
显示样式: 排序: IF: - GO 导出
-
2020 Index IEEE Transactions on Software Engineering Vol. 46 IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2021-01-08
This index covers all technical items - papers, correspondence, reviews, etc. - that appeared in this periodical during the year, and items from previous years that were commented upon or corrected in this year. Departments and other items may also be covered if they have been judged to have archival value. The Author Index contains the primary entry for each item, listed under the first author's name
-
Corrections to “Automatic and Accurate Expansion of Abbreviations in Parameters” IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2020-09-17 Yanjie Jiang; Hui Liu; Jiaqi Zhu; Lu Zhang
Presents corrections to author information in the above named paper.
-
Requirements Engineering for Safety-Critical Systems: An Interview Study with Industry Practitioners IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-07-10 Luiz Eduardo G. Martins; Tony Gorschek
We have conducted in-depth interviews with experienced practitioners in the Safety-Critical Systems (SCS) domain in order to investigate several aspects related to requirements specification and safety analysis for SCS. We interviewed 19 practitioners from eleven SCS companies in different domains with the intention of verifying which approaches they use day-to-day, and what their perceptions are in
-
A Framework for Temporal Verification Support in Domain-Specific Modelling IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-07-25 Bart Meyers; Hans Vangheluwe; Joachim Denil; Rick Salay
In Domain-Specific Modelling (DSM) the general goal is to provide Domain-Specific Modelling Languages (DSMLs) for domain users to model systems using concepts and notations they are familiar with, in their problem domain. Verifying whether a model satisfies a set of requirements is considered to be an important challenge in DSM, but is nevertheless mostly neglected. We present a solution in the form
-
ConTesa: Directed Test Suite Augmentation for Concurrent Software IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-07-31 Tingting Yu; Zunchen Huang; Chao Wang
As software evolves, test suite augmentation techniques may be used to identify which part of the program needs to be tested due to code changes and how to generate these new test cases for regression testing. However, existing techniques focus exclusively on sequential software, without considering concurrent software in which multiple threads may interleave with each other during the execution and
-
Leveraging Historical Associations between Requirements and Source Code to Identify Impacted Classes IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-07-31 Davide Falessi; Justin Roll; Jin L.C. Guo; Jane Cleland-Huang
As new requirements are introduced and implemented in a software system, developers must identify the set of source code classes which need to be changed. Therefore, past effort has focused on predicting the set of classes impacted by a requirement. In this paper, we introduce and evaluate a new type of information based on the intuition that the set of requirements which are associated with historical
-
A Look into Programmers’ Heads IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-08-06 Norman Peitek; Janet Siegmund; Sven Apel; Christian Kästner; Chris Parnin; Anja Bethmann; Thomas Leich; Gunter Saake; André Brechmann
Program comprehension is an important, but hard to measure cognitive process. This makes it difficult to provide suitable programming languages, tools, or coding conventions to support developers in their everyday work. Here, we explore whether functional magnetic resonance imaging (fMRI) is feasible for soundly measuring program comprehension. To this end, we observed 17 participants inside an fMRI
-
Safety Practices in Requirements Engineering: The Uni-REPM Safety Module IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-06-12 Jéssyka Vilela; Jaelson Castro; Luiz Eduardo G. Martins; Tony Gorschek
Context: Software is an important part in safety-critical system (SCS) development since it is becoming a major source of hazards. Requirements-related hazards have been associated with many accidents and safety incidents. Requirements issues tend to be mitigated in companies with high processes maturity levels since they do their business in a systematic, consistent and proactive approach. However
-
Automated Selection of Optimal Model Transformation Chains via Shortest-Path Algorithms IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-06-13 Francesco Basciani; Mattia D'Emidio; Davide Di Ruscio; Daniele Frigioni; Ludovico Iovino; Alfonso Pierantonio
Conventional wisdom on model transformations in Model-Driven Engineering (MDE) suggests that they are crucial components in modeling environments to achieve superior automation, whether it be refactoring, simulation, or code generation. While their relevance is well-accepted, model transformations are challenging to design, implement, and verify because of the inherent complexity that they must encode
-
Analyzing the Effects of Bugs on Software Interfaces IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-06-26 Roberto Natella; Stefan Winter; Domenico Cotroneo; Neeraj Suri
