Testing Tecniques
Software Testing Tecniquesersanbilik
 
The Value of Reactive
The Value of ReactiveThe Value of Reactive
The Value of ReactiveVMware Tanzu
 

Similar a Automated Program Repair Keynote talk (20)

APSEC2020 Keynote
APSEC2020 KeynoteAPSEC2020 Keynote
APSEC2020 Keynote
 
Automated Program Repair, Distinguished lecture at MPI-SWS
Automated Program Repair, Distinguished lecture at MPI-SWSAutomated Program Repair, Distinguished lecture at MPI-SWS
Automated Program Repair, Distinguished lecture at MPI-SWS
 
Symbexecsearch
SymbexecsearchSymbexecsearch
Symbexecsearch
 
Model-Based Design & Analysis.ppt
Model-Based Design & Analysis.pptModel-Based Design & Analysis.ppt
Model-Based Design & Analysis.ppt
 
JavaOne 2017 CON2902 - Java Code Inspection and Testing Power Tools
JavaOne 2017 CON2902 - Java Code Inspection and Testing Power ToolsJavaOne 2017 CON2902 - Java Code Inspection and Testing Power Tools
JavaOne 2017 CON2902 - Java Code Inspection and Testing Power Tools
 
16May_ICSE_MIP_APR_2023.pptx
16May_ICSE_MIP_APR_2023.pptx16May_ICSE_MIP_APR_2023.pptx
16May_ICSE_MIP_APR_2023.pptx
 
Cloud Reliability: Decreasing outage frequency using fault injection
Cloud Reliability: Decreasing outage frequency using fault injectionCloud Reliability: Decreasing outage frequency using fault injection
Cloud Reliability: Decreasing outage frequency using fault injection
 
Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...
Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...
Amin Milani Fard: Directed Model Inference for Testing and Analysis of Web Ap...
 
OpenPOWER Webinar from University of Delaware - Title :OpenMP (offloading) o...
OpenPOWER Webinar from University of Delaware - Title :OpenMP (offloading) o...OpenPOWER Webinar from University of Delaware - Title :OpenMP (offloading) o...
OpenPOWER Webinar from University of Delaware - Title :OpenMP (offloading) o...
 
Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis Parasoft .TEST, Write better C# Code Using Data Flow Analysis
Parasoft .TEST, Write better C# Code Using Data Flow Analysis
 
Quality Assurance
Quality AssuranceQuality Assurance
Quality Assurance
 
香港六合彩 &raquo; SlideShare
香港六合彩 &raquo; SlideShare香港六合彩 &raquo; SlideShare
香港六合彩 &raquo; SlideShare
 
REMOTE TRIGGERED SOFTWARE DEFINED RADIO
REMOTE TRIGGERED SOFTWARE DEFINED RADIOREMOTE TRIGGERED SOFTWARE DEFINED RADIO
REMOTE TRIGGERED SOFTWARE DEFINED RADIO
 
Towards Automated Engineering for Collective Adaptive Systems: Vision and Res...
Towards Automated Engineering for Collective Adaptive Systems: Vision and Res...Towards Automated Engineering for Collective Adaptive Systems: Vision and Res...
Towards Automated Engineering for Collective Adaptive Systems: Vision and Res...
 
Testes? Mas isso não aumenta o tempo de projecto? Não quero...
Testes? Mas isso não aumenta o tempo de projecto? Não quero...Testes? Mas isso não aumenta o tempo de projecto? Não quero...
Testes? Mas isso não aumenta o tempo de projecto? Não quero...
 
