Researchers at the University of Bristol have discovered that the tricks used by video game players, particularly those who speedrun games like Super Mario, could provide valuable insights into enhancing software security.
These players, known as speedrunners, use glitches to finish games extremely quickly, and their techniques could help software developers understand and fix similar flaws in other types of software.
The study focused on four classic Super Mario games: Super Mario Bros (1985), Super Mario Bros. 3 (1988), Super Mario World (1990), and Super Mario 64 (1996).
The research team analyzed 237 known glitches within these games, identifying various types of software weaknesses.
Their findings were presented at the International Conference on Software Engineering (ICSE 2024), during the Workshop on Games and Software Engineering (GAS).
Super Mario games have been a staple of competitive gaming for decades, with enthusiasts continually pushing the boundaries of what is possible within these games.
For instance, the current world record for completing Super Mario World is an astonishing 41 seconds.
These records are made possible by exploiting glitches—errors in the game’s software that players can use to bypass obstacles or complete tasks more quickly.
Dr. Joseph Hallett from the School of Computer Science at Bristol explained that these old video games were developed under strict hardware limitations, such as restricted memory, which often required developers to employ aggressive optimization techniques.
This sometimes led to unique bugs and glitches. By studying these, the researchers aim to categorize and understand similar vulnerabilities that could appear in broader software applications.
The researchers compared the glitches found in Super Mario games to common software weaknesses, using a system known as Common Weakness Enumeration (CWE).
They discovered that some glitches exploited by speedrunners do not fit neatly into existing categories of software defects, suggesting that there could be new types of bugs that have yet to be thoroughly studied.
This approach of studying video game glitches is quite novel in the academic world, according to Dr. Hallett.
By understanding how speedrunners identify and exploit these glitches, researchers can gain insights into the types of vulnerabilities that might exist in more general software, potentially leading to more secure systems.
The study not only appreciates the technical skills of speedrunners but also highlights the potential for their strategies to contribute to the field of software development.
Following the success of this research, the team is now applying their methodology to analyze glitches in Pokémon video games.
This research underscores a growing recognition of the value that gaming strategies can offer to the field of software security, turning what many see as mere entertainment into a valuable tool for technological advancement.