Science of Computer Programming最新文献

{"title":"Trusta: Reasoning about assurance cases with formal methods and large language models","authors":"Zezhong Chen ,&nbsp;Yuxin Deng ,&nbsp;Wenjie Du","doi":"10.1016/j.scico.2025.103288","DOIUrl":"10.1016/j.scico.2025.103288","url":null,"abstract":"<div><div>Assurance cases can be used to argue for the safety of products in safety engineering. In safety-critical areas, the construction of assurance cases is indispensable. We introduce the Trustworthiness Derivation Tree Analyzer (Trusta), a tool designed to enhance the development and evaluation of assurance cases by integrating formal methods and large language models (LLMs). The tool incorporates a Prolog interpreter and solvers like Z3 and MONA to handle various constraint types, enhancing the precision and efficiency of assurance case assessment. Beyond traditional formal methods, Trusta harnesses the power of LLMs including ChatGPT-3.5, ChatGPT-4, and PaLM 2, assisting humans in the development of assurance cases and the writing of formal constraints. Our evaluation, through qualitative and quantitative analyses, shows Trusta's impact on improving assurance case quality and efficiency. Trusta enables junior engineers to reach the skill level of experienced safety experts, narrowing the expertise gap and greatly benefiting those with limited experience. Case studies, including automated guided vehicles (AGVs), demonstrate Trusta's effectiveness in identifying subtle issues and improving the overall trustworthiness of complex systems.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"244 ","pages":"Article 103288"},"PeriodicalIF":1.5,"publicationDate":"2025-02-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143529038","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"LayoutOptimizer: A layout rendering performance optimizer for Android application","authors":"Yue Wu ,&nbsp;Zhentao He ,&nbsp;Qingnan Wang ,&nbsp;Yihui Wang ,&nbsp;Huaxiao Liu","doi":"10.1016/j.scico.2025.103287","DOIUrl":"10.1016/j.scico.2025.103287","url":null,"abstract":"<div><div>The perceived delays experienced by Android application users can have a significant impact on their overall experience. Slow UI rendering is a major factor causing perceived delays. Poorly implemented UI layouts can have a considerable impact on rendering performance. To optimize the rendering performance of a layout, an important way is to solve its hierarchy issues. While there are layout performance analysis tools available, they lack effective solutions for fixing hierarchy issues, which limits their ability to assist developers in resolving such issues. In this paper, we propose a novel approach called LayoutOptimizer, which can automatically identify and solve two common hierarchy issues in Android layouts. The evaluation based on 31 layouts from real-world apps demonstrates that LayoutOptimizer can effectively fix the two common hierarchy issues while ensuring visual consistency.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"244 ","pages":"Article 103287"},"PeriodicalIF":1.5,"publicationDate":"2025-02-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143510919","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Path-guided conformance test case generation for models with data and time using symbolic execution techniques","authors":"Boutheina Bannour ,&nbsp;Arnault Lapitre ,&nbsp;Pascale Le Gall","doi":"10.1016/j.scico.2025.103285","DOIUrl":"10.1016/j.scico.2025.103285","url":null,"abstract":"<div><div>This paper presents an approach leveraging symbolic execution techniques to generate test cases from models mixing data and time. Our methodology focuses on symbolic paths, satisfying a trace-determinism property, which allows testing behaviors in the presence of uninitialized state variables. We construct tree-like test cases around these test purposes, with verdicts on their leaves, meticulously crafting verdict conditions from symbolic execution path conditions encoding temporal data-dependent constraints. Our test case generation is implemented within the symbolic execution platform Diversity. Through experiments, we provide metrics and quantify some aspects of the generated test cases, including the reachability of verdicts within observation time frames specified by the tester.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103285"},"PeriodicalIF":1.5,"publicationDate":"2025-02-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143480120","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"SBD: Securing safe rust automatically from unsafe rust","authors":"Shaowen Li,&nbsp;Hiroyuiki Sato","doi":"10.1016/j.scico.2025.103281","DOIUrl":"10.1016/j.scico.2025.103281","url":null,"abstract":"<div><div>System programming expects programmers to have fine control over available resources to ensure both the correctness and efficiency of the system. Programming languages designed for this type of task provide little abstraction of the underlying hardware. With greater power to interact directly with the machine comes greater responsibility for programmers to manage the hardware themselves to avoid any undefined behavior. C and C++ have been the long-standing de facto languages in this field as they offer both the programming experience of a modern language and the ability to manipulate low-level resources with the abstraction of pointers. However, this responsibility is demanding for programmers, leading to numerous bugs caused by improper resource management.