MoFuzz: A Fuzzer Suite for Testing Model-Driven Software Engineering Tools
Fuzzing or fuzz testing is an established technique that aims to discover unexpected program behavior (e.g. bugs, security vulnerabilities, or crashes) by feeding automatically generated data into a program under test. However, the application of fuzzing to test Model-Driven Software Engineering (MDSE) tools is still limited because of the difficulty of existing fuzzers to provide structured, well-typed inputs, namely models that conform to typing and consistency constraints induced by a given meta-model and underlying modeling framework. By drawing from recent advances on both fuzz testing and automated model generation, we present three different approaches for fuzzing MDSE tools: A graph grammar-based fuzzer and two variants of a coverage-guided mutation-based fuzzer working with different sets of model mutation operators. We have evaluated our fuzzing approaches on a set of real-world MDSE tools. Our experimental results show that all approaches can outperform both standard fuzzers and model generators w.r.t.\ their fuzzing capabilities. Moreover, we found that each of our approaches comes with its own strengths and weaknesses in terms of fault finding capabilities and the ability to cover different aspects of the system under test. Thus the approaches complement each other, forming a fuzzer suite for testing MDSE tools.
Thu 24 SepDisplayed time zone: (UTC) Coordinated Universal Time change
16:00 - 17:00
|Synthesis-Based Resolution of Feature Interactions in Cyber-Physical Systems|
|MoFuzz: A Fuzzer Suite for Testing Model-Driven Software Engineering Tools|
|Characterization of Implied Scenarios as Families of Common Behavior|
Caio Batista de Melo University of California, Irvine, André Luiz Fernandes Cançado University of Brasília, Genaína Nunes Rodrigues University of BrasíliaLink to publication DOI Pre-print