当前期刊: arXiv - CS - Software Engineering Go to current issue    加入关注   
显示样式:        排序: IF: - GO 导出
我的关注
我的收藏
您暂时未登录!
登录
  • Incremental Calibration of Architectural Performance Models with Parametric Dependencies
    arXiv.cs.SE Pub Date : 2020-06-30
    Manar MazkatliKarlsruhe Institute of Technology; David MonscheinKarlsruhe Institute of Technology; Johannes GrohmannUniversity of Würzburg; Anne KoziolekKarlsruhe Institute of Technology

    Architecture-based Performance Prediction (AbPP) allows evaluation of the performance of systems and to answer what-if questions without measurements for all alternatives. A difficulty when creating models is that Performance Model Parameters (PMPs, such as resource demands, loop iteration numbers and branch probabilities) depend on various influencing factors like input data, used hardware and the

    更新日期:2020-07-01
  • Traceability Support for Multi-Lingual Software Projects
    arXiv.cs.SE Pub Date : 2020-06-30
    Yalin Liu; Jinfeng Lin; Jane Cleland-Huang

    Software traceability establishes associations between diverse software artifacts such as requirements, design, code, and test cases. Due to the non-trivial costs of manually creating and maintaining links, many researchers have proposed automated approaches based on information retrieval techniques. However, many globally distributed software projects produce software artifacts written in two or more

    更新日期:2020-07-01
  • SE3M: A Model for Software Effort Estimation Using Pre-trained Embedding Models
    arXiv.cs.SE Pub Date : 2020-06-30
    Eliane M. De Bortoli Fávero; Dalcimar Casanova; Andrey Ricardo Pimentel

    Estimating effort based on requirement texts presents many challenges, especially in obtaining viable features to infer effort. Aiming to explore a more effective technique for representing textual requirements to infer effort estimates by analogy, this paper proposes to evaluate the effectiveness of pre-trained embeddings models. For this, two embeddings approach, context-less and contextualized models

    更新日期:2020-07-01
  • New developer metrics: Are comments as crucial as code contributions?
    arXiv.cs.SE Pub Date : 2020-06-29
    Abdulkadir Şeker; Banu Diri; Halil Arslan

    Open-source code development has become widespread in recent years. As a result, open-source software platforms have also become popular, and millions of developers from diverse locations are able to contribute to the same projects. On these platforms, various knowledge about them is obtained from user activity. This information is used in the form of developer metrics to solve a variety of challenges

    更新日期:2020-07-01
  • A Generative Neural Network Framework for Automated Software Testing
    arXiv.cs.SE Pub Date : 2020-06-29
    Leonid Joffe; David J. Clark

    Search Based Software Testing (SBST) is a popular automated testing technique which uses a feedback mechanism to search for faults in software. Despite its popularity, it has fundamental challenges related to the design, construction and interpretation of the feedback. Neural Networks (NN) have been hugely popular in recent years for a wide range of tasks. We believe that they can address many of the

    更新日期:2020-07-01
  • Ginkgo: A Modern Linear Operator Algebra Framework for High Performance Computing
    arXiv.cs.SE Pub Date : 2020-06-30
    Hartwig Anzt; Terry Cojean; Goran Flegar; Fritz Goebel; Thomas Gruetzmacher; Pratik Nayak; Tobias Ribizel; Yu-Hsiang Tsai; Enrique S. Quintana-Orti

    In this paper, we present Ginkgo, a modern C++ math library for scientific high performance computing. While classical linear algebra libraries act on matrix and vector objects, Ginkgo's design principle abstracts all functionality as "linear operators", motivating the notation of a "linear operator algebra library". Ginkgo's current focus is oriented towards providing sparse linear algebra functionality

    更新日期:2020-07-01
  • Learning to Format Coq Code Using Language Models
    arXiv.cs.SE Pub Date : 2020-06-18
    Pengyu Nie; Karl Palmskog; Junyi Jessy Li; Milos Gligoric

    Should the final right bracket in a record declaration be on a separate line? Should arguments to the rewrite tactic be separated by a single space? Coq code tends to be written in distinct manners by different people and teams. The expressiveness, flexibility, and extensibility of Coq's languages and notations means that Coq projects have a wide variety of recognizable coding styles, sometimes explicitly

