Towards Scalable and Effective Testing of Software

ABSTRACT

The complexity of our software ecosystem is growing rapidly. Several studies demonstrate that rapid software development introduces new bugs at a rate proportional to the amount of new code. Since software is deeply embedded in our daily lives, it is crucial to uncover these bugs before adversaries can exploit them to mount attacks. Software testing is one of the most effective ways to find these bugs promptly. However, existing approaches struggle with uncovering complex bugs.

In this talk, I will present my research on enhancing the core components of dynamic testing to uncover complex bugs across diverse application domains. Specifically, I will detail my efforts to optimize input generation using domain-specific knowledge of the target, refine program representations to test hard-to-reach code, and build specifications to detect bugs that were previously difficult to find automatically. Finally, I will sketch out how I see our software ecosystem evolving over the coming years and discuss how we should adapt our testing strategies in response to these changes.

BIOGRAPHY

Prashast Srivastava is a postdoctoral researcher at Columbia University, working with Suman Jana. He earned his PhD from Purdue University, advised by Mathias Payer and Antonio Bianchi. His primary research area is software testing, with a focus on optimizing dynamic testing techniques to uncover complex bugs. His work has been published in top security and software engineering conferences, including CCS and FSE, and integrated into state-of-the-art dynamic testing frameworks such as AFL++ and LibAFL.