STAR: Stack Trace based Automatic Crash Reproduction
STAR: Stack Trace based Automatic Crash ReproductionSTAR: Stack Trace based Automatic Crash Reproduction
STAR: Stack Trace based Automatic Crash Reproduction
 
Software Testing Tecniques
Software Testing TecniquesSoftware Testing Tecniques
Software Testing Tecniques
 
Abhik-Satish-dagstuhl
Abhik-Satish-dagstuhlAbhik-Satish-dagstuhl
Abhik-Satish-dagstuhl
 
The value of reactive
The value of reactiveThe value of reactive
The value of reactive
 
The Value of Reactive
The Value of ReactiveThe Value of Reactive
The Value of Reactive
 

Más de Abhik Roychoudhury

Singapore International Cyberweek 2020
Singapore International Cyberweek 2020Singapore International Cyberweek 2020
Singapore International Cyberweek 2020Abhik Roychoudhury
 
Art of Computer Science Research Planning
Art of Computer Science Research PlanningArt of Computer Science Research Planning
Art of Computer Science Research PlanningAbhik Roychoudhury
 
Automated Repair - ISSTA Summer School
Automated Repair - ISSTA Summer SchoolAutomated Repair - ISSTA Summer School
Automated Repair - ISSTA Summer SchoolAbhik Roychoudhury
 

Más de Abhik Roychoudhury (15)

IFIP2023-Abhik.pptx
IFIP2023-Abhik.pptxIFIP2023-Abhik.pptx
IFIP2023-Abhik.pptx
 
Fuzzing.pptx
Fuzzing.pptxFuzzing.pptx
Fuzzing.pptx
 
Dagstuhl2021
Dagstuhl2021Dagstuhl2021
Dagstuhl2021
 
Singapore International Cyberweek 2020
Singapore International Cyberweek 2020Singapore International Cyberweek 2020
Singapore International Cyberweek 2020
 
NUS PhD e-open day 2020
NUS PhD e-open day 2020NUS PhD e-open day 2020
NUS PhD e-open day 2020
 
Art of Computer Science Research Planning
Art of Computer Science Research PlanningArt of Computer Science Research Planning
Art of Computer Science Research Planning
 
Automated Repair - ISSTA Summer School
Automated Repair - ISSTA Summer SchoolAutomated Repair - ISSTA Summer School
Automated Repair - ISSTA Summer School
 
Isorc18 keynote
Isorc18 keynoteIsorc18 keynote
Isorc18 keynote
 
Mobilesoft 2017 Keynote
Mobilesoft 2017 KeynoteMobilesoft 2017 Keynote
Mobilesoft 2017 Keynote
 
Repair dagstuhl jan2017
Repair dagstuhl jan2017Repair dagstuhl jan2017
Repair dagstuhl jan2017
 
Binary Analysis - Luxembourg
Binary Analysis - LuxembourgBinary Analysis - Luxembourg
Binary Analysis - Luxembourg
 
Issta13 workshop on debugging
Issta13 workshop on debuggingIssta13 workshop on debugging
Issta13 workshop on debugging
 
Repair dagstuhl
Repair dagstuhlRepair dagstuhl
Repair dagstuhl
 
PAS 2012
PAS 2012PAS 2012
PAS 2012
 
Pas oct12
Pas oct12Pas oct12
Pas oct12
 

Último

Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityGeoBlogs
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactPECB
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxShobhayan Kirtania
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfciinovamais
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Disha Kariya
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Krashi Coaching
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Pooja Nehwal
 

Último (20)

Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
 
Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1Código Creativo y Arte de Software | Unidad 1
Código Creativo y Arte de Software | Unidad 1
 
Paris 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activityParis 2024 Olympic Geographies - an activity
Paris 2024 Olympic Geographies - an activity
 
Beyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global ImpactBeyond the EU: DORA and NIS 2 Directive's Global Impact
Beyond the EU: DORA and NIS 2 Directive's Global Impact
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
The byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptxThe byproduct of sericulture in different industries.pptx
The byproduct of sericulture in different industries.pptx
 
Advance Mobile Application Development class 07
Advance Mobile Application Development class 07Advance Mobile Application Development class 07
Advance Mobile Application Development class 07
 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
Activity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdfActivity 01 - Artificial Culture (1).pdf
Activity 01 - Artificial Culture (1).pdf
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..Sports & Fitness Value Added Course FY..
Sports & Fitness Value Added Course FY..
 
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
Kisan Call Centre - To harness potential of ICT in Agriculture by answer farm...
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
Russian Call Girls in Andheri Airport Mumbai WhatsApp 9167673311 💞 Full Nigh...
 

