发布求助
文献互助 智能选刊 最新文献

2015 IEEE/ACM 37th IEEE International Conference on Software Engineering最新文献

筛选
英文 中文
FLEXISKETCH TEAM: Collaborative Sketching and Notation Creation on the Fly FLEXISKETCH团队:协作素描和符号创作上的飞行
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.223
Dustin Wüest, N. Seyff, M. Glinz
{"title":"FLEXISKETCH TEAM: Collaborative Sketching and Notation Creation on the Fly","authors":"Dustin Wüest, N. Seyff, M. Glinz","doi":"10.1109/ICSE.2015.223","DOIUrl":"https://doi.org/10.1109/ICSE.2015.223","url":null,"abstract":"When software engineers collaborate, they frequently use whiteboards or paper for sketching diagrams. This is fast and flexible, but the resulting diagrams cannot be interpreted by software modeling tools. We present FLEXISKETCH TEAM, a tool solution consisting of a significantly extended version of our previous, single-user FLEXISKETCH tool for Android devices and a new desktop tool. Our solution for collaborative, model-based sketching of free-form diagrams allows users to define and re-use diagramming notations on the fly. Several users can work simultaneously on the same model sketch with multiple tablets. The desktop tool provides a shared view of the drawing canvas which can be projected onto an electronic whiteboard. Preliminary results from an exploratory study show that our tool motivates meeting participants to actively take part in sketching as well as defining ad-hoc notations.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134018812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
A Large-Scale Technology Evaluation Study: Effects of Model-based Analysis and Testing 大规模技术评估研究:基于模型的分析和测试的效果
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.141
Michael Kläs, T. Bauer, Andreas Dereani, Thomas Soderqvist, Philipp Helle
{"title":"A Large-Scale Technology Evaluation Study: Effects of Model-based Analysis and Testing","authors":"Michael Kläs, T. Bauer, Andreas Dereani, Thomas Soderqvist, Philipp Helle","doi":"10.1109/ICSE.2015.141","DOIUrl":"https://doi.org/10.1109/ICSE.2015.141","url":null,"abstract":"Besides model-based development, model-based quality assurance and the tighter integration of static and dynamic quality assurance activities are becoming increasingly relevant in the development of software-intensive systems. Thus, this paper reports on an empirical study aimed at investigating the promises regarding quality improvements and cost savings. The evaluation comprises data from 13 industry case studies conducted during a three-year large-scale research project in the transportation domain (automotive, avionics, rail system). During the evaluation, we identified major goals and strategies associated with (integrated) model-based analysis and testing and evaluated the improvements achieved. The aggregated results indicate an average cost reduction of between 29% and 34% for verification and validation and of between 22% and 32% for defect removal. Compared with these cost savings, improvements regarding test coverage (~8%), number of remaining defects (~13%), and time to market (~8%) appear less noticeable.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"14 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134129832","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 13
Approximating Attack Surfaces with Stack Traces 用栈迹逼近攻击面
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.148
Christopher Theisen, Kim Herzig, P. Morrison, Brendan Murphy, L. Williams
{"title":"Approximating Attack Surfaces with Stack Traces","authors":"Christopher Theisen, Kim Herzig, P. Morrison, Brendan Murphy, L. Williams","doi":"10.1109/ICSE.2015.148","DOIUrl":"https://doi.org/10.1109/ICSE.2015.148","url":null,"abstract":"Security testing and reviewing efforts are a necessity for software projects, but are time-consuming and expensive to apply. Identifying vulnerable code supports decision-making during all phases of software development. An approach for identifying vulnerable code is to identify its attack surface, the sum of all paths for untrusted data into and out of a system. Identifying the code that lies on the attack surface requires expertise and significant manual effort. This paper proposes an automated technique to empirically approximate attack surfaces through the analysis of stack traces. We hypothesize that stack traces from user-initiated crashes have several desirable attributes for measuring attack surfaces. The goal of this research is to aid software engineers in prioritizing security efforts by approximating the attack surface of a system via stack trace analysis. In a trial on Windows 8, the attack surface approximation selected 48.4% of the binaries and contained 94.6% of known vulnerabilities. Compared with vulnerability prediction models (VPMs) run on the entire codebase, VPMs run on the attack surface approximation improved recall from .07 to .1 for binaries and from .02 to .05 for source files. Precision remained at .5 for binaries, while improving from .5 to .69 for source files.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"245 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134228803","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 58
Mining Apps for Abnormal Usage of Sensitive Data 挖掘应用程序异常使用敏感数据
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.61
Vitalii Avdiienko, Konstantin Kuznetsov, Alessandra Gorla, A. Zeller, Steven Arzt, Siegfried Rasthofer, E. Bodden
