Parallel symbolic execution method based on path cluster reductions

A symbolic execution and path technology, applied in the field of parallel testing based on program symbolic execution path cluster division, can solve the problem of low parallel symbolic execution efficiency, improve parallel processing capability and execution efficiency, improve capability and test efficiency, and improve hits The effect of rate and efficiency of software test analysis

Active Publication Date: 2013-04-17
CHINA INFORMATION TECH SECURITY EVALUATION CENT
View PDF6 Cites 14 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Aiming at the problem that the current parallel symbol execution efficiency is not high, the present invention proposes a parallel symbol execution method based on path cluster division

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Parallel symbolic execution method based on path cluster reductions
  • Parallel symbolic execution method based on path cluster reductions

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0025] Embodiment one: see figure 1 , the parallel symbolic execution method based on the path cluster protocol of the present invention specifically includes the following steps: 1) using a disassembly tool to disassemble the executable program under test to obtain the assembly code of the executable program under test;

[0026] 2) Convert the assembly code into a unified intermediate assembly language form to shield the differences in the underlying specific assembly language;

[0027] 3) According to the intermediate assembly language form, generate the function call graph and control flow graph of the executable program under test;

[0028] 4) Define the characteristics of dangerous functions, and find dangerous functions through static analysis of the function call graph;

[0029] 5) Define the characteristics of the input function, and find the input function through the static analysis of the function call graph;

[0030] 6) Establish the paths between "program entry ...

Embodiment 2

[0033] Embodiment 2: The parallel symbolic execution method based on path cluster protocol in this embodiment is different from Embodiment 1 in that further, in step 4), four types of dangerous functions are defined, namely: string copy, memory Copying, formatting, format conversion, etc. In step 5), six types of input functions are defined, namely: file reading, network data reading, pipeline and message reading, user input, environment variable reading, connection functions, etc.

Embodiment 3

[0034] Embodiment three: see figure 2 , the parallel symbolic execution method based on the path cluster protocol in this embodiment is different from the second embodiment in that further, in step 6), based on the analysis of program control dependencies and data dependencies, the "program entry Point → call input function", "call input function → call dangerous function", "call dangerous function → program end point" three groups of point-to-point multiple paths are regulated to form a point-to-point path cluster.

[0035] The path cluster specification between two points in the program can be summarized as 2 steps: determining a set of program statements having a data dependency on a symbolic value of a symbolic execution target point result; find with In the statement collection there is a collection of statements that control dependencies.

[0036] In the parallel symbol execution method based on the path cluster protocol of the present invention, in step 3), the g...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention relates to a computer software safety testing method based on program symbolic execution path cluster partitions. The parallel symbolic execution method based on path cluster reductions includes the steps of: (1) disassembling an tested executable program, (2) obtaining assembly codes of the tested executable program and transferring into uniform intermediate assembly language forms, (3) generating a function call graph and a control flow diagram of the tested executable program according to intermediate assembly language forms, (4) finding a dangerous function and an input function according to a static analysis of the function call graph; (5) respectively creating a path between a program entry point and a call input function, between the call input function and a call dangerous function, and between the call dangerous function and a program end point and reducing into path cluster, (6) subjecting the obtained paths to point-to-point connection to form an integral path cluster chain assembly from program entry point to program end point, and (7) generating corresponding test cases to perform actual program safety tests with an integral path cluster chain from program entry point to program end point formed in step (6) serving as a load unit.

Description

technical field [0001] The invention relates to a computer software safety testing method, in particular to a parallel testing method based on program symbol execution path cluster division. Background technique [0002] At present, symbolic execution technology has been widely concerned and applied in the field of software security testing. Compared with techniques such as fuzzing that randomly generate test cases, symbolic execution can understand the target software more deeply, significantly improve the code coverage of software testing, and generate more targeted test cases. However, the biggest problem with symbolic execution is that due to the huge number of software branches and the number of cycles, there is an exponentially growing execution path, which leads to the problem of path explosion in symbolic execution, which has become the biggest bottleneck of symbolic execution applications. [0003] In order to effectively alleviate or solve the problem of path spac...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): G06F11/36
Inventor 吴世忠郭涛张普含王嘉捷
Owner CHINA INFORMATION TECH SECURITY EVALUATION CENT
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap