Science of Computer Programming最新文献

{"title":"How to run it? Automated setup steps generation for JavaWeb application","authors":"Hongfan Zhang ,&nbsp;Tengmei Wang ,&nbsp;Hengwei Lu ,&nbsp;Yihui Wang ,&nbsp;Jinyan Yu ,&nbsp;Huaxiao Liu","doi":"10.1016/j.scico.2026.103448","DOIUrl":"10.1016/j.scico.2026.103448","url":null,"abstract":"<div><div>Open-source JavaWeb Applications (JWAs) have become increasingly prevalent, supporting a wide range of daily-life needs. Providing comprehensive setup instructions in ReadMe files is essential for enabling newcomers to effectively engage with these projects. However, some developers overlook this aspect, posing significant challenges for newcomers when setting up JWAs. Further, existing research in this area remains relatively underexplored due to the complex structure of JavaWeb applications. As a result, ensuring clear and concise setup steps in ReadMe files is crucial for facilitating newcomer participation in maintaining open-source JWAs. To address this challenge, we present PAL4JavaWeb, a novel method that automatically generates setup instructions for JWA projects by analyzing source files. Unlike traditional manual approaches, PAL4JavaWeb leverages a large language model (LLM) to produce comprehensive and actionable setup steps. Specifically, we employ static program analysis to extract relevant information and reduce complexity, and then utilize segmented outputs to guide the LLM in recognizing key configuration steps and generating setup instructions. Experimental results on 35 real-world JWAs demonstrate the effectiveness of PAL4JavaWeb, achieving a success rate of 91.43%, outperforming the baseline by 48.57%. Furthermore, we submitted the generated setup instructions as pull requests to 13 open-source JWAs on GitHub, of which 10 were merged, highlighting the practical utility of PAL4JavaWeb in simplifying newcomer onboarding.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"252 ","pages":"Article 103448"},"PeriodicalIF":1.4,"publicationDate":"2026-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146175003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Multi-objective optimization of cloud systems","authors":"Miguel Pérez ,&nbsp;Pablo C. Cañizares ,&nbsp;Alberto Núñez","doi":"10.1016/j.scico.2026.103447","DOIUrl":"10.1016/j.scico.2026.103447","url":null,"abstract":"<div><div>Currently, enormous amounts of data are continuously processed to support our daily activities, such as managing bank accounts, streaming movies, or interacting on social networks. In recent years, cloud infrastructures have proven to be a reliable solution, not only for processing this data but also for enabling users worldwide to access it remotely. However, this processing demands vast computing resources, leading to significant energy consumption.</div><div>In this paper, we present a strategy to address this problem by combining multi-objective optimization techniques with Metamorphic Testing (MT) and simulation tools to optimize cloud systems, focusing on both performance and energy consumption. To achieve this, several multi-objective genetic algorithms (MOGAs) have been integrated into the MT-EA4Cloud framework, a solution that previously applied single-objective evolutionary algorithms with MT. To determine the suitability of the proposed approach, an empirical study was conducted to analyze the behavior of the different MOGAs included in the framework. In this study, various test sets and two distinct workloads – inspired by big data analytics operations – were created to represent multiple cloud scenarios.</div><div>The results clearly demonstrate that MOGAs can be effectively combined with MT to optimize cloud systems while considering multiple objectives – in this case, performance and energy consumption. A careful analysis of the results indicates that increasing the mutation rate leads to the best outcomes. In general, the NSGA-II algorithm has produced the best results in the experiments conducted in this study.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"252 ","pages":"Article 103447"},"PeriodicalIF":1.4,"publicationDate":"2026-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146102614","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Has cross-project defect prediction truly progressed? A five-year field diagnosis challenging the state-of-the-art","authors":"Kangjian Zhou","doi":"10.1016/j.scico.2026.103449","DOIUrl":"10.1016/j.scico.2026.103449","url":null,"abstract":"<div><h3>Background</h3><div>Cross-Project Defect Prediction (CPDP) is a critically active area of software engineering. The past five years have witnessed a surge of proposed techniques, from complex feature representation learning to the application of Large Language Models (LLMs), all claiming state-of-the-art (SOTA).</div></div><div><h3>Problem</h3><div>However, this apparent innovation faces a fundamental challenge to the current research paradigm. The field has largely disregarded the established baseline, ManualDown, advocated years ago for its strong performance. This neglect makes it impossible to discern whether reported advancements constitute genuine progress or a false prosperity driven by inadequate comparisons.