Automated Program Repair Keynote talk

  • 1. Automated Program Repair Prof. Abhik Roychoudhury Professor, National University of Singapore Lead PI, Singapore Cyber-security Consortium 1
  • 2. TSUNAMi 0 National Research Foundation Project 0 2015 - 2020 0 Trustworthiness in COTS-Integrated platforms 0 Trustworthy systems from un-trusted components http://www.comp.nus.edu.sg/~tsunami Vulnerability Discovery Binary Hardening Verification Data Protection Research Outputs – Publications, Tools, Academic Collaboration, Exchanges, Seminars & Workshops Education – NUS (New module) Industry Collaboration Singapore Cyber-security Consortium Agency Collaboration - DSTA, etc Enhancing Local Capabilities 2 25th ASWEC Keynote Adelaide
  • 3. 2016 event 3 A team of hackers won $2 million by building a machine that could hack better than they could DARPA Cyber Grand Challenge Automation of Security ~ detecting and fixing of vulnerabilities 25th ASWEC Keynote Adelaide
  • 4. In the rest of the talk 0 Capsule version 0 Executive summary 0 Slightly detailed version 0 A vision for trustworthy software 25th ASWEC Keynote Adelaide 4 Technology is driving us to distraction
  • 5. Repair - Why? 25thASWECKeynoteAdelaide 5 Maintaining Legacy Software Debugging Aid Education, Grading in MooCs Security Patches Self-healing systems, Drones Buggy Program Correctness Criterion Repair Patched Program
  • 6. Troubles with repair 25th ASWEC Keynote Adelaide 6 • Weak description of intended behavior / correctness criterion e.g. tests • Possibility to use “Bugs as deviant behavior” philosophy • Weak applicability of repair techniques e.g. only overflow errors • Large search space of candidate patches for general-purpose repair tools. • Patch suggestions and Interactive Repair
  • 8. 8 1 int triangle(int a, int b, int c){ 2 if (a <= 0 || b <= 0 || c <= 0) 3 return INVALID; 4 if (a == b && b == c) 5 return EQUILATERAL; 6 if (a == b || b != c) // bug! 7 return ISOSCELES; 8 return SCALENE; 9 } Test id a b c oracle Pass 1 -1 -1 -1 INVALID pass 2 1 1 1 EQUILATERAL pass 3 2 2 3 ISOSCELES pass 4 2 3 2 ISOSCELES fail 5 3 2 2 ISOSCELES fail 6 2 3 4 SCALENES fail Correct fix (a == b || b == c || a== c) Traverse all mutations of line 6, and check Hard to generate correct fix since a==c never appears elsewhere in the program. OR Generate the constraint f(2,2,3)f(2,3,2) f(3,2,2)f(2,3,4) and get the solution f(a,b,c) = (a == b || b == c || a== c) 25th ASWEC Keynote Adelaide
  • 9. Comparison Syntactic Program Repair 1. Where to fix, which line? 2. Generate patches in the candidate line 3. Validate the candidate patches against correctness criterion. Semantic Program Repair 1. Where to fix, which line(s)? 2. What values should be returned by those lines, e.g. <inp ==1, ret== 0> 3. What are the expressions which will return such values? 9 Syntax-based Schematic for e in Search-space{ Validate e against Tests } Semantics-based Schematic for t in Tests { generate repair constraint Ψt } Synthesize e from ∧tΨt 25th ASWEC Keynote Adelaide
  • 10. Specification Inference 10 Test input Concrete values Expected output of program Output: Value-set or Constraint Symbolic execution Program Concrete Execution 25th ASWEC Keynote Adelaide
