Dynamic Test Case Generation For Embedded Software Defects Detection

Software vulnerabilities are defects which caused in designing and realizatingsoftware function due to the complexity and abstractness.Software vulnerabilities doserious damage.Developers need to make the greatest possible repair security risksexisting in software before software release.Software testing has been the researchhotspot in the field of software security.The test case plays an important role infinding defects in the software.Research on automatic generation of test cases can notonly reduce the testing personnel heavy work, but also can reduce the softwarecompany in the test on the software testing cost.It is a subject of great research value.Fuzzing is a typical representative of the test case generation technology.Fuzzinghas a good speed of generating test case and has a wide application.But Fuzzing lacksof understand the program, the process of test case generation has greatrandomness.So generation of test cases is difficult to guarantee the efficiency oftest.In view of the above problems, the work of this thesis includes the following4aspects:(1) Research on Valgrind intermediate language and inserting processIntroduces different definitions and forms of the intermediate language.Collectthe branch conditions with inserted auxiliary code.(2) Research on tainted data flowAnalyze tainted data and forms of tainted data communication.The positiveanalysis method is introduced based on the analysis of the tainted data.The proposedreverse analysis is higher than the positive analysis of the efficiency of the positiveanalysis.Generates function dependency matrix with the dependency relationship，Through the dependency matrix to determine the cause of the abnormal function callinitial point.(3) Research on path traversalDetermine sensitive area with tainted data,and put forward the path traversalsensitive based on covered area.Process some problems existing in the path traversaltechnique,reducing the possibility of the path explosion effectively.(4) Design and realize a prototype systemExplain the test case generation module in the system,and design some testprograms to test the prototype system,through the analysis of experimental datademonstrate the effectiveness of the system.