Defect prioritization is mainly a manual and error-prone task in the current state-of-the-practice. We evaluated the effectiveness of an automated approach that employs supervised machine learning. We used two alternative techniques, namely a Naive Bayes classifier and a Long Short-Term Memory model. We performed an industrial case study with a real project from the consumer electronics domain. We

Cross-platform development solutions can help to make software available on different devices and platforms. But these are normally restricted to preconfigured platforms and consider that each individual solution is equal or similar to each other. As a result, developers have to resort to native development and build individual solutions, one for each device/platform, that cooperate to deliver the

Due to the continuously changing environment of service-based applications (SBAs), the ability to adapt to environmental and contextual changes has become a crucial characteristic of such applications. Providing SBAs with this ability is a complex task, usually carried out in an unsystematic way and interwoven with application logic. As a result, developing and maintaining adaptive SBAs has become

Context: The Robot Operating System (ROS) is the de-facto standard for robotics software. However, ROS-based systems are getting larger and more complex and could benefit from good software architecture practices. Goal: We aim at (i) unveiling the state-of-the-practice in terms of targeted quality attributes and architecture documentation in ROS-based systems, and (ii) providing empirically-grounded

The scope of automotive functions has grown from a single vehicle as an entity to multiple vehicles working together as an entity, referred to as cooperative driving. The current automotive safety standard, ISO 26262, is designed for single vehicles. With the increasing number of cooperative driving capable vehicles on the road, it is now imperative to systematically assess the functional safety of

Configurable software systems allow developers to maintain a unique platform and address a diversity of deployment contexts and usages. Testing configurable systems is essential because configurations that fail may potentially hurt users and degrade the project reputation. As extensively testing all valid configurations is infeasible in practice, several testing strategies have been proposed to recommend

While dependency analysis is foundational to much program analysis, many techniques have limited scalability and handle only monolingual systems. We present a novel dependency analysis technique that aims to approximate program dependency from a relatively small number of perturbed executions. Our technique, MOAD (Modeling Observation-based Approximate Dependency), reformulates program dependency as

Abstract State Machine (ASM) theory is a well-known state-based formal method to analyze and specify software and hardware systems. As in other state-based formal methods, the proposed modeling languages for ASMs still lack easy-to-comprehend abstractions to structure state and behavior aspects of specifications. Modern object-oriented languages offer a variety of advanced language constructs, and

Previous research has documented challenges in students’ group work. An identifiable segment of the previous research that relates to improving students’ group work conditions is the study of group formation and self- and peer-assessment. Though studies that primarily focus on how to address the conditions of students’ group work and the existing problems can be found, there are not many related to

Effectively preventing errors in requirements analysis and design is extremely important for enhancing software productivity and reliability, but how to fulfill this goal remains an open problem. In this paper, we propose a concept of hybrid specification and describe a novel three-step hybrid specification approach to address this problem. We discuss how the three-step approach can be used to effectively

Competitive Crowdsourcing Software Development is an online software development paradigm, promises the innovative, cost effective and high quality solutions on time. However, the paradigm is still in infancy and does not address the key challenges such as low rate of submissions and high risk of project failure. A significant number of software projects fail to receive a satisfactory solution and

The efficient assignment of bug fixing tasks to software developers is of major importance in software maintenance and evolution. When those tasks are not efficiently assigned to developers, the software project might confront extra costs and delays. In this paper, we propose a strategy that minimizes the time and the cost in bug fixing by finding the best feasible developer arrangement to handle bug

Every company wishes to improve its system quality and security, all the more so in these times of digital transformation, since having a good quality and security management system is essential to any company’s commercial survival. Such needs are even more pressing for small and medium-sized enterprises (SMEs), given their limited time and resources. To address these needs, a Spanish company, Proceso

Technical Debt (TD) concerns the lack of an adequate solution in a software project, from its design to the source code. Its admittance through source code comments, issues, or commit messages is referred to as Self-Admitted Technical Debt (SATD). Previous research has studied SATD from different perspectives, including its distribution, impact on software quality, and removal. In this paper, we investigate