</div><div>Rust is a rising system programming language aiming to combine both low-level resource manipulation and high-level resource management. The design philosophy of Rust is to make the compiler play a vital role in resource management. A set of static analysis unique to Rust are performed at compile time to ensure resources are handled correctly without runtime cost. Nevertheless, static analysis is inherently conservative and Rust addresses this by providing a feature called <em>unsafe Rust</em>, which is exempt from its strict static checks. Various unsafe operations, such as raw pointer dereferencing and foreign function calls, are only permitted within an unsafe code block. This is essential to make the language sufficiently expressive. Nonetheless, Rust's <em>unsafe block</em> only matters statically for type checking, without any runtime assurance. As a consequence, the effects of unsafe operations within an unsafe block can spread to the outside safe code and jeopardize its safety.</div><div>We present <em><u>S</u>afety <u>B</u>lock <u>D</u>ivision</em> (SBD), a completely automatic solution to isolate safe Rust from unsafe Rust. The fundamental design of SBD is its safety data-flow analysis performed on Rust intermediate representation (IR) to fully incorporate language features. This distinguishes SBD from previous works. Past designs primarily operate on LLVM IR and require manual efforts or external tools. SBD is entirely built into the Rust compiler, and thus no programmer involvement is required. We extensively evaluate SBD on popular Rust crates (libraries). Our experiments reveal that SBD incurs negligible binary size (0.31% increase on average) and runtime (a geometric mean of 7.52% increase across eight benchmarks) overhead. We also demonstrate that SBD is capable of protecting against real-world vulnerabilities.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103281"},"PeriodicalIF":1.5,"publicationDate":"2025-02-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143454135","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Extending the EB4EB framework with parameterised events","authors":"Peter Rivière,&nbsp;Neeraj Kumar Singh,&nbsp;Yamine Ait-Ameur,&nbsp;Guillaume Dupont","doi":"10.1016/j.scico.2025.103279","DOIUrl":"10.1016/j.scico.2025.103279","url":null,"abstract":"<div><div>EB4EB, standing for <em>Event-B for Event-B</em>, is a framework that supports the formalisation of Event-B models using first-order logic and set-theory, so that it becomes possible to manipulate them as first-class objects. This framework relies on an Event-B algebraic theory, which serves as a meta-theory formalising, explicitly, all of the features of an Event-B machine. States, events, invariants, variants, etc... are formalised through data-types and operators. When this meta-theory is instantiated, an Event-B model becomes a first-order logic and set-theoretic formula, described in an Event-B context.</div><div>Because it can handle machine elements as terms in formulas, the EB4EB framework enables the definition of new specific proof obligations and <em>analyses</em>. Such analyses may then be applied to any EB4EB machines in order to establish advanced properties, not natively present in the Event-B method, such as deadlock-freeness or liveness requirements. These analyses are <em>non-intrusive</em> since they do not require to alter the machine in order to be performed.</div><div>In the previous formalisation of the EB4EB framework only states and events were handled, limiting the expressive reasoning power of the framework. This paper presents an extension of the EB4EB framework to support parameterised events, an important feature of Event-B. This extension is not straightforward in EB4EB. Indeed, the typing system supported by Event-B theories is not rich enough to describe such extension in a constructive manner as for the other Event-B features formalised in EB4EB. The proposed solution, described in this paper, consists in defining an axiomatic formalisation of event parameters definitions. We also show that the proof obligations and model analyses we have defined scale to handle event parameters. The approach is illustrated on different case studies we have developed.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103279"},"PeriodicalIF":1.5,"publicationDate":"2025-02-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143480241","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Graph neural network-based long method and blob code smell detection","authors":"Minnan Zhang ,&nbsp;Jingdong Jia ,&nbsp;Luiz Fernando Capretz ,&nbsp;Xin Hou ,&nbsp;Huobin Tan","doi":"10.1016/j.scico.2025.103284","DOIUrl":"10.1016/j.scico.2025.103284","url":null,"abstract":"<div><div>The concept of code smell was first proposed in the late nineties, to refer to signals that code may need refactoring. While not necessarily affecting functionality, code smell can hinder understandability and future scalability of the program. As a result, the precise detection of code smell has become an important topic in coding research. However, current detection methods are limited by imbalanced and industrial-irrelevant datasets, a lack of sufficient structural and logical information on the code, and simple model architecture. Given these limitations, this paper utilized an industry-relevant and sufficient dataset and then developed a graph neural network to better detect code smell. First, we identified Long Method and Blob as our research subjects due to their frequent occurrence and impacts on the maintainability of software. We then designed modified fuzzy sampling with focalloss to address the issue of data imbalance. Second, to deal with the large volume of data, we proposed a global and local attention scoring mechanism to extract the key information from the code. Third, in order to design a graph neural network specifically for the abstract syntax tree of code, we combined Euclidean space and non-Euclidean space. Finally, we compared our method with other machine learning methods and deep learning methods. The results demonstrate that our method outperforms the other methods on Long Method and Blob, which indicates the effectiveness of our proposed method.