发布求助
文献互助 智能选刊 最新文献

Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering最新文献

筛选
英文 中文
Archie: a tool for detecting, monitoring, and preserving architecturally significant code Archie:用于检测、监视和保存架构上重要的代码的工具
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2661671
Mehdi Mirakhorli, Ahmed E. Fakhry, Artem Grechko, Mateusz Wieloch, J. Cleland-Huang
{"title":"Archie: a tool for detecting, monitoring, and preserving architecturally significant code","authors":"Mehdi Mirakhorli, Ahmed E. Fakhry, Artem Grechko, Mateusz Wieloch, J. Cleland-Huang","doi":"10.1145/2635868.2661671","DOIUrl":"https://doi.org/10.1145/2635868.2661671","url":null,"abstract":"The quality of a software architecture is largely dependent upon the underlying architectural decisions at the framework, tactic, and pattern levels. Decisions to adopt certain solutions determine the extent to which desired qualities such as security, availability, and performance are achieved in the delivered system. In this tool demo, we present our Eclipse plug-in named Archie as a solution for maintaining architectural qualities in the design and code despite long-term maintenance and evolution activities. Archie detects architectural tactics such as heartbeat, resource pooling, and role-based access control (RBAC) in the source code of a project; constructs traceability links between the tactics, design models, rationales and source code; and then uses these to monitor the environment for architecturally significant changes and to keep developers informed of underlying design decisions and their associated rationales.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126515182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
Counterexample guided abstraction refinement of product-line behavioural models 反例指导产品线行为模型的抽象细化
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2635919
Maxime Cordy, P. Heymans, Axel Legay, Pierre-Yves Schobbens, Bruno Dawagne, M. Leucker
{"title":"Counterexample guided abstraction refinement of product-line behavioural models","authors":"Maxime Cordy, P. Heymans, Axel Legay, Pierre-Yves Schobbens, Bruno Dawagne, M. Leucker","doi":"10.1145/2635868.2635919","DOIUrl":"https://doi.org/10.1145/2635868.2635919","url":null,"abstract":"The model-checking problem for Software Products Lines (SPLs) is harder than for single systems: variability constitutes a new source of complexity that exacerbates the state-explosion problem. Abstraction techniques have successfully alleviated state explosion in single-system models. However, they need to be adapted to SPLs, to take into account the set of variants that produce a counterexample. In this paper, we apply CEGAR (Counterexample-Guided Abstraction Refinement) and we design new forms of abstraction specifically for SPLs. We carry out experiments to evaluate the efficiency of our new abstractions. The results show that our abstractions, combined with an appropriate refinement strategy, hold the potential to achieve large reductions in verification time, although they sometimes perform worse. We discuss in which cases a given abstraction should be used.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114205622","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
RaPiD: a toolkit for reliability analysis of non-deterministic systems RaPiD:一个用于非确定性系统可靠性分析的工具包
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2661668
Lin Gui, Jun Sun, Yang Liu, Truong Khanh Nguyen, J. Dong
{"title":"RaPiD: a toolkit for reliability analysis of non-deterministic systems","authors":"Lin Gui, Jun Sun, Yang Liu, Truong Khanh Nguyen, J. Dong","doi":"10.1145/2635868.2661668","DOIUrl":"https://doi.org/10.1145/2635868.2661668","url":null,"abstract":"Non-determinism in concurrent or distributed software systems (i.e., various possible execution orders among different distributed components) presents new challenges to the existing reliability analysis methods based on Markov chains. In this work, we present a toolkit RaPiD for the reliability analysis of non-deterministic systems. Taking Markov decision process as reliability model, RaPiD can help in the analysis of three fundamental and rewarding aspects regarding software reliability. First, to have reliability assurance on a system, RaPiD can synthesize the overall system reliability given the reliability values of system components. Second, given a requirement on the overall system reliability, RaPiD can distribute the reliability requirement to each component. Lastly, RaPiD can identify the component that affects the system reliability most significantly. RaPiD has been applied to analyze several real-world systems including a financial stock trading system, a proton therapy control system and an ambient assisted living room system.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123723580","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Semantics-based obfuscation-resilient binary code similarity comparison with applications to software plagiarism detection 基于语义的抗混淆二进制代码相似度比较在软件剽窃检测中的应用
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2635900
Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, Sencun Zhu
