发布求助
文献互助 智能选刊 最新文献

2016 23rd Asia-Pacific Software Engineering Conference (APSEC)最新文献

筛选
英文 中文
A Map of Threats to Validity of Systematic Literature Reviews in Software Engineering 软件工程中系统文献综述有效性的威胁图
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.031
Xin Zhou, Yuqin Jin, He Zhang, Shanshan Li, Xin Huang
{"title":"A Map of Threats to Validity of Systematic Literature Reviews in Software Engineering","authors":"Xin Zhou, Yuqin Jin, He Zhang, Shanshan Li, Xin Huang","doi":"10.1109/APSEC.2016.031","DOIUrl":"https://doi.org/10.1109/APSEC.2016.031","url":null,"abstract":"Context: The assessment of Threats to Validity (TTVs) is critical to secure the quality of empirical studies in Software Engineering (SE). In the recent decade, Systematic Literature Review (SLR) was becoming an increasingly important empirical research method in SE. One of the mechanisms of insuring the level of scientific value in the findings of an SLR is to rigorously assess its validity. Hence, it is necessary to realize the status quo and issues of TTVs of SLRs in SE. Objective: This study aims to investigate thestate-of-the-practice of TTVs of the SLRs published in SE, and further support SE researchers to improve the assessment and strategies against TTVs in order to increase the quality of SLRs in SE. Method: We conducted a tertiary study by reviewing the SLRs in SE that report the assessment of TTVs. Results: We identified 316 SLRs published from 2004 to the first half of 2015, in which TTVs are discussed. The issues associated to TTVs were also summarized and categorized. Conclusion: The common TTVs related to SLR research, such as internal validity and reliability, were thoroughly discussed in most SLRs. The threats to construct validity and external validity drew less attention. Moreover, there are few strategies and tactics being reported to cope with the various TTVs.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115235192","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 171
Model Driven Software Security Architecture of Systems-of-Systems 系统的系统模型驱动软件安全体系结构
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.023
Jamal El Hachem, Z. Pang, Vanea Chiprianov, M. Babar, P. Aniorté
{"title":"Model Driven Software Security Architecture of Systems-of-Systems","authors":"Jamal El Hachem, Z. Pang, Vanea Chiprianov, M. Babar, P. Aniorté","doi":"10.1109/APSEC.2016.023","DOIUrl":"https://doi.org/10.1109/APSEC.2016.023","url":null,"abstract":"Recently, there is a growing interest in Systems of Systems (SoS), their architecture, security and application domains. However, their specific characteristics such as the operational independence of SoS constituent systems (CS), the absence of central authority and their emergent behavior make the modeling of their structure, behavior and security a complex task. One of the current main security challenges in the context of SoS is the cascading attack problem. The challenge is to predict the concatenation/sequence of CS's vulnerabilities that could be triggered resulting in destructive cascading failures and take corrective actions to reduce the cost, development time and effect of later changes. In this paper, we propose a domain specific modeling language (DSML) to represent SoS security rchitecture. Having SoS security models will enable the discovery, analysis and resolution of cascading attacks, in the architecture phase, preventing development time and cost wastage. Following a Model Driven Engineering (MDE) approach, we generate a graphical editor for our DSML and use it to model a Smart Campus case study.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"54 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127081315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 18
Improving Reliability of Dynamic Software Updating Using Runtime Recovery 利用运行时恢复提高动态软件更新的可靠性
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.044
Tianxiao Gu, Ze-Yi Zhao, Xiaoxing Ma, Chang Xu, Chun Cao, Jian Lu
{"title":"Improving Reliability of Dynamic Software Updating Using Runtime Recovery","authors":"Tianxiao Gu, Ze-Yi Zhao, Xiaoxing Ma, Chang Xu, Chun Cao, Jian Lu","doi":"10.1109/APSEC.2016.044","DOIUrl":"https://doi.org/10.1109/APSEC.2016.044","url":null,"abstract":"Dynamic software updating (DSU) is a technique that can update running software systems without stopping them. Most existing approaches require programmer participation to guarantee the correctness of dynamic updating. However, manually preparing dynamic updating is error-prone and time-consuming. Therefore, other approaches prefer to aggressively perform updating without programmer intervention, which may definitely lead to unanticipated runtime errors. To reduce human effort and enhance the reliability for dynamic updating, we leverage automatic runtime recovery (ARR) techniques to recover runtime errors caused by improper dynamic updating. This paper presents ADSU, a fully automatic DSU system using ARR. We evaluate ADSU with real updates from widely used open source software systems, i.e., Apache Tomcat, Apache FTP Server and jEdit. The preliminary results have shown that ADSU succeeds in automatically applying 11 of 16 real-world updates that existing counterparts cannot.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129911239","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Developers Expertise and Roles on Software Technologies 软件技术中的开发人员专业知识和角色
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.061
Eleni Constantinou, G. Kapitsaki
