Journal of Software-Evolution and Process最新文献

{"title":"Ranking guidance actions to support engineers in fulfilling process constraints","authors":"Anmol Bilal,&nbsp;Christoph Mayr-Dorn,&nbsp;Alexander Egyed","doi":"10.1002/smr.2729","DOIUrl":"https://doi.org/10.1002/smr.2729","url":null,"abstract":"<p>In safety-critical systems engineering, regulations such as Automotive SPICE, ISO26262, or ED-109A mandate software quality assurance measures to provide evidence that the developed system is high quality. The constraints that define quality assurance conditions during the engineering life cycle are often non-trivial. This paper addresses the challenges, engineers face who are unfamiliar with the precise constraints of various projects (e.g., when newly joining a company or switching between departments). Understanding how to fulfill a constraint is a time-consuming and challenging task as an engineer needs to determine the most suitable option (out of potentially many) to fulfill a constraint violation. To this end, we propose a guidance action ranking framework to provide engineers with the most relevant guidance actions. Our primary ranking algorithm analyzes in the background the actions that engineers have made in the past to resolve a constraint violation without requiring explicit feedback from them. We evaluated our framework on two real-world data sets: an open-source drone management and an industrial air traffic control software system. Concretely, we replay past engineering activities and measured whether, in the case of a constraint violation, our suggested guidance actions were indeed selected by the engineer. The evaluation results revealed that learning from prior guidance actions effectively identifies the most appropriate guidance actions (ranked top 1 or 2) when compared to ranking algorithms based on action simplicity and artifact property change frequency. Specifically, we achieve a median MRR of 0.95 for the first case study and 0.94 for the second case study: an improvement of 80% and 100% over the baseline. Additionally, we observed that the simplicity of a guidance action does not reliably indicate its suitability for fulfilling a constraint, whereas learning from prior change operation property out-performed simplicity-based ranking but did not surpass guidance frequency-based ranking.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-09-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2729","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143117766","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Editorial for the special issue on software refactoring: Application breadth and technical depth","authors":"Zhenchang Xing","doi":"10.1002/smr.2732","DOIUrl":"https://doi.org/10.1002/smr.2732","url":null,"abstract":"&lt;p&gt;The field of software refactoring has been evolving rapidly, driven by the need to maintain software quality and manage complexity as software systems grow. This special issue of the &lt;i&gt;Journal of Software: Evolution and Process&lt;/i&gt; focuses on “Software Refactoring: Application Breadth and Technical Depth,” aiming to promote research that advances our understanding of software refactoring practices and their impact. The selected papers in this issue reflect the broad scope and technical depth of the topic, covering a variety of innovative methodologies, empirical studies, and new tools that push the boundaries of current software refactoring research.&lt;/p&gt;&lt;p&gt;The paper “Software Refactoring Side Effects” by AbuHassan, Alshayeb, and Ghouti addresses the often-overlooked side effects of software refactoring. The authors propose three different approaches for handling these side effects and employ a multi-objective optimization algorithm to identify optimal refactoring decisions. Their work enhances the understanding of refactoring's unintended consequences and proposes practical solutions, fitting well into the theme of exploring new dimensions of refactoring practices.&lt;/p&gt;&lt;p&gt;Zhao et al., in their article “An Architecture Refactoring Approach to Reducing Software Hierarchy Complexity,” introduce a novel metric to quantify software hierarchy complexity and propose the Complexity-oriented Software Architecture Refactoring (CoSSR) approach. Their study demonstrates how reducing software hierarchy complexity can improve software quality, aligning with the issue's focus on reducing complexity through innovative refactoring techniques.&lt;/p&gt;&lt;p&gt;The article “MARS: Detecting Brain Class/Method Code Smell Based on Metric-Attention Mechanism and Residual Network” by Zhang and Dong presents a new method for detecting complex code smells using a novel deep learning approach. By leveraging a metric-attention mechanism and an improved residual network, their model shows superior performance compared to existing methods. This research contributes to the special issue by applying cutting-edge machine learning techniques to refactoring challenges.&lt;/p&gt;&lt;p&gt;AlOmar et al.'s study, “Behind the Scenes: On the Relationship Between Developer Experience and Refactoring,” investigates the correlation between developer experience and refactoring activities across 800 open-source projects. Their findings highlight that experienced developers tend to perform more varied refactoring operations but document less of their refactoring activities. This study offers a new perspective on how human factors influence refactoring practices, enriching the broader conversation on effective software evolution.