当前位置: X-MOL 学术arXiv.cs.SE › 论文详情
Our official English website, www.x-mol.net, welcomes your feedback! (Note: you will need to create a separate account there.)
An Empirical Investigation on the Challenges of Creating Custom Static Analysis Rules for Defect Localization
arXiv - CS - Software Engineering Pub Date : 2020-11-25 , DOI: arxiv-2011.12886
Diogo Silveira Mendonça, Marcos Kalinowski

Background: Custom static analysis rules, i.e., rules specific for one or more applications, already were successfully used to perform corrective and preventive software maintenance. Their usage can reduce costs of verification and improve the reliability and security of applications. Pattern-Driven Maintenance (PDM) is a method designed to support the creation of those rules during software maintenance. However, as PDM was recentelly created, few maintainers have reported its usage. Hence, the challenges and skills needed to propper apply PDM are unknonw. Aims: In this paper, we investigate the challanges faced by maintainers on applying PDM for creating custom static analysis rules for defect localization. Method: We conducted an observational study on novice maintainers creating custom static analysis rules by applying PDM. The study was divided into tree tasks: (i) identifing a defect pattern, (ii) programming a static analysis rule to locate instances of the pattern, and (iii) verifing the instances located. We analyzed the efficiency of maintainers on applying each task and their comments on tasks challenges. We also analysed the acceptance of PDM by the maintainers. Results: We observed that previous knowledge on debugging, the subject software, related technologies had influence in the performance of maintainers. However, the bottleneck of the method was static analysis rules programming, being the task which maintainers had more problems to complete. Besides those difficulties, maintainers found PDM useful and demonstrated intention of use it in practice. Conclusions: The results strengthen our confidence that PDM can help maintainers on producing custom static analysis rules for locating defects. However, a better approach for programming those rules as well as the proper selection and training of maintainers is needed to effectively apply PDM.

中文翻译:

为缺陷本地化创建自定义静态分析规则所面临挑战的实证研究

背景:自定义静态分析规则(即特定于一个或多个应用程序的规则)已成功用于执行纠正性和预防性软件维护。它们的使用可以减少验证成本,并提高应用程序的可靠性和安全性。模式驱动维护(PDM)是一种旨在支持在软件维护期间创建这些规则的方法。但是,由于PDM是最近创建的,因此很少有维护者报告其用法。因此,正确应用PDM所需的挑战和技能是未知的。目的:在本文中,我们调查了维护人员在应用PDM创建用于缺陷定位的自定义静态分析规则的过程中面临的挑战。方法:我们对新手维护者通过应用PDM创建自定义静态分析规则进行了观察性研究。该研究分为树任务:(i)识别缺陷模式,(ii)编写静态分析规则以定位该模式的实例,以及(iii)验证所定位的实例。我们分析了维护人员执行每个任务的效率以及他们对任务挑战的评论。我们还分析了维护者对PDM的接受程度。结果:我们观察到,以前有关调试的知识,主题软件和相关技术对维护人员的性能有影响。然而,该方法的瓶颈是静态分析规则编程,这是维护人员需要完成的更多任务。除了这些困难之外,维护人员还发现PDM有用,并表明了在实践中使用它的意图。结论:结果增强了我们的信心,即PDM可以帮助维护人员生成用于定位缺陷的自定义静态分析规则。但是,需要一种更好的方法来编程这些规则以及正确选择和培训维护人员,以有效地应用PDM。
更新日期:2020-11-27
down
wechat
bug