Developers: Intel ControlFlag’s Automated Debugging Tool Now Open Source
Intel’s automated code debugging tool ControlFlag is now open source and available to developers for free – a move that will come as a relief to many who are tired of spending hours scouring their software for an anomaly. potential.
Now available through GitHub, ControlFlag leverages machine learning to automatically identify bugs in software and firmware code, saving developers the tedious task of manually debugging the programs they write.
First announced late last year, ControlFlag has so far only been used internally by Intel to spot anomalies in the company’s software development. By opening up the tool to outside developers and letting them rely on it, Intel expects to push the boundaries of what the system can do to streamline the process of writing code.
Debugging is essential to program development: Almost all large-scale software has bugs in accuracy, performance, or security that must be addressed. In addition, each update of these programs, for example the launch of a new feature, introduces another opportunity for an anomaly to appear.
But for the vast majority of developers, the process is a long and still largely manual chore. This is because most bugs require semantic analysis to identify, assess the root cause, and mitigate – an analysis that even leading debugging systems are unable to perform effectively.
“Historically, these semantic analyzers were just software developers,” Justin Gottschlich, senior AI scientist at Intel Labs, told ZDNet. “As such, this is a major reason why debugging remains a largely human-driven process.”
The past few decades have seen advances in automating debugging, but existing tools fall short of software bugs that only get more complex. That’s why developers hate debugging so much, Gottschlich explains: It can take days, weeks, and even months to fix a single software flaw. It is estimated, in fact, that up to 50% of all software development time is spent debugging.
It also comes at a cost to businesses. According to Intel, the IT industry spent about $ 2,000 billion in 2020 on software development costs associated with debugging code, which is about half of the average IT budget.
ControlFlag was designed to fill this gap, with a capability known as anomaly detection. The tool learns from previous examples to detect normal coding patterns, and therefore can identify anomalies that could cause a bug, regardless of the programming language.
The Intel team determined that an unsupervised learning approach would be necessary to allow ControlFlag to detect bugs in a wider range of repositories. The system has learned coding patterns from over a billion lines of untagged source code, allowing it to achieve a high degree of accuracy, and even adapt to a developer’s style. to differentiate a software anomaly from a stylistic variation in a programming language.
Since its introduction last year, Intel has tested the machine learning tool on various software systems, with promising results. “When we originally designed the system, we did not anticipate that it would be able to detect very complex faults,” says Gottschlich. “However, given its self-supervising design, ControlFlag stunned us, those who built it, with its ability to find very complex and nuanced software flaws.”
Using ControlFlag on just two proprietary software repositories, Gottschlich explains, has identified more than 300 flaws in deployed production quality programs. For example, last year ControlFlag detected a code anomaly in a computer software project called Client URL (cURL), which transfers data using various network protocols over a billion times per day. After reporting the anomaly to the cURL team, they accepted ControlFlag’s findings and redesigned their code to correct the problem.
The past year has also been rich in learning points as the Intel team worked on the development of ControlFlag. Two key areas for improvement, according to Gottschlich, are to reduce the number of false positives reported by the tool – the number of faults reported that are not real bugs – and to incorporate an even more advanced semiconductor analyzer into the reasoning of ControlFlag.
As a system set to become a flagship of Intel’s machine programming toolset, ControlFlag is destined to continue to evolve, however. “It is unlikely that the advances of ControlFlag will ever stop,” says Gottschlich. “This is largely because as software programming languages, hardware description languages, and computing devices evolve, ControlFlag will also need to evolve to keep pace.”
The system is part of Intel’s Machine Programming Research (MPR) project, which has the overall goal of reducing the time required to develop software by 1,000 times through automation. One of the areas that the Gottschlich team is investigating, for example, is to eventually extend the capabilities of ControlFlag to automatically fix the bugs it finds.
At the same time, Intel’s MPR team is working on a handful of projects aimed at facilitating software development. Last year, for example, the company released a tool co-developed with MIT Labs that can study code snippers to understand what software intends to do. Called MISIM (Machine Inferred Code Similarity), the system uses a pre-existing code catalog to understand the intent behind a new algorithm and help engineers working on the software by suggesting other ways to program or offering options to make the more efficient code.
Gottschlich anticipates that MISIM will one day work alongside ControlFlag. “When properly merged, we envision a new, more powerful system that will be able to detect all of the faults that ControlFlag can currently, as well as the hundreds of faults that it currently cannot detect due to their underlying complexity. », Explains Gottschlich.
In the meantime, developers who want to get started with the tool can now access ControlFlag on GitHub here.