Design patterns are recommended solutions for typical software design problems, with an extensively studied and documented impact on various quality factors. Flaws in design at a higher levels of abstraction are manifested in architectural smells. Some of those smells, similarly to code smells, can reduce the expected advantages of design patterns or even prevent their proper implementation. In this

In the past decade, brain and autonomic nervous system activity measurement received increasing attention in the study of software engineering (SE). This paper presents a systematic literature review (SLR) to survey the existing NeuroSE literature. Based on a rigorous search protocol, we identified 89 papers (hereafter denoted as NeuroSE papers). We analyzed these papers to develop a comprehensive

Developers often look for code examples on the web to improve learning and accelerate development. Google indexes millions of pages with code examples: pages with better content are likely to be top ranked. In practice, many factors may influence the rank: page reputation, content quality, etc. Consequently, the most relevant information on the page, i.e., the code example, may be overshadowed by the

Event sourced systems are increasing in popularity because they are reliable, flexible, and scalable. In this article, we point a microscope at a software architecture pattern that is rapidly gaining popularity in industry, but has not received as much attention from the scientific community. We do so through constructivist grounded theory, which proves a suitable qualitative method for extracting

Formal specification can benefit software quality by precisely defining the behaviors of operations to prevent primary mistakes in the early phase of software projects, but a remaining challenge is how such a specification can be checked comprehensibly to show whether it satisfies the user’s perception of requirements. In this paper, we describe a new technique for animating operation specifications

In recent years, deep learning has become a hot research topic. Although it achieves incredible positive results in some scenarios, bugs inside deep learning software can introduce disastrous consequences, especially when the software is used in safety-critical applications. To understand the bug characteristic of deep learning software, researchers have conducted several empirical studies on bugs

Background: Using a microservices architecture is a popular strategy for software organizations to deliver value to their customers fast and continuously. However, scientific knowledge on how to manage architectural debt in microservices is scarce. Objectives: In the context of microservices applications, this paper aims to identify architectural technical debts (ATDs), their costs, and their most

Fault Localization (FL) is an important first step in software debugging and is mostly manual in the current practice. Many methods have been proposed over years to automate the FL process, including information retrieval (IR)-based techniques. These methods localize the fault based on the similarity of the reported bug report and the source code. Newer variations of IR-based FL (IRFL) techniques also

Object-oriented code smells are well-known concepts in software engineering that refer to bad design and development practices commonly observed in software systems. With the emergence of mobile apps, new classes of code smells have been identified by the research community as mobile-specific code smells. These code smells are presented as symptoms of important performance issues or bottlenecks. Despite

The understanding of the behavioral aspects of a software system is an essential enabler for many software engineering activities, such as adaptation. This involves collecting runtime data from the system so that it is possible to analyze the collected data to guide actions upon the system. Consequently, software monitoring imposes practical challenges because it is often done by intercepting the system

With the growing complexity of railway control systems, it is required to preform runtime safety checks of system executions that go beyond conventional runtime monitoring of pre-programmed safety conditions. Runtime verification is a lightweight and rigorous formal method that dynamically analyses execution traces against some formal specifications. A challenge in applying this method in railway systems

Static program analysis is in general more precise if it is sensitive to execution contexts (execution paths). But then it is also more expensive in terms of memory consumption. For languages with conditions and iterations, the number of contexts grows exponentially with the program size. This problem is not just a theoretical issue. Several papers evaluating inter-procedural context-sensitive data-flow

Context: Modern Code Review (MCR) is a widely known practice of software quality assurance. However, the existing body of knowledge of MCR is currently not understood as a whole. Objective: Our goal is to identify the state of the art on MCR, providing a structured overview and an in-depth analysis of the research done in this field. Methods: We performed a systematic literature review, selecting publications

To meet changing requirements and rising product complexity, a growing number of traditional logistics companies and logistics startups are increasing their agility through the use of progressively agile methods. The objective of the Delphi Study is to assess how traditional logistics companies and logistics startups use agile methods in their IT departments, what benefits they realise and what challenges

Previous studies have investigated a wide range of factors potentially explaining software build breakages, focusing primarily on build-triggering code changes or previous CI outcomes. However, code quality factors such as the presence of code/test smells have not been yet evaluated in the context of CI, even though such factors have been linked to problems of comprehension and technical debt, and

