Reading List
CS 590F: Software Reliability

Debugging

1. Execution Reduction
   • (**Vikas**)Andreas Zeller, R. Hildebrandt,
     ``Simplifying and Isolating Failure-Inducing Input,''
     TSE, 2002.

   • (**Vikas**)G. Misherghi, Z. Su
     ``HDD: hierarchical delta debugging,''
     ICSE, 2006.

   • X. Zhang, S. Tallam, and R. Gupta,
     ``Dynamic Slicing Long Running Programs through Execution Fast Forwarding,''
     FSE, November 2006.

2. Dynamic Slicing Based Debugging
   • (**) X. Zhang, N. Gupta, and R. Gupta,
     ``A Study of Effectiveness of Dynamic Slicing in Locating Real Faults,''
     Empirical Software Engineering Journal, to appear.

   • (**) N. Gupta, H. He, X. Zhang, and R. Gupta,
     ``Locating Faulty Code Using Failure-Inducing Chops,''
     ASE, pages 263-272, Nov. 2005.

   • (**) X. Zhang, N. Gupta, and R. Gupta
     ``Locating Faults Through Automated Predicate Switching,''
     ICSE, pages 272-281, May 2006.

   • S. Lu, P. Zhou, W. Liu, Y. Zhou, and J. Torellas,
     ``PathExpander: Architectural Support for Increasing the Path Coverage of Dynamic Bug Detection,''
     MICRO, 2006.

   • (**) X. Zhang, N. Gupta, and R. Gupta
     ``Pruning Dynamic Slices With Confidence,''
     PLDI, pages 169-180, June 2006.

3. Failure Oblivious Computing
   • M.C. Rinard, C. Cadar, D. Dumitran, D.M. Roy, T. Leu, and W.S. Beebee,
     ``Enhancing Server Availability and Security Through Failure-Oblivious Computing,''
     OSDI, pages 303-316, 2004.

   • F. Qin, J. Tucek, J. Sundaresan, and Y. Zhou,
     ``Rx: Treating Bugs as Allergies - A Safe Method to Survive Software Failures,''
     SOSP, pages 235-248, 2005.

   • B. Demsky and M.C. Rinard,
     ``Data Structure Repair Using Goal-directed Reasoning,''
     ICSE, pages 176-185, 2005.

   • A. Michail, T Xie,
     ``Helping Users Avoid Bugs in GUI Applications,''
     ICSE, 2005.

4. Data Race Detection
   • (**Armand**)S. Savage, M. Burrow, G. Nelson, P. Sobalvarro, and T. Anderson
     ``Eraser: A Dynamic Data Race Detector for Multithreaded Programs ''
     TCS, 1997.

   • (**Armand**)R. O'Callahan and J. Choi
     ``Hybrid Dynamic Data Race Detection,''
     PPoPP, 2003.

   • (**Armand**)C. Flanagan and S. N. Freund
     ``Atomizer: A Dynamic Atomicity Checker for Multithreaded Programs,''
     POPL, 2004.

5. Tracing/Replay
   • (**Bin**)M. Xu, R. Bodik, and M. Hill,
     ``A Flight Data Recorder for Enabling Full-System Multiprocessor Deterministic Replay,''
     ISCA, pages 122-133, 2003.

   • (**Bin**)S. Narayanasamy, G. Pokam, and B. Calder,
     ``BugNet: Continuously Recording Program Execution for Determinitic Replay Debugging,''
     ISCA, pages 284-295, 2005.

   • (**Bin**)S. Narayanasamy, C. Pereira, and B. Calder,
     ``Recording Shared Memory Dependences Using Strata,''
     ASPLOS, 2006.

   • S.M. Srinivasan, S. Kandula, C.R. Andrews, and Y. Zhou,
     ``Flashback: A Lightweight Extension for Rollback and Deterministic Replay for Software Debugging,''
     USENIX Annual Technical Conference, General Track, pages 29-44, 2004.

   • Y. Saito,
     ``Jockey: A User-Space Library For Record-Replay Debugging,''
     AADEBUG, pages 69-76, 2005.

6. Statistical Debugging -
   • (**Yu**) B. Liblit, M. Naik, A.X. Zheng, A. Aiken, M.I. Jordan,
     ``Scalable Statistical Bug Isolation,''
     PLDI, pages 15-26, 2005.

