Science of Computer Programming最新文献

{"title":"Deductive verification of solidity smart contracts with SSCalc","authors":"Diego Marmsoler,&nbsp;Billy Thornton","doi":"10.1016/j.scico.2025.103267","DOIUrl":"10.1016/j.scico.2025.103267","url":null,"abstract":"<div><div>Smart contracts are programs stored on the blockchain, often developed in a high-level programming language, the most popular of which is Solidity. Smart contracts are used to automate financial transactions and thus bugs can lead to large financial losses. With this paper, we address this problem by describing a verification environment for Solidity in Isabelle/HOL. To this end, we first describe a calculus to reason about Solidity smart contracts. The calculus is formalized in Isabelle/HOL and its soundness is mechanically verified. Then, we verify a theorem which guarantees that all instances of an arbitrary contract type satisfy a corresponding invariant. The theorem can be used to verify invariants for Solidity smart contracts. This is demonstrated by a case study in which we use our approach to verify a simple token implemented in Solidity. Our results show that the framework has the potential to significantly reduce the verification effort compared to verifying directly from the semantics.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103267"},"PeriodicalIF":1.5,"publicationDate":"2025-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143176861","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Filling query-type text inputs for Android applications via inner-app mining and GPT recommendation","authors":"Heji Huang,&nbsp;Ju Qian,&nbsp;Deping Zhang","doi":"10.1016/j.scico.2025.103266","DOIUrl":"10.1016/j.scico.2025.103266","url":null,"abstract":"<div><div>GUI testing often requires filling reasonable text inputs to activate specific GUI behaviors, which is particularly challenging for query-type inputs used to search contents. Existing techniques may generate input data inconsistent with the query semantic or semantically consistent but not aligned with the current query domain. These data often result in trivial empty searches and are hard to test the internal matching conditions in the query. No search results also affect the further exploration of GUI pages depending on the query. This paper presents MATI (<u>M</u>ining <u>A</u>pp to generate <u>T</u>ext <u>I</u>nput), a new test generation method designed to fill query-type input items in Android applications with an intent to activate non-empty query searches. The method is built on a novel idea that the data suitable to input to a query often already occur on the GUI. Instead of creating new data by algorithms or retrieving data from external sources like the existing methods, MATI does inner-app mining to obtain proper candidate data for query inputs in an app. It then recommends the candidate data best fitting a specific query in both the query semantic and domain for test inputting via a GPT model. In experiments on 25 applications, MATI achieved a 94.6% GUI passing rate for query-type inputs–32.4% higher than the leading baseline, QTypist, thanks to its more generated non-empty searches. Its higher passing rates also led to 9.7% increments in the Android Activity coverage achieved during testing when integrating these methods into an automated GUI testing process. Such results suggest that MATI might benefit the practical testing of Android applications.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103266"},"PeriodicalIF":1.5,"publicationDate":"2025-01-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167314","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Model-based testing of asynchronously communicating distributed controllers using validated mappings to formal representations","authors":"Bence Graics,&nbsp;Milán Mondok,&nbsp;Vince Molnár,&nbsp;István Majzik","doi":"10.1016/j.scico.2025.103265","DOIUrl":"10.1016/j.scico.2025.103265","url":null,"abstract":"<div><div>Programmable controllers are gaining prevalence even in distributed safety-critical applications, e.g., in the railway and aerospace industries. In general, such systems are integrated using various loosely-coupled reactive components and must satisfy critical requirements. Thus, the verification of the design models and systematic testing of the implementation are essential tasks, which can be encumbered by the systems' distributed characteristics. In addition, the correctness of these verification methods is also vital. This paper, on the one hand, presents a model-based integration test generation (MBT) approach leveraging hidden formal methods based on the collaborating statechart models of the components. Statecharts can be integrated using various composition modes (e.g., synchronous and asynchronous) and then automatically mapped (via a symbolic transition systems formalism – XSTS) into the input formalisms of model checker back-ends, namely UPPAAL, Theta, Spin and nuXmv. The model checkers are utilized to generate tests based on formalized properties adhering to multiple coverage criteria. Furthermore, the paper presents a complementing validation approach for the proposed MBT approach based on demonstrating the semantic equivalence of high-level design models and the derived formal models used by the integrated model checkers for verification and test generation. The approaches are implemented in our open source Gamma Statechart Composition Framework and evaluated on industrial-scale distributed controller subsystems from the railway industry.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103265"},"PeriodicalIF":1.5,"publicationDate":"2025-01-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167309","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"State merging for concolic testing of event-driven applications","authors":"Maarten Vandercammen,&nbsp;Coen De Roover","doi":"10.1016/j.scico.2025.103264","DOIUrl":"10.1016/j.scico.2025.103264","url":null,"abstract":"<div><div>Symbolic execution has proven itself a successful technique for automatically testing applications. However, it suffers from the <em>state explosion</em> problem, where execution of the program generates an exponential number of execution states that must be explored to fully cover the program. This problem can be mitigated by incorporating <em>state merging</em> into the testing procedure, where execution states that are sufficiently similar are merged together.