    更新日期:2020-07-01
  • Towards a Quantum Software Modeling Language
    arXiv.cs.SE Pub Date : 2020-06-30
    Carlos A. Perez-Delgado; Hector G. Perez-Gonzalez

    We set down the principles behind a modeling language for quantum software. We present a minimal set of extensions to the well-known Unified Modeling Language (UML) that allows it to effectively model quantum software. These extensions are separate and independent of UML as a whole. As such they can be used to extend any other software modeling language, or as a basis for a completely new language

    更新日期:2020-07-01
  • Towards Causality Extraction from Requirements
    arXiv.cs.SE Pub Date : 2020-06-29
    Jannik Fischbach; Benedikt Hauptmann; Lukas Konwitschny; Dominik Spies; Andreas Vogelsang

    System behavior is often based on causal relations between certain events (e.g. If event1, then event2). Consequently, those causal relations are also textually embedded in requirements. We want to extract this causal knowledge and utilize it to derive test cases automatically and to reason about dependencies between requirements. Existing NLP approaches fail to extract causality from natural language

    更新日期:2020-06-30
  • A Survey on the Evaluation of Clone Detection Performance and Benchmarking
    arXiv.cs.SE Pub Date : 2020-06-28
    Jeffrey Svajlenko; Chanchal K. Roy

    There are a great many clone detection tools proposed in the literature. In this paper, we investigate the state of clone detection tool evaluation. We begin by surveying the clone detection benchmarks, and performing a multi-faceted evaluation and comparison of their features and capabilities. We then survey the existing clone detection tool and technique publications, and evaluate how the authors

    更新日期:2020-06-30
  • Application of Statistical Methods in Software Engineering: Theory and Practice
    arXiv.cs.SE Pub Date : 2020-06-28
    T. F. M. Sirqueira; M. A. Miguel; H. L. O. Dalpra; M. A. P. Araujo; J. M. N. David

    The experimental evaluation of the methods and concepts covered in software engineering has been increasingly valued. This value indicates the constant search for new forms of assessment and validation of the results obtained in Software Engineering research. Results are validated in studies through evaluations, which in turn become increasingly stringent. As an alternative to aid in the verification

    更新日期:2020-06-30
  • XI Commandments of Kubernetes Security: A Systematization of Knowledge Related to Kubernetes Security Practices
    arXiv.cs.SE Pub Date : 2020-06-27
    Md. Shazibul Islam Shamim; Farzana Ahamed Bhuiyan; Akond Rahman

    Kubernetes is an open-source software for automating management of computerized services. Organizations, such as IBM, Capital One and Adidas use Kubernetes to deploy and manage their containers, and have reported benefits related to deployment frequency. Despite reported benefits, Kubernetes deployments are susceptible to security vulnerabilities, such as those that occurred at Tesla in 2018. A systematization

    更新日期:2020-06-30
  • Will Dynamic Arrays finally change the way Models are built?
    arXiv.cs.SE Pub Date : 2020-06-25
    Peter Bartholomew

    Spreadsheets offer a supremely successful and intuitive means of processing and exchanging numerical content. Its intuitive ad-hoc nature makes it hugely popular for use in diverse areas including business and engineering, yet these very same characteristics make it extraordinarily error-prone; many would question whether it is suitable for serious analysis or modelling tasks. A previous EuSpRIG paper

    更新日期:2020-06-29
  • From webtables to datatables
    arXiv.cs.SE Pub Date : 2020-06-25
    Mária Csernoch

    Webtables -- tables and table-like structures on webpages -- are excellent sources for teaching spreadsheeting, in commercial and professional organisations by utilizing and developing knowledge-transfer items, presenting and handling various real-world problems and solutions, discussing and debugging, and in general, developing and utilizing computational thinking skills. In the present paper the

    更新日期:2020-06-29
  • Multilevel Typed Graph Transformations
    arXiv.cs.SE Pub Date : 2020-06-25
    Uwe Wolter; Fernando Macías; Adrian Rutle

    Multilevel modeling extends traditional modeling techniques with a potentially unlimited number of abstraction levels. Multilevel models can be formally represented by multilevel typed graphs whose manipulation and transformation are carried out by multilevel typed graph transformation rules. These rules are cospans of three graphs and two inclusion graph homomorphisms where the three graphs are multilevel

