Learn More
Statistical debugging aims to automate the process of isolating bugs by profiling several runs of the program and using statistical analysis to pinpoint the likely causes of failure. In this paper, we investigate the impact of using richer program profiles such as path profiles on the effectiveness of bug isolation. We describe a statistical debugging tool(More)
In this paper, we present new ways of describing and constructing linear tail-biting trellises for block codes. We extend the well-known Bahl-Cocke-Jelinek-Raviv (BCJR) construction for conventional trellises to tail-biting trellises. The BCJR-like labeling scheme yields a simple specification for the tail-biting trellis for the dual code, with the dual(More)
Static analysis tools aim to find bugs in software that correspond to violations of specifications. Unfortunately, for large and complex software, these specifications are usually either unavailable or sophisticated, and hard to write. This paper presents ANEK, a tool and accompanying methodology for inferring specifications useful for modular typestate(More)
Despite having high accuracy, neural nets have been shown to be susceptible to adversarial examples, where a small perturbation to an input can cause it to become mislabeled. We propose metrics for measuring the robustness of a neural net and devise a novel algorithm for approximating these metrics based on an encoding of robustness as a linear program. We(More)
We consider the problem if a given program satisfies a specified safety property. Interesting programs have infinite state spaces, with inputs ranging over infinite domains, and for these programs the property checking problem is undecidable. Two broad approaches to property checking are <i>testing</i> and <i>verification</i>. Testing tries to find inputs(More)
We present an algorithm DASH to check if a program P satisfies a safety property phi. The unique feature of the algorithm is that it uses only test generation operations, and it refines and maintains a sound program abstraction as a consequence of failed test generation operations. Thus, each iteration of the algorithm is inexpensive, and can be implemented(More)
Probabilistic programs are usual functional or imperative programs with two added constructs: (1) the ability to draw values at random from distributions, and (2) the ability to condition values of variables in a program via observations. Models from diverse application areas such as computer vision, coding theory, cryptographic protocols, biology and(More)
During the last 10 years, code inspection for standard programming errors has largely been automated with static code analysis. During the next 10 years, we expect to see similar progress in automating testing, and specifically test generation, thanks to advances in program analysis, efficient constraint solvers, and powerful computers. Three new tools from(More)
We describe a Guess-and-Check algorithm for computing algebraic equation invariants of the form ∧ifi(x1,. .. , xn) = 0, where each fi is a polynomial over the variables x1,. .. , xn of the program. The " guess " phase is data driven and derives a candidate invariant from data generated from concrete executions of the program. This candidate invariant is(More)
The last several years have seen a proliferation of static and runtime analysis tools for finding security violations that are caused by <i>explicit information flow</i> in programs. Much of this interest has been caused by the increase in the number of vulnerabilities such as cross-site scripting and SQL injection. In fact, these explicit information flow(More)