Cooperative Testing and Analysis via Informed Decision Making


March 21, 2014


Tool automation to reduce manual efforts is important in software testing and analysis for improving software quality. When dealing with complex software, cooperation that synergistically combines the strengths of users and tools is greatly needed and yet lacks support in state-of-the-art research and practice. This talk presents a methodology of cooperative testing and analysis, where users make informed decisions when cooperating with software testing and analysis tools to accomplish tasks more effectively. This talk also presents a program-analysis technique on precisely identifying and reporting the problems that prevent test-generation tools from achieving high structural coverage. This technique enables users to help the tools address only the relevant problems, reducing users’ efforts in providing guidance. Finally, this talk presents another program-analysis technique on computing information flows and classifying them as safe/unsafe based on a tamper analysis. This flow information explains how applications use permissions, enabling users to make informed decisions on using private data or anonymized data. Also, such information enables mobile platforms to provide default settings that only expose private data for safe flows, minimizing decision making required from users.


Xusheng Xiao

Xusheng Xiao is a PhD Candidate in the Department of Computer Science at North Carolina State University, and a visiting student in the Department of Computer Science at the University of Illinois at Urbana-Champaign. His research in software engineering focuses on improving cooperation between tool users and software testing and analysis tools. He has been awarded the ICSE SRC Best Project Representing an Innovative Use of Microsoft Technology at ACM SRC Grand Final 2012. His work on mobile security is integrated into TouchDevelop developed by Microsoft Research and is granted a U.S. patent. He has completed several industrial research internships at Microsoft Research, IBM Research, and NEC Labs. His work appears in venues such as ICSE, FSE, ISSTA, ASE, and USENIX Security. Before starting his Ph.D. program, Xusheng was a Consultant/Developer who specialized in Agile Software Development in ThoughtWorks. His homepage is at