{"title":"Mining Apps for Abnormal Usage of Sensitive Data","authors":"Vitalii Avdiienko, Konstantin Kuznetsov, Alessandra Gorla, A. Zeller, Steven Arzt, Siegfried Rasthofer, E. Bodden","doi":"10.1109/ICSE.2015.61","DOIUrl":"https://doi.org/10.1109/ICSE.2015.61","url":null,"abstract":"What is it that makes an app malicious? One important factor is that malicious apps treat sensitive data differently from benign apps. To capture such differences, we mined 2,866 benign Android applications for their data flow from sensitive sources, and compare these flows against those found in malicious apps. We find that (a) for every sensitive source, the data ends up in a small number of typical sinks; (b) these sinks differ considerably between benign and malicious apps; (c) these differences can be used to flag malicious apps due to their abnormal data flow; and (d) malicious apps can be identified by their abnormal data flow alone, without requiring known malware samples. In our evaluation, our MUDFLOW prototype correctly identified 86.4% of all novel malware, and 90.1% of novel malware leaking sensitive data.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131052768","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 270
From Developer Networks to Verified Communities: A Fine-Grained Approach 从开发人员网络到验证社区:细粒度方法
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.73
Mitchell Joblin, W. Mauerer, S. Apel, J. Siegmund, D. Riehle
{"title":"From Developer Networks to Verified Communities: A Fine-Grained Approach","authors":"Mitchell Joblin, W. Mauerer, S. Apel, J. Siegmund, D. Riehle","doi":"10.1109/ICSE.2015.73","DOIUrl":"https://doi.org/10.1109/ICSE.2015.73","url":null,"abstract":"Effective software engineering demands a coordinated effort. Unfortunately, a comprehensive view on developer coordination is rarely available to support software-engineering decisions, despite the significant implications on software quality, software architecture, and developer productivity. We present a fine-grained, verifiable, and fully automated approach to capture a view on developer coordination, based on commit information and source-code structure, mined from version-control systems. We apply methodology from network analysis and machine learning to identify developer communities automatically. Compared to previous work, our approach is fine-grained, and identifies statistically significant communities using order-statistics and a community-verification technique based on graph conductance. To demonstrate the scalability and generality of our approach, we analyze ten open-source projects with complex and active histories, written in various programming languages. By surveying 53 open-source developers from the ten projects, we validate the authenticity of inferred community structure with respect to reality. Our results indicate that developers of open-source projects form statistically significant community structures and this particular view on collaboration largely coincides with developers' perceptions of real-world collaboration.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"101 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133398580","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 74
Code Hunt: Experience with Coding Contests at Scale 代码狩猎:大规模编码竞赛的经验
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.172
J. Bishop, R. Horspool, Tao Xie, N. Tillmann, J. de Halleux
{"title":"Code Hunt: Experience with Coding Contests at Scale","authors":"J. Bishop, R. Horspool, Tao Xie, N. Tillmann, J. de Halleux","doi":"10.1109/ICSE.2015.172","DOIUrl":"https://doi.org/10.1109/ICSE.2015.172","url":null,"abstract":"Mastering a complex skill like programming takes many hours. In order to encourage students to put in these hours, we built Code Hunt, a game that enables players to program against the computer with clues provided as unit tests. The game has become very popular and we are now running worldwide contests where students have a fixed amount of time to solve a set of puzzles. This paper describes Code Hunt and the contest experience it offers. We then show some early results that demonstrate how Code Hunt can accurately discriminate between good and bad coders. The challenges of creating and selecting puzzles for contests are covered. We end up with a short description of our course experience, and some figures that show that Code Hunt is enjoyed by women and men alike.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133545624","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 60
Source Code Curation on StackOverflow: The Vesperin System StackOverflow上的源代码管理:Vesperin系统
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.217
H. Sánchez, E. J. Whitehead
{"title":"Source Code Curation on StackOverflow: The Vesperin System","authors":"H. Sánchez, E. J. Whitehead","doi":"10.1109/ICSE.2015.217","DOIUrl":"https://doi.org/10.1109/ICSE.2015.217","url":null,"abstract":"The past few years have witnessed the rise of software question and answer sites like StackOverflow, where developers can pose detailed coding questions and receive quality answers. Developers using these sites engage in a complex code foraging process of understanding and adapting the code snippets they encounter. We introduce the notion of source code curation to cover the act of discovering some source code of interest, cleaning and transforming (refining) it, and then presenting it in a meaningful and organized way. In this paper, we present Vesperin, a source code curation system geared towards curating Java code examples on StackOverflow.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127816068","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
How (Much) Do Developers Test? 开发人员测试多少?