   • (**Yu**) Chao Liu, Xifeng Yan, Long Fei, Jiawei Han and Samuel Midkiff
     ``SOBER: Statistical Model-based Bug Localization,''
     FSE, pages 308-323, 2005.

   • (**Yu**) Chao Liu and Jiawei Han
     ``Failure Proximity: A Fault Localization-Based Approach,''
     FSE, pages 382-393, 2006.

7. Debugging by Mining Large Static Code Base
   • (**Qihua**)D. Engler, D.Y. Chen, S. Hallem, A. Chou, and B. Chelf
     ``Bugs as deviant behavior: a general approach to inferring errors in systems code,''
     SOSP, 2001.

   • (**Qihua**)Z. Li, S. Lu, S. Myagmar, and Y. Zhou,
     ``CP-Miner: A Tool for Finding Copy-paste and Related Bugs in Operating System Code,''
     OSDI, 2004.

   • (**Qihua**)Zhenmin Li and Yuanyuan Zhou,
     ``PR-Miner: Automatically Extracting Implicit Programming Rules and Detecting Violations in Large Software Code,''
     FSE, 2005.

8. Advanced Debuggers
   • Sanjay Bhansali, Wen-Ke Chen, Stuart De Jong, Andrew Edwards, and Milenko Drinic
     ``Framework for Instruction-level Tracing and Analysis of Programs,''
     VEE, 2006.

   • R. O'Callahan,
     ``Efficient Collection And Storage Of Indexed Program Traces,''
     Unpublished Manuscript, 2007.

   • Raimondas Lencevicius, Urs Holzle, Ambuj K. Singh,
     ``Dynamic Query-Based Debugging,''
     ECOOP, 1999.

Security

1. Information Flow
   • (**Ashish**) A. Sabelfeld and A.C. Myers,
     ``Language-Based Information-Flow Security,''
     IEEE Journal on Selected Areas in Communications, 21(1):1-15, Jan. 2003.

   • (**Ashish**) Lantian Zheng, Andrew C. Myers,
     ``Dynamic Security Labels and Static Information Flow,''
     International Journal of Information Security

   • (**Ashish**) Michael Clarkson, Andrew C. Myers, Fred B. Schneider,
     `` Belief in Information Flow,''
     Journal of Computer Security.

   • N. Vachharajani, M.J. Bridges, J. Chang, R. Rangan, G. Ottoni, J.A. Blome, G.A. Reis, M. Vachharajani, and D.I. August,
     ``RIFLE: An Architectural Framework for User-Centric Information-Flow Security,''
     MICRO, pages 243-254, 2004.

   • (**Ziqing**)J.R. Crandall and F.T. Chong,
     ``Minos: Control Data Attack Prevention Orthogonal to Memory Model,''
     MICRO, pages 221-232, 2004.

   • (**Ziqing**) F. Qin, H. Chen, Z. Li, Y. Zhou, H-S. Kim, and Y. Wu,
     ``LIFT: A Low-Overhead Practical Information Flow Tracking System for Detecting General security Attacks,''
     MICRO, 2006.

2. Secure Execution
   • (**Zhiqiang**) Crispin Cowan, Calton Pu, Dave Maier, Heather Hinton, Jonathan Walpole, Peat Bakke, Steve Beattie, Aaron Grier, Perry Wagle, and Qian Zhang
     ``StackGuard: Automatic Adaptive Detection and Prevention of Buffer-Overflow Attacks,''
     USENIX Security, 1998.
     `` Four Different Tricks to Bypass StackShield and StackGuard Protection,''
     Gerardo Richarte

   • (**Zhiqiang**) Vladimir Kiriansky, Derek Bruening, Saman Amarasinghe
     ``Secure Execution Via Program Shepherding, ''
     USENIX Security, 2002.

   • (**Zhiqiang**) David Brumley, Li-Hao Liu, Pongsin Poosankam, Dawn Song
     ``Taxonomy and Effectiveness of Worm Defense Strategies,''
     Unknown, 2005.