</div></div><div><h3>Objective</h3><div>This study aims to serve as a five-year field diagnosis. Our goal is to determine whether the CPDP field has truly progressed by empirically evaluating the most prominent recent approaches (2020–2024) against the ManualDown baseline, thereby correcting the course of the field.</div></div><div><h3>Method</h3><div>We conduct a large-scale, reproducible comparison by systematically selecting recent SOTA CPDP models. To ensure a fair and unambiguous assessment, we compare them against ManualDown using the identical target test projects and the exact same performance metrics as reported in the original studies of these models.</div></div><div><h3>Results</h3><div>Our diagnosis reveals a striking discrepancy: approximately half of the recently proposed SOTA models show no substantial improvement over ManualDown (exhibiting a small effect size at best), while the other half perform even worse. This finding poses a serious challenge to the current research paradigm, suggesting that the field's trajectory may be misguided. A notable exception is the emerging potential of LLMs, whose contextual understanding may hold the key to meaningful future gains.</div></div><div><h3>Conclusion</h3><div>ManualDown remains a robust, competitive baseline for both classification and the more practical effort-aware ranking tasks. Therefore, this field diagnosis establishes the formal adoption of ManualDown as a foundational baseline. This practice is essential to ensure that future CPDP research demonstrates verifiable, substantial improvements, thereby correcting the course of the field and steering it toward meaningful advancements.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103449"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146037773","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards developing an actor-based immune system for smart homes","authors":"Zahra Mohaghegh Rad,&nbsp;Ehsan Khamespanah","doi":"10.1016/j.scico.2025.103431","DOIUrl":"10.1016/j.scico.2025.103431","url":null,"abstract":"<div><div>Smart home environments receive substantial improvement from the Internet of Things (IoT) through automated systems and connected devices, which optimize living space management. The advanced technology of smart homes requires strong anomaly detection systems together with Root Cause Analysis (RCA) to maintain security and reliability. This paper presents a new immune system model for smart homes that detects unusual behavior patterns and conducts full RCA. Our methodology uses the Actor Model together with deep learning approaches that process sensor events while applying causal inference to detect anomalies and their root causes. We use multiple deep learning architectures, including sequence-to-sequence (Seq2Seq), autoencoder, and LSTM networks, to detect various anomalies, which include missing data and abnormal data values. Our autoencoder-based solution demonstrates superior performance, achieving 96.2 % precision and a 98.0 % F1-score. These results represent a significant improvement of 76.8 % in precision and 73.7 % in F1-score over state-of-the-art baseline methods. Our research demonstrates how advanced techniques improve both anomaly detection accuracy and the efficiency of RCA, which results in better smart home environment reliability and resilience.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103431"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145808530","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Enhancing software quality attributes through multi-dimensional refactoring at source-level","authors":"Morteza Zakeri ,&nbsp;Fatemeh Abdi ,&nbsp;Fatemeh Bagheri","doi":"10.1016/j.scico.2025.103434","DOIUrl":"10.1016/j.scico.2025.103434","url":null,"abstract":"<div><div>Cyber-Physical Systems (CPSs) increasingly depend on complex, high-level software components for coordination, integration, and control logic. As these components evolve, maintaining key quality attributes—such as modularity, testability, and architectural stability—becomes essential. Automated source-level refactoring offers a practical and systematic way to maintain software quality in dynamic CPS environments, where evolution occurs through ongoing development rather than autonomous runtime adaptation. Search-based refactoring methods identify optimal refactoring sequences to enhance software quality automatically. However, the multiplicity of quality attributes, the lack of formal definitions for them, and their non-correlation make it challenging to measure, reconcile, and appropriately apply quality attributes in search-based refactoring. This paper introduces an automated refactoring engine, CodART, which utilizes compiler principles to perform 18 different refactoring operations at the source code level, generating compilable code. Additionally, nine quality