    更新日期:2020-06-26
  • Did You Remember to Test Your Tokens?
    arXiv.cs.SE Pub Date : 2020-06-25
    Danielle Gonzalez; Michael Rath; Mehdi Mirakhorli

    Authentication is a critical security feature for confirming the identity of a system's users, typically implemented with help from frameworks like Spring Security. It is a complex feature which should be robustly tested at all stages of development. Unit testing is an effective technique for fine-grained verification of feature behaviors that is not widely-used to test authentication. Part of the

    更新日期:2020-06-26
  • Source Code Comments: Overlooked in the Realm of Code Clone Detection
    arXiv.cs.SE Pub Date : 2020-06-25
    Sandeep Kaur Kuttal; Akash Ghosh

    Reusing code can produce duplicate or near-duplicate code clones in code repositories. Current code clone detection techniques, like Program Dependence Graphs, rely on code structure and their dependencies to detect clones. These techniques are expensive, using large amounts of processing power, time, and memory. In practice, programmers often utilize code comments to comprehend and reuse code, as

    更新日期:2020-06-26
  • On the Replicability and Reproducibility of Deep Learning in Software Engineering
    arXiv.cs.SE Pub Date : 2020-06-25
    Chao Liu; Cuiyun Gao; Xin Xia; David Lo; John Grundy; Xiaohu Yang

    Deep learning (DL) techniques have gained significant popularity among software engineering (SE) researchers in recent years. This is because they can often solve many SE challenges without enormous manual feature engineering effort and complex domain knowledge. Although many DL studies have reported substantial advantages over other state-of-the-art models on effectiveness, they often ignore two factors:

    更新日期:2020-06-26
  • How do Agile Software Startups deal with uncertainties by Covid-19 pandemic?
    arXiv.cs.SE Pub Date : 2020-06-24
    Rafael da Camara; Marcelo Marinho; Suzana Sampaio; Saulo Cadete

    The dissipation of severe acute respiratory syndrome coronavirus 2 (SARS-CoV-2) has already taken on pandemic proportions, affecting over 100 countries in a couple of weeks. The evolution of the disease and its economic impact is highly uncertain, which brings challenges for newly created software companies. Software startups are companies that create innovative software products and services in a

    更新日期:2020-06-25
  • Exploring the Security Awareness of the Python and JavaScript Open Source Communities
    arXiv.cs.SE Pub Date : 2020-06-24
    Gábor Antal; Márton Keleti; Péter Hegedűs

    Software security is undoubtedly a major concern in today's software engineering. Although the level of awareness of security issues is often high, practical experiences show that neither preventive actions nor reactions to possible issues are always addressed properly in reality. By analyzing large quantities of commits in the open-source communities, we can categorize the vulnerabilities mitigated

    更新日期:2020-06-25
  • Guiding Software Developers by Social Networking Application Plug-in using the Multiple Bridge Source Repository through a Data Mining Integrated Approach
    arXiv.cs.SE Pub Date : 2020-06-24
    Anjela Diana Corraya; Mousumi Akter Sumi; Sadia Islam Shachi; Ziaur Rahman

    In today's world, social networking is an important (power full) medium of mass communication. People of almost all classes have been interacting with each other and sharing their views, moments, and ideas by using enormous user-friendly applications in different social networking sites. It's really unbelievable to find a person who never heard about the social network. The available social networking

    更新日期:2020-06-25
  • A Catalogue of Game-Specific Anti-Patterns
    arXiv.cs.SE Pub Date : 2020-06-23
    Vartika Agrahari; Sridhar Chimalakonda

    With the ever-increasing use of games, game developers are expected to write efficient code supporting several qualities such as security, maintainability, and performance. However, lack of time and continuous need to update the features of games may result in bad practices that may affect the functional and non-functional requirements of the game. These bad practices are often termed as Anti-patterns

    更新日期:2020-06-24
  • Better User Recommendations using Enhancing Software Development Process Repository
    arXiv.cs.SE Pub Date : 2020-06-21
    Ziaur Rahman; Md. Kamrul Hasan

    Reusing previously completed software repository to enhance the development process is a common phenomenon. If developers get suggestions from the existing projects they might be benefited a lot what they eventually expect while coding. The strategies available in this field have been rapidly changing day by day. There are a number of efforts that have been focusing on mining process and constructing

