NIST is developing a “Bugs Framework” (BF) to categorize and describe classes of bugs in software. For each bug class, the framework includes rigorous definitions and attributes of the class, along with its related dynamic properties, such as proximate, secondary, and tertiary fault causes, consequences, and sites in code. The boundary of the framework is source code; it does not describe the source of the bug (that is, when in the software lifecycle the programmer made a mistake causing the bug) nor what inputs trigger a failure from the bug. The sources and triggers are vital to connect the BF to the software development life cycle. Once this connection is made, software developers can determine the proper tools and techniques to preclude, find, remove, or mitigate bugs.
This project will develop an automated method to discovery the source of a bug and what triggers it given the identification of an instance of a bug that is in a particular class. The automated method will draw on the history of changes to the code and test inputs to the software under development. Although the programming languages that NIST is interested in are Turing Complete, NIST believes that undecidable problems, such as the Halting Problem, need not prevent development of a satisfactory method. Choosing a particular class of bugs should allow a stochastic or heuristic approach to suffice.
Phase I expected results:
An architecture of and development plan for an automated method to discover the source of and one or more triggers for an instance of a program bug, from one of the BF classes.
Phase II expected results:
A demonstration version of a tool that, given an instance of a bug from a BF class, (a) identifies the source of a bug and (b) one or more set of inputs that trigger the bug.
NIST may be available for consultation, input, and discussion.