Junpeng Jiang, Mingyue Jiang, Liming Nie, Zuohua Ding
{"title":"A source model simplification method to assist model transformation debugging","authors":"Junpeng Jiang, Mingyue Jiang, Liming Nie, Zuohua Ding","doi":"10.1007/s11219-024-09676-2","DOIUrl":"https://doi.org/10.1007/s11219-024-09676-2","url":null,"abstract":"","PeriodicalId":21827,"journal":{"name":"Software Quality Journal","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"141101157","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Automated SC-MCC test case generation using coverage-guided fuzzing","authors":"Monika Rani Golla, Sangharatna Godboley","doi":"10.1007/s11219-024-09667-3","DOIUrl":"https://doi.org/10.1007/s11219-024-09667-3","url":null,"abstract":"<p>One of the main objectives of testing is to achieve adequate code coverage. Modern code coverage standards suggest MC/DC (Modified Condition/Decision Coverage) instead of MCC (Multiple Condition Coverage) due to its ability to generate a feasible number of test cases. In contrast to the MC/DC, which only takes independent pairs into consideration, the MCC often considers each and every test case. In our work, we suggest SC-MCC, i.e., MCC with Short-Circuit. The key aspect of this paper is to demonstrate the effectiveness of SC-MCC-based test cases compared to MC/DC using Coverage-Guided Fuzzing (CGF) technique. In this work, we have considered American Fuzzy Lop (AFL) tool to generate both the SC-MCC and MC/DC test cases for 54 RERS benchmark programs. As part of this paper, we propose unique goal constraint generation and fuzz-instrumentation techniques that help in mitigating the masking problem of AFL. Subsequently, we performed mutation testing by employing the GCOV tool and computed the mutation score in order to evaluate the quality of the generated test cases. Finally, based on our observations, SC-MCC has performed better for over 85% of the programs taken into consideration.</p>","PeriodicalId":21827,"journal":{"name":"Software Quality Journal","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140939100","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"CLOUD-QM: a quality model for benchmarking cloud-based enterprise information systems","authors":"Umut Şener, Ebru Gökalp, P. Erhan Eren","doi":"10.1007/s11219-024-09669-1","DOIUrl":"https://doi.org/10.1007/s11219-024-09669-1","url":null,"abstract":"<p>Organizations are increasingly migrating from on-premise enterprise information systems (EIS) to cloud products due to cloud computing benefits, such as flexibility, elasticity, and on-demand service. However, identifying the most suitable option becomes challenging with the proliferation of Cloud-EIS solutions in the market. To address this challenge, this study introduces a novel quality model named Cloud-QM, based on ISO/IEC 250nn standards. It diagnoses the quality of Cloud-EIS products, benchmarks available options, and identifies the most suitable choice for the organization. Cloud-QM comprises 10 main dimensions, 33 sub-dimensions, and corresponding metrics for a systematic quality assessment. Furthermore, the practical use of Cloud-QM is illustrated through a case study that evaluates two substitute Cloud-EIS products. The results from the case study highlight the effectiveness of Cloud-QM in enabling decision-makers to delve into the quality dimensions and facilitate the selection of the most suitable product for their organizations. The main contributions are as follows: (1) proposing a comprehensive and hierarchically structured quality model for Cloud-EIS products; (2) offering a quantifiable and standardized assessment approach through a set of metrics for quality evaluation; and (3) demonstrating applicability and usability of Cloud-QM by benchmarking Cloud-EIS products.</p>","PeriodicalId":21827,"journal":{"name":"Software Quality Journal","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140939288","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"KAD: a knowledge formalization-based anomaly detection approach for distributed systems","authors":"Xinjie Wei, Chang-ai Sun, Xiao-Yi Zhang","doi":"10.1007/s11219-024-09670-8","DOIUrl":"https://doi.org/10.1007/s11219-024-09670-8","url":null,"abstract":"<p>Large-scale distributed systems are becoming key engines of the IT industry due to their scalability and extensibility. A distributed system often involves numerous complex interactions among components, suffering anomalies such as data inconsistencies between components and unanticipated delays in response times. Existing anomaly detection techniques, which extract knowledge from system logs using either statistical or machine learning techniques, exhibit limitations. Statistical techniques often miss implicit anomalies that are related to complex interactions manifested by logs, whereas machine learning techniques lack explainability and they are usually sensitive to log variations. In this paper, we propose KAD, a knowledge formalization-based anomaly detection approach for distributed systems. KAD includes a general knowledge description language (KDL), leveraging the general structure of system logs and extended Backus-Naur form (EBNF) for complex knowledge extraction. Particularly, the semantic set is constructed based on the bidirectional encoder representation from the transformer (BERT) model to improve the expressive capabilities of KDL in knowledge description. In addition, KAD incorporates distributed scheduling computation module to improve the efficiency of anomaly detection processes. Experimental results based on two widely used benchmarks show that KAD can accurately describe the knowledge associated with anomalies, with a high F1-score in detecting various anomaly types.</p>","PeriodicalId":21827,"journal":{"name":"Software Quality Journal","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-05-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140939196","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Stefan Karlsson, John Hughes, Robbert Jongeling, Adnan Čaušević, Daniel Sundmark
{"title":"Exploring API behaviours through generated examples","authors":"Stefan Karlsson, John Hughes, Robbert Jongeling, Adnan Čaušević, Daniel Sundmark","doi":"10.1007/s11219-024-09668-2","DOIUrl":"https://doi.org/10.1007/s11219-024-09668-2","url":null,"abstract":"<p>Understanding the behaviour of a system’s API can be hard. Giving users access to <i>relevant</i> examples of how an API behaves has been shown to make this easier for them. In addition, such examples can be used to verify expected behaviour or identify unwanted behaviours. Methods for automatically generating examples have existed for a long time. However, state-of-the-art methods rely on either white-box information, such as source code, or on formal specifications of the system behaviour. But what if you do not have access to either? This may be the case, for example, when interacting with a third-party API. In this paper, we present an approach to automatically generate relevant examples of behaviours of an API, without requiring either source code or a formal specification of behaviour. Evaluation on an industry-grade REST API shows that our method can produce small and relevant examples that can help engineers to understand the system under exploration.</p>","PeriodicalId":21827,"journal":{"name":"Software Quality Journal","volume":null,"pages":null},"PeriodicalIF":1.9,"publicationDate":"2024-04-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"140798909","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":3,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}