Critical systems that integrate software components (e.g., from third-parties) need to address the risk of residual software defects in these components. Software fault injection is an experimental solution to gauge such risk. Many error models have been proposed for emulating faulty components, such as by injecting error codes and exceptions, or by corrupting data with bit-flips, boundary values,
-
An Empirical Comparison of Combinatorial Testing, Random Testing and Adaptive Random Testing IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-07-06 Huayao Wu; Changhai Nie; Justyna Petke; Yue Jia; Mark Harman
We present an empirical comparison of three test generation techniques, namely, Combinatorial Testing (CT), Random Testing (RT) and Adaptive Random Testing (ART), under different test scenarios. This is the first study in the literature to account for the (more realistic) testing setting in which the tester may not have complete information about the parameters and constraints that pertain to the system
-
A Framework for Quantitative Modeling and Analysis of Highly (Re)configurable Systems IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-07-06 Maurice H. Ter Beek; Axel Legay; Alberto Lluch Lafuente; Andrea Vandin
This paper presents our approach to the quantitative modeling and analysis of highly (re)configurable systems, such as software product lines. Different combinations of the optional features of such a system give rise to combinatorially many individual system variants. We use a formal modeling language that allows us to model systems with probabilistic behavior, possibly subject to quantitative feature
-
Motivation and Satisfaction of Software Engineers IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-05-31 César França; Fabio Q. B. da Silva; Helen Sharp
Context : The proper management of people can help software organisations to achieve higher levels of success. However, the limited attention paid to the appropriate use of theories to underpin the research in this area leaves it unclear how to deal with human aspects of software engineers, such as motivation and satisfaction. Objectives : This article aims to expose what drives the motivation and
-
Identifying Failure-Causing Schemas in the Presence of Multiple Faults IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-06-05 Xintao Niu; Changhai Nie; Jeff Y. Lei; Hareton Leung; Xiaoyin Wang
Combinatorial testing (CT) has been proven effective in revealing the failures caused by the interaction of factors that affect the behavior of a system. The theory of Minimal Failure-Causing Schema (MFS) has been proposed to isolate the cause of a failure after CT. Most algorithms that aim to identify MFS focus on handling a single fault in the System Under Test (SUT). However, we argue that multiple
-
An Integrated Approach for Effective Injection Vulnerability Analysis of Web Applications Through Security Slicing and Hybrid Constraint Solving IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-06-06 Julian Thomé; Lwin Khin Shar; Domenico Bianculli; Lionel Briand
Malicious users can attack Web applications by exploiting injection vulnerabilities in the source code. This work addresses the challenge of detecting injection vulnerabilities in the server-side code of Java Web applications in a scalable and effective way. We propose an integrated approach that seamlessly combines security slicing with hybrid constraint solving; the latter orchestrates automata-based
-
Machine Learning-Based Prototyping of Graphical User Interfaces for Mobile Apps IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-06-07 Kevin Moran; Carlos Bernal-Cárdenas; Michael Curcio; Richard Bonett; Denys Poshyvanyk
It is common practice for developers of user-facing software to transform a mock-up of a graphical user interface (GUI) into code. This process takes place both at an application's inception and in an evolutionary context as GUI changes keep pace with evolving features. Unfortunately, this practice is challenging and time-consuming. In this paper, we present an approach that automates this process
-
Need for Sleep: The Impact of a Night of Sleep Deprivation on Novice Developers’ Performance IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-05-10 Davide Fucci; Giuseppe Scanniello; Simone Romano; Natalia Juristo
We present a quasi-experiment to investigate whether, and to what extent, sleep deprivation impacts the performance of novice software developers using the agile practice of test-first development (TFD). We recruited 45 undergraduates, and asked them to tackle a programming task. Among the participants, 23 agreed to stay awake the night before carrying out the task, while 22 slept normally. We analyzed
-
Automatically Categorizing Software Technologies IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-05-15 Mathieu Nassif; Christoph Treude; Martin P. Robillard
Informal language and the absence of a standard taxonomy for software technologies make it difficult to reliably analyze technology trends on discussion forums and other on-line venues. We propose an automated approach called $\mathrm{Witt}$ Witt for the categorization of software technologies (an expanded version of the hypernym discovery problem). $\mathrm{Witt}$ Witt takes as input a phrase describing