&lt;/p&gt;&lt;p&gt;In “A Study of Refactorings During Software Change Tasks,” Eilertsen and Murphy explore the reasons behind the disuse of refactoring tools during software change tasks. Their observational study reveals that the strategies developers use significantly impact the use of refactoring ","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2732","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143116621","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A hybrid-ensemble model for software defect prediction for balanced and imbalanced datasets using AI-based techniques with feature preservation: SMERKP-XGB","authors":"Mohd Mustaqeem,&nbsp;Tamanna Siddiqui,&nbsp;Suhel Mustajab","doi":"10.1002/smr.2731","DOIUrl":"10.1002/smr.2731","url":null,"abstract":"<p>Maintaining software quality is a significant challenge as the complexity of software is increasing with the rise of the software industry. Software defects are a primary concern in complex modules, and predicting them in the early stages of the software development life cycle (SDLC) is difficult. Previous techniques to address this issue have not been very promising. We have proposed “A hybrid ensemble model for software defect prediction using AI-based techniques with feature preservation” to overcome this problem. We have used the National Aeronautics and Space Administration (NASA) dataset from the PROMISE repository for testing and validation. By applying exploratory data analysis (EDA), feature engineering, scaling, and standardization, we found that the dataset is imbalanced, which can negatively affect the model's performance. To address this, we have used the Synthetic Minority Oversampling (SMOTE) technique and the edited nearest neighbor (ENN) (SMOTE-ENN). We have also used recursive feature elimination cross-validation (RFE-CV) with a pipeline to prevent data leaking in CV and kernel-based principal component analysis (K-PCA) to minimize dimensionality and selectively relevant features. The reduced dimensional data is then given to the eXtreme Gradient Boosting (XGBoost) for classification, resulting in the hybrid-ensemble (SMERKP-XGB) model. The proposed SMERKP-XGB model is better than previously developed models in terms of accuracy (CM1: 97.53%, PC1: 92.05%, and PC2: 97.45%, KC1:95.65%), and area under the receiver operating characteristic curve values (CM1:96.30%, PC1:98.30%, and PC2:99.30%: KC1: 93.54) and other evaluation criteria mentioned in the literature.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-09-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142265344","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"LLMs for science: Usage for code generation and data analysis","authors":"Mohamed Nejjar,&nbsp;Luca Zacharias,&nbsp;Fabian Stiehle,&nbsp;Ingo Weber","doi":"10.1002/smr.2723","DOIUrl":"10.1002/smr.2723","url":null,"abstract":"<p>Large language models (LLMs) have been touted to enable increased productivity in many areas of today's work life. Scientific research as an area of work is no exception: The potential of LLM-based tools to assist in the daily work of scientists has become a highly discussed topic across disciplines. However, we are only at the very onset of this subject of study. It is still unclear how the potential of LLMs will materialize in research practice. With this study, we give first empirical evidence on the use of LLMs in the research process. We have investigated a set of use cases for LLM-based tools in scientific research and conducted a first study to assess to which degree current tools are helpful. In this position paper, we report specifically on use cases related to software engineering, specifically, on generating application code and developing scripts for data analytics and visualization. While we studied seemingly simple use cases, results across tools differ significantly. Our results highlight the promise of LLM-based tools in general, yet we also observe various issues, particularly regarding the integrity of the output these tools provide.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-09-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2723","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142269249","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Measuring software engineer's contribution in practice: An industrial experience report","authors":"Yue Li,&nbsp;He Zhang,&nbsp;Lanxin Yang,&nbsp;Liming Dong,&nbsp;Juzheng Zhang,&nbsp;Bohan Liu","doi":"10.1002/smr.2722","DOIUrl":"10.1002/smr.2722","url":null,"abstract":"<p>Software engineers play a centric role throughout the software development lifecycle. Their activities directly impact the quality, performance, and successful delivery of software products, in particular for enterprises with an emphasis on high levels of quality assurance and timely delivery. Proper incentives that motivate software engineers are vital to secure and continuously improve development productivity and software quality. However, most existing research ignores the positive incentives for software engineers, especially industry-oriented research. In addition, existing research largely relies on peer assessment and lacks objectivity and transparency. To this end, this study investigates the process