Our Research
Our research primarily focuses on automated software engineering, with a special emphasis on program repair and fuzz testing. We are proud to have our work accepted at prestigious conferences and journals in the field of software engineering. One extensively examined area is the repair of security vulnerabilities, where we strive to advance the state of the art and contribute to safer and more reliable software systems. Additionally, we have made significant contributions to the development of semantic program repair, further enhancing the effectiveness and trustworthyness of automated repair techniques.
Autonomous Software Engineering
Yuntong Zhang, Haifeng Ruan, Zhiyu Fan, Abhik Roychoudhury
ACM International Symposium on Software Testing and Analysis (ISSTA) 2024,
We propose an automated approach for solving Github issues to autonomously achieve program improvement, e.g. bug fixing or feature addition.
Haifeng Ruan, Yuntong Zhang, Abhik Roychoudhury
47th International Conference on Software Engineering (ICSE) 2025.
This study seeks to demonstrate the continued importance of specification inference in automated program repair, even as program repair technologies enter the LLM era.
Works on Automatic Programming
A forward-looking view, focusing on the programming environment of the near future, where programmers may need to switch to different roles to fully utilize the power of automatic programming.
Claire Le Goues, Michael Pradel, Abhik Roychoudhury
Automated program repair is an emerging and exciting field of research that allows for automated rectification of software errors and vulnerabilities.
Zhiyu Fan, Xiang Gao, Martin Mirchev, Abhik Roychoudhury, Shin Hwei Tan
45th International Conference on Software Engineering (ICSE) 2023
This study revealed that automatically generated code shares common programming mistakes with human-crafted solutions, indicating APR techniques have potential to fix auto-generated code.
Seminal Papers in Program Repair
Hoang Duong Thien Nguyen, Dawei Qi, Abhik Roychoudhury, Satish Chandra
35th International Conference on Software Engineering (ICSE) 2013.
In this paper, an automated repair method based on symbolic execution, constraint solving and program synthesis is presented. This work has been the starting point for semantic program repair.
Sergey Mechtaev; Jooyong Yi; Abhik Roychoudhury
38th International Conference on Software Engineering (ICSE) 2016.
Angelix is a novel semantics-based repair method that scales to industry-scale programs in C.
Publications
Our research primarily focuses on automated engineering, with a special emphasis on program repair fuzz testing. We are proud to have our work accepted at prestigious conferences and journals in the field of software engineering. One extensively examined area is the repair of security vulnerabilities, where we strive to advance the state of the art and contribute to safer and more reliable software systems. Additionally, we have made significant contributions to the development of semantic program repair, further enhancing the effectiveness and trustworthiness of automatedrepair techniques.
Automated Vulnerability Remediation
Yuntong Zhang, Xiang Gao, Gregory J. Duck, Abhik Roychoudhury
38th International Conference on Software Engineering (ICSE) 2016.
In this paper, a counter-example guided inductive inference procedure over program states to define likely invariants at possible fix locations was presented to reduce the time between reporting and fix of a vulnerability.
Ridwan Shariffdeen, Yannic Noller, Lars Grunske, Abhik Roychoudhury
42nd International Conference on Programming Language Design and Implementation 2021
In this work we propose an integrated approach for detecting and discarding overfitting patches via systematic co-exploration of the patch space and input space.
Xiang Gao, Bo Wang, Gregory J. Duck, Ruyi Ji, Yingfei Xiong, Abhik Roychoudhury
ACM Trans. Softw. Eng. Methodol., Vol. 30, No. 2, Article 14, Publication date: February 2021.
In this paper, we propose a general approach to combat the over-fitting problem, specifically for fixing security vulnerabilities. Our key insight is that information about the underlying cause of a vulnerability can be automatically extracted, and this information can then be used to guide Automated Program Repair (APR).