  • 11. 11 1 i f ( hbtype == TLS1 HB REQUEST) { 2 . . . 3 memcpy (bp , pl , payload ) ; 4 . . . 5 } (a) The buggy part of the Heartbleed- vulnerable OpenSSL 1 i f ( hbtype == TLS1 HB REQUEST 2 && payload + 18 < s->s3->rrec.length) { 3 . . . 4 } (b) A fix generated automatically 1 if (1 + 2 + payload + 16 > s->s3->rrec.length) 2 return 0; 3 . . . 4 i f ( hbtype == TLS1_HB_REQUEST) { 5 . . . 6 } 7 e l s e i f ( hbtype == TLS1_HB_RESPONSE) { 8 . . . 9 } 10 r e t u r n 0 ; (c) The developer-provided repair The Heartbleed Bug is a serious vulnerabilityin the popular OpenSSL cryptographicsoftware library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs). --- Source: heartbleed.com 25thASWECKeynoteAdelaide
  • 12. Application in education 12 Use program repair in intelligent tutoring systems to give the students’ individual attention. Detailed Study in IIT-Kanpur, India by Prof. Amey Karkare and team (FSE17) 25th ASWEC Keynote Adelaide
  • 13. In the rest of the talk 0 Capsule version 0 Executive summary 0 Slightly detailed version 0 A vision for trustworthy software 25th ASWEC Keynote Adelaide 13
  • 14. Trustworthy Software: Space of Problems 0 Fuzz Testing 0 Feed semi-random inputs to find hangs and crashes 0 Continuous fuzzing 0 Incrementally find new “problems” in software 0 Crash reproduction 0 Re-construct a reported crash, crashing input not included due to privacy 0 Reaching nooks and corners 0 Localizing reported observable errors 0 Patching reported errors from input-output examples 1425th ASWEC Keynote Adelaide
  • 15. Space of Techniques Search 0 Random 0 Biased-random 0 Genetic (AFL Fuzzer) 0 Low set-up overhead 0 Fast, less accurate 0 Use objective function to steer Symbolic Execution 0 Dynamic Symbolic execution 0 Concolic Execution 0 Cluster paths based on symbolic expressions of variables 0 High set-up overhead 0 Slow, more accurate 0 Use logical formula to steer 1525th ASWEC Keynote Adelaide
  • 16. Search & SE: Interplay (Random) Search 0 Trade-offs 0 Less systematic 0 Easy set-up, execute up to a time budget 0 Enhance the effectiveness of search, with symbolic execution as inspiration Symbolic Execution 0 Trade-offs 0 Systematic 0 More involved set-up, solver calls. 0 Explore capabilities of symbolic execution beyond directed search 1625th ASWEC Keynote Adelaide
  • 17. Symbolic Execution Tree 25th ASWEC Keynote Adelaide 17 int test_me(int Climb, int Up){ int sep, upward; if (Climb > 0){ sep = Up;} else {sep = add100(Up);} if (sep > 150){ upward = 1; } else {upward = 0;} if (upward < 0){ abort; } else return upward; } Climb > 0 Up > 150 Yes 1 < 0 Yes Infeasible Climb ==1, Up == 200 1 < 0 No Infeasible Climb ==1, Up == 100 …. Yes YesNo No
  • 18. Typical Use of Symbolic Execution 25th ASWEC Keynote Adelaide 18 Program Analysis for Bug Finding Concolic execution: supporting real executions [Directed Automated Random Testing] Symbolic execution tree construction e.g. KLEE [Modeling system environment] Grey-box fuzz testing for systematic path exploration inspired by concolic execution AFLFast Random Testing for Bug Finding
  • 19. AFLFast [CCS16] 25th ASWEC Keynote Adelaide 19 Schematic • if (condition1) • return // short path, frequented by many inputs • else if (condition2) • exit // short paths, frequented by many inputs • else ….  Use grey-box fuzzer which keeps track of path id for a test.  Estimate whether a discovered path is higb probability or not  Higher weightage to low probability paths discovered, to gravitate to those -> discover new paths with minimal effort.  Integrated into distribution of AFL fuzzer within a year of publication (CCS16), which is used on a daily basis by corporations for finding vulnerabilities
  • 20. Another use of Symbolic Execution [CCS17] 25th ASWEC Keynote Adelaide 20 Reachability Analysis Reachability of a location in the program - Traverse the symbolic execution tree using search strategies - Encode it as an optimization problem inside the genetic search of grey-box fuzzing AFLGo
