Journal of Systems and Software最新文献

{"title":"IoT systems testing: Taxonomy, empirical findings, and recommendations","authors":"Jean Baptiste Minani ,&nbsp;Yahia El Fellah ,&nbsp;Fatima Sabir ,&nbsp;Naouel Moha ,&nbsp;Yann-Gaël Guéhéneuc ,&nbsp;Martin Kuradusenge ,&nbsp;Tomoaki Masuda","doi":"10.1016/j.jss.2025.112408","DOIUrl":"10.1016/j.jss.2025.112408","url":null,"abstract":"<div><div>The Internet of Things (IoT) is reshaping our lives, increasing the need for thorough pre-deployment testing. However, traditional software testing may not address the testing requirements of IoT systems, leading to quality challenges. A specific testing taxonomy is crucial, yet no widely recognized taxonomy exists for IoT system testing. We introduced an IoT-specific testing taxonomy that categorizes aspects of IoT systems testing into seven distinct categories. We mined testing aspects from 83 primary studies in IoT systems testing and built an initial taxonomy. This taxonomy was refined and validated through two rounds of surveys involving 16 and then 204 IoT industry practitioners. We assessed its effectiveness by conducting an empirical evaluation on two separate IoT systems, each involving 12 testers. Our findings categorize seven testing aspects: (1) testing objectives, (2) testing tools and artifacts, (3) testers, (4) testing stage, (5) testing environment, (6) Object Under Test (OUT) and metrics, and (7) testing approaches. The evaluation showed that testers equipped with the taxonomy could more effectively identify diverse test cases and scenarios. Additionally, we recommend new research opportunities to enhance the testing of IoT systems.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112408"},"PeriodicalIF":3.7,"publicationDate":"2025-03-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143609961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Modeling and verifying resources and capabilities of ubiquitous scenarios for Unmanned Aerial Vehicle swarm","authors":"Manqing Zhang ,&nbsp;Yunwei Dong ,&nbsp;Tao Zhang ,&nbsp;Kang Su ,&nbsp;Zeshan Li","doi":"10.1016/j.jss.2025.112416","DOIUrl":"10.1016/j.jss.2025.112416","url":null,"abstract":"<div><div>Unmanned Aerial Vehicle (UAV) swarms are increasingly deployed in both military and civilian sectors due to their ability to manage numerous resources, execute complex functionalities, and operate under strict spatiotemporal constraints in task-driven environments. However, existing task description methods are often restricted to specific operations and lack the flexibility to represent dynamic and intricate scenarios. To overcome these limitations, we introduce a meta-level theory-based UAV swarm application scenario model. This approach abstracts three primary meta-models: mission meta-model, resource meta-model, and constraint meta-model. We developed the UAV Swarm Application Scenario Modeling Language (ASML), which enables formal scenario descriptions and analysis. Additionally, we establish a set of transformation rules to convert ASML representations into timed automata. To validate the effectiveness of the proposed approach, we apply it to a highway inspection scenario and utilize the UPPAAL model checking tool to verify the correctness of the model. The experimental results from the highway inspection scenario show that our approach significantly enhances the accuracy of UAV swarm scenario modeling while improving adaptability to dynamic environments. Moreover, the results also demonstrate the model’s correctness, reinforcing the reliability of our framework.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112416"},"PeriodicalIF":3.7,"publicationDate":"2025-03-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143609960","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Requirements extraction from model-based systems engineering: A systematic literature review","authors":"Jefferson L. Santos ,&nbsp;Luiz Eduardo G. Martins ,&nbsp;Jefferson Seide Molléri","doi":"10.1016/j.jss.2025.112407","DOIUrl":"10.1016/j.jss.2025.112407","url":null,"abstract":"<div><div>Collaboration and easy data exchange are crucial in modern systems that involve hardware, electronics, software, and users. Requirement Engineering (RE) and Systems Engineering (SE) are challenging fields that require tool support to automate activities. Natural language (NL) requirement documents can create processing issues. To address these issues, detailed models have been developed to represent a system effectively. These models are intend to replace inconsistent documents over time by using model-based methodologies like Model-Based SE (MBSE). Within the MBSE methodologies, Arcadia/Capella has proven its capabilities as a comprehensive tool in the SE community to define and validate complex system architecture. Thus, this paper aims to investigate the tools, methods, techniques, or processes for extracting requirements from the MBSE environment or model generation from NL requirements. Furthermore, this discusses how these approaches are applied specifically in the Arcadia/Capella and how transforming requirements are addressed to support textual requirements. We conducted a systematic literature review (SLR) by selecting 97 articles to examine advances in this field in various aspects of these approaches. The results presented in this SLR uncovered several key findings that have important implications for future research, such as the dominance of the model generation from NL; transforming model-based requirements to NL requires more data; and the fact that requirements extraction in Arcadia/Capella needs more evidence.