MoFuzz: A Fuzzer Suite for Testing Model-Driven Software Engineering Tools
Fuzzing or fuzz testing is an established technique that aims to discover unexpected program behavior (e.g. bugs, security vulnerabilities, or crashes) by feeding automatically generated data into a program under test. However, the application of fuzzing to test Model-Driven Software Engineering (MDSE) tools is still limited because of the difficulty of existing fuzzers to provide structured, well-typed inputs, namely models that conform to typing and consistency constraints induced by a given meta-model and underlying modeling framework. By drawing from recent advances on both fuzz testing and automated model generation, we present three different approaches for fuzzing MDSE tools: A graph grammar-based fuzzer and two variants of a coverage-guided mutation-based fuzzer working with different sets of model mutation operators. We have evaluated our fuzzing approaches on a set of real-world MDSE tools. Our experimental results show that all approaches can outperform both standard fuzzers and model generators w.r.t.\ their fuzzing capabilities. Moreover, we found that each of our approaches comes with its own strengths and weaknesses in terms of fault finding capabilities and the ability to cover different aspects of the system under test. Thus the approaches complement each other, forming a fuzzer suite for testing MDSE tools.
Thu 24 Sep Times are displayed in time zone: (UTC) Coordinated Universal Time change
|16:00 - 16:20|
|16:20 - 16:40|
|16:40 - 17:00|
Caio Batista de MeloUniversity of California, Irvine, André Luiz Fernandes CançadoUniversity of Brasília, Genaína Nunes RodriguesUniversity of BrasíliaLink to publication DOI Pre-print