  • 21. Neuro-symbolic Execution NDSS19 25th ASWEC Keynote Adelaide 21
  • 22. Novel use of symbolic execution 25th ASWEC Keynote Adelaide 22 In the absence of formal specifications, analyze the buggy program and its artifacts such as execution traces via various heuristics to glean a specification about how it can pass tests and what could have gone wrong! Specification Inference (TODAY!) (application: localization, synthesis, repair)
  • 23. Automated Program Repair 0 Weak description of intended behavior / correctness criterion e.g. tests 0 Weak applicability of repair techniques e.g. only overflow errors 0 Large search space of candidate patches for general-purpose repair tools. 25th ASWEC Keynote Adelaide 23
  • 24. Specification Inference 25th ASWEC Keynote Adelaide Test input Concrete values Expected output of program Output: Value-set or Constraint Symbolic execution Program Concrete Execution 24 ICSE13, FSE18
  • 25. Example 1 int is_upward( int inhibit, int up_sep, int down_sep){ 2 int bias; 3 if (inhibit) 4 bias = down_sep; // bias= up_sep + 100 5 else bias = up_sep ; 6 if (bias > down_sep) 7 return 1; 8 else return 0; 9 } inhibit up_sep down_sep Observed output Expected Output Result 1 0 100 0 0 pass 1 11 110 0 1 fail 0 100 50 1 1 pass 1 -20 60 0 1 fail 0 0 10 0 0 pass 2525th ASWEC Keynote Adelaide
  • 26. Example 26 1 int is_upward( int inhibit, int up_sep, int down_sep){ 2 int bias; 3 if (inhibit) 4 bias = f(inhibit, up_sep, down_sep) // X 5 else bias = up_sep ; 6 if (bias > down_sep) 7 return 1; 8 else return 0; 9 } Inhibit == 1 up_sep == 11 down_sep == 110 Symbolic Execution  ( pcj  outj == expected_out(t) )  f(t) == X j  Paths Repair constraint ( (X >110  1 ==1)  (X ≤ 110  0 == 1) )  f(1,11,110) == X 25thASWECKeynote Adelaide 26
  • 27. What it should have been 1 int is_upward( int inhibit, int up_sep, int down_sep){ 2 int bias; 3 if (inhibit) 4 bias = f(inhibit, up_sep, down_sep) 5 else bias = up_sep ; 6 if (bias > down_sep) 7 return 1; 8 else return 0; 9 } Inhibit == 1 up_sep == 11 down_sep == 110 Symbolic Execution f(1,11,110) > 110 25thASWECKeynote Adelaide 27
  • 28. Fix the suspect 0 Accumulated constraints 0 f(1,11, 110) > 110  0 f(1,0,100) ≤ 100  0 … 0 Find a f satisfying this constraint 0 By fixing the set of operators appearing in f 0 Candidate methods 0 Search over the space of expressions 0 Program synthesis with fixed set of operators 0 Can also be achieved by second-order constraint solving 0 Generated fix 0 f(inhibit,up_sep,down_sep) = up_sep + 100 25thASWECKeynote Adelaide 28
  • 29. Term = Var | Constant | Term + Term | Term – Term | Constant * Term (Second order) Synthesis 29 scanf(“%d”, &x); for(i = 0; i <10; i++){ int t = (i,x); if (t > 0) printf(“1”); else printf(“0”); } P(5)  “1110000000” expected “1111111000” Buggy Program: Sample Test: Synthesis Specification:  . i i  output = expected Solve for  directly Term = Var | Constant | Term + Term | Term – Term | Constant * Term 𝜌 0,5 > 0 𝜌 1,5 > 0 𝜌 1,5 > 0 𝜌 2,5 > 0 𝜌 2,5 > 0 𝜌 2,5 > 0 𝜌 2,5 > 0 Yes No Yes No Yes No 𝑈𝑁𝑆𝐴𝑇 Yes Term = Var | Constant | Term + Term | Term – Term | Constant * Term Existing component-based synthesis encodings provide inefficient unsatisfiability proofs, because of using linear integer arithmetic encoding. Designed a new encoding based on propositional logic for efficient unsatisfiability proofs. 25th ASWEC Keynote Adelaide