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103284"},"PeriodicalIF":1.5,"publicationDate":"2025-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143488855","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Modular unification of unilingual pointer analyses to multilingual FFI-based programs","authors":"Jyoti Prakash ,&nbsp;Abhishek Tiwari ,&nbsp;Christian Hammer","doi":"10.1016/j.scico.2025.103278","DOIUrl":"10.1016/j.scico.2025.103278","url":null,"abstract":"<div><div>Modular analysis of polyglot applications is challenging because flows of heap objects must be resolved across language boundaries. The state-of-the-art analyses for polyglot applications have two fundamental limitations. First, they assume explicit boundaries between the guest and the host language to determine inter-language dataflows. Second, they rely on specific analyses of the host and guest languages. The former assumption is impractical concerning recent advancements in polyglot programming techniques, while the latter disregards advances in pointer analysis of the underlying languages. In this work, we propose to extend existing pointer analyses with a novel summary specialization technique that unifies points-to sets across language boundaries. Our novel technique leverages combinations of host and guest analyses with minor modifications. We demonstrate the efficacy and generalizability of our approach by evaluating it with two polyglot language models: Java-C communication via Android's NDK and Java-Python communication in GraalVM.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103278"},"PeriodicalIF":1.5,"publicationDate":"2025-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143394518","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Does the compiler or interpreter version influence the energy consumption of programming languages?","authors":"Elisa Jiménez,&nbsp;Alberto Gordillo,&nbsp;Coral Calero,&nbsp;Ma Ángeles Moraga,&nbsp;Félix García","doi":"10.1016/j.scico.2025.103270","DOIUrl":"10.1016/j.scico.2025.103270","url":null,"abstract":"<div><div>Software plays a crucial role in our daily activities. Virtually all the technology we use contains software components written in a particular programming language. In this context, compilers and interpreters play an important role, as they are needed to convert the software source code into a format that can be executed by a machine. The significant influence of the programming language on the energy consumption of the resulting programs has been highlighted in some research. However, there is almost no research on the impact of the programming language compiler/interpreter version of the programming language on the energy consumption. This paper aims to fill this gap by investigating the impact of the compiler/interpreter version on the energy consumption of programs written in C, Java and Python. To do that we have performed a study that uses a hardware-based energy measurement approach to obtain the energy consumed by eight algorithms written in the three languages and run with different compiler/interpreter versions. The results do not show a trend of improvement between versions within each language, especially in terms of energy consumption. These results suggest that energy efficiency does not seem to be a major factor when developing compilers/interpreters and should therefore be prioritized.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103270"},"PeriodicalIF":1.5,"publicationDate":"2025-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143317549","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Generalizing neural network verification to the family of piece-wise linear activation functions","authors":"László Antal,&nbsp;Erika Ábrahám,&nbsp;Hana Masara","doi":"10.1016/j.scico.2025.103269","DOIUrl":"10.1016/j.scico.2025.103269","url":null,"abstract":"<div><div>In this paper, we extend an available neural network verification technique to support the full class of <em>piece-wise linear</em> activation functions. Furthermore, we extend the algorithms, which provide in their original form exact, respectively, over-approximative results for bounded input sets represented as star sets, to allow also <em>unbounded</em> input sets. We implemented our algorithms and demonstrate their effectiveness on some case studies.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103269"},"PeriodicalIF":1.5,"publicationDate":"2025-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143379316","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Deductive verification of solidity smart contracts with SSCalc","authors":"Diego Marmsoler,&nbsp;Billy Thornton","doi":"10.1016/j.scico.2025.103267","DOIUrl":"10.1016/j.scico.2025.103267","url":null,"abstract":"<div><div>Smart contracts are programs stored on the blockchain, often developed in a high-level programming language, the most popular of which is Solidity. Smart contracts are used to automate financial transactions and thus bugs can lead to large financial losses. With this paper, we address this problem by describing a verification environment for Solidity in Isabelle/HOL. To this end, we first describe a calculus to reason about Solidity smart contracts. The calculus is formalized in Isabelle/HOL and its soundness is mechanically verified. Then, we verify a theorem which guarantees that all instances of an arbitrary contract type satisfy a corresponding invariant. The theorem can be used to verify invariants for Solidity smart contracts. This is demonstrated by a case study in which we use our approach to verify a simple token implemented in Solidity. Our results show that the framework has the potential to significantly reduce the verification effort compared to verifying directly from the semantics.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103267"},"PeriodicalIF":1.5,"publicationDate":"2025-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143176861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}