Virtually any software running on a computer has been processed by a compiler or a
compiler-like tool. Because compilers are such a crucial piece of infrastructure for building …

Domain-specific languages (DSLs) are languages tailored to a specific application domain.
They offer substantial gains in expressiveness and ease of use compared with general …

Fuzzing consists of repeatedly testing an application with modified, or fuzzed, inputs with the
goal of finding security vulnerabilities in input-parsing code. In this paper, we show how to …

We survey the literature available on the topic of domain-specific languages as used for the
construction and maintenance of software systems. We list a selection of 75 key publications …

Programs expecting structured inputs often consist of both a syntactic analysis stage, which
parses raw input, and a semantic analysis stage, which conducts checks on the parsed input …

Whitebox fuzzing is a form of automatic dynamic test generation, based on symbolic
execution and constraint solving, designed for security testing of large applications …

Fuzzing is widely used for vulnerability detection. There are various kinds of fuzzers with
different fuzzing strategies, and most of them perform well on their targets. However, in …

Java virtual machine (JVM) is a core technology, whose reliability is critical. Testing JVM
implementations requires painstaking effort in designing test classfiles (*. class) along with …

We report on the fourth in a series of studies on the reliability of application programs in the
face of random input. Over the previous 15 years, we have studied the reliability of UNIX …

Modern network security rests on the Secure Sockets Layer (SSL) and Transport Layer
Security (TLS) protocols. Distributed systems, mobile and desktop applications, embedded …