Building a better computer bug finder: Researchers improve the process of finding vulnerabilities by intentionally adding swarms of bugs to source code

by John

Detecting bugs in computer programs is an expensive task, and there is no way of measuring their efficacy without knowing exactly how many go unnoticed. To tackle this problem, researchers have created LAVA (Large-Scale Automated Vulnerability Addition), a cost-effective technique of intentionally adding vulnerabilities to a program’s source code to test the limits of bug-finding tools and ultimately help developers improve them.

Source: Building a better computer bug finder: Researchers improve the process of finding vulnerabilities by intentionally adding swarms of bugs to source code