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.193
M. Beller, Georgios Gousios, A. Zaidman
{"title":"How (Much) Do Developers Test?","authors":"M. Beller, Georgios Gousios, A. Zaidman","doi":"10.1109/ICSE.2015.193","DOIUrl":"https://doi.org/10.1109/ICSE.2015.193","url":null,"abstract":"What do we know about software testing in the real world? It seems we know from Fred Brooks' seminal work \"The Mythical Man-Month\" that 50% of project effort is spent on testing. However, due to the enormous advances in software engineering in the past 40 years, the question stands: Is this observation still true? In fact, was it ever true? The vision for our research is to settle the discussion about Brooks' estimation once and for all: How much do developers test? Does developers' estimation on how much they test match reality? How frequently do they execute their tests, and is there a relationship between test runtime and execution frequency? What are the typical reactions to failing tests? Do developers solve actual defects in the production code, or do they merely relax their test assertions? Emerging results from 40 software engineering students show that students overestimate their testing time threefold, and 50% of them test as little as 4% of their time, or less. Having proven the scalability of our infrastructure, we are now extending our case study with professional software engineers from open-source and industrial organizations.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115457031","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 55
7th International Workshop on Principles of Engineering Service-Oriented and Cloud Systems (PESOS 2015) 第七届面向服务与云系统工程原理国际研讨会(PESOS 2015)
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.5555/2819009.2819243
M. Babar, Hye-young Paik, Malolan Chetlur, M. Bauer, Amir Molzam Sharifloo
{"title":"7th International Workshop on Principles of Engineering Service-Oriented and Cloud Systems (PESOS 2015)","authors":"M. Babar, Hye-young Paik, Malolan Chetlur, M. Bauer, Amir Molzam Sharifloo","doi":"10.5555/2819009.2819243","DOIUrl":"https://doi.org/10.5555/2819009.2819243","url":null,"abstract":"PESOS has established itself as a forum that brings together software engineering researchers and practitioners working in the areas of service-oriented systems to discuss research challenges, new developments and applications, as well as methods, techniques, experiences, and tools to support engineering, evolution and adaptation of service-oriented systems. The technical advances and growing adoption of Cloud computing is creating new challenges for the PESOS the software services community to explore the approaches to better engineer software systems that are designed, developed, operated and governed in the context of the Cloud. We again attracted high-quality submissions on a diverse set of relevant topics such as better approaches to engineering service-based collaborative systems, Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS) models of cloud computing and associated software quality attributes. PESOS 2015 will continue to be the key forum for collecting case studies and artifacts for educators and researchers in this area.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"84 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115718570","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
The Art of Testing Less without Sacrificing Quality 减少测试而不牺牲质量的艺术
2015 IEEE/ACM 37th IEEE International Conference on Software Engineering Pub Date : 2015-05-16 DOI: 10.1109/ICSE.2015.66
Kim Herzig, Michaela Greiler, J. Czerwonka, Brendan Murphy
{"title":"The Art of Testing Less without Sacrificing Quality","authors":"Kim Herzig, Michaela Greiler, J. Czerwonka, Brendan Murphy","doi":"10.1109/ICSE.2015.66","DOIUrl":"https://doi.org/10.1109/ICSE.2015.66","url":null,"abstract":"Testing is a key element of software development processes for the management and assessment of product quality. In most development environments, the software engineers are responsible for ensuring the functional correctness of code. However, for large complex software products, there is an additional need to check that changes do not negatively impact other parts of the software and they comply with system constraints such as backward compatibility, performance, security etc. Ensuring these system constraints may require complex verification infrastructure and test procedures. Although such tests are time consuming and expensive and rarely find defects they act as an insurance process to ensure the software is compliant. However, long lasting tests increasingly conflict with strategic aims to shorten release cycles. To decrease production costs and to improve development agility, we created a generic test selection strategy called THEO that accelerates test processes without sacrificing product quality. THEO is based on a cost model, which dynamically skips tests when the expected cost of running the test exceeds the expected cost of removing it. We replayed past development periods of three major Microsoft products resulting in a reduction of 50% of test executions, saving millions of dollars per year, while maintaining product quality.","PeriodicalId":330487,"journal":{"name":"2015 IEEE/ACM 37th IEEE International Conference on Software Engineering","volume":"47 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2015-05-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124214573","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 91
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信