发布求助
文献互助 智能选刊 最新文献

2008 19th International Symposium on Software Reliability Engineering (ISSRE)最新文献

筛选
英文 中文
Assessing the Effect of Software Failures on Trust Assumptions 评估软件故障对信任假设的影响
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.30
Q. Feng, R. Lutz
{"title":"Assessing the Effect of Software Failures on Trust Assumptions","authors":"Q. Feng, R. Lutz","doi":"10.1109/ISSRE.2008.30","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.30","url":null,"abstract":"The contribution of this paper is a technique to assess whether software failures during operational use can invalidate the trust assumptions and, hence, the adequacy of the software security. Use of the technique identified four security-related software requirements for making the system more robust to denial-of-service attacks.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"76 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134137624","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Finding Faults: Manual Testing vs. Random+ Testing vs. User Reports 查找故障:手动测试vs.随机+测试vs.用户报告
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.18
Ilinca Ciupa, B. Meyer, M. Oriol, A. Pretschner
{"title":"Finding Faults: Manual Testing vs. Random+ Testing vs. User Reports","authors":"Ilinca Ciupa, B. Meyer, M. Oriol, A. Pretschner","doi":"10.1109/ISSRE.2008.18","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.18","url":null,"abstract":"The usual way to compare testing strategies, whether theoretically or empirically, is to compare the number of faults they detect. To ascertain definitely that a testing strategy is better than another, this is a rather coarse criterion: shouldn't the nature of faults matter as well as their number? The empirical study reported here confirms this conjecture. An analysis of faults detected in Eiffel libraries through three different techniques-random tests, manual tests, and user incident reports-shows that each is good at uncovering significantly different kinds of faults. None of the techniques subsumes any of the others, but each brings distinct contributions.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122198053","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 43
Analysis of Computer Security Incident Data Using Time Series Models 用时间序列模型分析计算机安全事件数据
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.39
Edward M. Condon, Angela He, M. Cukier
{"title":"Analysis of Computer Security Incident Data Using Time Series Models","authors":"Edward M. Condon, Angela He, M. Cukier","doi":"10.1109/ISSRE.2008.39","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.39","url":null,"abstract":"Organizations face increasing challenges in addressing and preventing computer and network security incidents. There are financial consequences from security incidents. These include lost time and resources used during recovery, possible theft of personal and/or proprietary information, and reputational damage that may negatively impact stock prices or reduce consumer confidence in a company. Being able to understand and predict trends in computer and network security incidents can aid an organization with resource allocation for prevention of such incidents, as well as evaluation of mitigation strategies. We look at using time series models with a large set of security incident data. We examine appropriateness of the data for modeling and consider needed transformations. Parameter search and model selection criteria are discussed. Then, forecasts from time series models are compared to forecasts from Non-Homogeneous Poisson Process (NHPP) software reliability growth (SRG) models.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"13 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124303182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 32
Ranking Attack-Prone Components with a Predictive Model 使用预测模型对易受攻击的组件进行排名
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.24
M. Gegick, L. Williams
{"title":"Ranking Attack-Prone Components with a Predictive Model","authors":"M. Gegick, L. Williams","doi":"10.1109/ISSRE.2008.24","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.24","url":null,"abstract":"Limited resources preclude software engineers from finding and fixing all vulnerabilities in a software system. An early security risk analysis that ranks software components by probability of being attacked can provide an affordable means to prioritizing fortification efforts to the highest risk components. We created a predictive model using classification and regression trees and the following internal metrics: quantity of Klocwork static analysis warnings, file coupling, and quantity of changed and added lines of code. We validated the model against pre-release security testing failures on a large commercial telecommunications system. The model assigned a probability of attack to each file where upon ranking the probabilities in descending order we found that 72% of the attack-prone files are in the top 10% of the ranked files and 90% in the top 20% of the files.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123721168","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
All-Paths Test Generation for Programs with Internal Aliases 具有内部别名的程序的全路径测试生成
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.25
N. Kosmatov
{"title":"All-Paths Test Generation for Programs with Internal Aliases","authors":"N. Kosmatov","doi":"10.1109/ISSRE.2008.25","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.25","url":null,"abstract":"In structural testing of programs, the all-paths coverage criterion requires to generate a set of test cases such that every possible execution path of the program under test is executed by one test case. This task becomes very complex in presence of aliases, i.e. different ways to address the same memory location. In practice, the presence of aliases may result in enumeration of possible inputs, generation of several test cases for the same path and/or a failure to generate a test case for some feasible path. This article presents the problem of aliases in the context of classical depth-first test generation method. We classify aliases into two groups: external aliases, existing already at the entry point of the function under test (due to pointer inputs), and internal ones, created during its symbolic execution. This paper focuses on internal aliases.We propose an original extension of the depth-first test generation method for C programs with internal aliases. It limits the enumeration of inputs and the generation of superfluous test cases. Initial experiments show that our method canconsiderably improve the performances of the existing tools on programs with aliases.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"28 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115036702","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 17