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112407"},"PeriodicalIF":3.7,"publicationDate":"2025-03-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143592613","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"A systematic mapping study of crowd knowledge enhanced software engineering research using Stack Overflow","authors":"Minaoar Hossain Tanzil ,&nbsp;Shaiful Chowdhury ,&nbsp;Somayeh Modaberi ,&nbsp;Gias Uddin ,&nbsp;Hadi Hemmati","doi":"10.1016/j.jss.2025.112405","DOIUrl":"10.1016/j.jss.2025.112405","url":null,"abstract":"<div><div>Developers continuously interact in crowd-sourced community-based question-answer (Q&amp;A) sites. Reportedly, <span><math><mo>∼</mo></math></span>30% of all software professionals visit the most popular Q&amp;A site StackOverflow (SO) every day. Software engineering (SE) research studies are also increasingly using SO data. To find out the trend, implication, impact, and future research potential utilizing SO data, a systematic mapping study needs to be conducted. Following a rigorous reproducible mapping study approach, from 18 reputed SE journals and conferences, we collected 384 SO-based research articles and categorized them into 10 facets (i.e., themes). We found that SO contributes to 85% of SE research compared with popular Q&amp;A sites such as Quora, and Reddit. We found that 18 SE domains directly benefited from SO data whereas <em>Recommender Systems</em>, and <em>API Design and Evolution</em> domains use SO data the most (15% and 16% of all SO-based research studies, respectively). <em>API Design and Evolution</em>, and <em>Machine Learning with/for SE</em> domains have consistent upward publication. <em>Deep Learning Bug Analysis</em> and <em>Code Cloning</em> research areas have the highest potential research impact recently. With the insights, recommendations, and facet-based categorized paper list from this mapping study, SE researchers can find out potential research areas according to their interest to utilize large-scale SO data.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112405"},"PeriodicalIF":3.7,"publicationDate":"2025-03-03","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143601162","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Sóley: Automated detection of logic vulnerabilities in Ethereum smart contracts using large language models","authors":"Majd Soud,&nbsp;Waltteri Nuutinen,&nbsp;Grischa Liebel","doi":"10.1016/j.jss.2025.112406","DOIUrl":"10.1016/j.jss.2025.112406","url":null,"abstract":"<div><h3>Context:</h3><div>Modern blockchain, such as Ethereum, supports the deployment and execution of so-called smart contracts, autonomous digital programs with significant value of cryptocurrency. Executing smart contracts requires gas costs paid by users, which define the limits of the contract’s execution. Logic vulnerabilities in smart contracts can lead to excessive gas consumption, financial losses, and are often the root cause of high-impact cyberattacks.</div></div><div><h3>Objective:</h3><div>Our objective is threefold: (i) empirically investigate logic vulnerabilities in real-world smart contracts extracted from code changes on GitHub, (ii) introduce Sóley, an automated method for detecting logic vulnerabilities in smart contracts, leveraging Large Language Models (LLMs), and (iii) examine mitigation strategies employed by smart contract developers to address these vulnerabilities in real-world scenarios.</div></div><div><h3>Method:</h3><div>We obtained smart contracts and related code changes from GitHub. To address the first and third objectives, we qualitatively investigated available logic vulnerabilities using an open coding method. We identified these vulnerabilities and their mitigation strategies. For the second objective, we extracted various logic vulnerabilities, focusing on those containing inline assembly fragments. We then applied preprocessing techniques and trained the proposed Sóley model. We evaluated Sóley along with the performance of various LLMs and compared the results with the state-of-the-art baseline on the task of logic vulnerability detection.</div></div><div><h3>Results:</h3><div>Our results include the curation of a large-scale dataset comprising 50,000 Ethereum smart contracts, with a total of 428,569 labeled instances of smart contract vulnerabilities, including 171,180 logic-related vulnerabilities. Our analysis uncovered nine novel logic vulnerabilities, which we used to extend existing taxonomies. Furthermore, we introduced several mitigation strategies extracted from observed developer modifications in real-world scenarios. Experimental results show that Sóley outperforms existing approaches in automatically identifying logic vulnerabilities, achieving a 9% improvement in accuracy and a maximum improvement of 24% in F1-measure over the Baseline. Interestingly, the efficacy of LLMs in this task was evident with minimal feature engineering. Despite the positive results, Sóley struggles to identify certain classes of logic vulnerabilities, which remain for future work.