发布求助
文献互助 智能选刊 最新文献

2012 IEEE 23rd International Symposium on Software Reliability Engineering最新文献

筛选
英文 中文
Automated Checking of Web Application Invocations 自动检查Web应用程序调用
2012 IEEE 23rd International Symposium on Software Reliability Engineering Pub Date : 2012-11-27 DOI: 10.1109/ISSRE.2012.37
William G. J. Halfond
{"title":"Automated Checking of Web Application Invocations","authors":"William G. J. Halfond","doi":"10.1109/ISSRE.2012.37","DOIUrl":"https://doi.org/10.1109/ISSRE.2012.37","url":null,"abstract":"HTTP based invocations allow web application components to communicate among themselves and build dynamic customized web pages. Invocations are widely used by web applications, but are a common source of errors. Existing techniques are only able to verify limited correctness properties of web application invocations and omit key properties, such as an argument's type and value must match its target parameter's domain. This paper presents the first approach for verifying these correctness properties of web application invocations. An empirical evaluation of the technique shows that it is able to identify, with high precision, over 30% more invocation errors than were previously identified and that the approach has a low analysis runtime cost.","PeriodicalId":172003,"journal":{"name":"2012 IEEE 23rd International Symposium on Software Reliability Engineering","volume":"476 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122984498","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Revolution: Automatic Evolution of Mined Specifications 革命:挖掘规范的自动进化
2012 IEEE 23rd International Symposium on Software Reliability Engineering Pub Date : 2012-11-27 DOI: 10.1109/ISSRE.2012.14
L. Mariani, A. Marchetto, Duy Cu Nguyen, P. Tonella, A. Baars
{"title":"Revolution: Automatic Evolution of Mined Specifications","authors":"L. Mariani, A. Marchetto, Duy Cu Nguyen, P. Tonella, A. Baars","doi":"10.1109/ISSRE.2012.14","DOIUrl":"https://doi.org/10.1109/ISSRE.2012.14","url":null,"abstract":"Specifications mined from execution traces are largely used to support testing and analysis of software applications with little runtime variability. However, when models are mined from applications that evolve at runtime, the resulting models become quickly obsolete, and thus of little support for any testing and analysis activity. To cope with such systems, mined specifications must be consistently updated every time the software changes. In principle, models can be periodically mined from scratch, but in many cases this solution is too expensive or even impossible. In this paper we describe Revolution, an approach for the automatic evolution of specifications mined by applying state abstraction techniques. Revolution produces models that are continuously updated and thus remain aligned with the actual implementation. Empirical results show that Revolution can suitably address run-time evolving applications.","PeriodicalId":172003,"journal":{"name":"2012 IEEE 23rd International Symposium on Software Reliability Engineering","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123114743","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Are Computer Focused Crimes Impacted by System Configurations? An Empirical Study 以计算机为中心的犯罪是否受到系统配置的影响?实证研究
2012 IEEE 23rd International Symposium on Software Reliability Engineering Pub Date : 2012-11-27 DOI: 10.1109/ISSRE.2012.36
Bertrand Sobesto, M. Cukier, David Maimon
{"title":"Are Computer Focused Crimes Impacted by System Configurations? An Empirical Study","authors":"Bertrand Sobesto, M. Cukier, David Maimon","doi":"10.1109/ISSRE.2012.36","DOIUrl":"https://doi.org/10.1109/ISSRE.2012.36","url":null,"abstract":"This paper describes an empirical study to assess whether computer focused crimes are impacted by system configurations. The study relies on data collected during 30 days on a farm of target computers of various configurations (disk space, memory size, and bandwidth). In addition, some target computers included a warning sign. Following a brute force attack on SSH, attackers randomly access one of these computer configurations and are allowed to use it for 30 days. We monitor network traffic and attackers' keystrokes to analyze the attack. This paper focuses specifically on the crime, i.e., the use of the computer to launch an attack towards an external target. We define various computer focused crime characteristics (i.e., whether the attack was destructive or not, whether the target was an opportunity or a choice, whether the attack was coordinated or not) and analyze whether the committed crime is significantly impacted by the system configuration.","PeriodicalId":172003,"journal":{"name":"2012 IEEE 23rd International Symposium on Software Reliability Engineering","volume":"58 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133527806","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
What Is System Hang and How to Handle It 什么是系统挂起?如何处理
2012 IEEE 23rd International Symposium on Software Reliability Engineering Pub Date : 2012-11-27 DOI: 10.1109/ISSRE.2012.12