Predicting Defect Content and Quality Assurance Effectiveness by Combining Expert Judgment and Defect Data - A Case Study 结合专家判断和缺陷数据预测缺陷内容和质量保证有效性——一个案例研究
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.43
Michael Kläs, H. Nakao, Frank Elberzhager, Jürgen Münch
{"title":"Predicting Defect Content and Quality Assurance Effectiveness by Combining Expert Judgment and Defect Data - A Case Study","authors":"Michael Kläs, H. Nakao, Frank Elberzhager, Jürgen Münch","doi":"10.1109/ISSRE.2008.43","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.43","url":null,"abstract":"Planning quality assurance (QA) activities in a systematic way and controlling their execution are challenging tasks for companies that develop software or software-intensive systems. Both require estimation capabilities regarding the effectiveness of the applied QA techniques and the defect content of the checked artifacts. Existing approaches for these purposes need extensive measurement data from his-torical projects. Due to the fact that many companies do not collect enough data for applying these approaches (es-pecially for the early project lifecycle), they typically base their QA planning and controlling solely on expert opinion. This article presents a hybrid method that combines commonly available measurement data and context-specific expert knowledge. To evaluate the methodpsilas applicability and usefulness, we conducted a case study in the context of independent verification and validation activities for critical software in the space domain. A hybrid defect content and effectiveness model was developed for the software requirements analysis phase and evaluated with available legacy data. One major result is that the hybrid model provides improved estimation accuracy when compared to applicable models based solely on data. The mean magni-tude of relative error (MMRE) determined by cross-validation is 29.6% compared to 76.5% obtained by the most accurate data-based model.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122683094","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 15
Testing Software Product Lines Using Incremental Test Generation 使用增量测试生成测试软件产品线
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.56
Engin Uzuncaova, D. Garcia, S. Khurshid, D. Batory
{"title":"Testing Software Product Lines Using Incremental Test Generation","authors":"Engin Uzuncaova, D. Garcia, S. Khurshid, D. Batory","doi":"10.1109/ISSRE.2008.56","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.56","url":null,"abstract":"We present a novel specification-based approach for generating tests for products in a software product line. Given properties of features as first-order logic formulas, our approach uses SAT-based analysis to automatically generate test inputs for each product in a product line. To ensure soundness of generation, we introduce an automatic technique for mapping a formula that specifies a feature into a transformation that defines incremental refinement of test suites. Our experimental results using different data structure product lines show that incremental approach can provide an order of magnitude speed-up over conventional techniques.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128188409","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 58
Reliability Assessment of Translated VMF/Link-16 Messages 翻译VMF/Link-16消息的可靠性评估
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.36
Jingyu Kim, Sungwon Kang, Nohbok Lee
{"title":"Reliability Assessment of Translated VMF/Link-16 Messages","authors":"Jingyu Kim, Sungwon Kang, Nohbok Lee","doi":"10.1109/ISSRE.2008.36","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.36","url":null,"abstract":"TActical Digital Information Links (TADILs) are communication infrastructure for military co-operations among air, sea, ground weapon systems/forces. To support such co-operations, real-time message translation and reliability assessment of translated messages used for TADILs are essential for effective situation awareness and interoperability of real-time coordination of weapon systems. In this paper, we propose a technique for assessing of VMF/Link-16 messages.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121039546","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A Framework for Testing Peer-to-Peer Systems 测试点对点系统的框架
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.42
E. Almeida, G. Sunyé, Yves Le Traon, P. Valduriez
{"title":"A Framework for Testing Peer-to-Peer Systems","authors":"E. Almeida, G. Sunyé, Yves Le Traon, P. Valduriez","doi":"10.1109/ISSRE.2008.42","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.42","url":null,"abstract":"Developing peer-to-peer (P2P) systems is hard because they must be deployed on a high number of nodes, which can be autonomous, refusing to answer to some requests or even unexpectedly leaving the system. Such volatility of nodes is a common behavior in P2P system and can be interpreted as fault during tests.In this paper, we propose a framework for testing P2P systems. This framework is based on the individual control of nodes, allowing test cases to precisely control the volatility of nodes during execution.We validated this framework through implementation and experimentation on an open-source P2P system.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"728 ","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134530290","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Comparative Study of Fault-Proneness Filtering with PMD
2008 19th International Symposium on Software Reliability Engineering (ISSRE) Pub Date : 2008-11-10 DOI: 10.1109/ISSRE.2008.49
Hideaki Hata, O. Mizuno, T. Kikuno
{"title":"Comparative Study of Fault-Proneness Filtering with PMD","authors":"Hideaki Hata, O. Mizuno, T. Kikuno","doi":"10.1109/ISSRE.2008.49","DOIUrl":"https://doi.org/10.1109/ISSRE.2008.49","url":null,"abstract":"Fault-prone module detection is important for assurance of software quality. We have proposed a novel approach for detecting fault-prone modules using spam filtering technique, named Fault-proneness filtering. In order to show the effectiveness of fault-proneness filtering, we conducted comparative study with a static code analysis tool, PMD. In the study, Fault-proneness filtering obtains higher F1 than PMD.","PeriodicalId":448275,"journal":{"name":"2008 19th International Symposium on Software Reliability Engineering (ISSRE)","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130874694","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信