attributes are defined and evaluated to guide search-based refactoring effectively. The novel RNSGA-III algorithm is employed to better balance objectives in the nine-dimensional space. Many existing refactoring tools apply transformations at simplified code, UML, or AST level and do not directly output compilable, transformed source code. In contrast, CodART applies all transformations at the source level and produces compilable Java programs as output - a key requirement for integration into high-assurance CPS software pipelines. Compared to existing approaches, the proposed method enhances the number of quality attributes, refactorings, and optimization algorithms. The proposed algorithm improves software quality by an average of 9%, 12%, and 18% in large, medium, and small projects, respectively, surpassing state-of-the-art methods.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103434"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145885477","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Introducing a novel technique for call graph visualization and design pattern detection through runtime data profiling and dynamic warping","authors":"Tarik Houichime,&nbsp;Younes el Amrani","doi":"10.1016/j.scico.2026.103445","DOIUrl":"10.1016/j.scico.2026.103445","url":null,"abstract":"<div><div>Automated design patterns recovery (ADPR) is a significant academic endeavor focused on identifying and methodically recording design patterns found within software codebases. This process typically involves a thorough examination of source code to find characteristics indicative of specific patterns. Despite sophisticated techniques, persistent challenges remain. These challenges include the complexity of static analysis and variations in pattern appearance across languages. Critically, static methods are fundamentally ill-suited for capturing the temporal, interactive nature of behavioral design patterns. This has led to a field where dynamic methods, while promising, have seen limited exploration regarding their integration with modern, state-of-the-art classifiers, complicating the achievement of comprehensive results. This gap highlights a clear need for novel approaches that can effectively model and analyze runtime behavior directly. In response, this study introduces a dynamic, language-portable two-stage framework. First, we present a novel method for visualizing runtime data as a perceptually-tuned sinusoidal signal. This signal acts as a discovery tool for human analysts, encoding the “local” context of a call (e.g., method’s type) as amplitude and its “global” context (e.g., object interactions) as frequency. Second, we demonstrate how this visualization provides the foundational basis for the symbolic sequencing used in pattern detection. The signal acts as a procedural bridge, it allows an analyst to identify a ’Region of Interest’ from the signal, which then guides the extraction of the corresponding event snippet from the raw log. This snippet is then translated into a compact, symbolic “behavio-stuctural signature”, providing a robust and analyzable representation. Importantly, this work also studies the nature of these sequences, such as their optimal length, and how these properties impact the classification process, thereby validating the foundational basis of the sequential representation.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103445"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146078412","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"The annotated dependency pair framework for almost-sure termination of probabilistic term rewriting","authors":"Jan-Christoph Kassing ,&nbsp;Jürgen Giesl","doi":"10.1016/j.scico.2025.103417","DOIUrl":"10.1016/j.scico.2025.103417","url":null,"abstract":"<div><div>Dependency pairs are one of the most powerful techniques to analyze termination of term rewrite systems automatically. We adapt dependency pairs to the probabilistic setting and develop an <em>annotated dependency pair</em> framework for automatically proving almost-sure termination of <em>probabilistic term rewrite systems</em>, both for full and innermost rewriting. To evaluate its power, we implemented our framework in the tool <span>AProVE</span>.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103417"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145842777","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"DATVD: A novel vulnerability detection method based on dynamic attention and hybrid convolutional pooling","authors":"Jinfu Chen ,&nbsp;Jinyu Mu ,&nbsp;Saihua Cai ,&nbsp;Jiapeng Zhou ,&nbsp;Ziyan Liu ,&nbsp;Xinping Shi","doi":"10.1016/j.scico.2026.103443","DOIUrl":"10.1016/j.scico.2026.103443","url":null,"abstract":"<div><div>Nowadays, the digitization process is constantly advancing. While software has become an indispensable part of people’s lives, software vulnerabilities have also become a serious security threat. With the expansion of software scale and the rapid development of artificial intelligence technology, deep