-
Use and Misuse of Continuous Integration Features: An Empirical Study of Projects That (Mis)Use Travis CI IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-05-18 Keheliya Gallaba; Shane McIntosh
Continuous Integration (CI) is a popular practice where software systems are automatically compiled and tested as changes appear in the version control system of a project. Like other software artifacts, CI specifications require maintenance effort. Although there are several service providers like Travis CI offering various CI features, it is unclear which features are being (mis)used. In this paper
-
Incentivizing Deep Fixes in Software Economies IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-06-13 Malvika Rao; David F. Bacon; David C. Parkes; Margo I. Seltzer
An important question in a software economy is how to incentivize deep rather than shallow fixes. A deep fix corrects the root cause of a bug instead of suppressing the symptoms. This paper initiates the study of the problem of incentive design for open workflows in fixing code. We model the dynamics of the software ecosystem and introduce subsumption mechanisms . These mechanisms only make use of
-
A Multi-Study Investigation into Dead Code IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-06-01 Simone Romano; Christopher Vendome; Giuseppe Scanniello; Denys Poshyvanyk
Dead code is a bad smell and it appears to be widespread in open-source and commercial software systems. Surprisingly, dead code has received very little empirical attention from the software engineering research community. In this paper, we present a multi-study investigation with an overarching goal to study, from the perspective of researchers and developers, when and why developers introduce dead
-
On the Understandability of Temporal Properties Formalized in Linear Temporal Logic, Property Specification Patterns and Event Processing Language IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-07-25 Christoph Czepa; Uwe Zdun
Temporal properties are important in a wide variety of domains for different purposes. For example, they can be used to avoid architectural drift in software engineering or to support the regulatory compliance of business processes. In this work, we study the understandability of three major temporal property representations: (1) Linear Temporal Logic (LTL) is a formal and well-established logic that
-
A Systematic Evaluation of Static API-Misuse Detectors IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-04-16 Sven Amann; Hoan Anh Nguyen; Sarah Nadi; Tien N. Nguyen; Mira Mezini
Application Programming Interfaces (APIs) often have usage constraints, such as restrictions on call order or call conditions. API misuses , i.e., violations of these constraints, may lead to software crashes, bugs, and vulnerabilities. Though researchers developed many API-misuse detectors over the last two decades, recent studies show that API misuses are still prevalent. Therefore, we need to understand
-
Integrative Double Kaizen Loop (IDKL): Towards a Culture of Continuous Learning and Sustainable Improvements for Software Organizations IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-04-24 Osama Al-Baik; James Miller
In the past decades, software organizations have been relying on implementing process improvement methods to advance quality, productivity, and predictability of their development and maintenance efforts. However, these methods have proven to be challenging to implement in many situations, and when implemented, their benefits are often not sustained. Commonly, the workforce requires guidance during
-
Automating Change-Level Self-Admitted Technical Debt Determination IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-04-30 Meng Yan; Xin Xia; Emad Shihab; David Lo; Jianwei Yin; Xiaohu Yang
Technical debt (TD) is a metaphor to describe the situation where developers introduce suboptimal solutions during software development to achieve short-term goals that may affect the long-term software quality. Prior studies proposed different techniques to identify TD, such as identifying TD through code smells or by analyzing source code comments. Technical debt identified using comments is known
-
A Comprehensive Investigation of the Role of Imbalanced Learning for Software Defect Prediction IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-05-15 Qinbao Song; Yuchen Guo; Martin Shepperd
Context: Software defect prediction (SDP) is an important challenge in the field of software engineering, hence much research work has been conducted, most notably through the use of machine learning algorithms. However, class-imbalance typified by few defective components and many non-defective ones is a common occurrence causing difficulties for these methods. Imbalanced learning aims to deal with
-
LEILA: Formal Tool for Identifying Mobile Malicious Behaviour IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-05-08 Gerardo Canfora; Fabio Martinelli; Francesco Mercaldo; Vittoria Nardone; Antonella Santone; Corrado Aaron Visaggio