{"title":"Developers Expertise and Roles on Software Technologies","authors":"Eleni Constantinou, G. Kapitsaki","doi":"10.1109/APSEC.2016.061","DOIUrl":"https://doi.org/10.1109/APSEC.2016.061","url":null,"abstract":"Contributions to open source software provide evidence about developers' expertise and roles. Moreover, information about developers' activity can assist in identifying their competencies in software technologies. Existing project-centric approaches benefit the needs of expert identification within a project, but provide a limited view of developers' expertise. In this paper, we identify contributors' expertise and roles by considering their contribution history across multiple projects according to different technologies. Firstly, we identify terms related to software technologies and employ information from GitHub to extract contributors' activity on specific technologies. Secondly, we present four contributor roles: developer, technical leader, bug fixer and bug contributor. We study the contribution history of 2,973 users of GitHub and reveal trends in contributions in open source software that can be exploited by employers for identifying experts or by practitioners for showcasing their expertise in various technologies.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114728169","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Effectively Manifesting Concurrency Bugs in Android Apps 有效地显示Android应用程序中的并发错误
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.038
Qiwei Li, Yanyan Jiang, Tianxiao Gu, Chang Xu, Jun Ma, Xiaoxing Ma, Jian Lu
{"title":"Effectively Manifesting Concurrency Bugs in Android Apps","authors":"Qiwei Li, Yanyan Jiang, Tianxiao Gu, Chang Xu, Jun Ma, Xiaoxing Ma, Jian Lu","doi":"10.1109/APSEC.2016.038","DOIUrl":"https://doi.org/10.1109/APSEC.2016.038","url":null,"abstract":"Smartphones are indispensable in people's daily lives. As smartphone apps are being increasingly concurrent, developers are increasingly unable to tackle the complexity and to avoid subtle concurrency bugs. To better address this issue, we propose a novel approach to manifesting concurrency bugs in Android apps based on the fact that one can simultaneously generate input events and their schedules for an app. We conduct static-dynamic hybrid analysis to find potentially conflicting resource accesses in an app. The app is then automatically pressure-tested by guided event and schedule generation. We implemented the prototype tool AATT and evaluated it over thirteen popular real-world open-source apps. AATT successfully found 9 concurrency bugs out of which 7 were previously unknown.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"365 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134160254","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
The Floating-Point Extension of Symbolic Execution Engine for Bug Detection 用于错误检测的符号执行引擎的浮点扩展
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.045
Xingming Wu, Zhenbo Xu, Dong Yan, Tianyong Wu, Jun Yan, Jian Zhang
{"title":"The Floating-Point Extension of Symbolic Execution Engine for Bug Detection","authors":"Xingming Wu, Zhenbo Xu, Dong Yan, Tianyong Wu, Jun Yan, Jian Zhang","doi":"10.1109/APSEC.2016.045","DOIUrl":"https://doi.org/10.1109/APSEC.2016.045","url":null,"abstract":"Many existing symbolic execution engines for bug detection often ignore floating-point types and operations. That will result in imprecise reasoning about the feasibility of program paths, which in turn leads to false positives and negatives. Recently, there are quite some progress in satisfiability modulo theories (SMT) solving, and some tools are able to support floating-point arithmetic. Nevertheless, naturally extending a symbolic execution engine and directly replacing the back-end with the new SMT solver will not make a good static analyzer for floating-point programs.In this paper, we extend an existing symbolic execution engine for C program bug finding, so that it can deal with floating-point arithmetic and mathematical functions. For the mathematical functions, we employ an abstract model to keep a balance between overhead and precision. We also introduce a strategy, Lazy-verification, to reduce the number of SMT solver calls. We implemented our approach as a tool called Canalyze-fp. Experiments with self-developed benchmarks and non-trivial open source programs show that the proposed approach can effectively avoid the false positives and negatives, without introducing too much overhead.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"16 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133491195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
Model-Based Continuous Verification 基于模型的连续验证
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.022
Lingling Fan, Sen Chen, Lihua Xu, Zongyuang Yang, Huibiao Zhu
{"title":"Model-Based Continuous Verification","authors":"Lingling Fan, Sen Chen, Lihua Xu, Zongyuang Yang, Huibiao Zhu","doi":"10.1109/APSEC.2016.022","DOIUrl":"https://doi.org/10.1109/APSEC.2016.022","url":null,"abstract":"Model-based engineering has emerged as a key set of technologies to engineer software systems. While system source code is expected to match with the designed model, legacy systems and workarounds during deployment would undoubtedly change the source code, making the actual running implementation mismatch with its model. Such mismatch poses a challenge of maintaining the conformance between the model and the corresponding implementation. Prior techniques, such as model checking and model-based testing, simply assumed the sole correctness of the model or the implementation, which is naive since they both could contain correct information (e.g. representing either the software requirements or the actual running environment).In this paper, we aim to address this problem through model-based continuous verification (ConV), an iterative verification process that links the traditional model checking phase with the software testing phase to a feedback loop, ensuring the conformance between the system model and its implementation. It allows to execute the abstract test cases over the implementation through a semi-automatic binding mechanism to guide the update of the code, and augments system properties from the actually running system to guide the update of the model through model checking. Based on these techniques, we implemented Eunomia, a conformance verification system, to support the continuous verification process. Experiments show that Eunomia can effectively detect and locate inconsistencies both in the model and the source code.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"18 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114704893","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Heterogeneous Cross-Company Effort Estimation through Transfer Learning 基于迁移学习的异质跨公司工作量估算