  • 30. DirectFix [ICSE2015] 30 Tests Debugging DSE Synthesis Tests MaxSMT solver Conjure a function which represents minimal change to buggy program. 25th ASWEC Keynote Adelaide
  • 31. Example 31 if (x > y) if (x > z) out =10; else out = 20; else out = 30; return out; if (x >= y) if (x >= z) out =10; else out = 20; else out = 30; return out; if (x > y) if (x > z) out =10; else out = 20; else out = 30; return ((x==y)? ((x==z)?10: 20)): out); SemFix DirectFix Test cases: all possible orderings of x,y,z 25th ASWEC Keynote Adelaide #Pgm Equiv Same Loc Diff SemFix 44 17% 46% 6.36 DirectFix 44 53% 95% 2.31
  • 32. Angelix: Scalability [ICSE16] 32 Failing tests MaxSMT solver Minimized Mutations for Repair Failing tests DSE Concise Semantics Signature 25th ASWEC Keynote Adelaide
  • 33. Angelic Forest 33 E1 E2 E3 Failing Test Angelic Paths UNSAT angelic1 angelic2 angelic3 angelic1 angelic3 25th ASWEC Keynote Adelaide Angelic forest: Patch synthesis specification based on Angelic values {Symbolic Variable name, Constant, State } Paths,Tests
  • 34. (Sample) Results 34 #Fixes Del Del, Per Angelix 28 5 18% SPR 31 13 42% Subject LoC wireshark 2814K php 1046K gzip 491K gmp 145K libtiff 77K 25th ASWEC Keynote Adelaide Defect Fixed Expressions Libtiff-4a24508-cc79c2b 2 Libtiff-829d8c4-036d7bb 2 CoreUtils-00743a1f- ec48bead 3 CoreUtils-1dd8a331- d461bfd2 2 CoreUtils-c5ccf29b- a04ddb8d 3
  • 35. Semgraft: Exploit artifacts [ICSE18] 35 Failing tests Symb Exec Concise Semantics Signature 25th ASWEC Keynote Adelaide Reference Program Symb Exec Verification Condition
  • 36. SemGraft 36 Verification condition Counterexample Is SAT? Negate Patch found Buggy program Is SAT? Angelic forest Is SAT? Component library Candidate patch No Yes Yes Yes Buggy program Reference program Symbolic analysis 25th ASWEC Keynote Adelaide
  • 37. SemGraft Results 37 Program Commit Bug Angelix SemGraft sed c35545a Handle empty match Correct Correct seq f7d1c59 Wrong output Correct Correct sed 7666fa1 Wrong output Incorrect Correct sort d1ed3e6 Wrong output Incorrect Correct seq d86d20b Don’t accepts 0 Incorrect Correct sed 3a9365e Handle s/// Incorrect Correct Program Commit Bug Angelix SemGraft mkdir f7d1c59 Segmentation fault Incorrect Correct mkfifo cdb1682 Segmentation fault Incorrect Correct mknod cdb1682 Segmentation fault Incorrect Correct copy f3653f0 Failed to copy a file Correct Correct md5sum 739cf4e Segmentation fault Correct Correct cut 6f374d7 Wrong output Incorrect Correct GNU Coreutils as reference Linux Busybox as reference 25th ASWEC Keynote Adelaide
  • 38. Specification Inference [FSE18] x = (… ); Test input Concrete values Expected output of program Output: Value-set or Constraint Symbolic execution Program Concrete Execution 38 𝜋1 𝜋2 𝜋 𝑛 Program Tests or Property Environment ModelingLibrary Buggy Program Patched Program Tests or Property Repair 25th ASWEC Keynote Adelaide
  • 39. Application in Library Modeling 0 Modeling libraries for symbolic execution of application program. 0 Do not manually provide libraries for symbolic analysis. 0 Instead, they can be partially synthesized. 25th ASWEC Keynote Adelaide 39 void main (int argc , char * argv []) { int a = atoi( argv [1]) ; printf ("%dn", 16 / a); } void atoi_sketch ( char *arr []) { int acc; for (i = 0; i < strlen (arr); i++) acc = (acc , arr[i]); return acc; } Second order reasoning  = xy. 10 x + y - 48 P(“4")  “4"; P(“16")  “1" Tests Use this  and symbolic execution to find crashing inputs e.g. “0”
