发布求助
文献互助 智能选刊 最新文献

2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)最新文献

筛选
英文 中文
A Test-Suite Diagnosability Metric for Spectrum-Based Fault Localization Approaches 一个测试套件Diagnosability标准谱故障定位方法
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.66
Alexandre Perez, Rui Abreu, A. Deursen
{"title":"A Test-Suite Diagnosability Metric for Spectrum-Based Fault Localization Approaches","authors":"Alexandre Perez, Rui Abreu, A. Deursen","doi":"10.1109/ICSE.2017.66","DOIUrl":"https://doi.org/10.1109/ICSE.2017.66","url":null,"abstract":"Current metrics for assessing the adequacy of a test-suite plainly focus on the number of components (be it lines, branches, paths) covered by the suite, but do not explicitly check how the tests actually exercise these components and whether they provide enough information so that spectrum-based fault localization techniques can perform accurate fault isolation. We propose a metric, called DDU, aimed at complementing adequacy measurements by quantifying a test-suite's diagnosability, i.e., the effectiveness of applying spectrum-based fault localization to pinpoint faults in the code in the event of test failures. Our aim is to increase the value generated by creating thorough test-suites, so they are not only regarded as error detection mechanisms but also as effective diagnostic aids that help widely-used fault-localization techniques to accurately pinpoint the location of bugs in the system. Our experiments show that optimizing a test suite with respect to DDU yields a 34% gain in spectrum-based fault localization report accuracy when compared to the standard branch-coverage metric.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"17 1","pages":"654-664"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87679608","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 66
Travioli: A Dynamic Analysis for Detecting Data-Structure Traversals Travioli:检测数据结构遍历的动态分析
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.50
Rohan Padhye, Koushik Sen
{"title":"Travioli: A Dynamic Analysis for Detecting Data-Structure Traversals","authors":"Rohan Padhye, Koushik Sen","doi":"10.1109/ICSE.2017.50","DOIUrl":"https://doi.org/10.1109/ICSE.2017.50","url":null,"abstract":"Traversal is one of the most fundamental operations on data structures, in which an algorithm systematically visits some or all of the data items of a data structure. We propose a dynamic analysis technique, called Travioli, for detecting data-structure traversals. We introduce the concept of acyclic execution contexts, which enables precise detection of traversals of arrays and linked data structures such as lists and trees in the presence of both loops and recursion. We describe how the information reported by Travioli can be used for visualizing data-structure traversals, manually generating performance regression tests, and for discovering performance bugs caused by redundant traversals. We evaluate Travioli on five real-world JavaScript programs. In our experiments, Travioli produced fewer than 4% false positives. We were able to construct performance tests for 93.75% of the reported true traversals. Travioli also found two asymptotic performance bugs in widely used JavaScript frameworks D3 and express.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"98 1","pages":"473-483"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"85798077","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
Automated Transplantation and Differential Testing for Clones 克隆的自动移植和差异测试
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.67
Tianyi Zhang, Miryung Kim
{"title":"Automated Transplantation and Differential Testing for Clones","authors":"Tianyi Zhang, Miryung Kim","doi":"10.1109/ICSE.2017.67","DOIUrl":"https://doi.org/10.1109/ICSE.2017.67","url":null,"abstract":"Code clones are common in software. When applying similar edits to clones, developers often find it difficult to examine the runtime behavior of clones. The problem is exacerbated when some clones are tested, while their counterparts are not. To reuse tests for similar but not identical clones, Grafter transplants one clone to its counterpart by (1) identifying variations in identifier names, types, and method call targets, (2) resolving compilation errors caused by such variations through code transformation, and (3) inserting stub code to transfer input data and intermediate output values for examination. To help developers examine behavioral differences between clones, Grafter supports fine-grained differential testing at both the test outcome level and the intermediate program state level. In our evaluation on three open source projects, Grafter successfully reuses tests in 94% of clone pairs without inducing build errors, demonstrating its automated code transplantation capability. To examine the robustness of G RAFTER, we systematically inject faults using a mutation testing tool, Major, and detect behavioral differences induced by seeded faults. Compared with a static cloning bug finder, Grafter detects 31% more mutants using the test-level comparison and almost 2X more using the state-level comparison. This result indicates that Grafter should effectively complement static cloning bug finders.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"153 1","pages":"665-676"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77705055","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 36
Semantically Enhanced Software Traceability Using Deep Learning Techniques 使用深度学习技术在语义上增强软件可追溯性
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.9
Jin Guo, Jinghui Cheng, J. Cleland-Huang