Yian Zhu, Yue Li, Jingling Xue, Tian Tan, Jialong Shi, Yang Shen, Chunyan Ma
{"title":"What Is System Hang and How to Handle It","authors":"Yian Zhu, Yue Li, Jingling Xue, Tian Tan, Jialong Shi, Yang Shen, Chunyan Ma","doi":"10.1109/ISSRE.2012.12","DOIUrl":"https://doi.org/10.1109/ISSRE.2012.12","url":null,"abstract":"Almost every computer user has encountered an un-responsive system failure or system hang, which leaves the user no choice but to power off the computer. In this paper, the causes of such failures are analyzed in detail and one empirical hypothesis for detecting system hang is proposed. This hypothesis exploits a small set of system performance metrics provided by the OS itself, thereby avoiding modifying the OS kernel and introducing additional cost (e.g., hardware modules). Under this hypothesis, we propose SHFH, a self-healing framework to handle system hang, which can be deployed on OS dynamically. One unique feature of SHFH is that its \"light-heavy\" detection strategy is designed to make intelligent tradeoffs between the performance overhead and the false positive rate induced by system hang detection. Another feature is that its diagnosis-based recovery strategy offers a better granularity to recover from system hang. Our experimental results show that SHFH can cover 95.34% of system hang scenarios, with a false positive rate of 0.58% and 0.6% performance overhead, validating the effectiveness of our empirical hypothesis.","PeriodicalId":172003,"journal":{"name":"2012 IEEE 23rd International Symposium on Software Reliability Engineering","volume":"329 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115456124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
Data Loss Prevention Based on Data-Driven Usage Control 基于数据驱动使用控制的数据丢失预防
2012 IEEE 23rd International Symposium on Software Reliability Engineering Pub Date : 2012-11-27 DOI: 10.1109/ISSRE.2012.10
Tobias Wüchner, A. Pretschner
{"title":"Data Loss Prevention Based on Data-Driven Usage Control","authors":"Tobias Wüchner, A. Pretschner","doi":"10.1109/ISSRE.2012.10","DOIUrl":"https://doi.org/10.1109/ISSRE.2012.10","url":null,"abstract":"Inadvertent data disclosure by insiders is considered as one of the biggest threats for corporate information security. Data loss prevention systems typically try to cope with this problem by monitoring access to confidential data and preventing their leakage or improper handling. Current solutions in this area, however, often provide limited means to enforce more complex security policies that for instance specify temporal or cardinal constraints on the execution of events. This paper presents UC4Win, a data loss prevention solution for Microsoft Windows operating systems that is based on the concept of data-driven usage control to allow such a fine-grained policy-based protection. UC4Win is capable of detecting and controlling data-loss related events at the level of individual function calls. This is done with function call interposition techniques to intercept application calls to the Windows API in combination with methods to track the flows of confidential data through the system.","PeriodicalId":172003,"journal":{"name":"2012 IEEE 23rd International Symposium on Software Reliability Engineering","volume":"109 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116676748","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 60
On the Relative Strengths of Model-Based and Dynamic Event Extraction-Based GUI Testing Techniques: An Empirical Study 基于模型和基于动态事件提取的GUI测试技术相对优势的实证研究
2012 IEEE 23rd International Symposium on Software Reliability Engineering Pub Date : 2012-11-27 DOI: 10.1109/ISSRE.2012.18
Gigon Bae, G. Rothermel, Doo-Hwan Bae
{"title":"On the Relative Strengths of Model-Based and Dynamic Event Extraction-Based GUI Testing Techniques: An Empirical Study","authors":"Gigon Bae, G. Rothermel, Doo-Hwan Bae","doi":"10.1109/ISSRE.2012.18","DOIUrl":"https://doi.org/10.1109/ISSRE.2012.18","url":null,"abstract":"Many software systems rely on graphical-user interfaces (GUIs) to support user interactions. The correctness of these GUIs affects the overall quality of the systems, and thus, it is important that GUIs be tested. To support such testing, GUI test case generation techniques based on graph models such as event flow graphs (EFGs) have been used to generate test cases in the form of sequences of events. Models, however, are abstractions of dynamic behavior and may not accurately reflect actual system behavior, thus, test case generation techniques based on models may create nonexecutable test cases and miss important events. Test case generation techniques based on dynamic event extraction-based approaches, in contrast, may suffer less from these effects. As a consequence, we expect that the two approaches will differ in terms of cost and effectiveness. In this paper, we report the results of an empirical study comparing the cost and effectiveness of model-based and dynamic event extraction-based test case generation approaches. Our results show that event extraction-based approaches, though more expensive than model-based approaches, are indeed more effective in terms of their ability to achieve code coverage and to cover events, but at additional cost, with implications for both researchers and practitioners.","PeriodicalId":172003,"journal":{"name":"2012 IEEE 23rd International Symposium on Software Reliability Engineering","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121626916","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
