Research Group Software Verification and Validation (SVV)

Secure, Compliant and Safe Software Systems

Ensuring the security, safety, and reliability of software systems is crucial to our lives. SVV conducts research in automated testing, as well as requirement engineering, design-time and runtime verification, security analysis and testing, and regulatory compliance to create reliable, scalable solutions to real-world challenges. Current fields of application include space, FinTech, legal, automotive, and e-government.

An Intelligent
Digital Assistant
for Financial IT
Development

Read the Article

Researchers and Partners

The group focuses on context-driven research in collaboration with industrial and public sector partners to solve real-world software engineering challenges. Talented researchers interested in building scalable, effective solutions that will revolutionise the way practitioners work will find a stimulating environment and a multi-award-winning team to assist them. SVV’s research activities are financially supported by the FNR, EU programs, and industry partnerships.

Companies and public entities interested in undertaking medium to long-term collaborations to achieve real impact in their software development will find unique expertise within the group.

Our areas of expertise are:

– Requirements Quality Assurance
– Regulatory Compliance
– Design-time analysis
– Functional Safety of Artificial Intelligence
– Automated software testing and analysis
– Run-time monitoring and analysis
– Cybersecurity

Many of the tools developed as part of our research are available on our GitHub organization page

Our Recent Projects

  • Duration:

    2020-2022

  • Funding source:

    SnT partnership program + FNR BRIDGES

  • Researchers:

    Lionel Briand (PI), Sallam Abualhaija, Muhammad Ilyas Azeem, Orlando Amaral Cejas, and Angelo Rizzi

  • Partners:

    Linklaters LLP

  • Description:

    Technological advances in information sharing have raised concerns about data protection. In Europe, the General Data Protection Regulation (GDPR) imposes obligations onto organizations anywhere, as long as they handle data related to EU residents. Violating GDPR can levy penalty fines reaching up to tens of millions of euros. Manual compliance checking (verifying the textual content of legal documents) is time-consuming and error prone. In ARTAGO, we are developing AI-enabled automated solutions for checking the compliance of diverse legal artifacts according to GDPR. These automated solutions will be used as a means for assisting the legal experts in their work.

  • Project details (PDF):

  • Duration:

    2019-2022 and 2022-2025

  • Funding source:

    ESA GSTP

  • Researchers:

    Fabrizio Pastore (PI), Lionel Briand, Enrico Viganò, Oscar Cornejo, Jaekwon Lee

  • Partners:

    GomSpace Luxembourg, LuxSpace, Huld Finland

  • Description:

    The success of space missions depends on the dependability of software, but current practice and standards lack methods to systematically assess the quality of the test suites used to verify such software. To address such limitation, the FAQAS project is building effective techniques to measure the fault detection capability of test suites (mutation analysis) and automatically generate test cases to improve them (mutation testing). FAQAS techniques can inject faults into source code but also alter the data produced by hardware and emulated components. The implemented toolset can be used with embedded software for different kinds of cyber-physical systems.

  • Project details (PDF):

  • Duration:

    2022-2023

  • Funding source:

    ESA EXPRO+

  • Researchers:

    Fabrizio Pastore (PI), Angelo Rizzi

  • Partners:

    n/a

  • Description:

    Due to its deployment in a remote environment and its complex interactions with the physical world, space software should have a high degree of robustness even to unusual or corrupted inputs. Fuzz testing, or Fuzzing, is an automated testing technique that has proven to be very cost-effective and successful in finding faults in software from various use-cases and different application domains. This activity aims to support the development of effective fuzz testing tools targeting space software characteristics, which include, for example, real-timeliness, processing of sensor data, interconnected components.

  • Project details (PDF):

  • Duration:

    2018-2023

  • Funding source:

    SnT partnership program + FNR BRIDGES

  • Researchers:

    Lionel Briand (PI), Fabrizio Pastore, Donghwan Shin, Mohammed Attaoui, Fitash Ul Haq, Hazem Fahmy

  • Partners:

    IEE

  • Description:

    Autonomous systems like self-driving cars can reshape our future by automating complex tasks and preventing human errors; unfortunately, their adoption in safety-critical contexts remains under debate. Indeed, being based on black-box machine learning solutions such as Deep Neural Networks, they cannot undergo traditional software safety certification processes that rely on the understandability of the system implementation. We are overcoming such limitations by providing automated solutions to (1) verify autonomous systems software, (2) generate explanations for software behaviour, (3) improve autonomous systems software. Our enabling solutions are simulation technology, evolutionary algorithms, and unsupervised learning methods to identify similar DNN behaviours.