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.033
Shensi Tong, Qing He, Yuting Chen, Ye Yang, Beijun Shen
{"title":"Heterogeneous Cross-Company Effort Estimation through Transfer Learning","authors":"Shensi Tong, Qing He, Yuting Chen, Ye Yang, Beijun Shen","doi":"10.1109/APSEC.2016.033","DOIUrl":"https://doi.org/10.1109/APSEC.2016.033","url":null,"abstract":"Software effort estimation is vital but challenging activity during software development. In many small or medium-sized companies, such challenges are stemmed from historical data shortage. The problem can be solved by leveraging cross-company data for effort estimation. While in practice, cross-company effort estimation may not be easy to take because the cross-company data for effort estimation can be heterogenous. In this paper, we propose a novel approach named Mixture of Canonical Correlation Analysis and Restricted Boltzmann Machines (MCR) to address data heterogeneity issue in cross-company effort estimation. The essential ideas in MCR are (1) to present a unified metric representing heterogenous effort estimation data; and (2) to combine Canonical Correlation Analysis and Restricted Boltzmann Machines method to estimate effort in heterogenous cross-company effort estimation. The MCR approach is evaluated on 5 public datasets in PROMISE repository. The evaluation results show that: (1) for estimations with partially different metrics, the MCR approach outperforms within-company effort estimator KNN with a decrease in MMRE by 0.60, an increase in PRED(25) by 0.16, and a decrease in MdMRE by 0.19; (2) for estimations with totally different metrics, the MCR approach outperforms within-company effort estimator KNN with a decrease in MMRE by 0.49, an increase in PRED(25) by 0.08, and a decrease in MdMRE by 0.10.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124742750","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Testing Android Apps via Guided Gesture Event Generation 通过引导手势事件生成测试Android应用程序
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.037
Xiangyu Wu, Yanyan Jiang, Chang Xu, Chun Cao, Xiaoxing Ma, Jian Lu
{"title":"Testing Android Apps via Guided Gesture Event Generation","authors":"Xiangyu Wu, Yanyan Jiang, Chang Xu, Chun Cao, Xiaoxing Ma, Jian Lu","doi":"10.1109/APSEC.2016.037","DOIUrl":"https://doi.org/10.1109/APSEC.2016.037","url":null,"abstract":"Mobile applications (apps) are mostly driven by touch gestures whose interactions are natural to human beings. However, generating gesture events for effective and efficient testing of such apps remains to be a challenge. Existing event generation techniques either feed the apps under test with random gestures or exhaustively enumerate all possible gestures. While the former strategy leads to incomplete test coverage, the latter suffers from efficiency issues. In this paper, we study the particular problem of gesture event generation for Android apps. We present a static analysis technique to obtain the gesture information: each UI component's potentially relevant gestures, so as to reduce the amount of gesture events to be delivered in the automated testing. We implemented our technique as a prototype tool GAT and evaluated it with real-world Android apps. The experimental results show that GAT is both effective and efficient in covering more code as well as detecting gesturerelated bugs.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129960574","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
A Review of Six Years of Asia-Pacific Software Engineering Conference 亚太软件工程会议六年回顾
2016 23rd Asia-Pacific Software Engineering Conference (APSEC) Pub Date : 1900-01-01 DOI: 10.1109/APSEC.2016.055
L. Kumar, Saikrishna Sripada, A. Sureka
{"title":"A Review of Six Years of Asia-Pacific Software Engineering Conference","authors":"L. Kumar, Saikrishna Sripada, A. Sureka","doi":"10.1109/APSEC.2016.055","DOIUrl":"https://doi.org/10.1109/APSEC.2016.055","url":null,"abstract":"We conduct a bibliometric and scientific publication mining based study to understand how the APSEC conference has evolved over the recent past 6 years (year 2010 to 2015). Our objective is to perform an in-depth examination of the state of APSEC so that the APSEC community can identify strengths, areas of improvements and future directions for the conference. Our empirical analysis is based on various perspectives such as: paper submission acceptance rate trends, scholarly productivity and contributions from various countries, identification of prolific authors, computation of citation impact of papers and contributing authors, internal and external collaboration, university and industry participation and collaboration, measurement of gender imbalance, yearly author churn and program committee characteristics.","PeriodicalId":339123,"journal":{"name":"2016 23rd Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130074474","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 5
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信