With the increasing diffusion of mobile technologies, nowadays mobile devices represent an irreplaceable tool to perform several operations, from posting a status on a social network to transfer money between bank accounts. As a consequence, mobile devices store a huge amount of private and sensitive information and this is the reason why attackers are developing very sophisticated techniques to extort
-
CHiP: A Configurable Hybrid Parallel Covering Array Constructor IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-05-17 Hanefi Mercan; Cemal Yilmaz; Kamer Kaya
We present a configurable, hybrid, and parallel covering array constructor, called CHiP. CHiP is parallel in that it utilizes vast amount of parallelism provided by graphics processing units (GPUs). CHiP is hybrid in that it bundles the bests of two construction approaches for computing covering arrays; a metaheuristic search-based approach for efficiently covering a large portion of the required combinations
-
A Theoretical and Empirical Analysis of Program Spectra Diagnosability IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-28 Alexandre Perez; Rui Abreu; Arie Van Deursen
Current metrics for assessing the adequacy of a test-suite plainly focus on the number of components (be it lines, branches, paths) covered by the suite, but do not explicitly check how the tests actually exercise these components and whether they provide enough information so that spectrum-based fault localization techniques can perform accurate fault isolation. We propose a metric, called DDU, aimed
-
Mining Treatment-Outcome Constructs from Sequential Software Engineering Data IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-21 Maleknaz Nayebi; Guenther Ruhe; Thomas Zimmermann
Many investigations in empirical software engineering look at sequences of data resulting from development or management processes. In this paper, we propose an analytical approach called the Gandhi-Washington Method (GWM) to investigate the impact of recurring events in software projects. GWM takes an encoding of events and activities provided by a software analyst as input. It uses regular expressions
-
Too Many User-Reviews! What Should App Developers Look at First? IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-16 Ehsan Noei; Feng Zhang; Ying Zou
Due to the rapid growth in the number of mobile applications (apps) in the past few years, succeeding in mobile app markets has become ruthless. Online app markets, such as Google Play Store, let users rate apps on a five-star scale and leave feedback. Given the importance of high star-ratings to the success of an app, it is crucial to help developers find the key topics of user-reviews that are significantly
-
Specifying Callback Control Flow of Mobile Apps Using Finite Automata IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-16 Danilo Dominguez Perez; Wei Le
Given the event-driven and framework-based architecture of Android apps, finding the ordering of callbacks executed by the framework remains a problem that affects every tool that requires inter-callback reasoning. Previous work has focused on the ordering of callbacks related to the Android components and GUI events. But the execution of callbacks can also come from direct calls of the framework (API
-
Using K-core Decomposition on Class Dependency Networks to Improve Bug Prediction Model's Practical Performance IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-14 Yu Qu; Qinghua Zheng; Jianlei Chi; Yangxu Jin; Ancheng He; Di Cui; Hengshan Zhang; Ting Liu
In recent years, Complex Network theory and graph algorithms have been proved to be effective in predicting software bugs. On the other hand, as a widely-used algorithm in Complex Network theory, k-core decomposition has been used in software engineering domain to identify key classes. Intuitively, key classes are more likely to be buggy since they participate in more functions or have more interactions
-
The Impact of Correlated Metrics on the Interpretation of Defect Models IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-10 Jirayus Jiarpakdee; Chakkrit Tantithamthavorn; Ahmed E. Hassan
Defect models are analytical models for building empirical theories related to software quality. Prior studies often derive knowledge from such models using interpretation techniques, e.g., ANOVA Type-I. Recent work raises concerns that correlated metrics may impact the interpretation of defect models. Yet, the impact of correlated metrics in such models has not been investigated. In this paper, we
-
An Empirical Study of Fault Localization Families and Their Combinations IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-10 Daming Zou; Jingjing Liang; Yingfei Xiong; Michael D. Ernst; Lu Zhang
The performance of fault localization techniques is critical to their adoption in practice. This paper reports on an empirical study of a wide range of fault localization techniques on real-world faults. Different from previous studies, this paper (1) considers a wide range of techniques from different families, (2) combines different techniques, and (3) considers the execution time of different techniques
-