</div></div><div><h3>Conclusion:</h3><div>Early identification of logic vulnerabilities from code changes can provide valuable insights into their detection and mitigation. Recent advancements, such as LLMs, show promise in detecting logic vulnerabilities and contributing to smart contract security and sustainability.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112406"},"PeriodicalIF":3.7,"publicationDate":"2025-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143550871","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Pandemic pedagogy: Evaluating remote education strategies during COVID-19","authors":"Daniel Russo","doi":"10.1016/j.jss.2025.112392","DOIUrl":"10.1016/j.jss.2025.112392","url":null,"abstract":"<div><div>The COVID-19 pandemic triggered an unprecedented transformation in the educational landscape, requiring universities to swiftly pivot from in-person to online instruction. This rapid transition left many educators navigating the complexities of remote teaching for the first time. Now that we have moved past the pandemic, we present a critical retrospective study to analyze and assess the remote teaching practices employed during this challenging period. By conducting a cross-sectional analysis of 300 computer science students who experienced a full year of online education during the lockdown, we discovered that while remote teaching practices had a moderate impact on learning outcomes, they significantly influenced student satisfaction. Importantly, these trends were not isolated; they reflect a shared experience across various demographics, including country, gender, and educational background. This research delivers vital evidence-based recommendations that can guide educational strategies in the event of future challenges. By applying these insights, we can enhance both student satisfaction and the effectiveness of learning in online settings, ensuring that we are better prepared for whatever lies ahead.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112392"},"PeriodicalIF":3.7,"publicationDate":"2025-02-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143526927","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"NoSQL database education: A review of models, tools and teaching methods","authors":"Nirnaya Tripathi","doi":"10.1016/j.jss.2025.112391","DOIUrl":"10.1016/j.jss.2025.112391","url":null,"abstract":"<div><div>NoSQL databases are essential for managing modern data-intensive applications. While SQL education is a crucial part of the software engineering and computer science curriculum, it is insufficient in addressing the rise of big data and cloud infrastructures. Despite extensive research on SQL education, there is limited exploration of NoSQL education, particularly in teaching methods and data models. This study addresses this gap by conducting a systematic literature review on NoSQL database education, aiming to assess current research, teaching practices, models, tools, scalability, and security mechanisms while offering a framework for integrating NoSQL into academic curricula. Out of 386 articles, 28 were selected for detailed analysis, focusing on NoSQL teaching methods, models, and curriculum development. Findings revealed that document-oriented and graph databases, especially MongoDB, Cassandra, and Neo4j, are the most taught. The project-based learning approach was the most common teaching method. Challenges identified include adapting to technological advancements, addressing diverse student needs, and the shift to online learning. This review contributes valuable insights into NoSQL education and offers recommendations for improving teaching practices in software engineering curricula.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112391"},"PeriodicalIF":3.7,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143534027","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Towards resource-efficient reactive and proactive auto-scaling for microservice architectures","authors":"Hussain Ahmad ,&nbsp;Christoph Treude ,&nbsp;Markus Wagner ,&nbsp;Claudia Szabo","doi":"10.1016/j.jss.2025.112390","DOIUrl":"10.1016/j.jss.2025.112390","url":null,"abstract":"<div><div>Microservice architectures have become increasingly popular in both academia and industry, providing enhanced agility, elasticity, and maintainability in software development and deployment. To simplify scaling operations in microservice architectures, container orchestration platforms such as Kubernetes feature Horizontal Pod Auto-scalers (HPAs) designed to adjust the resources of microservices to accommodate fluctuating workloads. However, existing HPAs are not suitable for resource-constrained environments, as they make scaling decisions based on the individual resource capacities