learning technology has been widely used in vulnerability detection. However, it performs poorly in the task of detecting whether there are vulnerabilities in real-world code. The reason is that the amount of real-world code has increased and its structure has become more complex. It is difficult for deep learning models to learn the relationship between code snippets and vulnerability triggers, so that the existing vulnerability detection models have low accuracy in real-world code vulnerability detection tasks. In order to solve the above problems, we propose a software vulnerability detection system DATVD based on dynamic attention. The model consists of three components. The graph embedding component extracts code semantics and structural information and generates a graph representation of the code; the GGNN_DAT component uses the dynamic attention mechanism to learn code features and generate a one-dimensional vector representation; the hybrid convolution pooling component performs graph classification. Due to the limited availability of real-world code datasets, we conducted experiments on the widely recognized public datasets-Debian, Chrome, and Hybrid. Experimental results show that compared with existing neural networks, the proposed DATVD model can effectively improve the accuracy of source code vulnerability detection. When compared to Devign model, the accuracy of the model on these datasets is improved by an average of 3.13 %. The proposed DATVD also demonstrates better detection stability.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103443"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146078409","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Event-B formalisation of a chat system: A case study","authors":"Néstor Cataño","doi":"10.1016/j.scico.2025.103432","DOIUrl":"10.1016/j.scico.2025.103432","url":null,"abstract":"<div><div>This paper presents the formal modelling and refinement of a chat system using the <span>Event-B</span> formal method. We elicit software requirements as User Stories and manually map them into <span>Event-B</span>. We model core chat functionalities, including user creation, chat session creation, message sending, message forwarding, and message deletion, while ensuring consistency via invariants and proof obligations in Rodin. We discuss challenges, lessons learnt, and propose several best modelling practices for the design and verification of similar event-driven messaging systems. Our work outlines directions for future integration with tool-supported code generation.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103432"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145927623","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Adaptive urgency-based real-time task scheduling in ADAS systems","authors":"Mahdi Seyfipoor,&nbsp;Sayyed Muhammad Jaffry,&nbsp;Siamak Mohammadi","doi":"10.1016/j.scico.2026.103436","DOIUrl":"10.1016/j.scico.2026.103436","url":null,"abstract":"<div><div>Advanced driver assistance systems (ADAS) are quintessential examples of real-time Cyber-Physical Systems (CPS), where physical processes and computational elements interact in real-time to enhance safety and automation in transportation. Efficient task scheduling is one of the most important software aspects in real-time systems. In this paper, we propose a CPS-oriented framework for real-time task scheduling in ADAS with a real-time scheduler. Our design integrates object detection, distance estimation, and an Adaptive Urgency scheduler that fuses normalized laxity, dynamic priority, and computational load into a unified metric to manage aperiodic tasks with strict temporal requirements. By adjusting the number of frames between each tracking based on the environment stress, we reduce unneeded object detection tasks, relying on tracking instead. Focusing on aperiodic tasks, the proposed multi-core task scheduler design handles sensor-triggered events and adapts scheduling dynamically while reducing context switch overhead by limiting unnecessary preemption. Experimental results demonstrate improved deadline adherence and improved priority reinforcement, validating the approach for real-time CPS implementations in automotive domains. This paper focuses on the performance of the scheduler from the aspect of deadline misses, context switches, and stability, as well as the ratio of high-priority deadline misses to the total number of deadline misses. We use software simulation to evaluate the algorithms, where the results show an improvement over classical real-time scheduling algorithms, as well as newer algorithms that have contributed to this field. Our proposed algorithm achieved a proportional miss rate of 3 % for critical tasks, which is a 16 % improvement over baselines such as EDF and MLLF.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"251 ","pages":"Article 103436"},"PeriodicalIF":1.4,"publicationDate":"2026-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"146078410","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}