Click Here to Install Silverlight*
United StatesChange|All Microsoft Sites
Center for Software Excellence 
Engineering Services

The Engineering Services Team is focused on the continual improvement of Microsoft code base quality.


SAGE: Scalable Automated Guided Execution

SAGE is a white-box testing technology geared toward exposing bugs in the target program by systematically executing all of its relevant, input-driven behaviors. SAGE attempts to generate only those tests that exercise unique control paths in the program, thus maximizing the opportunity of finding defects. This contrasts with the approaches taken by existing fuzz-testing tools, which employ black-box techniques of randomly generating input data without any knowledge of the target program's code. Such black-box algorithms are inefficient because they generate many redundant tests exercising the same control path in the program.

SAGE collects symbolic constraints from a target program run and solves these constraints to produce new input parameters. These inputs are designed to drive the program on a different control path or cause it to exhibit a fatal error. The key part of our approach is a method of generating constraints from actual program traces obtained by running the program and recording every relevant event during the run. This allows us to focus on testing the security-critical program behaviors that are controlled by external data.

SAGE is built on top of several existing technologies developed within Microsoft. It uses the CSE iDNA engine to record live program runs and save them in trace files and the CSE TruScan analysis engine to replay the trace files and intercept interesting events, such as API calls that read input data and branching instructions that consume input values. Finally, SAGE uses the Disolver constraint solver to solve the constraints generated during the analysis phase. Disolver is being developed by the Constraint Reasoning Group at Microsoft Research, Cambridge.

For more information, see the technical report Automated Whitebox Fuzz Testing.


Security Engineering



Research Papers


© 2016 Microsoft Corporation. All rights reserved. Contact Us |Terms of Use |Trademarks |Privacy & Cookies