Tuesday, January 16 , 2018, 3:25 am | Mostly Cloudy 47º


UCSB Computer Scientists Receive NSF Funding to Catch and Eliminate Software Bugs

Buggy software is as annoying as it is a waste of both time and money. With more web-based software being downloaded into more devices every day — as opposed to native software dedicated to specific machines — the potential for stalls and diminished functionality grows. Additionally, bugs can leave devices vulnerable to security breaches. And, they’re just aggravating.

comp scientists
UCSB computer scientists Tevfik Bultan, left, and Ivan Bocic are working on ways to verify web-based software to prevent and eliminate common errors. (Sonia Fernandez / UCSB photo)

With a grant of nearly $500,000 from the National Science Foundation, UC Santa Barbara computer scientist Tevfik Bultan is looking for ways to improve and enhance our interactions with software. Bultan and his team are studying verification techniques that can catch and repair bugs in code that manipulates and updates data in web-based software applications.

“Developing software is still an error-prone process,” Bultan said.

While the bigger companies are better able to hire talent to develop software with fewer bugs, in order to scale, the software development process should be viewed as an engineering problem as opposed to a matter of creativity and talent, he said, adding: “There’s a general lack of appreciation of how difficult it is to get the software right.”

The advantages of web-based software for users is its use of cloud-computing platforms to store information remotely in data centers. Not only can users access their programs from anywhere, at any time, their computers are less burdened by data-heavy software and can function with more agility.

However, with computing distributed across multiple machines on the cloud, errors and glitches are not easily detected before the software is rolled out to the public. As a result, bugs manifest themselves after the programs have been downloaded. This can cost a software company a lot in time, money and even user confidence. The problems people experience — and continue to experience — with the Healthcare.gov site, for example, illustrate the kind of frustration brought about by good software gone bad.

“It was used as a political discussion point, but not many people asked how come it failed from an engineering standpoint,” Bultan said.

Computer security is another huge area for bugs, with most issues traceable to an error in the program. The recent Heartbleed Bug, for instance, was a vulnerability in OpenSSL software, the very software that was used widely to encrypt communications over the Internet, compromising user names, passwords and other private information.

Using techniques that translate software data into code that can be evaluated with mathematical logic, Bultan’s team can verify the soundness of any particular software. By automating the process and adding steps to update the software as needed, crashes, perpetuated errors, vulnerabilities and other glitches will take up less time and money.

The verification can happen in various places in the process of developing software, he said, either before the program is rolled out to the public — static verification — or as a background process, as the software is being used. Bultan’s project, which concentrates specifically on web-based software, will emphasize static verification, although it will also include runtime checks.

The work also includes proposed guidelines for writing certain pieces of software code to allow for easier verification, and to avoid specific errors.

Still, with the complexity and diversity of software and new web-based applications continuously being developed, a solution to the problem of error-prone software may never be found. It’s mathematically impossible, according to Bultan, but this project takes a step toward approaching the issue from an engineer’s perspective, and eliminating the most common errors in software.

“We can’t catch all bugs, but we try to catch as many bugs as we can,” he said.

Future projects might involve verification from the end user’s side, helping him or her write bug-free software.

— Sonia Fernandez represents the UCSB Office of Public Affairs and Communications.

  • Ask
  • Vote
  • Investigate
  • Answer

Noozhawk Asks: What’s Your Question?

Welcome to Noozhawk Asks, a new feature in which you ask the questions, you help decide what Noozhawk investigates, and you work with us to find the answers.

Here’s how it works: You share your questions with us in the nearby box. In some cases, we may work with you to find the answers. In others, we may ask you to vote on your top choices to help us narrow the scope. And we’ll be regularly asking you for your feedback on a specific issue or topic.

We also expect to work together with the reader who asked the winning questions to find the answer together. Noozhawk’s objective is to come at questions from a place of curiosity and openness, and we believe a transparent collaboration is the key to achieve it.

The results of our investigation will be published here in this Noozhawk Asks section. Once or twice a month, we plan to do a review of what was asked and answered.

Thanks for asking!

Click here to get started >

Support Noozhawk Today

You are an important ally in our mission to deliver clear, objective, high-quality professional news reporting for Santa Barbara, Goleta and the rest of Santa Barbara County. Join the Hawks Club today to help keep Noozhawk soaring.

We offer four membership levels: $5 a month, $10 a month, $25 a month or $1 a week. Payments can be made through PayPal below, or click here for information on recurring credit-card payments.

Thank you for your vital support.

Reader Comments

Noozhawk is no longer accepting reader comments on our articles. Click here for the announcement. Readers are instead invited to submit letters to the editor by emailing them to [email protected]. Please provide your full name and community, as well as contact information for verification purposes only.

Daily Noozhawk

Subscribe to Noozhawk's A.M. Report, our free e-Bulletin sent out every day at 4:15 a.m. with Noozhawk's top stories, hand-picked by the editors.

Sign Up Now >