top of page

Our Research

Our research primarily focuses on automated software engineering, with a special emphasis on program repair and fuzz testing. We are proud to have our work accepted at prestigious conferences and journals in the field of software engineering. One extensively examined area is the repair of security vulnerabilities, where we strive to advance the state of the art and contribute to safer and more reliable software systems. Additionally, we have made significant contributions to the development of semantic program repair, further enhancing the effectiveness and trustworthyness of automated repair techniques.

Product

Autonomous Software Engineering

Yuntong Zhang, Haifeng Ruan, Zhiyu Fan, Abhik Roychoudhury

ACM International Symposium on Software Testing and Analysis (ISSTA) 2024,

We propose an automated approach for solving Github issues to autonomously achieve program improvement, e.g. bug fixing or feature addition.

Haifeng Ruan, Yuntong Zhang, Abhik Roychoudhury

47th International Conference on Software Engineering (ICSE) 2025.

This study seeks to demonstrate the continued importance of specification inference in automated program repair, even as program repair technologies enter the LLM era.

Works on Automatic Programming

A forward-looking view, focusing on the programming environment of the near future, where programmers may need to switch to different roles to fully utilize the power of automatic programming.

Claire Le Goues, Michael Pradel, Abhik Roychoudhury

Communications of the ACM, Volume 62, Issue 12

Automated program repair is an emerging and exciting field of research that allows for automated rectification of software errors and vulnerabilities.

Zhiyu Fan, Xiang Gao, Martin Mirchev, Abhik Roychoudhury, Shin Hwei Tan

45th International Conference on Software Engineering (ICSE) 2023

This study revealed that automatically generated code shares common programming mistakes with human-crafted solutions, indicating APR techniques have potential to fix auto-generated code.

Product

Seminal Papers in Program Repair

Hoang Duong Thien Nguyen, Dawei Qi, Abhik Roychoudhury, Satish Chandra

35th International Conference on Software Engineering (ICSE) 2013.

In this paper, an automated repair method based on symbolic execution, constraint solving and program synthesis is presented. This work has been the starting point for semantic program repair.

Sergey Mechtaev; Jooyong Yi; Abhik Roychoudhury

38th International Conference on Software Engineering (ICSE) 2016.

Angelix is a novel semantics-based repair method that scales to industry-scale programs in C.

Publications

Our research primarily focuses on automated engineering, with a special emphasis on program repair fuzz testing. We are proud to have our work accepted at prestigious conferences and journals in the field of software engineering. One extensively examined area is the repair of security vulnerabilities, where we strive to advance the state of the art and contribute to safer and more reliable software systems. Additionally, we have made significant contributions to the development of semantic program repair, further enhancing the effectiveness and trustworthiness of automatedrepair techniques.

Automated Vulnerability Remediation

Yuntong Zhang, Xiang Gao, Gregory J. Duck, Abhik Roychoudhury

38th International Conference on Software Engineering (ICSE) 2016.

In this paper, a counter-example guided inductive inference procedure over program states to define likely invariants at possible fix locations was presented to reduce the time between reporting and fix of a vulnerability.

In this work we propose an integrated approach for detecting and discarding overfitting patches via systematic co-exploration of the patch space and input space.

Xiang Gao, Bo Wang, Gregory J. Duck, Ruyi Ji, Yingfei Xiong, Abhik Roychoudhury

ACM Trans. Softw. Eng. Methodol., Vol. 30, No. 2, Article 14, Publication date: February 2021.

In this paper, we propose a general approach to combat the over-fitting problem, specifically for fixing security vulnerabilities. Our key insight is that information about the underlying cause of a vulnerability can be automatically extracted, and this information can then be used to guide Automated Program Repair (APR).

bottom of page