The process for software development companies to find bugs can be time consuming, and current industry standard testing doesn’t always find each and every new glitch.
Now a team in Virginia Tech’s Department of Computer Science in the College of Engineering has developed a way for programmers to significantly increase the amount and types of bugs detected during stress testing using a tool called Node.fz.
While the software increases the amount of bugs detected, it also has the potential to decrease the amount of time it takes to get products to market by randomizing — or “fuzzing" — tasks performed by servers.
Though fuzzing client side applications, such as those of industry titans Facebook and Google, as well as numerous web apps, is not new, fuzzing backend servers is novel, said Lee.
Lee and his team identified 12 real-world Node.js programs that had concurrency bugs — bugs that don’t occur every time, but instead were based only on a particular sequence of events. The study is first to demonstrate empirical evidence of the effectiveness of fuzzing for these programs.
As a variant of Node.js, developing Node.fz allowed Lee and Davis to maintain a connection to an existing and robust community of programmers.
The advent of the internet of things (IoT) makes fuzzing more appealing on the server side also. The IoT communicates between the cloud network and the increasing number of gadgets attached to the internet that do everything from keeping the temperature constant in smart refrigerators to regulating pacemakers, means testing the cloud will become increasingly important on the server side.
Historically, bugs in software were quite literally pests that gummed up the vacuum tubes used to carry the index cards to program the behemoth computers of yore.
Today software bugs are a digital metaphor for glitches in software code that cause programs to fail. In the future, Lee and his team are helping to make software bugs more of a fuzzy memory than anything else.
Written by Amy Loeffler