Software Quality & Security

Led by Prof. Siti Hafizah Binti Ab Hamid

SIG Overview

Our research reconciles the dichotomy between agile development velocity and uncompromising security. We champion a "Shift-Left" paradigm, investigating novel methodologies to identify vulnerabilities at the architectural and coding phases of the Software Development Life Cycle (SDLC).

By synergising Artificial Intelligence with rigorous Formal Methods, we move beyond simple detection to mathematically verify system correctness and assure safety in mission-critical applications.

Key Research Areas

  1. 1

    Intelligent Software Engineering (AI4SE)

    We explore the application of Machine Learning and Deep Learning to automate complex software engineering tasks.

  2. 2

    Secure Software Development Lifecycle (SSDLC) & DevSecOps

    We investigate methodologies to embed security protocols seamlessly into modern CI/CD pipelines, championing the "Shift-Left" approach.

  3. 3

    Malware Analysis & Mobile Application Security

    We conduct rigorous analysis of malicious software behaviours and secure mobile ecosystems against evolving threats.

  4. 4

    Formal Verification & Model Checking

    We utilise mathematical techniques to prove the correctness of critical system algorithms, ensuring they function exactly as intended.

  5. 5

    Software Quality Metrics & Technical Debt Management

    We develop advanced metrics to quantify software maintainability, reliability, and architectural health.

Related Projects

  1. 1

    Cross-Project Code Anomaly Prediction

    Uses machine learning to predict code anomalies and defects across projects, reducing technical debt in large-scale software development.

  2. 2

    Trust Computing for Service Composition in IoT

    Develops a formal trust model to verify the reputation and reliability of service components in dynamic IoT environments.

  3. 3

    Automated Mutation Testing for Robustness

    Automates the generation of artificial defects to rigorously stress-test applications and ensure test suites detect subtle logic errors.

  4. 4

    Dynamic Software Updating (DSU) Reliability

    Improves Dynamic Software Updating reliability using control flow analysis to ensure updates don't crash systems or corrupt data.

  5. 5

    DroidbotX: Intelligent Test Generation for Android

    Uses Reinforcement Learning to automatically generate Android test cases, exploring app states to uncover crashes and security vulnerabilities.

Interested in collaborating?

Reach out to discuss postgraduate supervision, joint research, or industry partnerships in software quality, secure development, and formal verification.

Get in Touch