of contribution measurement for software engineers in a global Information and Communications Technology (ICT) enterprise, to explore the practical experiences and significance of contribution measurement. We investigated the practices of contribution measurement through multiple methods, including archival analysis, interviews, and survey. A total of 22 software engineers were interviewed to understand the practical implementation process of measuring contributions and its impact on software processes as well as engineers. In addition, 74 responses to our questionnaire were collected and used for a comprehensive impact analysis on software engineers. The analysis results reveal five benefits for software development processes and four benefits for practitioners of contribution measurement in the studied enterprise. In addition, this study reports on the best practices of contribution measurement, such as team-specific measurements, and provides a practical reference for researchers and organizations interested in studying or performing contribution measurement.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142224279","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Detect atomicity violations in concurrent programs through user assistance and identification of suspicious variable access patterns","authors":"Jingwen Zhao,&nbsp;Yanxia Wu,&nbsp;Yun Feng,&nbsp;Jibin Dong,&nbsp;Changting Shi","doi":"10.1002/smr.2725","DOIUrl":"10.1002/smr.2725","url":null,"abstract":"<p>Atomicity violation bugs are a frequent problem in concurrency. Because of the unpredictable nature of thread interleaving, most current methods are unable to differentiate between harmful and benign atomicity violations. This makes it challenging to determine the existence of an actual bug. This paper presents a method for detecting atomicity violation bugs in programs based on user interaction. First, UserTrack matches access interleaving patterns to identify all potential violations. We then verify the programmer's atomicity intent between two logical access operations on the same thread and filter out some candidates. Finally, a user interaction mechanism checks the paths that do not produce atomicity violations when threads are interleaved. Our method focuses on a small number of interesting states and interleavings, while allowing the programmer to impose constraints on thread interleavings and explore all executions that satisfy these constraints. We continuously gather information through user feedback results and detect atomicity violation bugs that truly go against the programmer's intent. We evaluated the method using benchmark tests, which demonstrated the effectiveness of UserTrack in detecting atomicity violations.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-09-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142185445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"E2E test execution optimization for web application based on state reuse","authors":"Ruilian Zhao,&nbsp;Shukai Zhang,&nbsp;Zhifan Zhu,&nbsp;Ying Shang,&nbsp;Weiwei Wang","doi":"10.1002/smr.2714","DOIUrl":"10.1002/smr.2714","url":null,"abstract":"<p>End-to-end (E2E) testing is a commonly used technique for web application testing. Unlike traditional unit tests, E2E tests focus on test scenarios that target the entire business, which integrate and collaborate of various components and services to make the whole application work. As a result, one drawback of E2E tests is their longer execution time, seriously affecting testing efficiency of web applications. In order to speed up the execution of E2E tests for web applications, this paper proposes a test execution optimization approach based page state reuse. Through analyzing the common operations of E2E tests, a common prefix trees is constructed to organize the same operations among test scripts in a test suite of web applications. Under the guidance of the prefix tree, the optimal reusable state is identified and duplicated to maximize the utilization of page states triggered by the same operations, thereby reducing the overall execution time of the test suite. Besides, to realize page state reuse automatically, we design a browser process replication strategy, which implement querying the active page and duplicating the web page. To verify the effectiveness of our method, experiments and evaluations were conducted on 347 E2E tests from eight open-source web applications, and the results showed that our approach reduced the E2E testing execution time for web applications by 52%–68%.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142185444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards an ontology for process compliance with the (machinery) legislations","authors":"Barbara Gallina,&nbsp;Gergő László Steierhoffer,&nbsp;Thomas Young Olesen,&nbsp;Eszter Parajdi,&nbsp;Mike Aarup","doi":"10.1002/smr.2728","DOIUrl":"10.1002/smr.2728","url":null,"abstract":"<p>Legislations impose requirements on the manufacturing of machinery. Typically, these requirements are interpreted and refined by (domain-specific) technical committees and published in terms of standards. At the company level, these refined requirements are further interpreted, refined, and documented in terms of internal processes. Due to the proliferation of (interdependent) legislations and standards and the consequent increase of the cognitive complexity, at