May 14, 2022
Today, IFIP Working Group 10.4 announced an outstanding paper has been selected as winner of the 2022 Jean-Claude Laprie Award in Dependable Computing:
B.P. Miller, L. Fredriksen, & B. So, “An Empirical Study of the Reliability of UNIX Utilities”, Communications of the ACM 33, 12 (December 1990).
“An Empirical Study of the Reliability of UNIX Utilities” authored by B.P. Miller, L. Fredriksen, and B. So, and published in Communications of the ACM in 1990, launched the field of fuzz testing, or fuzzing as it is commonly called. Based on the observation that the standard UNIX utilities suffered crashes and hangs due to wrong or nonsensical inputs, it went onto systematically evaluate their reliability and study the root causes of the failures. The paper also released its code and data openly (a novelty at that time), and has been reproduced by many other studies as recently as 2019. The paper has been cited more than 1300 times, and was enormously influential, for example, another work that followed up on this idea are Ballista from CMU, which has gone onto become a standard in its own right. Today, Fuzzing is taught in introductory software testing and security courses, and is a prominent area of research in many conferences such as ICSE, ISSTA, ISSRE, etc., that have multiple sessions dedicated to this topic. More importantly, large companies such as Microsoft, Google, etc. For example, Microsoft recently published a paper on how they integrate fuzzing in the life-cycle of almost all their products. Similarly, Google recently reported that 80% of the bugs they find in production in the Chrome web browser are due to fuzzing. Fuzzing also was the precursor of software-implemented fault injection or SWiFI tools, which have been a research topic at DSN for over two decades. Fuzzing is also heavily used in security research, and is often the first choice of tool for penetration testers. Thus, this paper has important implications for both reliability and security research, and unifies them.
Authors of the winning papers will be presented the award in June 28, 2022 in Baltimore Maryland during the opening session of the Annual IEEE/IFIP International Conference on Dependable Systems and Networks.
About the Jean-Claude Laprie Award in Dependable Computing
The award was created in 2011, in honor of Jean-Claude Laprie (1944-2010), whose pioneering contributions to the concepts and methodologies of dependability were influential in defining and unifying the field of dependable and secure computing. The award recognizes outstanding papers that have significantly influenced the theory and/or practice of Dependable Computing.
For more information on the Jean-Claude Laprie Award please visit http://jclaprie-award.dependability.org
About IFIP WG 10.4 on Dependable Computing and Fault Tolerance
IFIP Working Group 10.4 was established in 1980 with the aim of identifying and integrating approaches, methods and techniques for specifying, designing, building, assessing, validating, operating and maintaining dependable computer systems, that is those that are reliable, available, safe, and secure. Its 75 members from around the world meet twice a year to to conduct in-depth discussions of important technical topics to further the understanding and exposition of the fundamental concepts of dependable computing.
For more information on IFIP WG10.4 visit http://wg10.4.dependability.org
About the International Federation For Information Processing
IFIP is a non-governmental, non-profit umbrella organization for national societies working in the field of information processing. It was established in 1960 under the auspices of UNESCO as a result of the first World Computer Congress held in Paris in 1959. It is the leading multinational, apolitical organization in Information & Communications Technologies and Sciences.
For more information on IFIP visit http://www.ifip.org
Charles B. Weinstock