2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)最新文献

{"title":"Arguing safety of an improved autonomous vehicle from safe operation before the change: new results","authors":"Robab Aghazadeh Chakherlou, K. Salako, L. Strigini","doi":"10.1109/ISSREW55968.2022.00085","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00085","url":null,"abstract":"Autonomous vehicles (AVs) are gradually appearing on the roads. However, how to demonstrate their safety is still under debate. While operational testing seems essential for building confidence in AV safety, the amount of testing required can be prohibitively expensive. Additionally, current AV s evolve continuously and are used in a changing set of environmentsRepeating substantial operational testing for each new AV version, or new use of an AV, seems unaffordable. Therefore, the idea of applying operational experience from before such a change towards claims of safety after the change is attractive. We present new results, addressing the frequent case in which a new version of the AV can be proved to be safer than a previous one, bar major errors in design or analysis assumptions. Mathematically, our new solution applies to all those scenarios in which the new version or environment is, with high probability, no less safe than the old one “no matter how safe the old one was”. We call this scenario “unconditional improvement” (UI). Various previous papers addressed related scenarios in which there is some confidence that the change has improved, or at least not degraded, safety, but they solved the problem under weaker conditions: our new results substantially improve the safety claims that can be supported, especially for operation soon after the change.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125443363","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Programming Language Evaluation Criteria for Safety-Critical Software in the Air Domain","authors":"Rob Ashmore, Andrew Howe, Rhiannon Chilton, Shamal Faily","doi":"10.1109/ISSREW55968.2022.00072","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00072","url":null,"abstract":"Safety-critical software in the air domain typically conforms to RTCA DO-178C. However, latent failures might arise based on assumptions underpinning the programming language used to write the software, whereas the lack of empirical data may constrain the selection of a promising but untested language. To overcome this difficulty, we propose evaluation criteria drawn from RTCA DO-178C, to help quickly review the potential applicability of programming languages in the air domain. We illustrate the constraints by using them to evaluate the suitability of the Rust programming language.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"35 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125515582","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Markov Regenerative Model of Software Rejuvenation Beyond the Enabling Restriction","authors":"L. Carnevali, Marco Paolieri, R. Reali, Leonardo Scommegna, E. Vicario","doi":"10.1109/ISSREW55968.2022.00060","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00060","url":null,"abstract":"Software rejuvenation is a proactive maintenance technique that counteracts software aging by restarting a system or some of its components. We present a non-Markovian model of software rejuvenation where the underlying stochastic process is a Markov Regenerative Process (MRGP) beyond the enabling restriction, i.e., beyond the restriction of having at most one general (GEN, i.e., non-exponential) timer enabled in each state. The use of multiple concurrent GEN timers allows more accurate fitting of duration distributions from observed statistics (e.g., mean and variance), as well as better model expressiveness, enabling the formulation of mixed rejuvenation strategies that combine time-triggered and event-triggered rejuvenation. We leverage the functions for regenerative analysis based on stochastic state classes of the ORIS tool (through its SIRIO library) to evaluate this class of models and to select the rejuvenation period achieving an optimal tradeoff between two steady-state metrics, availability and undetected failure probability. We also show that, when G EN timers are replaced by exponential timers with the same mean (to satisfy enabling restriction), transient and steady-state are affected, resulting in inaccurate rejuvenation policies.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126841638","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"IWSF & SHIFT 2022 Workshop Committee: ISSREW 2022","authors":"","doi":"10.1109/issrew55968.2022.00022","DOIUrl":"https://doi.org/10.1109/issrew55968.2022.00022","url":null,"abstract":"","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"40 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133538681","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A Survey on Autonomous Driving System Simulators","authors":"Jixiang Zhou, Yi Zhang, Shengjian Guo, Yan Guo","doi":"10.1109/ISSREW55968.2022.00084","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00084","url":null,"abstract":"Comprehensive and rigorous testing plays a critical role in ensuring the safety and reliability of automated driving systems (ADS), nonetheless, testing on the road is unsafe and costly. Simulation testing can solve the high cost and insecurity, but the performance of simulation testing is heavily dependent on, as well as limited by, the simulation platforms. This paper carries out an extensive comparison study on the commonly used simu-lation platforms in ADS testing. Advantages and disadvantages of the commonly used simulators such as CarSim, CarMaker and AirSim are compared from aspects like virtual environment generation, critical scenarios creation, types of supported sensor, as well as control of traffic participants.