quality_assurance · saas · workflow

Meta's ACH uses LLM-based mutation testing to harden platforms against privacy and compliance regressions

Traditional automated test generation only sought to increase code coverage rather than targeting specific faults, and mutation testing required engineers to manually write tests with no guarantee those tests would catch the generated mutants, making the process painstaking and difficult to scale.

How it works
Common implementation structure
How this type of workflow is generally built, generalized across documented cases — not tied to any one vendor's stack. Click any stage to read what happens there. Specific products that implement these stages appear in “Tools commonly seen” below.
Stage 1 · Engineer describes bug concerns
Engineers describe the faults they care about to ACH in plain text.
Tools used
ACHLLMs
Outcome

ACH has been applied to Facebook Feed, Instagram, Messenger, and WhatsApp; engineers found it useful for hardening code against specific concerns; the approach generates mutants and tests very efficiently and with a high level of accuracy.

What failed first

Earlier rule-based mutant generation produced mutants that were not realistic in terms of representing actual concerns, and engineers still had to manually write the tests with no guarantee those tests would catch the automatically-generated mutants.

Results
Volumereduce cognitive load for developers
Source

https://engineering.fb.com/2025/02/05/security/revolutionizing-software-testing-llm-powered-bug-catchers-meta-ach/

How we source this →

Grounding & classification
Source type: technical build writeup
20 fields verified against source quotes.
code generationquality inspectioncode diff prnamed customerproduction runtime claimedsource backedtools describedworkflow describedsoftwareautomation rateemployee productivityerror reductiontechnical build writeupcompliance monitoringquality assuranceagentic task execution