Inductive Validity Cores IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-09 Elaheh Ghassabani; Michael Whalen; Andrew Gacek; Mats Heimdahl
Symbolic model checkers can construct proofs of properties over highly complex models. However, the results reported by the tool when a proof succeeds do not generally provide much insight to the user. It is often useful for users to have traceability information related to the proof: which portions of the model were necessary to construct it. This traceability information can be used to diagnose a
-
App Store Effects on Software Engineering Practices IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-09 Afnan A. Al-Subaihin; Federica Sarro; Sue Black; Licia Capra; Mark Harman
In this paper, we study the app store as a phenomenon from the developers’ perspective to investigate the extent to which app stores affect software engineering tasks. Through developer interviews and questionnaires, we uncover findings that highlight and quantify the effects of three high-level app store themes: bridging the gap between developers and users, increasing market transparency and affecting
-
Automated Documentation of Android Apps IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2019-01-01 Emad Aghajani; Gabriele Bavota; Mario Linares-Vásquez; Michele Lanza
Developers do not always have the knowledge needed to understand source code and must refer to different resources (e.g., teammates, documentation, the web). This non-trivial process, called program comprehension, is very time-consuming. While many approaches support the comprehension of a given code at hand, they are mostly focused on defining extractive summaries from the code (i.e., on selecting
-
Coverage Prediction for Accelerating Compiler Testing IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-12-25 Junjie Chen; Guancheng Wang; Dan Hao; Yingfei Xiong; Hongyu Zhang; Lu Zhang; Bing Xie
Compilers are one of the most fundamental software systems. Compiler testing is important for assuring the quality of compilers. Due to the crucial role of compilers, they have to be well tested. Therefore, automated compiler testing techniques (those based on randomly generated programs) tend to run a large number of test programs (which are test inputs of compilers). The cost for compilation and
-
Fault Analysis and Debugging of Microservice Systems: Industrial Survey, Benchmark System, and Empirical Study IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-12-18 Xiang Zhou; Xin Peng; Tao Xie; Jun Sun; Chao Ji; Wenhai Li; Dan Ding
The complexity and dynamism of microservice systems pose unique challenges to a variety of software engineering tasks such as fault analysis and debugging. In spite of the prevalence and importance of microservices in industry, there is limited research on the fault analysis and debugging of microservice systems. To fill this gap, we conduct an industrial survey to learn typical faults of microservice
-
PPChecker: Towards Accessing the Trustworthiness of Android Apps’ Privacy Policies IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-12-14 Le Yu; Xiapu Luo; Jiachi Chen; Hao Zhou; Tao Zhang; Henry Chang; Hareton K. N. Leung
Recent years have witnessed a sharp increase of malicious apps that steal users’ personal information. To address users’ concerns about privacy risks and to comply with data protection laws, more and more apps are supplied with privacy policies written in natural language to help users understand an app's privacy practices. However, little is known whether these privacy policies are trustworthy or
-
Automatically ‘Verifying’ Discrete-Time Complex Systems through Learning, Abstraction and Refinement IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-12-14 Jingyi Wang; Jun Sun; Shengchao Qin; Cyrille Jegourel
Precisely modeling complex systems like cyber-physical systems is challenging, which often renders model-based system verification techniques like model checking infeasible. To overcome this challenge, we propose a method called LAR to automatically ‘verify’ such complex systems through a combination of learning, abstraction and refinement from a set of system log traces. We assume that log traces
-
Evaluating Model-Driven Development Claims with Respect to Quality: A Family of Experiments IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-12-06 Jose Ignacio Panach; Óscar Dieste; Beatriz Marín; Sergio España; Sira Vegas; Óscar Pastor; Natalia Juristo
Context: There is a lack of empirical evidence on the differences between model-driven development (MDD), where code is automatically derived from conceptual models, and traditional software development method, where code is manually written. In our previous work, we compared both methods in a baseline experiment concluding that quality of the software developed following MDD was significantly better
-
A Study of Feature Scattering in the Linux Kernel IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-12-06 Leonardo Passos; Rodrigo Queiroz; Mukelabai Mukelabai; Thorsten Berger; Sven Apel; Krzysztof Czarnecki; Jesus Alejandro Padilla