  • 40. Application in education FSE17 40 Use program repair in intelligent tutoring systems to give the students’ individual attention. Detailed Study in IIT-Kanpur, (FSE17, and ongoing) 25th ASWEC Keynote Adelaide The fact that student programs are often significantly incorrect makes it difficult to fix those programs. P:8 F:2 P:5 F:5 P:6 F:4 P:9 F:1partial repair P:10 F: 0 P: # of passing tests F: # of failing tests APR (symbolic execution) Test 1 Test 2 Test 3 Test 4 Test 5 Test 1 Test 2 Test 3 Test 4 Test 5 Test 1 Test 2 Test 3 Test 4 Test 5 + if (true) { S; + } (search) + if (E) { S; + }
  • 41. Application in Education 25th ASWEC Keynote Adelaide 41 43 buggy student submissions from dataset Across 8 unique problems 37 TA graders volunteered for study Each TA gets all 43 submissions to grade With repair hints for half the submissions
  • 42. Acknowledgments 42 Discussions: Umair Ahmed & Amey Karkare (IIT-K) Marcel Boehme (Monash), Cristian Cadar (Imperial) Satish Chandra (Facebook), Kenneth Cheong & Chia Yuan Cho (DSO), Claire Le Goues (CMU), Lars Grunske & Yannic Noller(Humboldt) Sergey Mechtaev (University College London) Martin Monperrus (KTH) HDT Nguyen and Dawei Qi Manh-Dung Nguyen & Van-Thuan Pham (NUS) Michael Pradel (Darmstadt) Mukul Prasad & Hiroaki Yoshida (Fujitsu), Shin Hwei Tan (SUSTech) Jooyong Yi (Innopolis) Relevant papers: http://www.comp.nus.edu.sg/~abhik/projects/Repair/index.html http://www.comp.nus.edu.sg/~abhik/projects/Fuzz/ 25th ASWEC Keynote Adelaide
  • 43. JOINT R&D Seed funding (Industry-Academia pair) Infrastructure sharing TECHNOLOGY TALKS Latest technologies and trends Project showcases WILD & CRAZY IDEAS (WACI) DAY Research ideas Problem statements SPECIAL INTEREST GROUPS Knowledge and idea exchange R&D partnership exploration CYBERSECURITY CAMP Workshop, Industry talks Hackathons CYBERSECURITY LEAN LAUNCHPAD Business + Technical Discussions Engage via training Engage via discussions and advice Engage via research collaboration SCYFI Research Showcase Research Presentations Talks SG Cyber-security Consortium 40 companies, 10 platinum member companies (>100M) 25th ASWEC Keynote Adelaide 43
  • 44. Special Interest Groups (SIGs) Future possibilities Threat Intelligence and Incident Response Led by Data Protection and Privacy Led by System and Software Security Led by Mobile Security Led by Cybercrime and Investigation Led by Led by Cyber-Physical System (CPS) and IoT Security Regular meetings organized in-between major events Discussions leading to formulation of grant calls 25th ASWEC Keynote Adelaide 44
  • 45. Deployment 0 Grey-box Fuzzing 0 Enhanced and (more) systematic path coverage & directed-ness in grey- box fuzzing. 0 AFLFast integrated into main AFL distribution after discussions. 0 Automated Program Repair 0 Infer specifications about repairing a program to meet correctness requirements. 0 Angelix tool used for scalable program repair ~ 80 groups 0 Automated grading, and hints for programming assignments from partial repairs 0 Moving forward 0 Fuzzing and repair tightly integrated for self-healing software. 0 Software can morph to respond to changes in environment. 0 Built-in Self Test (BIST) for autonomous software systems 0 Global as well as local usage via SG Cyber-security Consortium 25th ASWEC Keynote Adelaide 45
  • 46. BIST for Software Common in critical systems such as avionics, military and others, supplemented by a repair. Can autonomous software test and repair itself autonomously to cater for corner cases? Can autonomous software repair itself subject to changes in environment? ?

Notas del editor

  1. Done
  2. Ok done