    更新日期:2020-06-24
  • Helping Software Developers through Offline Repository Based API Searching in Data MiningIntegrated Environment
    arXiv.cs.SE Pub Date : 2020-06-21
    Ratul Uddin Ashraf; Anujoy Das; Ziaur Rahman; Ali Newaz Bahar; Husne Ara Rubaiyeat

    Software development is getting changed so rapidly. It will be highly benefited if we can accelerate software development process by guiding developers. Appropriate guidelines and accurate recommendations to developers during development process can reduce software development expenses, as well as can save valuable times of developers. There are a number of approaches to speed up the software development

    更新日期:2020-06-24
  • Multitasking Across Industry Projects: A Replication Study
    arXiv.cs.SE Pub Date : 2020-06-22
    Karina Kohl; Bogdan Vasilescu; Rafael Prikladnicki

    Background: Multitasking is usual in software development. It is the ability to stop working on a task, switch to another, and return eventually to the first one, as needed or as scheduled. Multitasking, however, comes at a cognitive cost: frequent context-switches can lead to distraction, sub-standard work, and even greater stress. Aims: This paper reports a replication experiment where we gathered

    更新日期:2020-06-24
  • Technology Readiness Levels for Machine Learning Systems
    arXiv.cs.SE Pub Date : 2020-06-21
    Alexander Lavin; Gregory Renard

    The development and deployment of machine learning systems can be executed easily with modern tools, but the process is typically rushed and means-to-an-end. The lack of diligence can lead to technical debt, scope creep and misaligned objectives, model misuse and failures, and expensive consequences. Engineering systems, on the other hand, follow well-defined processes and testing standards to streamline

    更新日期:2020-06-24
  • PRIPEL: Privacy-Preserving Event Log Publishing Including Contextual Information
    arXiv.cs.SE Pub Date : 2020-06-23
    Stephan A. Fahrenkrog-Petersen; Han van der Aa; Matthias Weidlich

    Event logs capture the execution of business processes in terms of executed activities and their execution context. Since logs contain potentially sensitive information about the individuals involved in the process, they should be pre-processed before being published to preserve the individuals' privacy. However, existing techniques for such pre-processing are limited to a process' control-flow and

    更新日期:2020-06-24
  • Success and Failure in Software Engineering: a Followup Systematic Literature Review
    arXiv.cs.SE Pub Date : 2020-06-22
    Damian A. Tamburri; Member-at-Large; IEEE; Fabio Palomba; Member IEEE; Rick Kazman; Senior Member; IEEE

    Success and failure in software engineering are still among the least understood phenomena in the discipline. In a recent special journal issue on the topic, Mantyla et al. started discussing these topics from different angles; the authors focused their contributions on offering a general overview of both topics without deeper detail. Recognising the importance and impact of the topic, we have executed

    更新日期:2020-06-23
  • fault: A Python Embedded Domain-Specific Language For Metaprogramming Portable Hardware Verification Components
    arXiv.cs.SE Pub Date : 2020-06-20
    Lenny Truong; Steven Herbst; Rajsekhar Setaluri; Makai Mann; Ross Daly; Keyi Zhang; Caleb Donovick; Daniel Stanley; Mark Horowitz; Clark Barrett; Pat Hanrahan

    While hardware generators have drastically improved design productivity, they have introduced new challenges for the task of verification. To effectively cover the functionality of a sophisticated generator, verification engineers require tools that provide the flexibility of metaprogramming. However, flexibility alone is not enough; components must also be portable in order to encourage the proliferation

    更新日期:2020-06-23
  • Using Fault Injection to Assess Blockchain Systems in Presence of Faulty Smart Contracts
    arXiv.cs.SE Pub Date : 2020-06-20
    Ákos Hajdu; Naghmeh Ivaki; Imre Kocsis; Attila Klenik; László Gönczy; Nuno Laranjeiro; Henrique Madeira; András Pataricza

    Blockchain has become particularly popular due to its promise to support business-critical services in very different domains (e.g., retail, supply chains, healthcare). Blockchain systems rely on complex middleware, like Ethereum or Hyperledger Fabric, that allow running smart contracts, which specify business logic in cooperative applications. The presence of software defects or faults in these contracts

    更新日期:2020-06-23
  • Dynamic Symbolic Execution of Higher-Order Functions
    arXiv.cs.SE Pub Date : 2020-06-20
    Shu-Hung YouPLT@Northwestern; Robert Bruce FindlerPLT@Northwestern; Christos DimoulasPLT@Northwestern

