Event Details

An Exploration of Automated Software Testing, Verification, and Repair Strategies using ESBMC and ChatGPT

Teams Link: Join Seminar (We’d appreciate if you could optionally register to join our mailing list)

Dr Lucas Cordeiro

An Exploration of Automated Software Testing, Verification, and Repair Strategies using ESBMC and ChatGPT

Abstract: In this talk, I'll discuss automated testing, verification, and repair techniques that establish a robust foundation for building secure software systems. We'll begin by exploring security concepts, demystifying traditional notions and vulnerabilities unique to (low-level) software systems. Building on this, we'll dive into cutting-edge methods, covering state-of-the-art testing, verification, and repair techniques. This dynamic spectrum spans fuzzing, model checking, constraint programming, and abstract interpretation for vulnerability detection using ESBMC; we'll also touch on leveraging large language models for root cause analysis and program repair using ChatGPT. Lastly, I'll showcase recent achievements highlighting a hybrid approach for safeguarding against embedded software's memory safety and concurrency vulnerabilities. This forward-looking combined approach employs a logic-based automated reasoning framework as its main ingredient, thoughtfully examining search, learning, memory, and parallelization aspects. Throughout the talk, practical examples will bring concepts to life, spanning scenarios such as inspecting firmware security vulnerabilities in modern processors and ensuring the integrity of communication protocols.

Bio: Lucas C. Cordeiro is a Reader in the Department of Computer Science at the University of Manchester (UoM), where he leads the Systems and Software Security (S3) Research Group. Dr. Cordeiro is also the Arm Centre of Excellence Director at UoM. In addition, he is affiliated with the Trusted Digital Systems Cluster at the Centre for Digital Trust and Society, the Formal Methods Group at UoM, and the Post-Graduate Programs in Electrical Engineering (PPGEE) and Informatics (PPGI) at the Federal University of Amazonas, Brazil. Before joining the University of Manchester, he worked as a post-doctoral researcher at the University of Oxford and as a research engineer at Diffblue. In addition, Dr. Cordeiro worked for five years as a software engineer at Siemens / BenQ Mobile and CTPIM / NXP semiconductors. His work focuses on software model checking, automated testing, program synthesis, software security, embedded and cyber-physical systems. He has co-authored more than 150 peer-reviewed publications in the most prestigious venues (e.g., ICSE, CAV, TACAS, FSE, ASE, ISSTA, TSE, TR, TC). He has received various international awards, including the Most Influential Paper at IEEE/ACM ASE'23, the Distinguished Paper Award at ACM ICSE’11, and 39 awards from the international competitions on software verification (SV-COMP) and testing (Test-Comp) 2012-2023. He has a proven track record of securing research funding from EPSRC, Intel, Motorola, Samsung, Nokia Institute of Technology, CNPq, FAPEAM, British Council, and Royal Society (career total over USD 13M).