Symbolic execution is the most advanced generation technique when it comes to automated software testing.
Symbolic execution computes the necessary inputs for a function to execute all its relevant paths. The test candidates are computed instead of being randomly chosen, resulting in the highest test coverage possible.
Symflower does not report redundant test cases. This means every generated test case adds value, because it executes some new behavior of a function.
Symbolic execution is not restricted to primitive data types and simple source code. Concepts such as complex data types, interfaces and object orientation can be easily analyzed using symbolic execution.
Symbolic Execution equips your production code with test cases that are computed instead of being randomly chosen, requiring no manual effort to reach a high test coverage.
Writing unit tests manually requires 30% to 50% of your development time, while still facing the risk of missing essential test cases.
Boundary value analysis does not take the actual code coverage into account, resulting in very low test coverages.
Fuzzing throws random values at your code, which means you rely on pure luck to find bugs in your software.
Symflower analyzes each operation to see whether there is an input that leads to erroneous behavior. For instance, every access to an array is checked for a possible buffer overflow.
The Symflower coverage guiding our symbolic execution targets not only all relevant execution paths, but takes also each problematic operation into account.
Symflower targets each relevant path through your function. In addition to a high path coverage it aims to reach full MC/DC coverage on an expression level.
For each operation that can result in erroneous behavior, an explicit check is added to see whether the error can be provoked.
For each revealed bug, Symflower reports a dedicated test case that can be used to reproduce and fix the found issues.