COYOTE a fully automated unit testing tool automatically creates test cases for each function of software and automatically executes it.
When full automatic testing is executed, the most difficult part is the automatic creation of test cases. Although diverse techniques have been devised for scores of years, there have been many stumbles along the way.
Even though many test automation tools are advertised to have the automatic creation function of test cases, they have been shunned due to the above reason.
We have developed a symbolic testing engine enabling the automatic creation of test cases at the commercialization level with our technology. The symbolic testing technology performs white box testing using the symbolic execution or concolic execution techniques and it exerts outstanding capabilities for the automatic creation of test cases.
The symbolic testing engine explores all execution paths of a given function and calculates the conditions under which each execution path is executed (path condition).
To this end, Insert the code to perform the symbolic operation into the given function, and generate driver code to drive the function and stub code of other functions called by that function to automatically generating test executables. When running the test, the actual execution and the symbolic execution are performed simultaneously, and it calculates the path conditions and test cases. At this time, to solve the conditional equation, an automatic theorem-proof such as an SMT solver is used.
CODEMIND CSI/CQI, a source code diagnostic tool, detects security weaknesses inherent in the source code and detects possible errors during execution in advance.
The technology that predicts software’s behavior beforehand without execution of the software is so-called static analysis. Static analysis can be presented in a variety of techniques, including type analysis, data flow analysis, control flow analysis, information flow analysis, and memory shape analysis.
The abstract interpretation technology is the one devised to design various static analysis techniques within one framework. It has established itself as a standard of the static analysis as it can systematically implement various semantic analysis based on summary analysis.
The principle of the abstract interpretation is to compute abstracted values through abstracted arithmetic operation of a given program. For example, a simultaneous equation that can calculate the scope that each position’s x value can have with the simple program below. The solution of the simultaneous equation is called the “fixed point,” and the fixed point is calculated with a repetitive method.
In this way, variable values are computed, or memory allocation configuration is predicted. The second figure is the process of calculating the memory shape of a given program through summary analysis. Here is an example of detecting a use after free error returned from a memory analysis result.
Beside, CODEMIND has implemented a static analysis engine using graph DB. The analysis result can be checked during analysis in an on-the-fly method, and it is also useful for creating convenient defect tracking graphs.