{"title":"Semantically Enhanced Software Traceability Using Deep Learning Techniques","authors":"Jin Guo, Jinghui Cheng, J. Cleland-Huang","doi":"10.1109/ICSE.2017.9","DOIUrl":"https://doi.org/10.1109/ICSE.2017.9","url":null,"abstract":"In most safety-critical domains the need for traceability is prescribed by certifying bodies. Trace links are generally created among requirements, design, source code, test cases and other artifacts, however, creating such links manually is time consuming and error prone. Automated solutions use information retrieval and machine learning techniques to generate trace links, however, current techniques fail to understand semantics of the software artifacts or to integrate domain knowledge into the tracing process and therefore tend to deliver imprecise and inaccurate results. In this paper, we present a solution that uses deep learning to incorporate requirements artifact semantics and domain knowledge into the tracing solution. We propose a tracing network architecture that utilizes Word Embedding and Recurrent Neural Network (RNN) models to generate trace links. Word embedding learns word vectors that represent knowledge of the domain corpus and RNN uses these word vectors to learn the sentence semantics of requirements artifacts. We trained 360 different configurations of the tracing network using existing trace links in the Positive Train Control domain and identified the Bidirectional Gated Recurrent Unit (BI-GRU) as the best model for the tracing task. BI-GRU significantly out-performed state-of-the-art tracing methods including the Vector Space Model and Latent Semantic Indexing.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"11 1","pages":"3-14"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80824850","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 204
Stochastic Optimization of Program Obfuscation 程序混淆的随机优化
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.28
Han Liu, Chengnian Sun, Z. Su, Yu Jiang, M. Gu, Jiaguang Sun
{"title":"Stochastic Optimization of Program Obfuscation","authors":"Han Liu, Chengnian Sun, Z. Su, Yu Jiang, M. Gu, Jiaguang Sun","doi":"10.1109/ICSE.2017.28","DOIUrl":"https://doi.org/10.1109/ICSE.2017.28","url":null,"abstract":"Program obfuscation is a common practice in software development to obscure source code or binary code, in order to prevent humans from understanding the purpose or logic of software. It protects intellectual property and deters malicious attacks. While tremendous efforts have been devoted to the development of various obfuscation techniques, we have relatively little knowledge on how to most effectively use them together. The biggest challenge lies in identifying the most effective combination of obfuscation techniques. This paper presents a unified framework to optimize program obfuscation. Given an input program P and a set T of obfuscation transformations, our technique can automatically identify a sequence seq = ‹t1, t2, …, tn› (∀i ∈ [1, n]. ti ∈ T), such that applying ti in order on P yields the optimal obfuscation performance. We model the process of searching for seq as a mathematical optimization problem. The key technical contributions of this paper are: (1) an obscurity language model to assess obfuscation effectiveness/optimality, and (2) a guided stochastic algorithm based on Markov chain Monte Carlo methods to search for the optimal solution seq. We have realized the framework in a tool Closure* for JavaScript, and evaluated it on 25 most starred JavaScript projects on GitHub (19K lines of code). Our machinery study shows that Closure* outperforms the well-known Google Closure Compiler by defending 26% of the attacks initiated by JSNice. Our human study also reveals that Closure* is practical and can reduce the human attack success rate by 30%.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"27 1","pages":"221-231"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90552542","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 28
RClassify: Classifying Race Conditions in Web Applications via Deterministic Replay rclassified:通过确定性重放对Web应用程序中的竞争条件进行分类
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.33
Lu Zhang, Chao Wang
{"title":"RClassify: Classifying Race Conditions in Web Applications via Deterministic Replay","authors":"Lu Zhang, Chao Wang","doi":"10.1109/ICSE.2017.33","DOIUrl":"https://doi.org/10.1109/ICSE.2017.33","url":null,"abstract":"Race conditions are common in web applicationsbut are difficult to diagnose and repair. Although there existtools for detecting races in web applications, they all report alarge number of false positives. That is, the races they report areeither bogus, meaning they can never occur in practice, or benign, meaning they do not lead to erroneous behaviors. Since manuallydiagnosing them is tedious and error prone, reporting theserace warnings to developers would be counter-productive. Wepropose a platform-agnostic, deterministic replay-based methodfor identifying not only the real but also the truly harmful raceconditions. It relies on executing each pair of racing events in twodifferent orders and assessing their impact on the program state:we say a race is harmful only if (1) both of the two executions arefeasible and (2) they lead to different program states. We haveevaluated our evidence-based classification method on a large setof real websites from Fortune-500 companies and demonstratedthat it significantly outperforms all state-of-the-art techniques.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"336 1","pages":"278-288"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80637543","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
SPAIN: Security Patch Analysis for Binaries towards Understanding the Pain and Pills 西班牙:二进制文件的安全补丁分析,以理解痛苦和药丸
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.49
Zhengzi Xu, Bihuan Chen, Mahinthan Chandramohan, Yang Liu, Fu Song