The Nature of the Times to Flight Software Failure during Space Missions 航天任务中飞行软件故障的时代性质
2012 IEEE 23rd International Symposium on Software Reliability Engineering Pub Date : 2012-11-01 DOI: 10.1109/ISSRE.2012.32
Javier Alonso, Michael Grottke, A. Nikora, Kishor S. Trivedi
{"title":"The Nature of the Times to Flight Software Failure during Space Missions","authors":"Javier Alonso, Michael Grottke, A. Nikora, Kishor S. Trivedi","doi":"10.1109/ISSRE.2012.32","DOIUrl":"https://doi.org/10.1109/ISSRE.2012.32","url":null,"abstract":"The growing complexity of mission-critical space mission software makes it prone to suffer failures during operations. The success of space missions depends on the ability of the systems to deal with software failures, or to avoid them in the first place. In order to develop more effective mitigation techniques, it is necessary to understand the nature of the failures and the underlying software faults. Based on their characteristics, software faults can be classified into Bohrbugs, non-aging-related Mandelbugs, and aging-related bugs. Each type of fault requires different kinds of mitigation techniques. While Bohrbugs are usually easy to fix during development or testing, this is not the case for non-aging-related Mandelbugs and aging-related bugs due to their inherent complexity. Systems need mechanisms like software restart, software replication or software rejuvenation to deal with failures caused by these faults during the operational phase. In a previous study, we classified space mission flight software faults into the three above-mentioned categories based on problems reported during operations. That study concentrated on the percentages of the faults of each type and the variation of these percentages within and across different missions. This paper extends that work by exploring the nature of the times to software failure due to Bohrbugs and non-aging-related Mandelbugs for eight JPL/NASA missions. We start by applying trend tests to the times to failure to check if there is any reliability growth (or decay) for each type of failure. For those times to failure sequences with no trend, we fit distributions to the data sets and carry out goodness-of-fit tests. The results will be used to guide the development of improved operational failure mitigation techniques, thereby increasing the reliability of space mission software.","PeriodicalId":172003,"journal":{"name":"2012 IEEE 23rd International Symposium on Software Reliability Engineering","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-11-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134011218","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Speculative Symbolic Execution 思辨符号执行
2012 IEEE 23rd International Symposium on Software Reliability Engineering Pub Date : 2012-05-22 DOI: 10.1109/ISSRE.2012.8
Yufeng Zhang, Zhenbang Chen, Ji Wang
{"title":"Speculative Symbolic Execution","authors":"Yufeng Zhang, Zhenbang Chen, Ji Wang","doi":"10.1109/ISSRE.2012.8","DOIUrl":"https://doi.org/10.1109/ISSRE.2012.8","url":null,"abstract":"Symbolic execution is an effective path oriented and constraint based program analysis technique. Recently, there is a significant development in the research and application of symbolic execution. However, symbolic execution still suffers from the scalability problem in practice, especially when applied to large-scale or very complex programs. In this paper, we propose a new fashion of symbolic execution, named Speculative Symbolic Execution (SSE), to speed up symbolic execution by reducing the invocation times of constraint solver. In SSE, when encountering a branch statement, the search procedure may speculatively explore the branch without regard to the feasibility. Constraint solver is invoked only when the speculated branches are accumulated to a specified number. In addition, we present a key optimization technique that enhances SSE greatly. We have implemented SSE and the optimization technique on Symbolic Pathfinder (SPF). Experimental results on six programs show that, our method can reduce the invocation times of constraint solver by 20.7% to 48.7% (with an average of 29.9%), and save the search time from 23.6% to 43.6% (with an average of 30%).","PeriodicalId":172003,"journal":{"name":"2012 IEEE 23rd International Symposium on Software Reliability Engineering","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2012-05-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133413465","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信