Adding Bugs to Make Software Better

The software used to detect computer bugs is limited, with potentially hundreds of bugs going undetected. This is due in part to our inability to determine the effectiveness of our bug-finding tools. 

Now, a counterintuitive approach is being used to solve this problem: engineers are intentionally adding bugs to software by the hundreds of thousands. 

The process has been dubbed "large-scale automated vulnerability addition" (LAVA) by its creators. 

Using this method, they have determined that many available bug finders detect a mere two percent of vulnerabilies. 

(See more...)