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115353380","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A systematic approach to develop an autopilot sensor monitoring system for autonomous delivery vehicles based on the STPA method","authors":"Guangshuang Ge, Liangliang Sun, Yanfu Li","doi":"10.1109/ISSREW55968.2022.00087","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00087","url":null,"abstract":"Autonomous delivery vehicles (ADVs) are derivatives of autonomous driving technology. With the rapid development of autonomous driving technology and the rapid rise in demand for terminal logistics and distribution, ADVs have gradually entered commercial operation in many cities, thus it brings higher requirements to the reliability of ADVs. Because of bill of material (BOM) cost pressure, most autopilot sensors and domain controllers of ADVs are not strictly follow passenger vehicle standards and regulations, the ADVs' reliability is very critical. The traditional methods of process hazard analysis (PHA) e.g. HAZOPs, FMEAs, FT A, etc., use a system divide approach. The to be analyzed system is breaking down into component level, and the risks or hazard of each component are analyzed separately. The two important assumptions of the traditional methods are: 1. the system's properties are not changed when it is broken down into component level; 2. the accidents are caused by component failures. However, in an ADV, the system becomes complex since the system effects may be missed, and this assumption is questionable; further, an ADV accidents can happen even there is no component failure. The system level hazard analysis cannot be fully determined only at the component level, but out of interactions of systems. Systems Theoretic Process Analysis (STP A) is a structured system level approach to analyze hazard. Based on the premise that accidents happen when the control is inadequate or lost, STPA approach decodes hazards related not only to component failures, but also to design errors, flawed controller requirements, interaction failures, human errors, and other errors. In this paper, the STPA method is used to analyze various risks and hazards of ADVs, and finally construct an abnormality monitoring system for autonomous driving sensors. Engineering practice shows that this method can effectively monitor the abnormality of sensor data links.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"123 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117322444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Prevalence of continuous integration failures in industrial systems with hardware-in-the-loop testing","authors":"H. Fu, Sigrid Eldh, Kristian Wiklund, Andreas Ermedahl, Cyrille Artho","doi":"10.1109/ISSREW55968.2022.00040","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00040","url":null,"abstract":"Faults in the automated continuous integration (CI) process can seriously impact the development of industrial code. To reduce manual intervention in automated CI processes, we want to understand better the CI systems' failure distribution to improve efficiency, reliability, and maintainability. This paper investigates failures in CI in four large industrial projects. We gather 11 731 builds over six months, identifying 1 414 failing builds. We also identify the distribution of different types of build failures in each of the four CI projects. Our results show that compilation is the most significant individual cause of failure with 47 %, followed by testing at 36 %. The checkout step with associated checks also incurs a non-negligible portion of failures with 12 %. Furthermore, we identify 14 distinct types of failures in the testing step. We conclude that configuration problems are a significant issue, as pipeline scripting and dependency errors make up a large number of failures.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122083195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"VulDeBERT: A Vulnerability Detection System Using BERT","authors":"Soolin Kim, Jusop Choi, Muhammad Ejaz Ahmed, Surya Nepal, Hyoungshick Kim","doi":"10.1109/ISSREW55968.2022.00042","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00042","url":null,"abstract":"Deep learning technologies recently received much attention to detect vulnerable code patterns accurately. This paper proposes a new deep learning-based vulnerability detection tool dubbed VulDeBERT by fine-tuning a pre-trained language model, Bidirectional Encoder Representations from Transformers (BERT), on the vulnerable code dataset. To support VulDeBERT, we develop a new code analysis tool to extract well-represented abstract code fragments from C and C++ source code. The experimental results show that VulDeBERT outperforms the state-of-the-art tool, VulDeePecker [1] for two security vul- nerability types (CWE-119 and CWE-399). For the CWE-119 dataset, VulDeBERT achieved an Fl score of 94.6 %, which is significantly better than VulDeePecker, achieving an Fl score of 86.6 % in the same settings. Again, for the CWE-399 dataset, VulDeBERT achieved an Fl score of 97.9 %, which is also better than VulDeePecker, achieving an Fl score of 95 % in the same settings.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122638535","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"RSDA 2022 Workshop Committee: ISSREW 2022","authors":"","doi":"10.1109/issrew55968.2022.00019","DOIUrl":"https://doi.org/10.1109/issrew55968.2022.00019","url":null,"abstract":"","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128428426","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Combinatorial Coverage for Assured Autonomy","authors":"D. Kuhn, M. Raunak, R. Kacker","doi":"10.1109/ISSREW55968.2022.00092","DOIUrl":"https://doi.org/10.1109/ISSREW55968.2022.00092","url":null,"abstract":"With the advancement of Artificial Intelligence and Ma-chine Learning (AI/ML), we are observing a rapid increase of autonomous systems in safety-critical domains, such as smart medical equipment, self-driving vehicles, and unmanned aircraft. These systems are required to be made ultra reliable using state of the art verification and validation methodologies. Existing verification, validation, and assurance efforts, such as DO-178C guidance for avionics software, depend on structural coverage based testing, such as MC/DC coverage. Such structural coverage criteria require that test cases are chosen to ensure that a specified level of statements, decisions, and paths are systematically exercised. Neural network and other machine learning based systems, however, are not well suited to be tested with such structural coverage dependent criteria [1], [2]. This is because the performance of machine learning functions such as neural networks depends on the data used to train and test the model, rather than in specifically coded behavior. Behaviors of such systems will change depending on inputs used in the training.","PeriodicalId":178302,"journal":{"name":"2022 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"287 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121646372","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}