CoPhi Group is a research group on software engineering, automatic programming, explainable AI, and web/AI security in the Department of Computer Science and Engineering, Shanghai Jiao Tong University. We also maintain close collaboration with the School of Computing, National University of Singapore.

Our research aims to build intelligent, trustworthy, and explainable software systems in the era of large language models and AI-generated content. In particular, we study how to automatically generate, test, debug, explain, and secure software systems.

We develop techniques and systems that turn complex software requirements into executable and evolvable software artifacts.

• Requirement Compilation We study how to compile and evolve complex specifications into runnable software projects, including code repositories, user interfaces, APIs, databases, tests, and traceability links. Our goal is to support both zero-to-one software construction and continuous requirement-driven software evolution.

• Software Testing We generate project-specific test cases from requirements, code, and execution objectives. Our work covers requirement-based testing, branch-coverage-oriented testing, test-case synthesis, and test evolution.

• Software Debugging We investigate automated debugging techniques that synthesize debugging processes, localize root causes, explain failures, and repair software behaviors. Our goal is to help developers understand why a program behaves incorrectly and how it can be fixed. Explainable AI and Its Applications

We build methods that help developers, researchers, and users understand the behavior of machine learning models.

We analyze and visualize how representation spaces evolve during model training. By converting the training process into interactive visualizations, we help model developers inspect representation dynamics, identify important training events, and understand model behavior. We study how to explain a model prediction by identifying the training data samples that contribute to it. Our goal is to provide actionable explanations that support model debugging, data curation, and trustworthy AI development.

We develop explainable and deployable security techniques for the modern web and AI ecosystem.

• Web Misinformation and Phishing Detection We detect and explain fake websites, phishing webpages, malicious emails, and scam SMS messages. We also monitor real-world phishing campaigns and build explainable tools for both security engineers and end users.

• AI Security We study the security risks of large language models and AI agents, including prompt injection attacks and adversarial misuse. Our goal is to build safer and more reliable AI systems for tool use, retrieval, and software automation. Selected Research Themes

Our recent work has appeared in venues such as ICSE, FSE, ASE, ISSTA, OOPSLA, USENIX Security, CCS, NeurIPS, ICLR, EMNLP, AAAI, and IJCAI.

• Requirement compilation and agentic software engineering
• Project-specific test generation from requirements
• Automated debugging and root-cause analysis
• Explainable representation learning and training-process visualization
• Training data attribution for model explanation
• Explainable phishing and scam detection
• Prompt-injection defense for LLM-based systems

For collaboration, research discussion, or student opportunities, please visit our group homepage or contact us (lin_yun@sjtu.edu.cn) through Shanghai Jiao Tong University.