    The effectiveness of concolic testing deteriorates as the size of programs increases. A promising way out is to test programs modularly, e.g., on a per function or class basis. Alas, this idea hits a roadblock in modern programming languages In modern languages, components expect functions, objects, and even classes as inputs. The crux of the problem is that existing concolic testing techniques cannot

    更新日期:2020-06-23
  • REBD:A Conceptual Framework for Big Data Requirements Engineering
    arXiv.cs.SE Pub Date : 2020-06-19
    Sandhya Rani Kourla; Eesha Putti; Mina Maleki

    Requirements engineering (RE), as a part of the project development life cycle, has increasingly been recognized as the key to ensuring on-time, on-budget, and goal-based delivery of software projects;compromising this vital phase is nothing but project failures. RE of big data projects is even more crucial because of the main characteristics of big data, including high volume, velocity, and variety

    更新日期:2020-06-22
  • A First Look at Android Applications in Google Play related to Covid-19
    arXiv.cs.SE Pub Date : 2020-06-19
    Jordan Samhi; Kevin Allix; Tegawendé F. Bissyandé; Jacques Klein

    Due to the convenience of access-on-demand to information and business solutions, mobile apps have become an important asset in the digital world. In the context of the Covid-19 pandemic, app developers have joined the response effort in various ways by releasing apps that target different user bases (e.g., all citizens or journalists), offer different services (e.g., location tracking or diagnostic-aid)

    更新日期:2020-06-22
  • Prioritizing documentation effort: Can we do better?
    arXiv.cs.SE Pub Date : 2020-06-18
    Shiran Liu; Zhaoqiang Guo; Yanhui Li; Hongmin Lu; Lin Chen; Lei Xu; Yuming Zhou; Baowen Xu

    Code documentations are essential for software quality assurance, but due to time or economic pressures, code developers are often unable to write documents for all modules in a project. Recently, a supervised artificial neural network (ANN) approach is proposed to prioritize important modules for documentation effort. However, as a supervised approach, there is a need to use labeled training data

    更新日期:2020-06-22
  • Vetting Security and Privacy of Global COVID-19 Contact Tracing Applications
    arXiv.cs.SE Pub Date : 2020-06-19
    Ruoxi Sun; Wei Wang; Minhui Xue; Gareth Tyson; Seyit Camtepe; Damith Ranasinghe

    The rapid spread of COVID-19 has made traditional manual contact tracing to identify potential persons in close physical proximity to an known infected person challenging. Hence, a number of public health authorities have experimented with automated contact tracing apps. While the global deployment of contact tracing apps aims to protect the health of citizens, these apps have raised security and privacy

    更新日期:2020-06-22
  • Robotics Software Engineering: A Perspective from the Service Robotics Domain
    arXiv.cs.SE Pub Date : 2020-06-18
    Sergio García; Daniel Strüber; Davide Brugali; Thorsten Berger; Patrizio Pelliccione

    Robots that support humans by performing useful tasks (a.k.a., service robots) are booming worldwide. In contrast to industrial robots, the development of service robots comes with severe software engineering challenges, since they require high levels of robustness and autonomy to operate in highly heterogeneous environments. As a domain with critical safety implications, service robotics faces a need

    更新日期:2020-06-19
  • Identification of Practices and Capabilities in API Management: A Systematic Literature Review
    arXiv.cs.SE Pub Date : 2020-06-18
    Max Mathijssen; Michiel Overeem; Slinger Jansen

    Traditional organizations are increasingly becoming software producing organizations. This software is enabling them to integrate business processes between different departments and with other organizations through Application Programming Interfaces (APIs). The main task of managing APIs is to ensure that the APIs are easy to use by third parties, such as providing helpful documentation, monitoring

    更新日期:2020-06-19
  • A Theory of Black-Box Tests
    arXiv.cs.SE Pub Date : 2020-06-18
    Mohammad Torabi Dashti; David Basin

    The purpose of testing a system with respect to a requirement is to refute the hypothesis that the system satisfies the requirement. We build a theory of tests and refutation based on the elementary notions of satisfaction and refinement. We use this theory to characterize the requirements that can be refuted through black-box testing and, dually, verified through such tests. We consider refutation

