CALL: 2016

DOMAIN: IS - Information and Communication Technologies





HOST INSTITUTION: University of Luxembourg

KEYWORDS: software testing, software security, model-driven analytics

START: 2017-08-15

END: 2018-06-30


Submitted Abstract

Objective: The objective of my scientific leave is to expand my expertize, experience and draw inspiration in reformulating the long-term vision of my research group. Hence, SerVal@Berkeley will expand the perimeter of my scientific leave from a personal level to the whole SerVal group, which I am leading. The name of the project properly reflects its purpose: putting researchers from SerVal together with those from Berkeley. The goal is to create fruitful exchanges, short-term research outcomes, and hopefully initiate long-term collaborations in the following research areas: software testing, software security and model-driven analytics (for IoT/CPS). SerVal@Berkeley is hence an enabler for fostering the research activities of SerVal. Cross-fertilization will be achieved by short-term visits of researchers from my group, all along my stay in Berkeley. Research Areas: Software Testing (main topic): Testing is the predominant technique used by the software industry to make software reliable, and this is the reason why research in software testing is that challenging and exiting. My main host group in UC Berkeley is ASPIRE. Specifically I will be the guest of Ass. Pr. Koushik Sen. The specific topic to be investigated is code-based mutation testing. While mutation testing has demonstrated that it is a powerful technique, it cannot scale well due to its computational demands. The idea is to employ static analysis technics, such as partial symbolic execution in combination to abstract interpretation to alleviate this problem. Partial symbolic execution will be used to identify subsuming relationships between mutants and summarize code fragments. Abstract interpretation will help identifying a small representative set of mutants. This technique will allow mutation technique to scale to large systems with an acceptable cost. This forms an excellent opportunity for collaboration; our group has strong expertize in mutation testing (ICSE, TSE, STVR, and ICST venues), while Koushik’ group has strong expertize on symbolic execution and generally static analysis, with many influential papers on ICSE, FSE, PLDI etc. With such a synergy, the project may revolutionize the area of mutation testing. Security Testing: In 2006, I initiated my research on software security, and my research group has gained worldwide visibility thanks to several major achievements. For instance we find information leakages in Android apps, we manage to precisely detect Android malware and effectively test security policies. These achievements have been recorded in several reputable scientific venues like Usenix Security, PLDI, ICSE, POPL and etc. I am in contact with Pr. Dawn in Berkeley for supporting my research stay there by contributing to my research agenda on the automatic and practical detection of malware. Model-driven analytics for sustainable infrastructures: this area is about enhancing model-driven engineering with intensive data streaming, near-real time reasoning and analytics. While I have contributions in model-driven engineering since 15 years (with ten-year most influential paper award for a UML’01 paper), the needs of SerVal industry partners for decision support services led us to intensively work in the area of “Big Data” and analytics (recommendation systems, what-if simulation). This is particularly relevant for Smart Systems (IoT or Cyber-physical systems depending on the context), with ongoing projects on SmartGrid, SmartBuilding and SmartHome. We already have promising results (e.g. 3 papers published at the main conference of the model-driven engineering community: MODELS) and a patent filled. Collaborations with Private Companies and Research Groups: my stay in Berkeley is perfect for strengthening the collaborations with 2 researchers in Google, John Penix (software testing, modeldriven analytics on the continuous integration process) and Damien Octeau (Android security). I plan to spend 1 day every week at Mountain.

This site uses cookies. By continuing to use this site, you agree to the use of cookies for analytics purposes. Find out more in our Privacy Statement