InfraFix: Technology-Agnostic Repair of Infrastructure as Code

• URL: http://arxiv.org/abs/2503.17220v1
• Date: Fri, 21 Mar 2025 15:24:54 GMT
• Title: InfraFix: Technology-Agnostic Repair of Infrastructure as Code
• Authors: Nuno Saavedra, João F. Ferreira, Alexandra Mendes,
• Abstract summary: InfraFix is the first technology-agnostic framework for repairing IaC scripts.<n>We demonstrate its effectiveness across 254,755 repair scenarios with a success rate of 95.5%.
• Score: 46.798266975184276
• License: http://arxiv.org/licenses/nonexclusive-distrib/1.0/
• Abstract: Infrastructure as Code (IaC) enables scalable and automated IT infrastructure management but is prone to errors that can lead to security vulnerabilities, outages, and data loss. While prior research has focused on detecting IaC issues, Automated Program Repair (APR) remains underexplored, largely due to the lack of suitable specifications. In this work, we propose InfraFix, the first technology-agnostic framework for repairing IaC scripts. Unlike prior approaches, InfraFix allows APR techniques to be guided by diverse information sources. Additionally, we introduce a novel approach for generating repair scenarios, enabling large-scale evaluation of APR techniques for IaC. We implement and evaluate InfraFix using an SMT-based repair module and a state inference module that uses system calls, demonstrating its effectiveness across 254,755 repair scenarios with a success rate of 95.5%. Our work provides a foundation for advancing APR in IaC by enabling researchers to experiment with new state inference and repair techniques using InfraFix and to evaluate their approaches at scale with our repair scenario generation method.

Related papers

• CRepair: CVAE-based Automatic Vulnerability Repair Technology [1.147605955490786]
  Software vulnerabilities pose significant threats to the integrity, security, and reliability of modern software and its application data. To address the challenges of vulnerability repair, researchers have proposed various solutions, with learning-based automatic vulnerability repair techniques gaining widespread attention. This paper proposes CRepair, a CVAE-based automatic vulnerability repair technology aimed at fixing security vulnerabilities in system code.
  arXiv  Detail & Related papers  (2024-11-08T12:55:04Z)
• On The Effectiveness of Dynamic Reduction Techniques in Automated Program Repair [1.7767466724342067]
  We describe a program repair framework that effectively handles large-scale buggy programs of industrial complexity. The framework exploits program reduction in the form of program slicing to eliminate parts of the code irrelevant to the bug being repaired. Our empirical results on the widely used Defects4J dataset reveal that a substantial improvement in performance can be obtained without any degradation in repair quality.
  arXiv  Detail & Related papers  (2024-06-23T21:35:07Z)
• Securing the Open RAN Infrastructure: Exploring Vulnerabilities in Kubernetes Deployments [60.51751612363882]
  We investigate the security implications of and software-based Open Radio Access Network (RAN) systems. We highlight the presence of potential vulnerabilities and misconfigurations in the infrastructure supporting the Near Real-Time RAN Controller (RIC) cluster.
  arXiv  Detail & Related papers  (2024-05-03T07:18:45Z)
• How Far Can We Go with Practical Function-Level Program Repair? [11.71750828464698]
  This paper investigates the effect of few-shot learning mechanism and the auxiliary repair-relevant information on function-level APR. We propose an LLM-based function-level APR technique, namely SRepair, which adopts a dual-LLM framework to leverage the power of the auxiliary repair-relevant information.
  arXiv  Detail & Related papers  (2024-04-19T12:14:09Z)
• Patch Synthesis for Property Repair of Deep Neural Networks [15.580097790702508]
  We introduce PatchPro, a novel patch-based approach for property-level repair of deep neural networks (DNNs) PatchPro provides specialized repairs for all samples within the robustness neighborhood while maintaining the network's original performance. Our method incorporates formal verification and a mechanism for allocating patch modules, enabling it to defend against adversarial attacks.
  arXiv  Detail & Related papers  (2024-04-02T05:16:59Z)
• FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids [53.2306792009435]
  FaultGuard is the first framework for fault type and zone classification resilient to adversarial attacks. We propose a low-complexity fault prediction model and an online adversarial training technique to enhance robustness. Our model outclasses the state-of-the-art for resilient fault prediction benchmarking, with an accuracy of up to 0.958.
  arXiv  Detail & Related papers  (2024-03-26T08:51:23Z)
• Heterogeneous Continual Learning [88.53038822561197]
  We propose a novel framework to tackle the continual learning (CL) problem with changing network architectures. We build on top of the distillation family of techniques and modify it to a new setting where a weaker model takes the role of a teacher. We also propose Quick Deep Inversion (QDI) to recover prior task visual features to support knowledge transfer.
  arXiv  Detail & Related papers  (2023-06-14T15:54:42Z)
• ArchRepair: Block-Level Architecture-Oriented Repairing for Deep Neural Networks [13.661704974188872]
  We propose a novel repairing direction for deep neural networks (DNNs) at the block level. We propose adversarial-aware spectrum analysis for vulnerable block localization. We also propose the architecture-oriented search-based repairing that relaxes the targeted block to a continuous repairing search space.
  arXiv  Detail & Related papers  (2021-11-26T06:35:15Z)
• Meta-UDA: Unsupervised Domain Adaptive Thermal Object Detection using Meta-Learning [64.92447072894055]
  Infrared (IR) cameras are robust under adverse illumination and lighting conditions. We propose an algorithm meta-learning framework to improve existing UDA methods. We produce a state-of-the-art thermal detector for the KAIST and DSIAC datasets.
  arXiv  Detail & Related papers  (2021-10-07T02:28:18Z)
• Graph-based, Self-Supervised Program Repair from Diagnostic Feedback [108.48853808418725]
  We introduce a program-feedback graph, which connects symbols relevant to program repair in source code and diagnostic feedback. We then apply a graph neural network on top to model the reasoning process. We present a self-supervised learning paradigm for program repair that leverages unlabeled programs available online.
  arXiv  Detail & Related papers  (2020-05-20T07:24:28Z)

This list is automatically generated from the titles and abstracts of the papers in this site.

This site does not guarantee the quality of this site (including all information) and is not responsible for any consequences.