Amitabh Srivastava's research while affiliated with Microsoft and other places

Publications (8)

Conference Paper
Software testing helps ensure not only that the software under development has been implemented correctly, but also that further development does not break it. If developers introduce new defects into the software, these should be detected as early and inexpensively as possible in the development cycle. To help optimize which tests are run at what...
Article
Distributed computing on the Internet presents new challenges and opportunities for tools that inspect and modify program binaries. The dynamic and heterogeneous nature of the Internet environment extends the traditional product development process by requiring program development tools like these, which were once used only internally, to work in l...
Article
ATOM (Analysis Tools with OM) is a single framework for building a wide range of customized program analysis tools. It provides the common infrastructure present in all code-instrumenting tools; this is the difficult and time-consuming part. The user simply defines the tool-specific details in instrumentation and analysis routines. Building a basic...
Conference Paper
Code instrumentation is a powerful mechanism for understanding program behavior. Unfortunately, code instrumentation is extremely difficult, and therefore has been mostly relegated to building special purpose tools for use on standard industry benchmark suites. ATOM (Analysis Tools with OM) provides a very flexible and efficient code instrumentatio...
Article
ATOM (Analysis Tools with OM) is a single framework for building a wide range of customized program analysis tools. It provides the common infrastructure present in all code-instrumenting tools; this is the difficult and time-consuming part. The user simply defines the tool-specific details in instrumentation and analysis routines. Building a basic...
Conference Paper
ATOM (Analysis Tools with OM) is a single framework for building a wide range of customized program analysis tools. It provides the common infrastructure present in all code-instrumenting tools; this is the difficult and time-consuming part. The user simply defines the tool-specific details in instrumentation and analysis routines. Building a basic...
Article
Although testing starts with individual programs, programs are rarely self-contained in real software environments. They depend on external subsystems like language run time and operating system libraries for various functionalities. These subsystems are developed externally to any given program, with their own test processes. Of course, an uncoord...

Citations

... Later, test suites are used in regression testing to determine whether subsequent versions of those systems behave appropriately. At regression testing time, engineers may seek to increase the cost-effectiveness of testing by applying some sort of test manipulation technique to their test suites, such as test prioritization (TCP) techniques (e.g., [11], [19], [20], [25], [36]) or regression test selection (RTS) techniques (e.g., [5], [18], [28], [30], [31]). ...
... Therefore, researchers and practitioners have proposed various tools that can help in discovering vulnerabilities automatically. Classical vulnerability detection tools rely on static [10,3,17] or dynamic [22,20,24] code analysis, symbolic execution or taint analysis. However, with the advent of efficient machine learning techniques, new approaches appear that try to solve Software Engineering (SE) problems by training AI prediction models on large amount of annotated code samples. ...
... In service oriented architectures (SOA), components provide services on their output ports which are realized by consuming services of other, connected components on their input ports [1], [2]. In such architectures, a component A is said to depend on another component B, if an input port of A is (transitively) connected to any output port of B. The notion of dependency is important in software architecture since it is used by many architecture analysis tools [3], [4], [5], [6], especially for maintainability analyses. ...
... The ability to perform analysis and instrumentation directly on program binaries has many powerful applications, from profiling to security monitoring. Code-coverage profilers [14], [16] and performance analyzers [17] help in identifying program hotspots with the potential for optimization. Security monitoring tools can analyze a binary to find malware signatures [18], [19] or add instrumentation to monitor its execution, so as to detect or prevent security attacks [20], [21]. ...
... The rest of the attributes refer to properties of the test cases collected during or after their execution. From test case execution, TCP techniques might use attributes such as allocation time [114], i.e. time needed to prepare or configure the test case, estimated cost of implementation and setup [63], execution time [103], resource utilisation, i.e. CPU, memory and I/O required by the test case [11], and total time, i.e. time needed to implement, configure and run [104]. ...
... Binary rewriting: The rewriting technology can be traced back to the 1990s. At that time, the binary rewriting was mainly used to analyze or optimize the performance of programs, and almost all the tools like ATOM [26], QPT [27], EEL [28] and Etch [29] relied on static rewriting. After 2000, dynamic rewriting has become the mainstream research direction. ...
... After 2000, dynamic rewriting has become the mainstream research direction. A lot of successful tools appeared one by one: Dyninst [30], Vulcan [31], Vulgrind [32], DynamoRIO, PIN [33], QEMU, etc. Static rewriting has become a hot research direction again since 2010. At that time, new technology like reassembling was used to regenerate a binary. ...