2021 28th Asia-Pacific Software Engineering Conference (APSEC)最新文献

筛选
英文 中文
Thread-Sensitive Data Race Detection for Java 线程敏感的Java数据竞争检测
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00011
S. Schulz, Emanuel Herrendorf, Christoph Bockisch
{"title":"Thread-Sensitive Data Race Detection for Java","authors":"S. Schulz, Emanuel Herrendorf, Christoph Bockisch","doi":"10.1109/APSEC53868.2021.00011","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00011","url":null,"abstract":"In this paper we present StaTS, a precise static data-race detection mechanism for Java. It analyzes applications in four phases. The first one is a novel points-to analysis that includes approximations of threads and execution contexts. The second phase uses the results of the points-to analysis to compute which fields are accessed by which threads, while considering the locks held by the threads. The third phase carries out a context-sensitive static happens-before analysis to rule out accesses in execution contexts that can never be executed in parallel. The final phase builds upon the results of the first three to determine conflicting accesses and report them to the user. Our proof-of-concept implementation does not scale for large programs, which is why it can optionally limit the number of points-to relations it considers, based on sampling. Nevertheless, our evaluation shows that, even with sampling enabled for large programs, StaTS detects more data races than existing approaches. In terms of execution time, the analysis without sampling takes in the order of seconds for smaller programs. For larger ones and with sampling enabled, analysis takes minutes, thus being practically usable in nightly build environments in all cases.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130257391","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Automated Feedback Generation for Multiple Function Programs 多功能程序的自动反馈生成
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00078
Dongwook Choi, Jinseok Heo, Eunseok Lee
{"title":"Automated Feedback Generation for Multiple Function Programs","authors":"Dongwook Choi, Jinseok Heo, Eunseok Lee","doi":"10.1109/APSEC53868.2021.00078","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00078","url":null,"abstract":"Automated Feedback Generation (AFG) was proposed to automatically generate personalized feedback on students' programming assignments. Existing AFG techniques have been developed mainly for novice programmers, so feedback on complex programs cannot be generated. Therefore, we propose MUNCK, which automatically generates feedback for multiple function programs, one of the complex programs. Our experiment shows that MUNCK can generate feedback for 90% of multiple function programs.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"138 20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128508490","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
API parameter recommendation based on language model and program analysis 基于语言模型和程序分析的API参数推荐
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00056
Tran-Manh Cuong, T. Tran, Tan M. Nguyen, Thu-Trang Nguyen, Son Nguyen, H. Vo
{"title":"API parameter recommendation based on language model and program analysis","authors":"Tran-Manh Cuong, T. Tran, Tan M. Nguyen, Thu-Trang Nguyen, Son Nguyen, H. Vo","doi":"10.1109/APSEC53868.2021.00056","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00056","url":null,"abstract":"APIs are extensively and frequently used in source code to leverage existing libraries and improve programming productivity. However, correctly and effectively using APIs, especially from unfamiliar libraries, is a non-trivial task. Although various approaches have been proposed for recommending API method calls in code completion, suggesting actual parameters for such APIs still needs further investigating. In this paper, we introduce FLUTE, an efficient and novel approach combining program analysis and language models for recommending API parameters. With FLUTE, the source code of programs is first analyzed to generate syntactically legal and type-valid candidates. Then, these candidates are ranked using language models. Our empirical results on two large real-world projects Netbeans and Eclipse indicate that FLUTE achieves 80% and +90% in Top-1 and Top-5 Precision, which means the tool outperforms the state-of-the-art approach.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128527882","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Towards Accurate File Tracking Based on AST Differences 基于AST差异的精确文件跟踪
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00067
Akira Fujimoto, Yoshiki Higo, S. Kusumoto
