Logo ČVUT
CZECH TECHNICAL UNIVERSITY IN PRAGUE
STUDY PLANS
2023/2024
UPOZORNĚNÍ: Jsou dostupné studijní plány pro následující akademický rok.

Advanced Program Testing

Login to KOS for course enrollment Display time-table
Code Completion Credits Range Language
NIE-APT Z,ZK 5 2P+1C English
Garant předmětu:
Pierre Donat-Bouillud
Lecturer:
Pierre Donat-Bouillud
Tutor:
Pierre Donat-Bouillud
Supervisor:
Department of Theoretical Computer Science
Synopsis:

Testing a program is essential to ensure that a program respects its specification, that changes do not introduce regressions or security issues. The goal of the course is to present advanced program testing techniques, beyond writing unit tests, especially fuzzing and symbolic execution.

Requirements:

The students are expected to be familiar with the basic notions of testing, such as unit testing (such as presented in BI-OOP).

Syllabus of lectures:

1. Introduction - specification testing

2. Coverage - structural testing

3. Property-based testing and random fuzzing

4. Test-case minimization

5. Mutation-based fuzzing and mutation analysis

6. Greybox fuzzing and search-based fuzzing

7. Syntactic fuzzing: fuzzing with possibly probabilistic grammars

8. Syntactic fuzzing: greybox fuzzing with grammars, mining input grammars

9. Domain-specific fuzzing

10. Concolic fuzzing

11. Symbolic fuzzing

12. Practical fuzzing: when to stop, infrastructure for fuzzing at scale

13. Current research (e.g. differential fuzzing for JS engines)

Syllabus of tutorials:

1. Coverage and code coverage tools

2. Test-case minimization

3. Greybox fuzzer

4. Greybox fuzzer with grammar

5. Concolic fuzzing

6. Project consultation

Study Objective:

The aim of the course is to introduce students to advanced program testing techniques, including fuzzing and symbolic execution, both theoretically, and in practice, by looking at real code examples and by writing a fuzzer and finding bugs in real programs with it.

Study materials:

Aniche, Maurício. Effective Software Testing: A developer's guide. Simon and Schuster, 2022. ; Zeller, Andreas, et al. „The fuzzing book.“ (2019).

Pezzè, Mauro, and Michal Young. Software testing and analysis: process, principles, and techniques. John Wiley & Sons, 2008.

Baldoni, Roberto, Emilio Coppa, Daniele Cono D’elia, Camil Demetrescu, and Irene Finocchi. “A Survey of Symbolic Execution Techniques.” (2018).

The Fuzzing Book<https://www.fuzzingbook.org/>.

Note:
Further information:
https://courses.fit.cvut.cz/NI-APT/
Time-table for winter semester 2023/2024:
06:00–08:0008:00–10:0010:00–12:0012:00–14:0014:00–16:0016:00–18:0018:00–20:0020:00–22:0022:00–24:00
Mon
Tue
roomTH:A-1247
Donat-Bouillud P.
12:45–14:15
(lecture parallel1)
Thákurova 7 (budova FSv)
seminární místnost
roomTH:A-1247
Donat-Bouillud P.
14:30–16:00
EVEN WEEK

(lecture parallel1
parallel nr.101)

Thákurova 7 (budova FSv)
seminární místnost
Wed
Thu
Fri
Time-table for summer semester 2023/2024:
Time-table is not available yet
The course is a part of the following study plans:
Data valid to 2024-05-23
Aktualizace výše uvedených informací naleznete na adrese https://bilakniha.cvut.cz/en/predmet7586706.html