Feature code is often scattered across a software system. Scattering is not necessarily bad if used with care, as witnessed by systems with highly scattered features that evolved successfully. Feature scattering, often realized with a pre-processor, circumvents limitations of programming languages and software architectures. Unfortunately, little is known about the principles governing scattering in
-
Mining Fix Patterns for FindBugs Violations IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-12-06 Kui Liu; Dongsun Kim; Tegawendé F. Bissyandé; Shin Yoo; Yves Le Traon
Several static analysis tools, such as Splint or FindBugs, have been proposed to the software development community to help detect security vulnerabilities or bad programming practices. However, the adoption of these tools is hindered by their high false positive rates. If the false positive rate is too high, developers may get acclimated to violation reports from these tools, causing concrete and
-
Beyond Technical Aspects: How Do Community Smells Influence the Intensity of Code Smells? IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-11-27 Fabio Palomba; Damian Andrew Tamburri; Francesca Arcelli Fontana; Rocco Oliveto; Andy Zaidman; Alexander Serebrenik
Code smells are poor implementation choices applied by developers during software evolution that often lead to critical flaws or failure. Much in the same way, community smells reflect the presence of organizational and socio-technical issues within a software community that may lead to additional project costs. Recent empirical studies provide evidence that community smells are often—if not always—connected
-
Automatic Feature Learning for Predicting Vulnerable Software Components IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-11-19 Hoa Khanh Dam; Truyen Tran; Trang Pham; Shien Wee Ng; John Grundy; Aditya Ghose
Code flaws or vulnerabilities are prevalent in software systems and can potentially cause a variety of problems including deadlock, hacking, information loss and system failure. A variety of approaches have been developed to try and detect the most likely locations of such code vulnerabilities in large code bases. Most of them rely on manually designing code features (e.g., complexity metrics or frequencies
-
CBGA-ES+: A Cluster-Based Genetic Algorithm with Non-Dominated Elitist Selection for Supporting Multi-Objective Test Optimization IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-11-19 Dipesh Pradhan; Shuai Wang; Shaukat Ali; Tao Yue; Marius Liaaen
Many real-world test optimization problems (e.g., test case prioritization) are multi-objective intrinsically and can be tackled using various multi-objective search algorithms (e.g., Non-dominated Sorting Genetic Algorithm (NSGA-II)). However, existing multi-objective search algorithms have certain randomness when selecting parent solutions for producing offspring solutions. In a worse case, suboptimal
-
A Systematic Literature Review on Bad Smells–5 W's: Which, When, What, Who, Where IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-11-12 Elder Vicente de Paulo Sobrinho; Andrea De Lucia; Marcelo de Almeida Maia
Bad smells are sub-optimal code structures that may represent problems needing attention. We conduct an extensive literature review on bad smells relying on a large body of knowledge from 1990 to 2017. We show that some smells are much more studied in the literature than others, and also that some of them are intrinsically inter-related ( which ). We give a perspective on how the research has been
-
A Model-Integrated Approach to Designing Self-Protecting Systems IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-11-09 Stefano Iannucci; Sherif Abdelwahed; Andrea Montemaggio; Melissa Hannis; Leslie Leonard; Jason S. King; John A. Hamilton
One of the major trends in research on Self-Protecting Systems is to use a model of the system to be protected to predict its evolution. However, very often, devising the model requires special knowledge of mathematical frameworks, that prevents the adoption of this technique outside of the academic environment. Furthermore, some of the proposed approaches suffer from the curse of dimensionality, as
-
Symbolic Refinement of Extended State Machines with Applications to the Automatic Derivation of Sub-Components and Controllers IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-30 Khaled El-Fakih; Gregor V. Bochmann
Nowadays, extended state machines are prominent requirements specification techniques due to their capabilities of modeling complex systems in a compact way. These machines extend the standard state machines with variables and have transitions guarded by enabling predicates and may include variable update statements. Given a system modeled as an extended state machine, with possibly infinite state
-
Platform-Independent Dynamic Taint Analysis for JavaScript IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-26 Rezwana Karim; Frank Tip; Alena Sochůrková; Koushik Sen
Previous approaches to dynamic taint analysis for JavaScript are implemented directly in a browser or JavaScript engine, limiting their applicability to a single platform and requiring ongoing maintenance as platforms evolve, or they require nontrivial program transformations. We present an approach that relies on instrumentation to encode taint propagation as instructions for an abstract machine.
