Home
Faculty
Grants
Publications
Laboratories
Tools
Students
Education


Admin

Tools

  MuClipse

MuClipse is an Eclipse Plugin which provides a bridge between the existing MuJava API and the Eclipse Workbench.

MuClipse provides advances for the MuJava system in the areas of usability and compatibility. The following improvements help explain its motivation:

  • Classpath Management
  • Directory Structure Configuration
  • Runtime Configuration
  • Integrated GUI-based Results
  • Compatibility with jUnit TestCases

  AWARE

AWARE aggregates compilation errors and warnings, manually-written test failures, and static analysis reports into a ranked listing of alerts. An alert is a notification to a software engineer, in the form of a warning message, of a potential problem, or fault in the source code that has been identified via compilation, testing, or static analysis.

The alerts are ranked by the probability that a particular alert is a true positive in the system. The alert ranking is adapted by programmer feedback in the form of filtering alerts found to be a false positive (the alert is not a fault in the system). The probability that a remaining alert is a true positive in the system is adjusted based on the filtered alerts.

  I-BACCI

The Integrated - Black-box Approach for Component Change Identification (I-BACCI) process is an integration of a static binary code change identification process and a code-based regression test selection process. The objective of the process is to reduce the regression testing required for COTS-based applications when components change and source code is not available. Supporting tools have been developed for analyzing binaries of components in Common Object File Format (COFF) and Portable Executable (PE) formats.

The Decomposer and Trivial Information Zapper (D-TIZ) tool was created to decompose the binary flies and remove trivial information such as timestamps and file pointers, which are irrelevant to the change identification. The Trivial Identifier of Differences in BInary-analysis Text Zapper (TID-BITZ) tool removes most of the false positives caused by trivial differences such as shifted addresses and register reallocations. The Call-graph Analyzer - Affected Function Identifier (CAAFI) tool generates and analyzes the function call graphs within components.

  WARD

The Web Application Reliability and Defense (WARD) framework is a two-part security solution that can be used during code development. WARD is composed of SecureUnit for vulnerability detection and SecureFilter for vulnerability protection. SecureUnit enables developers to write automated, reusable, and customizable JUnit tests to launch attacks on their system to reveal security vulnerabilities. SecureFilter is a customizable server-side choke point containing a regular expression-based filter to match legal input according to system requirements.

Website created by Ben Smith at NCSU. Copyright ©2007.