Our Research
Our research primarily focuses on automated software engineering, with a special emphasis on program repair and fuzz testing. We are proud to have our work accepted at prestigious conferences and journals in the field of software engineering. One extensively examined area is the repair of security vulnerabilities, where we strive to advance the state of the art and contribute to safer and more reliable software systems. Additionally, we have made significant contributions to the development of semantic program repair, further enhancing the effectiveness and trustworthyness of automated repair techniques.
Autonomous Software Engineering
We propose an automated approach for solving Github issues to autonomously achieve program improvement, e.g. bug fixing or feature addition.
This study seeks to demonstrate the continued importance of specification inference in automated program repair, even as program repair technologies enter the LLM era.
Works on Automatic Programming
A forward-looking view, focusing on the programming environment of the near future, where programmers may need to switch to different roles to fully utilize the power of automatic programming.
Automated program repair is an emerging and exciting field of research that allows for automated rectification of software errors and vulnerabilities.
This study revealed that automatically generated code shares common programming mistakes with human-crafted solutions, indicating APR techniques have potential to fix auto-generated code.
Seminal Papers in Program Repair
In this paper, an automated repair method based on symbolic execution, constraint solving and program synthesis is presented. This work has been the starting point for semantic program repair.
Angelix is a novel semantics-based repair method that scales to industry-scale programs in C.
Publications
Our research primarily focuses on automated engineering, with a special emphasis on program repair fuzz testing. We are proud to have our work accepted at prestigious conferences and journals in the field of software engineering. One extensively examined area is the repair of security vulnerabilities, where we strive to advance the state of the art and contribute to safer and more reliable software systems. Additionally, we have made significant contributions to the development of semantic program repair, further enhancing the effectiveness and trustworthiness of automatedrepair techniques.
Automated Vulnerability Remediation
In this paper, a counter-example guided inductive inference procedure over program states to define likely invariants at possible fix locations was presented to reduce the time between reporting and fix of a vulnerability.
In this work we propose an integrated approach for detecting and discarding overfitting patches via systematic co-exploration of the patch space and input space.
In this paper, we propose a general approach to combat the over-fitting problem, specifically for fixing security vulnerabilities. Our key insight is that information about the underlying cause of a vulnerability can be automatically extracted, and this information can then be used to guide Automated Program Repair (APR).