{"title":"Semantics-based obfuscation-resilient binary code similarity comparison with applications to software plagiarism detection","authors":"Lannan Luo, Jiang Ming, Dinghao Wu, Peng Liu, Sencun Zhu","doi":"10.1145/2635868.2635900","DOIUrl":"https://doi.org/10.1145/2635868.2635900","url":null,"abstract":"Existing code similarity comparison methods, whether source or binary code based, are mostly not resilient to obfuscations. In the case of software plagiarism, emerging obfuscation techniques have made automated detection increasingly difficult. In this paper, we propose a binary-oriented, obfuscation-resilient method based on a new concept, longest common subsequence of semantically equivalent basic blocks, which combines rigorous program semantics with longest common subsequence based fuzzy matching. We model the semantics of a basic block by a set of symbolic formulas representing the input-output relations of the block. This way, the semantics equivalence (and similarity) of two blocks can be checked by a theorem prover. We then model the semantics similarity of two paths using the longest common subsequence with basic blocks as elements. This novel combination has resulted in strong resiliency to code obfuscation. We have developed a prototype and our experimental results show that our method is effective and practical when applied to real-world software.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126025684","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 194
On the localness of software 关于软件的局部性
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2635875
Zhaopeng Tu, Z. Su, Premkumar T. Devanbu
{"title":"On the localness of software","authors":"Zhaopeng Tu, Z. Su, Premkumar T. Devanbu","doi":"10.1145/2635868.2635875","DOIUrl":"https://doi.org/10.1145/2635868.2635875","url":null,"abstract":"The n-gram language model, which has its roots in statistical natural language processing, has been shown to successfully capture the repetitive and predictable regularities (“naturalness\") of source code, and help with tasks such as code suggestion, porting, and designing assistive coding devices. However, we show in this paper that this natural-language-based model fails to exploit a special property of source code: localness. We find that human-written programs are localized: they have useful local regularities that can be captured and exploited. We introduce a novel cache language model that consists of both an n-gram and an added “cache\" component to exploit localness. We show empirically that the additional cache component greatly improves the n-gram approach by capturing the localness of software, as measured by both cross-entropy and suggestion accuracy. Our model’s suggestion accuracy is actually comparable to a state-of-the-art, semantically augmented language model; but it is simpler and easier to implement. Our cache language model requires nothing beyond lexicalization, and thus is applicable to all programming languages.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134067098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 236
Apposcopy: semantics-based detection of Android malware through static analysis Apposcopy:通过静态分析基于语义的Android恶意软件检测
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2635869
Yu Feng, Saswat Anand, Işıl Dillig, A. Aiken
{"title":"Apposcopy: semantics-based detection of Android malware through static analysis","authors":"Yu Feng, Saswat Anand, Işıl Dillig, A. Aiken","doi":"10.1145/2635868.2635869","DOIUrl":"https://doi.org/10.1145/2635868.2635869","url":null,"abstract":"We present Apposcopy, a new semantics-based approach for identifying a prevalent class of Android malware that steals private user information. Apposcopy incorporates (i) a high-level language for specifying signatures that describe semantic characteristics of malware families and (ii) a static analysis for deciding if a given application matches a malware signature. The signature matching algorithm of Apposcopy uses a combination of static taint analysis and a new form of program representation called Inter-Component Call Graph to efficiently detect Android applications that have certain control- and data-flow properties. We have evaluated Apposcopy on a corpus of real-world Android applications and show that it can effectively and reliably pinpoint malicious applications that belong to certain malware families.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"25 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132316199","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 447
Detecting energy bugs and hotspots in mobile apps 检测移动应用程序中的能量漏洞和热点
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2635871
Abhijeet Banerjee, Lee Kee Chong, Sudipta Chattopadhyay, Abhik Roychoudhury
{"title":"Detecting energy bugs and hotspots in mobile apps","authors":"Abhijeet Banerjee, Lee Kee Chong, Sudipta Chattopadhyay, Abhik Roychoudhury","doi":"10.1145/2635868.2635871","DOIUrl":"https://doi.org/10.1145/2635868.2635871","url":null,"abstract":"Over the recent years, the popularity of smartphones has increased dramatically. This has lead to a widespread availability of smartphone applications. Since smartphones operate on a limited amount of battery power, it is important to develop tools and techniques that aid in energy-efficient application development. Energy inefficiencies in smartphone applications can broadly be categorized into energy hotspots and energy bugs. An energy hotspot can be described as a scenario where executing an application causes the smartphone to consume abnormally high amount of battery power, even though the utilization of its hardware resources is low. In contrast, an energy bug can be described as a scenario where a malfunctioning application prevents the smartphone from becoming idle, even after it has completed execution and there is no user activity. In this paper, we present an automated test generation framework that detects energy hotspots/bugs in Android applications. Our framework systematically generates test inputs that are likely to capture energy hotspots/bugs. Each test input captures a sequence of user interactions (e.g. touches or taps on the smartphone screen) that leads to an energy hotspot/bug in the application. Evaluation with 30 freely-available Android applications from Google Play/F-Droid shows the efficacy of our framework in finding hotspots/bugs. Manual validation of the experimental results shows that our framework reports reasonably low number of false positives. Finally, we show the usage of the generated results by improving the energy-efficiency of some Android applications.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"65 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131471262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 193
