IRIS - Institutional Research Information System

Infrastructure as Code (IaC) has become a cornerstone of modern cloud and system deployment, enabling automated and repeatable infrastructure provisioning. However, ensuring the correctness of IaC programs remains challenging due to their complexity and dynamic nature. In particular, IaC programs can exhibit different behaviors depending on the state of the resources they manage. Since these resources are deployed on external providers, accounting for their possible states is difficult, making the testing phase particularly challenging. This paper presents HIT, a novel unittesting framework for IaC programs that effectively tests IaC code using relevant resource states. HIT combines fuzzing and concolic execution, two effective yet previously unexplored techniques for IaC code. Our experiments confirm that HIT achieves better code coverage than state-of-the-art approaches.

Coppa, Emilio; Sokolowski, Daniel; Salvaneschi, Guido. (2025). Hybrid Fuzzing of Infrastructure as Code Programs (Short Paper). In Proceedings of the 34th ACM SIGSOFT International Symposium on Software Testing and Analysis (pp. 92- 97). Isbn: 979-8-4007-1474-0. Doi: 10.1145/3713081.3731721. https://dl.acm.org/doi/pdf/10.1145/3713081.3731721.

Hybrid Fuzzing of Infrastructure as Code Programs (Short Paper)

Coppa, Emilio
;
2025

Abstract

Infrastructure as Code (IaC) has become a cornerstone of modern cloud and system deployment, enabling automated and repeatable infrastructure provisioning. However, ensuring the correctness of IaC programs remains challenging due to their complexity and dynamic nature. In particular, IaC programs can exhibit different behaviors depending on the state of the resources they manage. Since these resources are deployed on external providers, accounting for their possible states is difficult, making the testing phase particularly challenging. This paper presents HIT, a novel unittesting framework for IaC programs that effectively tests IaC code using relevant resource states. HIT combines fuzzing and concolic execution, two effective yet previously unexplored techniques for IaC code. Our experiments confirm that HIT achieves better code coverage than state-of-the-art approaches.
2025
979-8-4007-1474-0
Fuzzing, Infrastructure as Code, Symbolic Execution, DevOps
Coppa, Emilio; Sokolowski, Daniel; Salvaneschi, Guido. (2025). Hybrid Fuzzing of Infrastructure as Code Programs (Short Paper). In Proceedings of the 34th ACM SIGSOFT International Symposium on Software Testing and Analysis (pp. 92- 97). Isbn: 979-8-4007-1474-0. Doi: 10.1145/3713081.3731721. https://dl.acm.org/doi/pdf/10.1145/3713081.3731721.
File in questo prodotto:
File Dimensione Formato  
3713081.3731721.pdf

Open Access

Tipologia: Versione dell'editore
Licenza: Creative commons
Dimensione 638.33 kB
Formato Adobe PDF
Visualizza/Apri
638.33 kB Adobe PDF Visualizza/Apri
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11385/251378
Citazioni
  • Scopus ND
  • ???jsp.display-item.citation.isi??? ND
  • OpenAlex ND
social impact