    更新日期:2020-06-19
  • Quantifying Assurance in Learning-enabled Systems
    arXiv.cs.SE Pub Date : 2020-06-18
    Erfan Asaadi; Ewen Denney; Ganesh Pai

    Dependability assurance of systems embedding machine learning(ML) components---so called learning-enabled systems (LESs)---is a key step for their use in safety-critical applications. In emerging standardization and guidance efforts, there is a growing consensus in the value of using assurance cases for that purpose. This paper develops a quantitative notion of assurance that an LES is dependable,

    更新日期:2020-06-19
  • A Language for Autonomous Vehicles Testing Oracles
    arXiv.cs.SE Pub Date : 2020-06-17
    Ana Nora Evans; Mary Lou Soffa; Sebastian Elbaum

    Testing autonomous vehicles (AVs) requires complex oracles to determine if the AVs behavior conforms with specifications and humans' expectations. Available open source oracles are tightly embedded in the AV simulation software and are developed and implemented in an ad hoc way. We propose a domain specific language that enables defining oracles independent of the AV solutions and the simulator. A

    更新日期:2020-06-19
  • An Automatically Created Novel Bug Dataset and its Validation in Bug Prediction
    arXiv.cs.SE Pub Date : 2020-06-17
    Rudolf Ferenc; Péter Gyimesi; Gábor Gyimesi; Zoltán Tóth; Tibor Gyimóthy

    Bugs are inescapable during software development due to frequent code changes, tight deadlines, etc.; therefore, it is important to have tools to find these errors. One way of performing bug identification is to analyze the characteristics of buggy source code elements from the past and predict the present ones based on the same characteristics, using e.g. machine learning models. To support model

    更新日期:2020-06-19
  • IReEn: Iterative Reverse-Engineering of Black-Box Functions via Neural Program Synthesis
    arXiv.cs.SE Pub Date : 2020-06-18
    Hossein Hajipour; Mateusz Malinowski; Mario Fritz

    In this work, we investigate the problem of revealing the functionality of a black-box agent. Notably, we are interested in the interpretable and formal description of the behavior of such an agent. Ideally, this description would take the form of a program written in a high-level language. This task is also known as reverse engineering and plays a pivotal role in software engineering, computer security

    更新日期:2020-06-19
  • Towards Auditability Requirements Specification Using an Agent-Based Approach
    arXiv.cs.SE Pub Date : 2020-06-18
    Denis J. S. de Albuquerque; Vanessa Tavares Nunes; Claudia Cappelli; Celia Ghedini Ralha

    Transparency is an important factor in democratic societies composed of characteristics such as accessibility, usability, informativeness, understandability and auditability. In this research we focus on auditability since it plays an important role for citizens that need to understand and audit public information. Although auditability has been a subject of discussion when designing systems, there

    更新日期:2020-06-19
  • Breaking Type-Safety in Go: An Empirical Study on the Usage of the unsafe Package
    arXiv.cs.SE Pub Date : 2020-06-17
    Diego Elias Costa; Suhaib Mujahid; Rabe Abdalkareem; Emad Shihab

    A decade after its first release, the Go programming language has become a major programming language in the development landscape. While praised for its clean syntax and C-like performance, Go also contains a strong static type-system that prevents arbitrary type casting and arbitrary memory access, making the language type-safe by design. However, to give developers the possibility of implementing

    更新日期:2020-06-18
  • Quality Management of Machine Learning Systems
    arXiv.cs.SE Pub Date : 2020-06-16
    P. Santhanam

    In the past decade, Artificial Intelligence (AI) has become a part of our daily lives due to major advances in Machine Learning (ML) techniques. In spite of an explosive growth in the raw AI technology and in consumer facing applications on the internet, its adoption in business applications has conspicuously lagged behind. For business/mission-critical systems, serious concerns about reliability and

    更新日期:2020-06-18
  • An STPA-based Approach for Systematic Security Analysis of In-vehicle Diagnostic and Software Update Systems
    arXiv.cs.SE Pub Date : 2020-06-16
    Jinghua Yu; Stefan Wagner; Feng Luo

    The in-vehicle diagnostic and software update system, which supports remote diagnostic and Over-The-Air (OTA) software updates, is a critical attack goal in automobiles. Adversaries can inject malicious software into vehicles or steal sensitive information through communication channels. Therefore, security analysis, which identifies potential security issues, needs to be conducted in system design