the company level, manual knowledge management is becoming more and more challenging and requires automated decision support. Despite the availability of approaches aimed at automating the decision support, no one offers a satisfactory solution. In this paper, we focus on knowledge management for process compliance and we propose a novel structured ontology. Our ontology aims at mastering (by dividing and conquering via tracing) the cognitive complexity of the compliance problem, when heterogeneous and sometimes geographically distributed knowledge-driven organizational structures (legal department, standardization department, etc.) are involved and need to communicate. We also illustrate the potential usefulness of our proposed ontology in the context of pumps manufacturing and safety process compliance with the Machinery Directive and related harmonized standards including EN 809:1998+A1. Specifically, first, we identify the competencies that characterize departments and interdepartment interactions, then we formulate an initial set of competency questions that translate those identified competencies, then we show how the ontology can be exploited to retrieve the answers to the questions and how the answers can be exploited to build a justification for compliance. Precisely, we propose an argumentation pattern given in two different argumentation notations, and we show how it can be partly instantiated by exploiting the returned answers. The illustration also partly covers the compliance with the Machinery Regulation, expected to replace the Machinery Directive by January 2027. Finally, we sketch our intended future work.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-08-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.2728","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142185446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"NG_MDERANK: A software vulnerability feature knowledge extraction method based on N-gram similarity","authors":"Xiaoxue Wu,&nbsp;Shiyu Weng,&nbsp;Bin Zheng,&nbsp;Wei Zheng,&nbsp;Xiang Chen,&nbsp;Xiaobin Sun","doi":"10.1002/smr.2727","DOIUrl":"10.1002/smr.2727","url":null,"abstract":"<p>As software grows in size and complexity, software vulnerabilities are increasing, leading to a range of serious insecurity issues. Open-source software vulnerability reports and documentation can provide researchers with great convenience for analysis and detection. However, the quality of different data sources varies, the data are duplicated and lack of correlation, which often requires a lot of manual management and analysis. In order to solve the problems of scattered and heterogeneous data and lack of correlation in traditional vulnerability repositories, this paper proposes a software vulnerability feature knowledge extraction method that combines the N-gram model and mask similarity. The method generates mask text data based on the extraction of N-gram candidate keywords and extracts vulnerability feature knowledge by calculating the similarity of mask text. This method analyzes the samples efficiently and stably in the environment of large sample size and complex samples and can obtain high-value semi-structured data. Then, the final node, relationship, and attribute information are obtained by secondary knowledge cleaning and extraction of the extracted semi-structured data results. And based on the extraction results, the corresponding software vulnerability domain knowledge graph is constructed to deeply explore the semantic information features and entity relationships of vulnerabilities, which can help to efficiently study software security problems and solve vulnerability problems. The effectiveness and superiority of the proposed method is verified by comparing it with several traditional keyword extraction algorithms on Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) vulnerability data.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142224280","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The PIM.3 process improvement process—Part of the iNTACS certified process expert training","authors":"Richard Messnarz,&nbsp;Vesna Djordjevic,&nbsp;Viktor Grémen,&nbsp;Winifred Menezes,&nbsp;Ahmed Alborae,&nbsp;Rainer Dreves,&nbsp;So Norimatsu,&nbsp;Thomas Wegner,&nbsp;Bernhard Sechser","doi":"10.1002/smr.2726","DOIUrl":"10.1002/smr.2726","url":null,"abstract":"<p>This paper documents the results of the PIM.3 (Process Improvement Management) working group in INTACS (International Assessor Certification Schema) supported by the VDA-QMC (Verband der Deutschen Automobilindustrie/German Automotive Association–Quality Management Center). INTACS promotes Automotive SPICE, which is an international standard that allows process capability assessment of projects, which implement systems that integrate mechanics, electronics, and software including optionally cybersecurity, functional safety, and machine learning. The paper outlines that for the first time since more than 20 years, the INTACS and VDA-QMC included a process like PIM.3 Process Improvement Management in the scope for the assessor training. Before that, the assessments focused on the management, engineering, and support processes of series projects, while the improvement management has not been trained or assessed.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142224425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}