Context: Large-scale software projects require interaction between many stakeholders. Behavior-driven development (BDD) facilitates collaboration between stakeholders, and an adapted BDD process can help improve cooperation in a large-scale project. Objective: The objective of this study is to propose and empirically evaluate a BDD based process adapted for large-scale projects. Method: A technology

Accessibility is a quality sub-characteristic intended to make software products accessible to a broad range of users, regardless of their physical, motor, intellectual or cognitive skills. Mobile accessibility has been on the spotlight recently due to the increasing shift towards mobile platforms. Thus, many advances have been made in this field when it comes to the development of assistive technologies

Previous studies indicate that error-proneness risks can be isolated into risk containers created from architectural designs, to help detect and mitigate such risks early on. Like error-proneness, change propagation may lead to higher implementation and maintenance costs. We used automated tools to analyse four software development projects using three risk container types, each type based on a different

The level and quality of automation dramatically affects software testing activities, determines costs and effectiveness of the testing process, and largely impacts on the quality of the final product. While costs and benefits of automating many testing activities in industrial practice (including managing the quality process, executing large test suites, and managing regression test suites) are well

Program comprehension is a fundamental prerequisite for software maintenance and evolution. In order to understand a software structure, developers often read its codebase or documentation—if available and not outdated. Both approaches are tedious, time-consuming, and inefficient. Recent methods and tools have emerged to facilitate program comprehension, such as static call graphs, which depict the

Clones are one of the most widespread code smells, known to negatively affect the evolution of software systems. While there is a large body of research on detecting, managing, and refactoring clones in production code, clones in test code are often neglected in today’s literature. In this paper we provide empirical evidence that further research on clones in test code is warranted. By analysing the

In Software-Defined Networking (SDN)-enabled cloud data centers, live migration is a key approach used for the reallocation of Virtual Machines (VMs) and Virtual Network Functions (VNFs). Using live migration, cloud providers can address their dynamic resource management and fault tolerance objectives without interrupting the service of users. However, performing multiple live migrations in arbitrary

The unprecedented advancement of artificial intelligence (AI) in recent years has altered our perspectives on software engineering and systems engineering as a whole. Nowadays, software-intensive intelligent systems rely more on a learning model than thousands of lines of codes. Such alteration has led to new research challenges in the engineering process that can ensure the safe and beneficial behavior

The most successful organizations in the world are data-driven businesses. Data is at the core of the business of many organizations as one of the most important assets, since the decisions they make cannot be better than the data on which they are based. Due to this reason, organizations need to be able to trust their data. One important activity that helps to achieve data reliability is the evaluation

In this paper, we investigate the effect of TDD, as compared to a non-TDD approach, as well as its retainment (or retention) over a time span of (about) six months. To pursue these objectives, we conducted a (quantitative) longitudinal cohort study with 30 novice developers (i.e., third-year undergraduate students in Computer Science). We observed that TDD affects neither the external quality of software

In this paper, we study the market-oriented online bi-objective service scheduling problem for pleasingly parallel jobs with variable resources in cloud environments, from the perspective of SaaS (Software-as-as-Service) providers who provide job-execution services. The main process of scheduling SaaS services in clouds is: a SaaS provider purchases cloud instances from IaaS providers to schedule end

Context: An excessive number of code smells make a software system hard to evolve and maintain. Machine learning methods, in addition to metric-based and heuristic-based methods, have been recently applied to detect code smells; however, current methods are considered far from mature. Objective: First, explore the feasibility of applying deep learning models to detect smells without extensive feature

Assurance cases are used to argue in a structured, and evidence-supported way, that a property such as safety or security is satisfied by a system. In some domains however, instead of single systems, product lines with many system-variants are engineered, to satisfy the needs of different customers. In such context, single-system methods for assurance-case creation suffer from scalability issues because

Architectural technical debt in software-intensive systems is a metaphor used to describe the “big” design decisions (e.g., choices regarding structure, frameworks, technologies, languages, etc.) that, while being suitable or even optimal when made, significantly hinder progress in the future. While other types of debt, such as code-level technical debt, can be readily detected by static analyzers