    更新日期:2020-06-18
  • Data-Flow-Based Extension of the System-Theoretic Process Analysis for Security (STPA-Sec)
    arXiv.cs.SE Pub Date : 2020-06-04
    Jinghua Yu; Stefan Wagner; Feng Luo

    Security analysis is an essential activity in security engineering to identify potential system vulnerabilities and achieve security requirements in the early design phases. Due to the increasing complexity of modern systems, traditional approaches, which only consider component failures and simple cause-and-effect linkages, lack the power to identify insecure incidents caused by complex interactions

    更新日期:2020-06-18
  • Towards Deductive Verification of Control Algorithms for Autonomous Marine Vehicles
    arXiv.cs.SE Pub Date : 2020-06-16
    Simon Foster; Mario Gleirscher; Radu Calinescu

    The use of autonomous vehicles in real-world applications is often precluded by the difficulty of providing safety guarantees for their complex controllers. The simulation-based testing of these controllers cannot deliver sufficient safety guarantees, and the use of formal verification is very challenging due to the hybrid nature of the autonomous vehicles. Our work-in-progress paper introduces a formal

    更新日期:2020-06-16
  • A Hybrid Approach to Formal Verification of Higher-Order Masked Arithmetic Programs
    arXiv.cs.SE Pub Date : 2020-06-16
    Pengfei Gao; Hongyi Xie; Fu Song; Taolue Chen

    Side-channel attacks, which are capable of breaking secrecy via side-channel information, pose a growing threat to the implementation of cryptographic algorithms. Masking is an effective countermeasure against side-channel attacks by removing the statistical dependence between secrecy and power consumption via randomization. However, designing efficient and effective masked implementations turns out

    更新日期:2020-06-16
  • Formal Verification of End-to-End Learning in Cyber-Physical Systems: Progress and Challenges
    arXiv.cs.SE Pub Date : 2020-06-15
    Nathan Fulton; Nathan Hunt; Nghia Hoang; Subhro Das

    Autonomous systems -- such as self-driving cars, autonomous drones, and automated trains -- must come with strong safety guarantees. Over the past decade, techniques based on formal methods have enjoyed some success in providing strong correctness guarantees for large software systems including operating system kernels, cryptographic protocols, and control software for drones. These successes suggest

    更新日期:2020-06-15
  • Micro-controllers: Promoting Structurally Flexible Controllers in Self-Adaptive Software Systems
    arXiv.cs.SE Pub Date : 2020-06-15
    B. R. Siqueira; F. C. Ferrari; T. Vogel; R. De Lemos

    To promote structurally flexible controllers in self-adaptive software systems, this paper proposes the use of micro-controllers. Instead of generic monolithic controllers, like Rainbow, we advocate the use of service-specific micro-controllers which can be based on microservices. Although traditional generic controllers can be configured parametrically according to system needs, their use and reuse

    更新日期:2020-06-15
  • Learning to map source code to software vulnerability using code-as-a-graph
    arXiv.cs.SE Pub Date : 2020-06-15
    Sahil Suneja; Yunhui Zheng; Yufan Zhuang; Jim Laredo; Alessandro Morari

    We explore the applicability of Graph Neural Networks in learning the nuances of source code from a security perspective. Specifically, whether signatures of vulnerabilities in source code can be learned from its graph representation, in terms of relationships between nodes and edges. We create a pipeline we call AI4VA, which first encodes a sample source code into a Code Property Graph. The extracted

    更新日期:2020-06-15
  • Quantitatively Assessing the Benefits of Model-driven Development in Agent-based Modeling and Simulation
    arXiv.cs.SE Pub Date : 2020-06-15
    Fernando Santos; Ingrid Nunes; Ana L. C. Bazzan

    The agent-based modeling and simulation (ABMS) paradigm has been used to analyze, reproduce, and predict phenomena related to many application areas. Although there are many agent-based platforms that support simulation development, they rely on programming languages that require extensive programming knowledge. Model-driven development (MDD) has been explored to facilitate simulation modeling, by

    更新日期:2020-06-15
  • A Model-Based Approach to Anomaly Detection Trading Detection Time and False Alarm Rate
    arXiv.cs.SE Pub Date : 2020-06-15
    Charles F. Gonçalves; Daniel S. Menasché; Alberto Avritzer; Nuno Antunes; Marco Vieira