  • Project details (PDF):

  • Duration:

    2020-2023

  • Funding source:

    FNR IPBG

  • Researchers:

    Seung Yeob Shin (PI), Lionel Briand, Raphaël Ollando

  • Partners:

    SES

  • Description:

    With software being an integral part of software-defined networks (SDN), developing network controllers entails interdisciplinary considerations, which include not only network engineering but also software engineering. In particular, testing software components, while always important, takes on an even greater role in the context of developing SDN-based systems compared to those relying on traditional networks with static and predictable behaviours. The purpose of this project is to develop efficient and effective automated testing techniques for SDN-based systems. In particular, this project will develop an automated test case generation method to reveal faults in software components of the SDN-based system under test.

  • Project details (PDF):

  • Duration:

    2021-2023

  • Funding source:

    FNR IPBG

  • Researchers:

    Seung Yeob Shin (PI), Lionel Briand, Domenico Bianculli, Donghwan Shin, Junaid Akram

  • Partners:

    SES

  • Description:

    Cyber-Physical Systems (CPS), such as ground control systems and space network management systems, have become a prominent enabler in the satellite industry for providing advanced satellite communication services. To ensure service reliability and continuity, it is essential to rigorously test the CPS. This project aims to develop a framework for automated software testing of complex CPS. The core enabling techniques for this project are log analysis (to automate the investigation of event sequences recorded in logs), machine learning (to predict the likelihood of fault revealing effectiveness of test cases), and search-based software testing (to efficiently generate new test inputs).

  • Project details (PDF):

  • Duration:

    2018-2022

  • Funding source:

    SnT partnership program

  • Researchers:

    Lionel Briand (PI), Fabrizio Pastore, Chanh Duc Ngo

  • Partners:

    Huawei

  • Description:

    Mobile Apps are frequently released, mainly to fulfill marketing strategies aiming at increasing App visibility. Consequently, to reduce costs, quality assurance activities should focus on updated features. Unfortunately, state-of-the-art automated App testing solutions focus on testing the whole App and do not target the testing of App updates.
    We fill this gap by relying on model-based approaches that synthesize App models with static analysis, integrate dynamically-refined state abstraction functions and combine complementary testing strategies. We aim at high coverage of updated code with a small number of test inputs, thus alleviating the oracle problem (i.e., less outputs to inspect).

  • Project details (PDF):

  • Duration:

    2021-2023

  • Funding source:

    European Union under the Horizon 2020 research and innovation programme

  • Researchers:

    Lionel Briand (PI), Domenico Bianculli (Co-PI), Fabrizio Pastore (co-PI), Joshua Dawes, Yoann Marquer, Alexander Vatov

  • Partners:

    Aicas, Delft University of Technology, Intelligentia, GMV, Q-media, Siemens, Siemens Healthineers, The Open Group, University of Sannio, Unparallel Innovation, Zurich University of Applied Sciences

  • Description:

    Much of the increasing complexity of ICT systems is being driven by the more distributed and heterogeneous nature of these systems, with Cyber Physical Systems (CPS) accounting for an increasing portion of Software Ecosystems. This basic premise underpins the COSMOS project which focuses on blending best practices DevOps solutions with the development processes used in the CPS context: this will enable the CPS world to deliver software more rapidly and result in more secure and trustworthy systems. As part of the project, the UL team will develop automated testing and run-time verification techniques for CPS.

  • Project details (PDF):

  • Duration:

    2019-2022

  • Funding source:

    SnT partnership program

  • Researchers:

    Lionel Briand (PI), Domenico Bianculli, Hichem Belgacem

  • Partners:

    BGL BNP Paribas – Alphonse Weicker Foundation

  • Description:

    A pressing problem faced by banks and other financial service providers is to ensure the quality of their data. The proposed project will devise automated techniques for the identification of data anomalies. These anomalies include but are not limited to: duplicate, incomplete, or inconsistent data, missing relationships between data originating from different sources (e.g., profiles of the same client in different databases), and data that is potentially non-compliant with the applicable laws and regulations or the Bank’s internal data practices.

  • Project details (PDF):

  • Duration:

    2020-2022

  • Funding source:

    SnT partnership program

  • Researchers:

    Domenico Bianculli (PI), Lionel Briand, Donghwan Shin, Zanis Ali Khan

  • Partners:

    HITEC

  • Description:

    Logging is a common programming practice that is used for gathering runtime information of a software system. The goal of the project is to develop automated techniques for log-based anomaly detection using machine learning, to allow for the detection of and reaction to attacks on the communication system in critical edge-computing infrastructures. To efficiently handle the massive data in the log streams of a system under analysis and better detect anomalies, we mainly address the problem of log template identification and investigate its relationship with anomaly detection.

  • Project details (PDF):