ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
An undergraduate course on software bug detection tools and techniques
Full text PdfPdf (79 KB)
Source Technical Symposium on Computer Science Education archive
Proceedings of the 37th SIGCSE technical symposium on Computer science education table of contents
Houston, Texas, USA
SESSION: Software engineering - testing table of contents
Pages: 249 - 253  
Year of Publication: 2006
ISBN:1-59593-259-3
Also published in ...
Author
Eric Larson  Seattle University, Seattle, WA
Sponsors
SIGCSE: ACM Special Interest Group on Computer Science Education
ACM: Association for Computing Machinery
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 6,   Downloads (12 Months): 30,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1121341.1121418
What is a DOI?

ABSTRACT

The importance of software bug detection tools is high with the constant threat of malicious activity. Companies are increasingly relying on software bug detection tools to catch exploitable bugs before the program is released. This paper describes a course on software bug detection techniques that is aimed at undergraduates. Courses in software verification are often taught at the graduate level and too theoretical and research oriented for undergraduates. A key component of the course is the programming assignments where students gain practical experience in creating their own software bug detection tools using a source to source converter for a subset of C++.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
Thomas Ball , Sriram K. Rajamani, Automatically validating temporal safety properties of interfaces, Proceedings of the 8th international SPIN workshop on Model checking of software, p.103-122, May 2001, Toronto, Ontario, Canada
 
2
W. Bush, J. Pincus, and D. Sielaff. A static analyzer for finding dynamic programming errors. Software Practice and Experience, July 2000.
 
3
C. Cowan, C. Pu, D. Maier, H. Hinton, P. Bakke, S. Beattie, A. Grier, P. Wagle, and Q. Zhang. StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks. Proceedings of the 7th USENIX Security Conference, January 1998.
 
4
Ctool. http://sourceforge.net/projects/ctool/
 
5
The Economic Impacts of Inadequate Infrastructure for Software Testing. National Institute of Standards and Technology report, prepared by RTI (project 7007.011), May 2002.
6
Dawson Engler , David Yu Chen , Seth Hallem , Andy Chou , Benjamin Chelf, Bugs as deviant behavior: a general approach to inferring errors in systems code, Proceedings of the eighteenth ACM symposium on Operating systems principles, October 21-24, 2001, Banff, Alberta, Canada
 
7
R. Hastings and B. Joyce. Purify: Fast Detection of Memory Leaks and Access Errors. 1992 Winter USENIX Conference, Jan. 1992.
 
8
Laurie J. Hendren , C. Donawa , Maryam Emami , Guang R. Gao , Justiani , B. Sridharan, Designing the McCAT Compiler Based on a Family of Structured Intermediate Representations, Proceedings of the 5th International Workshop on Languages and Compilers for Parallel Computing, p.406-420, August 03-05, 1992
 
9
R. Jones and P. Kelly. Backwards-compatible bounds checking for arrays and pointers in C programs. Proc. of the 3rd International Workshop on Automated Debugging, May 1997.
 
10
J. Merrill. GENERIC and GIMPLE: A New Tree Representation for Entire Functions. GCC Developer's Summit, May 2003.
 
11
George C. Necula , Scott McPeak , Shree Prakash Rahul , Westley Weimer, CIL: Intermediate Language and Tools for Analysis and Transformation of C Programs, Proceedings of the 11th International Conference on Compiler Construction, p.213-228, April 08-12, 2002
 
12
N. Nethercote and J. Fitzhardinge. Bounds-Checking Entire Programs Without Recompiling. Workshop on Semantics, Program Analysis, and Computing Environments for Memory Management, Jan. 2004.
 
13
James A. Whittaker, What Is Software Testing? And Why Is It So Hard?, IEEE Software, v.17 n.1, p.70-79, January 2000  [doi>10.1109/52.819971]
 
14
J. Zhang and X. Wang. A constraint solver and its application to path feasibility analysis. International Journal of Software Engineering and Knowledge, Volume 11, 2001.

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.3 COMPUTERS AND EDUCATION
      K.3.2 Computer and Information Science Education
          Subjects: Computer science education

Additional Classification:
  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.5 Testing and Debugging
          Subjects: Testing tools (e.g., data generators, coverage testing); Symbolic execution


General Terms:
Reliability, Security, Verification


Keywords:
compilers, computer science education, computer security, software engineering, software testing, software verification

Collaborative Colleagues:
Eric Larson: colleagues
This Article has also been published in:

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player