{"title":"Towards Accurate File Tracking Based on AST Differences","authors":"Akira Fujimoto, Yoshiki Higo, S. Kusumoto","doi":"10.1109/APSEC53868.2021.00067","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00067","url":null,"abstract":"In the field of software development, version control systems such as Git are imperative tools that help software teams manage source code. Git can detect a change history of each file individually. Even if a file was renamed in the past, Git can identify and track the before renamed file based on content similarities, which are calculated as the ratio of lines that match pre- and post-change files to the total number of lines. However, line-based comparison techniques do not consider source code structures and have coarse granularity, which can result in misidentifying pre-change files and tracking interruptions. To resolve these problems, this paper proposes a technique that calculates file content similarities using source code differences based on an abstract syntax tree. In experiments conducted on 197 open source Java-based projects, we found that the number of rename detections increased 3.3 %, and that, on average, our technique tracked commits 1.37 times more frequently than previous technique. We also measured accuracy levels and found that the maximum F - measure was 0.943, which is higher than the 0.926 maximum value of the line-based technique.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123673434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
PNPEq: Verification of Scheduled Conditional Behavior in Embedded Software using Petri Nets 基于Petri网的嵌入式软件计划条件行为验证
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00059
R. Mittal, Dominique Blouin, S. Bandyopadhyay
{"title":"PNPEq: Verification of Scheduled Conditional Behavior in Embedded Software using Petri Nets","authors":"R. Mittal, Dominique Blouin, S. Bandyopadhyay","doi":"10.1109/APSEC53868.2021.00059","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00059","url":null,"abstract":"Software for embedded systems goes through a scheduling phase where it is subjected to optimizing transformations. In such a scenario, validating the preservation of semantics across the transformation is essential. In this paper, we present PNPEq (Petri Net Program Equivalence), an ongoing work on a novel translation validation technique to handle various schedule-time conditional optimizations among others. The method makes use of a reduced size Petri net model integrating SMT solvers for validating arithmetic transformations. The approach is illustrated with a simple program and its translation, and further validated with a preliminary example suite.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126183572","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Exposing Vulnerable Paths: Enhance Static Analysis with Lightweight Symbolic Execution 暴露易受攻击的路径:用轻量级符号执行增强静态分析
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00051
Guangwei Li, Ting Yuan, Jie Lu, Lian Li, Xiaobin Zhang, Xu Song, Kejun Zhang
{"title":"Exposing Vulnerable Paths: Enhance Static Analysis with Lightweight Symbolic Execution","authors":"Guangwei Li, Ting Yuan, Jie Lu, Lian Li, Xiaobin Zhang, Xu Song, Kejun Zhang","doi":"10.1109/APSEC53868.2021.00051","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00051","url":null,"abstract":"Static analysis tools, although widely adopted in industry, suffer from a high false positive rate. This paper aims to refine the results of static analysis tools, by automatically searching for a vulnerable path from given defect report. To realize this goal, we develop SATRACER, a novel tool which integrates symbolic execution techniques with static analysis. SATRACER selectively skips those program parts which can be consistently updated by static analysis, thus drastically improving performance. We have applied SATRACER to a set of 21 real-world applications. Evaluation results show that SATRACER can successfully remove 71.4% false alarms reported by a commercial static analysis tool in 10 hours, and confirmed 29 real use-after-free bugs and 895 real null-pointer-dereference bugs.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130426141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Critical Understanding of Security Vulnerability Detection Plugin Evaluation Reports 对安全漏洞检测插件评估报告的关键理解
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00035
S. Beba, Magnus Melseth Karlsen, Jingyue Li, Bing Zhang
{"title":"Critical Understanding of Security Vulnerability Detection Plugin Evaluation Reports","authors":"S. Beba, Magnus Melseth Karlsen, Jingyue Li, Bing Zhang","doi":"10.1109/APSEC53868.2021.00035","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00035","url":null,"abstract":"Integrated development environment (IDE) plugins aimed at detecting web application security vulnerabilities can help developers create secure applications in the first place. Most of such IDE plugins use static source code analysis approaches. Although several empirical studies evaluated the plugins and compared their precision and recall of detecting web application security, few follow-up studies tried to understand the evaluation results. We analyzed more than 20,000 vulnerability reports based on 7,215 distinct test cases spanning 11 categories of web application vulnerabilities to understand the evaluation results of three open-source IDE plugins, namely, SpotBugs, FindSecBugs, and Early Security Vulnerability Detector (ESVD), which aimed at detecting security vulnerabilities of Java-based web applications. Our results identify many factors besides the source code analysis approach that can dramatically bias the detection performance. Based on our insights, we improved the studied plugins. In addition, our study raises the alarm that, without solid root cause analyses, the evaluation and comparisons of security vulnerability detection approaches and tools could be misleading. Thus, we proposed a guideline on reporting the evaluation results of the security vulnerability detection approaches.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129712573","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Detecting Functional Differences using Automatic Test Generation for Automated Assessment in Programming Education 应用自动测试生成技术检测程序设计教育自动化评估中的功能差异
