发布求助
文献互助 智能选刊 最新文献

Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering最新文献

筛选
英文 中文
Automatic Software Timing Attack Evaluation & Mitigation on Clear Hardware Assumption 基于明确硬件假设的自动软件定时攻击评估与缓解
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559516
Prabuddha Chakraborty
{"title":"Automatic Software Timing Attack Evaluation & Mitigation on Clear Hardware Assumption","authors":"Prabuddha Chakraborty","doi":"10.1145/3551349.3559516","DOIUrl":"https://doi.org/10.1145/3551349.3559516","url":null,"abstract":"Embedded systems are widely used for implementing diverse Internet-of-Things (IoT) applications. These applications often deal with secret/sensitive data and encryption keys which can potentially be leaked through timing side-channel analysis. Runtime-based timing side-channel attacks are performed by measuring the time a code takes to execute and using that information to extract sensitive data. Effectively detecting such vulnerabilities with high precision and low false positives is a challenging task due to the runtime dependence of software code on the underlying hardware. Effectively fixing such vulnerabilities with low overhead is also non-trivial due to the diverse nature of embedded systems. In this article, we propose an automatic runtime side channel vulnerability detection and mitigation framework that not only considers the software code but also use the underlying hardware architecture information to tune the framework for more accurate vulnerability detection and system-specific tailored mitigation.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"189 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115605734","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Boosting Spectrum-Based Fault Localization for Spreadsheets with Product Metrics in a Learning Approach 基于学习方法的产品度量提高电子表格基于频谱的故障定位
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559546
Adil Mukhtar, Birgit Hofer, D. Jannach, F. Wotawa, Konstantin Schekotihin
{"title":"Boosting Spectrum-Based Fault Localization for Spreadsheets with Product Metrics in a Learning Approach","authors":"Adil Mukhtar, Birgit Hofer, D. Jannach, F. Wotawa, Konstantin Schekotihin","doi":"10.1145/3551349.3559546","DOIUrl":"https://doi.org/10.1145/3551349.3559546","url":null,"abstract":"Faults in spreadsheets are not uncommon and they can have significant negative consequences in practice. Various approaches for fault localization were proposed in recent years, among them techniques that transferred ideas from spectrum-based fault localization (SFL) to the spreadsheet domain. Applying SFL to spreadsheets proved to be effective, but has certain limitations. Specifically, the constrained computational structures of spreadsheets may lead to large sets of cells that have the same assumed fault probability according to SFL and thus have to be inspected manually. In this work, we propose to combine SFL with a fault prediction method based on spreadsheet metrics in a machine learning (ML) approach. In particular, we train supervised ML models using two orthogonal types of features: (i) variables that are used to compute similarity coefficients in SFL and (ii) spreadsheet metrics that have shown to be good predictors for faulty formulas in previous work. Experiments with a widely-used corpus of faulty spreadsheets indicate that the combined model helps to significantly improve fault localization performance in terms of wasted effort and accuracy.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115657689","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
WebMonitor: Verification of Web User Interfaces WebMonitor:验证Web用户界面
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559538
Ennio Visconti, Christos Tsigkanos, L. Nenzi
{"title":"WebMonitor: Verification of Web User Interfaces","authors":"Ennio Visconti, Christos Tsigkanos, L. Nenzi","doi":"10.1145/3551349.3559538","DOIUrl":"https://doi.org/10.1145/3551349.3559538","url":null,"abstract":"Application development for the modern Web involves sophisticated engineering workflows which include user interface aspects. Those involve Web elements typically created with HTML/CSS markup and JavaScript-like languages, yielding Web documents. WebMonitor leverages requirements formally specified in a logic able to capture both the layout of visual components as well as how they change over time, as a user interacts with them. Then, requirements are verified upon arbitrary web pages, allowing for automated support for a wide set of use cases in interaction testing and simulation. We position WebMonitor within a developer workflow, where in case of a negative result, a visual counterexample is returned. The monitoring framework we present follows a black-box approach, and as such is independent of the underlying technologies a Web application may be developed with, as well as the browser and operating system used. WebMonitoris available as open source software: https://github.com/ennioVisco/webmonitor Video demonstration of WebMonitor: https://youtu.be/hqVw0JU3k9c","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122869937","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Towards Understanding the Runtime Performance of Rust 理解Rust的运行时性能