    The complexity and ubiquity of modern computing systems is a fertile ground for anomalies, including security and privacy breaches. In this paper, we propose a new methodology that addresses the practical challenges to implement anomaly detection approaches. Specifically, it is challenging to define normal behavior comprehensively and to acquire data on anomalies in diverse cloud environments. To tackle

    更新日期:2020-06-15
  • The role of metadata in reproducible computational research
    arXiv.cs.SE Pub Date : 2020-06-15
    Jeremy Leipzig; Daniel Nüst; Charles Tapley Hoyt; Stian Soiland-Reyes; Karthik Ram; Jane Greenberg

    Reproducible computational research (RCR) is the keystone of the scientific method for in silico analyses, packaging the transformation of raw data to published results. In addition to its role in research integrity, RCR has the capacity to significantly accelerate evaluation and reuse. This potential and wide-support for the FAIR principles have motivated interest in metadata standards supporting

    更新日期:2020-06-15
  • Vulnerability Coverage as an Adequacy Testing Criterion
    arXiv.cs.SE Pub Date : 2020-06-14
    Shuvalaxmi Dass; Akbar Siami Namin

    Mainstream software applications and tools are the configurable platforms with an enormous number of parameters along with their values. Certain settings and possible interactions between these parameters may harden (or soften) the security and robustness of these applications against some known vulnerabilities. However, the large number of vulnerabilities reported and associated with these tools make

    更新日期:2020-06-14
  • Detection of Coincidentally Correct Test Cases through Random Forests
    arXiv.cs.SE Pub Date : 2020-06-14
    Shuvalaxmi Dass; Xiaozhen Xue; Akbar Siami Namin

    The performance of coverage-based fault localization greatly depends on the quality of test cases being executed. These test cases execute some lines of the given program and determine whether the underlying tests are passed or failed. In particular, some test cases may be well-behaved (i.e., passed) while executing faulty statements. These test cases, also known as coincidentally correct test cases

    更新日期:2020-06-14
  • Vulnerability Coverage for Secure Configuration
    arXiv.cs.SE Pub Date : 2020-06-14
    Shuvalaxmi Dass; Akbar Siami Namin

    We present a novel idea on adequacy testing called ``{vulnerability coverage}.'' The introduced coverage measure examines the underlying software for the presence of certain classes of vulnerabilities often found in the National Vulnerability Database (NVD) website. The thoroughness of the test input generation procedure is performed through the adaptation of evolutionary algorithms namely Genetic

    更新日期:2020-06-14
  • Will Dependency Conflicts Affect My Program's Semantics?
    arXiv.cs.SE Pub Date : 2020-06-13
    Ying Wang; Rongxin Wu; Chao Wang; Ming Wen; Yepang Liu; Shing-Chi Cheung; Hai Yu; Chang Xu; Zhiliang Zhu

    Java projects are often built on top of various third-party libraries. If multiple versions of a library exist on the classpath, JVM will only load one version and shadow the others, which we refer to as dependency conflicts. This would give rise to semantic conflict (SC) issues, if the library APIs referenced by a project have identical method signatures but inconsistent semantics across the loaded

    更新日期:2020-06-13
  • dagger: A Python Framework for Reproducible Machine Learning Experiment Orchestration
    arXiv.cs.SE Pub Date : 2020-06-12
    Michela Paganini; Jessica Zosa Forde

    Many research directions in machine learning, particularly in deep learning, involve complex, multi-stage experiments, commonly involving state-mutating operations acting on models along multiple paths of execution. Although machine learning frameworks provide clean interfaces for defining model architectures and unbranched flows, burden is often placed on the researcher to track experimental provenance

    更新日期:2020-06-12
Contents have been reproduced by permission of the publishers.
导出
全部期刊列表>>
自然科研论文编辑服务
ACS ES&T Engineering
ACS ES&T Water
屿渡论文,编辑服务
鲁照永
复旦大学
苏州大学
南京工业大学
南开大学
中科大
唐勇
跟Nature、Science文章学绘图
隐藏1h前已浏览文章
中洪博元
课题组网站
新版X-MOL期刊搜索和高级搜索功能介绍
ACS材料视界
x-mol收录
广东实验室
南京大学
陈永胜
南科大
刘尊峰
湖南大学
清华大学
王小野
中山大学化学工程与技术学院
试剂库存
天合科研
down
wechat
bug