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00062
Ryoko Izuta, S. Matsumoto, H. Igaki, S. Saiki, Naoki Fukuyasu, S. Kusumoto
{"title":"Detecting Functional Differences using Automatic Test Generation for Automated Assessment in Programming Education","authors":"Ryoko Izuta, S. Matsumoto, H. Igaki, S. Saiki, Naoki Fukuyasu, S. Kusumoto","doi":"10.1109/APSEC53868.2021.00062","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00062","url":null,"abstract":"Software testing is being leveraged in programming education for automated assessment of programming assignments. When using software testing in programming education, program specifications are provided as unit or integration tests, and students create programs that pass these tests. Although this method has various advantages, such as ensuring objective program specifications and automating the operation check, it also has many disadvantages. For example, detecting innovations, such as original specifications and functional extensions by an individual student, is difficult. The purpose of this research is to automatically detect functional differences among student programs in programming education using tests. In our proposed method, automatic test generation is applied to student programs, and the generated tests are mutually executed for other student programs. Furthermore, we classify the tests based on the execution path to obtain sets of tests that are capable of detecting functional differences.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121391052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Metamorphic Testing for Reliability in System of Systems 多系统系统可靠性的变形试验
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00046
Kiat Kian Anthony Chua, Doo-Hwan Bae, Eunkyoung Jee
{"title":"Metamorphic Testing for Reliability in System of Systems","authors":"Kiat Kian Anthony Chua, Doo-Hwan Bae, Eunkyoung Jee","doi":"10.1109/APSEC53868.2021.00046","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00046","url":null,"abstract":"System of Systems (SoS), refers to a class of systems that are comprised of independent constituent systems (CS) interacting with one another to form a larger system, thus resulting in a common goal being achieved through the set of interactions between the CSs. In conventional systems software testing, the problem of identifying correct behaviour given a set of test inputs is called the oracle problem. In terms of SoS, the oracle problem is exacerbated due to each CS in an SoS being sufficiently complex systems themselves. We address the oracle problem in the domain of the software testing in System of Systems (SoS) by applying Metamorphic Testing (MT). In order to derive concrete Metamorphic Relations (MR) for SoS, we first borrow the concept of creating MRs from abstract Metamorphic Relation Patterns (MRPs), where the represented MRPs themselves describe characteristics that are used in the modeling and analysis of SoS. They are then applied to two SoS simulator types, the Smart Grid SoS and Mass Casualty Incident (MCI) Response SoS in order to test for reliability in SoS and to also determine the viability of MT in SoS. It is shown through the experiments conducted that the derived concrete MRs are able to find faults in both the systems under test.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124019536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Applying Problem Frames in Behavior-Driven Development for Smart Cone System 问题框架在智能锥体系统行为驱动开发中的应用
2021 28th Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 2021-12-01 DOI: 10.1109/APSEC53868.2021.00070
Yi-Chun Yen, Bing-Yun Wang, Xin-Zhe Zhong, Wei-Yi Chiang, Chin-Yun Hsieh, Yu Chin Cheng
{"title":"Applying Problem Frames in Behavior-Driven Development for Smart Cone System","authors":"Yi-Chun Yen, Bing-Yun Wang, Xin-Zhe Zhong, Wei-Yi Chiang, Chin-Yun Hsieh, Yu Chin Cheng","doi":"10.1109/APSEC53868.2021.00070","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00070","url":null,"abstract":"Initial observations of adopting behavior-driven development for an Internet of Things System in an agile process context is reported. Since an IoT system usually comprises multiple subsystems, the problem frames approach is adopted alongside to define the specifications that capture the overarching behaviors at the system level and constituent behaviors at the subsystem and component levels. Development of specifications based on the two practices is illustrated with the development case of a Smart Cone system.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"127 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123448881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信