of microservices, leading to service unavailability, resource mismanagement, and financial losses. Furthermore, the inherent delay in initializing and terminating microservice pods hinders HPAs from timely responding to workload fluctuations, further exacerbating these issues. To address these concerns, we propose Smart HPA and ProSmart HPA, reactive and proactive resource-efficient horizontal pod auto-scalers respectively. Smart HPA employs a reactive scaling policy that facilitates resource exchange among microservices, optimizing auto-scaling in resource-constrained environments. For ProSmart HPA, we develop a machine-learning-driven resource-efficient scaling policy that proactively manages resource demands to address delays caused by microservice pod startup and termination, while enabling preemptive resource sharing in resource-constrained environments. Our experimental results show that Smart HPA outperforms the Kubernetes baseline HPA, while ProSmart HPA exceeds both Smart HPA and Kubernetes HPA by reducing resource overutilization, overprovisioning, and underprovisioning, and increasing resource allocation to microservice applications.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"225 ","pages":"Article 112390"},"PeriodicalIF":3.7,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143509674","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"KPAMA: A Kubernetes based tool for Mitigating ML system Aging","authors":"Wenjie Ding ,&nbsp;Zhihao Liu ,&nbsp;Xuhui Lu ,&nbsp;Xiaoting Du ,&nbsp;Zheng Zheng","doi":"10.1016/j.jss.2025.112389","DOIUrl":"10.1016/j.jss.2025.112389","url":null,"abstract":"<div><div>As machine learning (ML) systems continue to evolve and be applied, their user base and system size also expand. This expansion is particularly evident with the widespread adoption of large language models. Currently, the infrastructure supporting ML systems, such as cloud services and computing hardware, which are increasingly becoming foundational to the ML system environment, is increasingly adopted to support continuous training and inference services. Nevertheless, it has been shown that the increased data volume, complexity of computations, and extended run times challenge the stability of ML systems, efficiency, and availability, precipitating system aging. To address this issue, we develop a novel solution, KPAMA, leveraging Kubernetes, the leading container orchestration platform, to enhance the autoscaling of computing workflows and resources, effectively mitigating system aging. KPAMA employs a hybrid model to predict key aging metrics and uses decision and anti-oscillation algorithms to achieve system resource autoscaling. Our experiments indicate that KPAMA markedly mitigates system aging and enhances task reliability compared to the standard Horizontal Pod Autoscaler and systems without scaling capabilities.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112389"},"PeriodicalIF":3.7,"publicationDate":"2025-02-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143534024","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

{"title":"Cyber-physical systems with Human-in-the-Loop: A systematic review of socio-technical perspectives","authors":"Torkil Clemmensen ,&nbsp;Mahyar Tourchi Moghaddam ,&nbsp;Jacob Nørbjerg","doi":"10.1016/j.jss.2025.112348","DOIUrl":"10.1016/j.jss.2025.112348","url":null,"abstract":"<div><div>Understanding and designing Cyber-physical systems (CPS) with humans in the loop (HITL) is a basic cross-scientific research problem with large implications for industry. The current software engineering knowledge already explains how to include the humans in the operation of the machines in terms of interfaces, architectures, adaptive systems, and design methodologies for including the Human-in-the-Loop. This paper extends existing knowledge with a systematic review of socio-technical perspectives on CPS with HITL. The review was software engineering focused, as it searched the body of research on CPS with HITL, and only within that body, those papers that included socio-technical perspectives. The results indicated four main areas in the ST literature. Validating these insights by expert interviews with industry CPS experts showed some alignment and also fundamental differences between the socio-technical literature (ST literature) insights and the industry experts’ viewpoints. The discussion identifies useful crossings between the ST literature and research into CPS with HITL adaption, and touch on the issues of non-alignments in industry practice. The conclusion is that the ST perspectives on the body of knowledge on CPS with HITL has much to offer researchers in terms of innovative ways to look at the HITL, but the literature needs further development before industry experts can effectively use it. Future research possibilities are outlined.</div></div>","PeriodicalId":51099,"journal":{"name":"Journal of Systems and Software","volume":"226 ","pages":"Article 112348"},"PeriodicalIF":3.7,"publicationDate":"2025-02-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143526926","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}