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559494
Yuchen Zhang, Yunhang Zhang, G. Portokalidis, Jun Xu
{"title":"Towards Understanding the Runtime Performance of Rust","authors":"Yuchen Zhang, Yunhang Zhang, G. Portokalidis, Jun Xu","doi":"10.1145/3551349.3559494","DOIUrl":"https://doi.org/10.1145/3551349.3559494","url":null,"abstract":"Rust is a young systems programming language, but it has gained tremendous popularity thanks to its assurance of memory safety. However, the performance of Rust has been less systematically understood, although many people are claiming that Rust is comparable to C/C++ regarding efficiency. In this paper, we aim to understand the performance of Rust, using C as the baseline. First, we collect a set of micro benchmarks where each program is implemented with both Rust and C. To ensure fairness, we manually validate that the Rust version and the C version implement the identical functionality using the same algorithm. Our measurement based on the micro benchmarks shows that Rust is in general slower than C, but the extent of the slowdown varies across different programs. On average, Rust brings a 1.77x “performance overhead” compared to C. Second, we dissect the root causes of the overhead and unveil that it is primarily incurred by run-time checks inserted by the compiler and restrictions enforced by the language design. With the run-time checks disabled and the restrictions loosened, Rust presents a performance indistinguishable from C.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"66 2","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114036941","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
StandUp4NPR: Standardizing SetUp for Empirically Comparing Neural Program Repair Systems 标准化设置经验比较神经程序修复系统
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3556943
Wenkang Zhong, Hongliang Ge, Hongfei Ai, Chuanyi Li, Kui Liu, Jidong Ge, B. Luo
{"title":"StandUp4NPR: Standardizing SetUp for Empirically Comparing Neural Program Repair Systems","authors":"Wenkang Zhong, Hongliang Ge, Hongfei Ai, Chuanyi Li, Kui Liu, Jidong Ge, B. Luo","doi":"10.1145/3551349.3556943","DOIUrl":"https://doi.org/10.1145/3551349.3556943","url":null,"abstract":"Recently, the emerging trend in automatic program repair is to apply deep neural networks to generate fixed code from buggy ones, called NPR (Neural Program Repair). However, the existing NPR systems are trained and evaluated under very different settings (e.g., different training data, inconsistent evaluation data, wide-ranged candidate numbers), which makes it hard to draw fair-enough conclusions when comparing them. Motivated by this, we first build a standard benchmark dataset and an extensive framework tool to mitigate threats for the comparison. The dataset consists of a training set, a validation set and an evaluation set with 144,641, 13,739 and 13,706 bug-fix pairs of Java respectively. The tool supports selecting specific training, validation, and evaluation datasets and automatically conducting the pipeline of training and evaluating NPR models, as well as easily integrating new NPR models by implementing well-defined interfaces. Then, based on the benchmark and tool, we conduct a comprehensive empirical comparison of six SOTA NPR systems w.r.t the repairability, inclination and generalizability. The experimental results reveal deeper characteristics of compared NPR systems and subvert some existing comparative conclusions, which further verify the necessity of unifying the experimental setups in exploring the progresses of NPR systems. Meanwhile, we reveal some common features of NPR systems (e.g., they are good at dealing with code-delete bugs). Finally, we identify some promising research directions derived from our findings.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114273411","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
A Framework for Testing Chemical Reaction Networks 测试化学反应网络的框架
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559562
Michael C. Gerten