Gas is a measurement unit of the computational effort that it will take to execute every single replicated operation that takes part in the Ethereum blockchain platform. If a transaction exceeds the amount of gas allotted by the user (known as gas limit), an out-of-gas exception is raised and its execution is interrupted. One of the main open problems in the analysis of Ethereum smart contracts is

The architectural style of microservices has been gaining popularity in recent years. In this architectural style, small and loosely coupled modules are deployed and scaled independently to compose cloud-native applications. Carrier-grade service providers are migrating their legacy applications to a microservice based architecture running on Kubernetes which is an open source platform for orchestrating

Software product metrics allow practitioners to improve their products and to optimize development processes based on quantifiable characteristics of source code. To facilitate similar benefits for spreadsheet programs, researchers proposed various product metrics for spreadsheets over the last decades. However, to our knowledge, no comprehensive overview of those efforts is currently available. In

The Software Effort Estimation (SEE) process has been approached in different ways in the literature, including models built from Machine Learning (ML). The combination of these models (Ensemble) is an important research topic in ML, and has lead to improvements in accuracy compared to individual models. This paper proposes heterogeneous and dynamic ensemble selection (DES) models, composed by a set

Software models, often comprise of interconnected diagrams, change continuously, and developers often fail in keeping these diagrams consistent. Detecting inconsistencies quickly and efficiently is state of the art. However, repairing them is not trivial, because there are typically multiple model elements that need to be repaired, leading to an exponentially growing space of combinations of repair

As incorporating software testing into programming assignments becomes routine, educators have begun to assess not only the correctness of students’ software, but also the adequacy of their tests. In practice, educators rely on code coverage measures, though its shortcomings are widely known. Mutation analysis is a stronger measure of test adequacy, but it is too costly to be applied beyond the small

Domain-specific modelling languages defined by extending or constraining the Unified Modelling Language (UML) through the profiling mechanism have historically relied on graphical notations to maximise human understanding and facilitate communication among stakeholders. Other notations, such as text-, form-, or table-based are, however, often preferred for specific modelling purposes, due to the nature

Dynamic Software Product Lines (DSPLs) are a well-accepted approach to self-adaptation at runtime. In the context of DSPLs, there are plenty of reactive approaches that apply countermeasures as soon as a context change happens. In this paper we propose a proactive approach, ProDSPL, that exploits an automatically learnt model of the system, anticipates future variations of the system and generates

Design patterns (DPs) are recognised as a good practice in software development. However, the lack of appropriate documentation often hampers traceability, and their benefits are blurred among thousands of lines of code. Automatic methods for DP detection have become relevant but are usually based on the rigid analysis of either software metrics or specific properties of the source code. We propose

Bots are frequently used in Github repositories to automate repetitive activities that are part of the distributed software development process. They communicate with human actors through comments. While detecting their presence is important for many reasons, no large and representative ground-truth dataset is available, nor are classification models to detect and validate bots on the basis of such

Cyber–physical systems increasingly feature highly-distributed and mobile deployments of devices spread over large physical environments: in these contexts, it is generally very difficult to engineer trustworthy critical services, mostly because formal methods generally hardly scale with the number of involved devices, especially when faults, continuous changes, and dynamic topologies are the norm

Deductive verification has gained paramount attention from both academia and industry. Although intensive research in this direction covers almost all mainstream languages, the research community has paid little attention to the verification of database applications. This paper proposes a comprehensive set of Verification Conditions (VCs) generation techniques from database programs, adapting Symbolic

With rapid availability of renewable energy sources and growing interest in their use in the datacenter industry presents opportunities for service providers to reduce their energy related costs, as well as, minimize the ecological impact of their infrastructure. However, renewables are largely intermittent and can, negatively affect users’ applications and their performance, therefore, the profit

Function-as-a-Service (FaaS) is a cloud service model enabling developers to offload event-driven executable snippets of code. The execution and management of such functions becomes a FaaS provider’s responsibility, therein included their on-demand provisioning and automatic scaling. Key enablers for this cloud service model are FaaS platforms, e.g., AWS Lambda, Microsoft Azure Functions, or OpenFaaS