-
Key Stakeholders’ Value Propositions for Feature Selection in Software-Intensive Products: An Industrial Case Study IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-25 Pilar Rodríguez; Emilia Mendes; Burak Turhan
Numerous software companies are adopting value-based decision making. However, what does value mean for key stakeholders making decisions? How do different stakeholder groups understand value? Without an explicit understanding of what value means, decisions are subject to ambiguity and vagueness, which are likely to bias them. This case study provides an in-depth analysis of key stakeholders’ value
-
Cognitive Biases in Software Engineering: A Systematic Mapping Study IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-24 Rahul Mohanani; Iflaah Salman; Burak Turhan; Pilar Rodríguez; Paul Ralph
One source of software project challenges and failures is the systematic errors introduced by human cognitive biases. Although extensively explored in cognitive psychology, investigations concerning cognitive biases have only recently gained popularity in software engineering research. This paper therefore systematically maps, aggregates and synthesizes the literature on cognitive biases in software
-
Deep Semantic Feature Learning for Software Defect Prediction IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-23 Song Wang; Taiyue Liu; Jaechang Nam; Lin Tan
Software defect prediction, which predicts defective code regions, can assist developers in finding bugs and prioritizing their testing efforts. Traditional defect prediction features often fail to capture the semantic differences between different programs. This degrades the performance of the prediction models built on these traditional features. Thus, the capability to capture the semantics in programs
-
Search-Based Crash Reproduction and Its Impact on Debugging IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-23 Mozhan Soltani; Annibale Panichella; Arie van Deursen
Software systems fail. These failures are often reported to issue tracking systems, where they are prioritized and assigned to responsible developers to be investigated. When developers debug software, they need to reproduce the reported failure in order to verify whether their fix actually prevents the failure from happening again. Since manually reproducing each failure could be a complex task, several
-
Perceptions, Expectations, and Challenges in Defect Prediction IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-23 Zhiyuan Wan; Xin Xia; Ahmed E. Hassan; David Lo; Jianwei Yin; Xiaohu Yang
Defect prediction has been an active research area for over four decades. Despite numerous studies on defect prediction, the potential value of defect prediction in practice remains unclear. To address this issue, we performed a mixed qualitative and quantitative study to investigate what practitioners think, behave and expect in contrast to research findings when it comes to defect prediction. We
-
Dynamic Update of Discrete Event Controllers IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-19 Leandro Nahabedian; Victor Braberman; Nicolás D'Ippolito; Shinichi Honiden; Jeff Kramer; Kenji Tei; Sebastián Uchitel
Discrete event controllers are at the heart of many software systems that require continuous operation. Changing these controllers at runtime to cope with changes in its execution environment or system requirements change is a challenging open problem. In this paper we address the problem of dynamic update of controllers in reactive systems. We present a general approach to specifying correctness criteria
-
The Impact of Class Rebalancing Techniques on the Performance and Interpretation of Defect Prediction Models IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-17 Chakkrit Tantithamthavorn; Ahmed E. Hassan; Kenichi Matsumoto
Defect models that are trained on class imbalanced datasets (i.e., the proportion of defective and clean modules is not equally represented) are highly susceptible to produce inaccurate prediction models. Prior research compares the impact of class rebalancing techniques on the performance of defect models but arrives at contradictory conclusions due to the use of different choice of datasets, classification
-
How Well Do Change Sequences Predict Defects? Sequence Learning from Software Changes IEEE Trans. Softw. Eng. (IF 6.112) Pub Date : 2018-10-16 Ming Wen; Rongxin Wu; Shing-Chi Cheung
Software defect prediction, which aims to identify defective modules, can assist developers in finding bugs and prioritizing limited quality assurance resources. Various features to build defect prediction models have been proposed and evaluated. Among them, process metrics are one important category. Yet, existing process metrics are mainly encoded manually from change histories and ignore the sequential