{"title":"A Framework for Testing Chemical Reaction Networks","authors":"Michael C. Gerten","doi":"10.1145/3551349.3559562","DOIUrl":"https://doi.org/10.1145/3551349.3559562","url":null,"abstract":"The use of non-traditional computing devices is growing rapidly. One paradigm of interest is chemical reaction networks (CRNs) which can model and use chemical interactions for computation. These CRNs are used to develop programs at the nanoscale for applications such as intelligent drug delivery. In practice, these programs are developed in simulation environments, and then compiled into physical systems. A challenge when designing CRNs for computation is the lack of techniques to verify and validate correctness. In this work, we adapt software testing and repair techniques for use in this domain. In initial work, we designed a testing framework to handle the challenges presented by CRN programs; this includes distributed computation and stochastic behavior. We extended this framework to implement automated program repair of CRN models and automated test generation via program invariants. For future work, we will develop a notion of fault localization for these programs, develop a theory of mutation generation, and address issues regarding flakiness present in this computing paradigm.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122080789","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
ICEBAR: Feedback-Driven Iterative Repair of Alloy Specifications 反馈驱动的合金规格迭代修复
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3556944
Simón Gutiérrez Brida, Germán Regis, Guolong Zheng, H. Bagheri, Thanhvu Nguyen, Nazareno Aguirre, M. Frias
{"title":"ICEBAR: Feedback-Driven Iterative Repair of Alloy Specifications","authors":"Simón Gutiérrez Brida, Germán Regis, Guolong Zheng, H. Bagheri, Thanhvu Nguyen, Nazareno Aguirre, M. Frias","doi":"10.1145/3551349.3556944","DOIUrl":"https://doi.org/10.1145/3551349.3556944","url":null,"abstract":"Automated program repair (APR) techniques have shown great success in automatically finding fixes for programs in programming languages such as C or Java. In this work, we focus on repairing formal specifications, in particular for the Alloy specification language. As opposed to most APR tools, our approach to repair Alloy specifications, named ICEBAR, does not use test-based oracles for patch assessment. Instead, ICEBAR relies on the use of property-based oracles, commonly found in Alloy specifications as predicates and assertions. These property-based oracles define stronger conditions for patch assessment, thus reducing the notorious overfitting issue caused by using test-based oracles, typically observed in APR contexts. Moreover, as assertions and predicates are inherent to Alloy, whereas test cases are not, our tool is potentially more appealing to Alloy users than test-based Alloy repair tools. At a high level, ICEBAR is an iterative, counterexample-based process, that generates and validates repair candidates. ICEBAR receives a faulty Alloy specification with a failing property-based oracle, and uses Alloy’s counterexamples to build tests and feed ARepair, a test-based Alloy repair tool, in order to produce a repair candidate. The candidate is then checked against the property oracle for overfitting: if the candidate passes, a repair has been found; if not, further counterexamples are generated to construct tests and enhance the test suite, and the process is iterated. ICEBAR includes different mechanisms, with different degrees of reliability, to generate counterexamples from failing predicates and assertions. Our evaluation shows that ICEBAR significantly improves over ARepair, in both reducing overfitting and improving the repair rate. Moreover, ICEBAR shows that iterative refinement allows us to significantly improve a state-of-the-art tool for automated repair of Alloy specifications without any modifications to the tool.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"273 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129781564","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
MCDA Framework for Edge-Aware Multi-Cloud Hybrid Architecture Recommendation 边缘感知多云混合架构的MCDA框架推荐
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559501
Manish Ahuja, Narendranath Sukhavasi, S. Choudhury, Kalpataru Das, Kapil Singi, Kuntal Dey, Vikrant S. Kaulgud
