This is our artifact submission for our ICSE 2024 paper entitled “Combining Structured Static Code Information and Dynamic Symbolic Traces for Software Vulnerability Prediction”. Our AE submission enables an evaluation of the main results of our work, including a step-by-step tutorial on applying our framework to open-source projects and comparing the performance of bug detection with prior techniques. Our scripts automatically generate numerical results and diagrams corresponding to figures and tables in the paper.

We apply for the “available" and “reusable" badges. We provide two ways to reproduce the results of our work: an interactive Jupyter Notebook hosted on a remote server with the same hardware used in the paper. This approach simplifies the setup process and can mitigate many potential problems. In addition to the live server, we provide a Docker image with a working environment and detailed README instructions to evaluate our tool on a local machine. We expect the reviewers to be familiar with Python and Linux running within a Docker environment. Our docker image should run on a standard PC although a full-scale evaluation would require a powerful multi-core computing server with sufficient RAM (>= 128GB).