</div><div>Although state merging has been applied successfully to the testing of sequential applications, testing of event-driven applications brings with it unique challenges. In event-driven programs, the creation of new execution states is driven by both branch conditions encountered by the executor and the various permutations of the application's event sequence, as every event sequence potentially gives rise to a unique set of execution states that are created. This article presents the first description of how state merging can be applied in the context of symbolic execution of event-driven applications.</div><div>Furthermore, although state merging has been described extensively for <em>online</em> symbolic execution, no mechanism has yet explicitly been described for incorporating state merging into <em>offline</em> symbolic execution, such as concolic testing. Online symbolic executors enable forking of the execution state upon reaching a branch condition that depends on symbolic input. Such testers can explore multiple program paths simultaneously. They can hence fork and merge states whenever the opportunity arises. Offline symbolic execution on the other hand, explores each program path separately. The reduced flexibility complicates the application of state merging. This article provides the first explicit overview of how state merging can be incorporated in concolic testing.</div><div>We have implemented this approach to state merging in a concolic tester for event-driven JavaScript applications named <span>StackFul</span>. We evaluate this tester on a limited set of eight small, event-driven JavaScript web applications, and find that, within the scope of these eight applications, state merging successfully alleviates the state explosion problem, resulting in the concolic tester covering a larger part of the application in fewer test iterations.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103264"},"PeriodicalIF":1.5,"publicationDate":"2025-01-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"ULKB Logic: A HOL-based framework for reasoning over knowledge graphs","authors":"Guilherme Lima ,&nbsp;Alexandre Rademaker ,&nbsp;Rosario Uceda-Sosa","doi":"10.1016/j.scico.2025.103263","DOIUrl":"10.1016/j.scico.2025.103263","url":null,"abstract":"<div><div>ULKB Logic is an open-source framework written in Python for reasoning over knowledge graphs. It provides an interactive theorem prover-like environment equipped with a higher-order language similar to the one used by HOL Light. The main goal of ULKB Logic is to ease the construction of applications that combine state-of-the-art computational logic tools with the knowledge available in knowledge graphs, such as Wikidata. To this end, the framework provides APIs for fetching statements from SPARQL endpoints and operating over the constructed theories using automated theorem provers and SMT solvers (such as the E prover and Z3). In this paper, we describe the design and implementation of ULKB Logic, present its interfaces for querying knowledge graphs and for calling external provers, and discuss a use case of commonsense reasoning in which ULKB Logic is used as the target logic for representing the semantics of English sentences.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103263"},"PeriodicalIF":1.5,"publicationDate":"2025-01-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167316","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Introduction to the TASE 2023 Special Issue","authors":"Neeraj Kumar Singh ,&nbsp;Cristina David ,&nbsp;Meng Sun ,&nbsp;Meng Wang","doi":"10.1016/j.scico.2025.103262","DOIUrl":"10.1016/j.scico.2025.103262","url":null,"abstract":"","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"243 ","pages":"Article 103262"},"PeriodicalIF":1.5,"publicationDate":"2025-01-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143562613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Integrating behavioral semantic analysis in usage-based equivalent tests generation for mobile applications","authors":"Shuqi Liu ,&nbsp;Yu Zhou ,&nbsp;Huiwen Yang ,&nbsp;Tingting Han ,&nbsp;Taolue Chen","doi":"10.1016/j.scico.2024.103261","DOIUrl":"10.1016/j.scico.2024.103261","url":null,"abstract":"<div><div>Graphical user interface (GUI) testing is crucial to ensure the expected behaviors of mobile applications (apps). The burgeoning automated usage-based testing seeks to generate simulated human interactions tailored to functional features of apps. However, the difficulties in understanding UI semantics, along with the multiple implementation alternatives, significantly restrict the ability to exercise a specified usage. In this paper, we propose <span>GUEST</span> (<strong>G</strong>enerating <strong>U</strong>sage-based <strong>E</strong>quivalent Te<strong>ST</strong>s), which automates the generation of multiple equivalent tests for GUI usage to help developers more thoroughly test mobile apps' features. <span>GUEST</span> integrates textual information from state pages with the UI structure to express operational GUI widgets with semantic information. It leverages the semantic coverage of edge links within the state transition graph of state-machine encoding for the usage to match canonical screens for the current state page. To exploit behavioral semantics, <span>GUEST</span> treats the state transition graph as a social network and performs centrality analysis to identify key canonical screens in the state transition graph. By utilizing the intimacy between key screens and candidate widgets' reachable screens, <span>GUEST</span> grants higher priority to frequently used and more accessible actions. We evaluate <span>GUEST</span> on desired usages across 22 popular apps and the results reveal that <span>GUEST</span> can successfully exercise the desired usage in 88% of the tests and outperform the state-of-the-art baseline method in both screen and widget classification performance.