{"title":"MCDA Framework for Edge-Aware Multi-Cloud Hybrid Architecture Recommendation","authors":"Manish Ahuja, Narendranath Sukhavasi, S. Choudhury, Kalpataru Das, Kapil Singi, Kuntal Dey, Vikrant S. Kaulgud","doi":"10.1145/3551349.3559501","DOIUrl":"https://doi.org/10.1145/3551349.3559501","url":null,"abstract":"Deploying applications on hybrid clouds with computational artifacts distributed over public backends and private edges involve several constraints. Designing such deployment requires application architects to solve several challenges, spanning over hard regulatory policy constraints as well as business policy constraints such as enablement of privacy by on-prem processing of data to the extent the business wants, backend support of privacy enabling technologies (PET), sustainability in terms of green energy utilization, latency sensitivity of the application. In this paper, we propose to optimize hybrid cloud application architectures, while taking all those factors into consideration, and empirically demonstrate the effectiveness of our approach. To the best of our knowledge, this work is the first of its kind.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125139845","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Morest: Industry Practice of Automatic RESTful API Testing 自动化RESTful API测试的行业实践
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3559498
Yi Liu, Yuekang Li, Yang Liu, Ruiyuan Wan, Runchao Wu, Qingkun Liu
{"title":"Morest: Industry Practice of Automatic RESTful API Testing","authors":"Yi Liu, Yuekang Li, Yang Liu, Ruiyuan Wan, Runchao Wu, Qingkun Liu","doi":"10.1145/3551349.3559498","DOIUrl":"https://doi.org/10.1145/3551349.3559498","url":null,"abstract":"Many big companies are providing cloud services through RESTful APIs nowadays. With the growing popularity of RESTful API, testing RESTful API becomes crucial. To address this issue, researchers have proposed several automatic RESTful API testing techniques. At Huawei, we design and implement an automatic RESTful API testing framework named Morest. Morest has been used to test ten RESTful API services and helped to detected 83 previously unknown bugs which were all confirmed and fixed by the developers. On one hand, we find that Morest shows great capability of detecting bugs in RESTful API s. On the other hand, we also notice that human effort is inevitable and important when applying automatic RESTful API techniques in practice. In this paper, we focus on discussing the industry practice of using automatic RESTful API testing techniques. We share our experience of building automatic RESTful API testing pipelines. Furthermore, we find that manual effort is essential for maintaining RESTful API specifications to increase the level of automation as well as generating regression test cases.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"120958972","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Scenario Distribution Model for Effective and Efficient Testing of Autonomous Driving Systems 面向自动驾驶系统高效测试的场景分布模型
Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering Pub Date : 2022-10-10 DOI: 10.1145/3551349.3563239
Qunying Song, P. Runeson, Stefan Persson
{"title":"A Scenario Distribution Model for Effective and Efficient Testing of Autonomous Driving Systems","authors":"Qunying Song, P. Runeson, Stefan Persson","doi":"10.1145/3551349.3563239","DOIUrl":"https://doi.org/10.1145/3551349.3563239","url":null,"abstract":"While autonomous driving systems are expected to change future means of mobility and reduce road accidents, understanding intensive and complex traffic situations is essential to enable testing of such systems under realistic traffic conditions. Particularly, we need to cover more relevant driving scenarios in the test. However, we do not want to spend time and resources testing useless scenarios that never happen in the real road traffic. In this work, we propose a new model that defines the distribution of scenarios using TTC (Time-to-Collision) for the vehicle–pedestrian interactions at unsignalized crossings based on the traffic density. The scenario distribution can be used as an input for test scenario generation and selection. We validate the model using real traffic data collected in Sweden and the result indicates that the model is effective and consistently upholds the real distribution, especially for critical scenarios with TTC less than 3 seconds. We also demonstrate the use of the model by connecting it to the testing of an auto-braking function from the industry. As a first step, our contribution is a model that predicts the worst-case distribution of scenarios using TTC and provides a mandatory input for testing autonomous driving systems.","PeriodicalId":197939,"journal":{"name":"Proceedings of the 37th IEEE/ACM International Conference on Automated Software Engineering","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-10-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114878594","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信