Dealing with uncertainty in verification of nondeterministic systems 不确定性系统验证中的不确定性处理
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2666598
Yamilet R. Serrano Llerena
{"title":"Dealing with uncertainty in verification of nondeterministic systems","authors":"Yamilet R. Serrano Llerena","doi":"10.1145/2635868.2666598","DOIUrl":"https://doi.org/10.1145/2635868.2666598","url":null,"abstract":"Uncertainty complicates the formal verification of nondeterministic systems. Unpredictable changes and alterations in their environments can lead an invalid verification results and the decrease of confidence degree of these systems. However, current literature provides little account of addressing the uncertainty in formal verification. To address this problem, the goal of this research is to provide a method based on perturbation analysis for probabilistic model checking of nondeterministic systems which are modelled as Markov Decision Processes. And to apply our expected contributions to ubiquitous systems due to inherent presence of environment uncertainty and their resource limitations.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"144 12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129525409","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Mining preconditions of APIs in large-scale code corpus 大规模代码语料库中api的前提条件挖掘
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2635924
H. Nguyen, Robert Dyer, T. Nguyen, Hridesh Rajan
{"title":"Mining preconditions of APIs in large-scale code corpus","authors":"H. Nguyen, Robert Dyer, T. Nguyen, Hridesh Rajan","doi":"10.1145/2635868.2635924","DOIUrl":"https://doi.org/10.1145/2635868.2635924","url":null,"abstract":"Modern software relies on existing application programming interfaces (APIs) from libraries. Formal specifications for the APIs enable many software engineering tasks as well as help developers correctly use them. In this work, we mine large-scale repositories of existing open-source software to derive potential preconditions for API methods. Our key idea is that APIs’ preconditions would appear frequently in an ultra-large code corpus with a large number of API usages, while project-specific conditions will occur less frequently. First, we find all client methods invoking APIs. We then compute a control dependence relation from each call site and mine the potential conditions used to reach those call sites. We use these guard conditions as a starting point to automatically infer the preconditions for each API. We analyzed almost 120 million lines of code from SourceForge and Apache projects to infer preconditions for the standard Java Development Kit (JDK) library. The results show that our technique can achieve high accuracy with recall from 75–80% and precision from 82–84%. We also found 5 preconditions missing from human written specifications. They were all confirmed by a specification expert. In a user study, participants found 82% of the mined preconditions as a good starting point for writing specifications. Using our mining result, we also built a benchmark of more than 4,000 precondition-related bugs.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116575306","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 72
Are mutants a valid substitute for real faults in software testing? 突变是软件测试中真实错误的有效替代品吗?
Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering Pub Date : 2014-11-11 DOI: 10.1145/2635868.2635929
René Just, D. Jalali, Laura Inozemtseva, Michael D. Ernst, Reid Holmes, G. Fraser
{"title":"Are mutants a valid substitute for real faults in software testing?","authors":"René Just, D. Jalali, Laura Inozemtseva, Michael D. Ernst, Reid Holmes, G. Fraser","doi":"10.1145/2635868.2635929","DOIUrl":"https://doi.org/10.1145/2635868.2635929","url":null,"abstract":"A good test suite is one that detects real faults. Because the set of faults in a program is usually unknowable, this definition is not useful to practitioners who are creating test suites, nor to researchers who are creating and evaluating tools that generate test suites. In place of real faults, testing research often uses mutants, which are artificial faults -- each one a simple syntactic variation -- that are systematically seeded throughout the program under test. Mutation analysis is appealing because large numbers of mutants can be automatically-generated and used to compensate for low quantities or the absence of known real faults. Unfortunately, there is little experimental evidence to support the use of mutants as a replacement for real faults. This paper investigates whether mutants are indeed a valid substitute for real faults, i.e., whether a test suite’s ability to detect mutants is correlated with its ability to detect real faults that developers have fixed. Unlike prior studies, these investigations also explicitly consider the conflating effects of code coverage on the mutant detection rate. Our experiments used 357 real faults in 5 open-source applications that comprise a total of 321,000 lines of code. Furthermore, our experiments used both developer-written and automatically-generated test suites. The results show a statistically significant correlation between mutant detection and real fault detection, independently of code coverage. The results also give concrete suggestions on how to improve mutation analysis and reveal some inherent limitations.","PeriodicalId":250543,"journal":{"name":"Proceedings of the 22nd ACM SIGSOFT International Symposium on Foundations of Software Engineering","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123860131","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 561
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信