search menu icon-carat-right cmu-wordmark

Vulnerability Discovery

The Poster illustrates the "Vulnerability Discovery" presentation by Edward J. Schwartz and David Warren at Research Review 2016.

Software Engineering Institute


Current vulnerability discovery techniques such as black-box fuzz testing and concolic testing are so effective that they routinely find hundreds of thousands of crashers, which crash the target program. We created a new methodology for precisely and naturally defining vulnerabilities through the creation of patches. We use our methodology to debunk three commonly held beliefs in fuzzing practice.