The software development world has seen a number of fascinating innovations in recent times, whether that’s in new platforms, or even seemingly simple things like being able to capture your coding sessions in real time.

A recent MIT based system, codenamed CodePhage, promises to be among the more exciting developments in the field in recent years.  It offers up developers the chance to import code improvements from other applications to shut down bugs in their own systems.

The system, which was documented in a recent paper, doesn’t require any access to the source code of the app that’s being plundered for its functionality.  Rather, it is capable of analyzing the execution of the application, before then characterizing the type of security checks the application performs.  It can then import these checks, even if the programming language differs between source and destination application.

What’s more, the application is then capable of running a diagnostic on the new addition to ensure that any security holes have indeed been fixed.

“We have tons of source code available in open-source repositories, millions of projects, and a lot of these projects implement similar specifications,” the project team say. “Even though that might not be the core functionality of the program, they frequently have subcomponents that share functionality across a large number of projects.”

Hybrid programming

The MIT team believe that their system will allow developers to build a kind of hybrid whereby the best components from various applications are compiled together.

CodePhage takes code from the buggy application and an un-buggy app, and begins by analyzing two inputs: one that causes the application to crash, and one that doesn’t.

CodePhage then feeds the so called safe input (ie the input that doesn’t cause a crash) to the functioning (un-buggy) application and tracks the sequences the application goes through to deal with it.  This is recorded using a symbolic expression, which is a string of symbols that describe the logical constraints that particular operation imposed.

CodePhage will then feed the working application the input that crashes the original app.  It will go through the same expression building process, before then analyzing where the two diverge.   As soon as it identifies this, the process is stopped.

CodePhage will then find locations whereby the input meets the majority, but not all, of the constraints described by the new symbolic expression.  For instance, the working app may perform the operations in a slightly different order or store data in different forms.

It then tests out the code to see whether it does indeed fix the crash.  If it does, great, but if it doesn’t, CodePhage moves on to the next candidate location and continues the process.

Automated bug testing

The program has been put through its paces on seven popular open source applications where bugs were identified.  In all trials, the program was able to detect and repair the vulnerable code in less than 10 minutes.

With security checks often taking up as much as 80 percent of commercial software, the developers believe that CodePhage could provide an invaluable service in reducing the time required to make software safe.

“The longer-term vision is that you never have to write a piece of code that somebody else has written before,” they say. “The system finds that piece of code and automatically puts it together with whatever pieces of code you need to make your program work.”