XClose

Centre for Research on Evolution, Search and Testing (CREST)

Home
Menu

Study

CREST is a world leading research centre with lots of opportunities for PhD studies within an excellent team

Our research interests cover a wide area in software engineering, ranging from software analysis and testing to search-based software engineering. We focus on applying sound techniques to real-world problems and often our research involves industry partners.

We encourage applications for PhD studies from excellent students that have a strong interest in our research streams. As a PhD student within CREST you can expect supervision by excellent researchers, working on relevant and exciting topics, and presenting your work at international venues.

The main streams of our research are within exciting and important areas in software engineering:

  • Search Based Software Engineering (all in CREST)
  • Genetic Improvement of Software (Petke)
  • Automated Software Transplantation (Barr, Krinke, Petke)
  • Predictive Analytics for Software Engineering (Sarro)
  • Code Review (Krinke)
  • Software Reuse and Similarity (Krinke)
  • Secure Information Flow (Clark)
  • Statistics and Information Theory in Software Testing (Clark)
  • Dependence Analysis and Change Impact Analysis (Gold, Krinke)
  • Automated Program Repair (Barr, Petke, Sarro)

We are always looking for bright PhD students interested in these or closely related areas. If you are interested in becoming a PhD student within CREST, please contact a potential supervisor from the list above or contact the CREST Director Jens Krinke. In addition, we sometimes recruit for specific projects (see below). Please find more information of the PhD programme on the UCL Computer Science website.

We are also hosting excellent PhD students from other universities for short-term research visits.

Research areas

Search Based Software Engineering
Genetic Improvement of Software

Genetic improvement (GI) uses automated search to find improved versions of existing software. It has emerged as a separate field of research only in the last few years, with the first survey being published in 2017. GI has already resulted in dramatic performance improvements for a diverse set of properties such as execution time, energy and memory consumption, as well as results for fixing and extending existing system functionality. There are still lots of research questions to be answered to do with applicability, generalisability and automation of the approach. GI draws on and develops research in a number of topics including program transformation, program synthesis, genetic programming, software testing and search based software engineering.

Justyna Petke

Automated Software Transplantation

Automated transplantation would open many exciting avenues for software development: suppose we could autotransplant code from one system into another, entirely unrelated, system. This could involve feature transplantation, test case transplantation, but also transplantation of code snippets that would improve software's non-functional properties, such as runtime. Pioneering work by members of CREST involves genetic programming, program analysis and program slicing. Automated software transplantation is a novel avenue of research, thus leaving yet a lot to be explored.

Earl Barr * Jens Krinke * Justyna Petke

Predictive Analytics for Software Engineering

The ever increasing volume of data produced by realising and using software calls for a new generation of analytical techniques that can help software engineers better understand their software processes, products and customers. Devising effective Predictive Analytics for Software Engineering holds the promise to maximise product quality, users' satisfaction and revenues.

This is an important and timely research area on a border of software engineering, optimisation and data science, and is well-suited to students with a strong interest and aptitude in the application of artificial intelligence, predictive analytics, machine learning and optimisation techniques to software engineering problems including but not limited to app store analysis, software project management, software effort estimation, fault prediction, and software testing.

Federica Sarro

Dependence Analysis and Change Impact Analysis

Software systems can be seen of collections of parts that may or may not depend on each other. These range from statements and functions that are linked to each other, over large components like classes or packages, to non-source code artefacts like requirements and models that are linked to each other or to other artefacts. In this research stream we analyse software systems to identify the dependencies between the different parts and use them to solve software engineering problems using both deterministic and probabilistic models. One example of such a problems is change impact analysis where the question is which elements of a software system are affected by a (potential) change to an element of the system. Change impact analysis is an important technique that is extremely useful during software maintenance, for example it can be used to establish which test cases have to be rerun after a change has been applied to a system.

Nicolas Gold * Jens Krinke

Software Reuse and Similarity

With the availability of source code available to be reused and the huge number of developers involved in large projects, it gets more and more important to establish the provenance of the current code within a project. This touches questions like "where is this code coming from", "who has modified the code", or "where has this code been reused". Such questions arise for example to establish if one is allowed to use the software according to its license or just to figure out who can answer questions about that code best. On the other hand, the huge amount of available code is an opportunity for reuse and allows one to find artefacts ready to be reused, based on how similar the context of the current problem is.

Jens Krinke

Secure Information Flow

A lot of effort in making software secure goes into a kind of "fire-fighting", i.e. discovering and closing vulnerabilities in code. However, even if all vulnerabilities have been eliminated, code still may not be secure. It may contain covert channels that allow attacks on confidentiality of information, integrity of information, and the privacy and anonymity of the user. Such covert channels leaking information may be within the logic of the program or be so-called "side channels" such as measuring execution times or heat dissipation over different runs. The challenge of constructing security critical code for contemporary software is enormous.

Traditional formal methods cannot be applied to large, complex, heterogeneous, distributed systems. Methods closer to traditional software testing with underpinning theory and statistical guarantees are needed.

David Clark

Statistics and Information Theory in Software Testing

Software testing is in essence the problem of finding a finite (and preferably small) set of inputs that are good at capturing the possible behaviours of the software under test. This is a hard problem and has many associated smaller problems such as: What is a good oracle? How can I know that my test suite is diverse enough to be representative? Where is the fault in my code? Why is my test suite lying to me? How do I select fresh data to retrain my neural net? This list is potentially very long (and very interesting). Applying statistics and information theory to these problems can assist in devising models and principles that find useful answers. These, in turn, can lead to measures that help find test suites and oracles with good properties.

David Clark

Automated Program Repair

Software is buggy, and bugs have serious consequences, such as reducing the quality of software products, introducing security vulnerabilities, or even endangering human life. Since bug fixing is a difficult and tedious process, developers often cannot allocate sufficient time and resources to address all problems, and even critical bugs remain unresolved for years. Automated program repair is a rapidly growing area of research that aims to solve this problem by automatically suggesting patches for buggy code, without or with minimal developer involvement. Modern program repair approaches typically combine practical techniques from different fields of computer science including program analysis, formal methods and artificial intelligence. Since program repair is a relatively young area of research, it provides exciting opportunities for fundamental scientific contributions, and industrial innovations. Important open problems in program repair include (1) how to automatically address many kinds of defects in large software projects in a scalable fashion, and (2) how to ensure the quality and correctness of automatic patches.

Earl Barr * Justyna Petke * Federica Sarro