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103261"},"PeriodicalIF":1.5,"publicationDate":"2024-12-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167315","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Automated code transformation for distributed training of TensorFlow deep learning models","authors":"Yusung Sim ,&nbsp;Wonho Shin ,&nbsp;Sungho Lee","doi":"10.1016/j.scico.2024.103260","DOIUrl":"10.1016/j.scico.2024.103260","url":null,"abstract":"<div><div>Distributed training of deep learning models reduces training time by parallelizing training workloads across multiple GPUs. Distributed training frameworks, such as Horovod and DeepSpeed, provide APIs, and model engineers rewrite deep learning models using the APIs to parallelize their training. However, the rewriting is time-consuming and labor-intensive because it requires engineers to read and understand documents and examples of the frameworks as well as manual efforts to rewrite code.</div><div>In this paper, we propose an automated code transformation approach that transforms TensorFlow deep learning models designed for non-distributed training to models training on multiple GPUs with the Horovod framework. We closely inspect the Horovod document and code examples and identify four common training patterns of TensorFlow deep learning models. Then, we formalize code transformation rules for each training pattern. Using the rules, we implement an automated code transformation tool that takes a TensorFlow deep learning model written in Python and rewrites it with the Horovod APIs for distributed training. Through source-code level transformation, our approach enables developers to efficiently scale existing DL models to multiple GPUs. Our evaluation shows that the tool correctly transforms 15 out of 16 open-source TensorFlow deep learning models. To the best of our knowledge, our work is the first automatic transformation technique for distributing existing TensorFlow deep learning models at the source code level. We believe that our approach significantly reduces manual efforts to parallelize training of existing TensorFlow deep learning models.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103260"},"PeriodicalIF":1.5,"publicationDate":"2024-12-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167338","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"An empirical study of code clones: Density, entropy, and patterns","authors":"Bin Hu ,&nbsp;Dongjin Yu ,&nbsp;Yijian Wu ,&nbsp;Tianyi Hu ,&nbsp;Yuanfang Cai","doi":"10.1016/j.scico.2024.103259","DOIUrl":"10.1016/j.scico.2024.103259","url":null,"abstract":"<div><div>In recent years, there has been a growing consensus among researchers regarding the dual nature of code clones. While some instances of code are valuable for reuse or extraction as components, the utilization of specific code segments can pose significant maintenance challenges for developers. Consequently, the judicious management of code clones has emerged as a pivotal solution to address these issues. Nevertheless, it remains critical to ascertain the number of code clones within a project, and identify components where code clones are more concentrated. In this paper, we introduce three novel metrics, namely Clone Distribution, Clone Density, and Clone Entropy (the dispersion of code clone within a project), for the quantification and characterization of code clones. We have formulated associated mathematical expressions to precisely represent these code clone metrics. We collected a dataset covering three different domains of Java projects, formulated research questions for the proposed three metrics, conducted a large-scale empirical study, and provided detailed numerical statistics. Furthermore, we have introduced a novel clone visualization approach, which effectively portrays Clone Distribution and Clone Density. Developers can leverage this approach to efficiently identify target clones. By reviewing clone code concerning its distribution, we have identified nine distinct code clone patterns and summarized specific clone management strategies that have the potential to enhance the efficiency of clone management practices. Our experiments demonstrate that the proposed code clone metrics provide valuable insights into the nature of code clones, and the visualization approach assists developers in inspecting and summarizing clone code patterns.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103259"},"PeriodicalIF":1.5,"publicationDate":"2024-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167317","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"TSC2CARLA: An abstract scenario-based verification toolchain for automated driving systems","authors":"Philipp Borchers,&nbsp;Tjark Koopmann,&nbsp;Lukas Westhofen,&nbsp;Jan Steffen Becker,&nbsp;Lina Putze,&nbsp;Dominik Grundt,&nbsp;Thies de Graaff,&nbsp;Vincent Kalwa,&nbsp;Christian Neurohr","doi":"10.1016/j.scico.2024.103256","DOIUrl":"10.1016/j.scico.2024.103256","url":null,"abstract":"<div><div>Transitioning automated driving systems to complex operational domains disproportionally increases demands on verification activities. In the worst case, the operational domain can not be covered by a manageable set of logical scenarios. An anticipated solution is to use abstract scenarios, which increase coverage while still enabling formal methods. However, established verification approaches must be adapted for abstract scenarios. In this work, we consider the generation of simulatable test suites from abstract scenarios. For this, we use Traffic Sequence Charts (TSCs), a visual yet formal scenario description language based on first order logic. We propose an SMT-based process for generating concrete test cases that can be simulated in e.g. CARLA. This theoretical framework is compiled into an architecture and a prototypical implementation called TSC2CARLA. An evaluation on a set of non-trivial examples yields initial evidence for the feasibility of our approach.</div></div>","PeriodicalId":49561,"journal":{"name":"Science of Computer Programming","volume":"242 ","pages":"Article 103256"},"PeriodicalIF":1.5,"publicationDate":"2024-12-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143167318","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}