3. Detecting Vulneralibities
   • (**Hong**)Jedidiah R. Crandall, Zhendong Su, S. Felix Wu, and Frederic T. Chong
     ``On Deriving Unknown Vulnerabilities from Zero-Day Polymorphic and Metamorphic Worm Exploits,''
     CCS, 2005.

   • (**Hong**)V. Benjamin Livshits, Monica S. Lam,
     ``Finding Security Vulnerabilities in Java Applications with Static Analysis,''
     USENIX Security, 2005.

   • David Evans, David Larochelle
     ``Improving Security Using Extensible Lightweight Static Analysis,''
     IEEE Software, 2002.

   • (**Hong**)Ken Ashcraft, Dawson Engler
     ``Using Programmer-Written Compiler Extensions to Catch Security Holes,''
     IEEE S&P, 2002.

   • (**Zhiqiang**)Zhiqiang Lin, Xuxian Jiang, Dongyan Xu, Bing Mao, Li Xie
     ``AutoPaG: Towards Automated Software Patch Generation with Source Code Root Cause Identification and Repair,''
     ASIACCS, 2007.

4. SQL Injection Attacks -
   • Stephen W. Boyd, Angelos D. Keromytis
     ``SQLrand: Preventing SQL Injection Attacks,''
     ACNS, 2004.

   • D. Yu, A. Chander, N. Islam, and I. Serikov,
     ``JavaScript Instrumentation for Browser Security,''
     POPL, 2007.

   • Z. Su, G. Wassermann
     ``The Essence of Command Injection Attacks in Web Applications,''
     POPL, pages 412-421, 2006.

Software Testing

1. Test Generation
   • B. Korel,
     ``Automated Software Test Data Generation,''
     TSE, 1990.

   • (**Nick**)Patrice Godefroid, Nils Klarlund, and Koushik Sen,
     ``DART: Directed Automated Random Testing,''
     PLDI, 2005.
     (**Nick**) Koushik Sen, Darko Marinov, and Gul Agha,
     ``CUTE: A Concolic Unit Testing Engine for C,''
     FSE, 2005.

   • Patrice Godefroid
     (**Nick**) ``Compositional Dynamic Test Generation,''
     POPL, 2007.
   • Atif M. Memon, Martha E. Pollack, and Mary Lou Soffa
     ``Using a Goal-driven Approach to Generate Test Cases for GUIs,''
     ICSE, 1999.

2. Interesting Directions in Testing -
   • (**Nick**) Bhargav Gulavani, Thomas A. Henzinger, Yamini Kannan, Aditya Nori, and Sriram K. Rajamani ,
     ``Synergy: A New Algorithm for Property Checking,''
     FSE, 2006.

   • O. Edelstein, E. Farchi, Y. Nir, G. Ratsaby, S. Ur,
     ``Multithreaded Java Program Test Generation,''
     IBM-SJ 41(1), 2005.

   • Bruce Potter and Gary McGraw,
     ``Software Security Testing ,''
     IEEE S&P, 2004.

   • Mihai Christodorescu and Somesh Jha,
     ``Testing Malware Detectors,''
     ISSTA, 2004.

Hotch-potch

1. Matching Program Executions -
   • X. Zhang and R. Gupta,
     
     ``Matching Execution Histories of Program Versions,''
     ESEC-FSE, pages 197-206, September 2005.

   • M.K. Ramanathan, A. Grama, and S. Jagannathan,
     
     ``Sieve: A Tool for Automatically Detecting Variations Across Program Versions,''
     ASE, 2006.

2. Query Program Executions -
   • S. Goldsmith, R. O'Callahan, and A. Aiken,
     
     `` Relational queries over program traces,''
     OOPSLA, 2005.

   • M. Martin, B. Livshits, and M. Lam
     
     ``Finding application errors and security flaws using PQL: a program query language,''
     OOPSLA, 2005.

3. Data Verification -
   • M. Zhang, X. Zhang, X.Zhang, S. Prabhakar,
     
     ``Manuscript''
     Manuscript, 2007.

   • Fixing The Bug That Crashed The Mars Orbiter -
     • Lingxiao Jiang and Zhendong Su
       
       ``Osprey: A Practical Type System for Validating Dimensional Unit Correctness of C Programs,''
       ICSE, 2006.