Visible to the public Weak-Assert: A Weakness-Oriented Assertion Recommendation Toolkit for Program Analysis

TitleWeak-Assert: A Weakness-Oriented Assertion Recommendation Toolkit for Program Analysis
Publication TypeConference Paper
Year of Publication2018
AuthorsWang, C., Jiang, Y., Zhao, X., Song, X., Gu, M., Sun, J.
Conference Name2018 IEEE/ACM 40th International Conference on Software Engineering: Companion (ICSE-Companion)
Date Publishedmay
ISBN Number978-1-4503-5663-3
Keywordsassertion recommendation, formal program verifcation, Hardware, Human Behavior, Metrics, Pattern matching, policy-based governance, program testing, program weakness, pubcrawl, resilience, security, security weaknesses, Software, Syntactics, Testing, Tools

Assertions are helpful in program analysis, such as software testing and verification. The most challenging part of automatically recommending assertions is to design the assertion patterns and to insert assertions in proper locations. In this paper, we develop Weak-Assert, a weakness-oriented assertion recommendation toolkit for program analysis of C code. A weakness-oriented assertion is an assertion which can help to find potential program weaknesses. Weak-Assert uses well-designed patterns to match the abstract syntax trees of source code automatically. It collects significant messages from trees and inserts assertions into proper locations of programs. These assertions can be checked by using program analysis techniques. The experiments are set up on Juliet test suite and several actual projects in Github. Experimental results show that Weak-Assert helps to find 125 program weaknesses in 26 actual projects. These weaknesses are confirmed manually to be triggered by some test cases.

Citation Keywang_weak-assert:_2018