{"title":"SPAIN: Security Patch Analysis for Binaries towards Understanding the Pain and Pills","authors":"Zhengzi Xu, Bihuan Chen, Mahinthan Chandramohan, Yang Liu, Fu Song","doi":"10.1109/ICSE.2017.49","DOIUrl":"https://doi.org/10.1109/ICSE.2017.49","url":null,"abstract":"Software vulnerability is one of the major threats to software security. Once discovered, vulnerabilities are often fixed by applying security patches. In that sense, security patches carry valuable information about vulnerabilities, which could be used to discover, understand and fix (similar) vulnerabilities. However, most existing patch analysis approaches work at the source code level, while binary-level patch analysis often heavily relies on a lot of human efforts and expertise. Even worse, some vulnerabilities may be secretly patched without applying CVE numbers, or only the patched binary programs are available while the patches are not publicly released. These practices greatly hinder patch analysis and vulnerability analysis. In this paper, we propose a scalable binary-level patch analysis framework, named SPAIN, which can automatically identify security patches and summarize patch patterns and their corresponding vulnerability patterns. Specifically, given the original and patched versions of a binary program, we locate the patched functions and identify the changed traces (i.e., a sequence of basic blocks) that may contain security or non-security patches. Then we identify security patches through a semantic analysis of these traces and summarize the patterns through a taint analysis on the patched functions. The summarized patterns can be used to search similar patches or vulnerabilities in binary programs. Our experimental results on several real-world projects have shown that: i) SPAIN identified security patches with high accuracy and high scalability, ii) SPAIN summarized 5 patch patterns and their corresponding vulnerability patterns for 5 vulnerability types, and iii) SPAIN discovered security patches that were not documented, and discovered 3 zero-day vulnerabilities.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"179 1","pages":"462-472"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80682544","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 117
Optimizing Test Placement for Module-Level Regression Testing 优化模块级回归测试的测试位置
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.69
A. Shi, Suresh Thummalapenta, Shuvendu K. Lahiri, N. Bjørner, J. Czerwonka
{"title":"Optimizing Test Placement for Module-Level Regression Testing","authors":"A. Shi, Suresh Thummalapenta, Shuvendu K. Lahiri, N. Bjørner, J. Czerwonka","doi":"10.1109/ICSE.2017.69","DOIUrl":"https://doi.org/10.1109/ICSE.2017.69","url":null,"abstract":"Modern build systems help increase developer productivityby performing incremental building and testing. Thesebuild systems view a software project as a group of interdependentmodules and perform regression test selection at themodule level. However, many large software projects have imprecisedependency graphs that lead to wasteful test executions. Ifa test belongs to a module that has more dependencies than theactual dependencies of the test, then it is executed unnecessarilywhenever a code change impacts those additional dependencies. In this paper, we formulate the problem of wasteful testexecutions due to suboptimal placement of tests in modules. We propose a greedy algorithm to reduce the number oftest executions by suggesting test movements while consideringhistorical build information and actual dependencies of tests. Wehave implemented our technique, called TestOptimizer, on topof CloudBuild, the build system developed within Microsoft overthe last few years. We have evaluated the technique on five largeproprietary projects. Our results show that the suggested testmovements can lead to a reduction of 21.66 million test executions(17.09%) across all our subject projects. We received encouragingfeedback from the developers of these projects, they accepted andintend to implement ≈80% of our reported suggestions.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"6 1","pages":"689-699"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88633627","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
Decoding the Representation of Code in the Brain: An fMRI Study of Code Review and Expertise 解码代码在大脑中的表现:代码审查和专业知识的fMRI研究
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.24
Benjamin Floyd, Tyler Santander, Westley Weimer
{"title":"Decoding the Representation of Code in the Brain: An fMRI Study of Code Review and Expertise","authors":"Benjamin Floyd, Tyler Santander, Westley Weimer","doi":"10.1109/ICSE.2017.24","DOIUrl":"https://doi.org/10.1109/ICSE.2017.24","url":null,"abstract":"Subjective judgments in software engineering tasks are of critical importance but can be difficult to study with conventional means. Medical imaging techniques hold the promise of relating cognition to physical activities and brain structures. In a controlled experiment involving 29 participants, we examine code comprehension, code review and prose review using functional magnetic resonance imaging. We find that the neural representations of programming languages vs. natural languages are distinct. We can classify which task a participant is undertaking based solely on brain activity (balanced accuracy 79%, p","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"41 1","pages":"175-186"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"78378870","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 112
UML Diagram Refinement (Focusing on Class-and Use Case Diagrams) UML图精化(关注类和用例图)
2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE) Pub Date : 2017-05-20 DOI: 10.1109/ICSE.2017.73
David Faitelson, S. Tyszberowicz
{"title":"UML Diagram Refinement (Focusing on Class-and Use Case Diagrams)","authors":"David Faitelson, S. Tyszberowicz","doi":"10.1109/ICSE.2017.73","DOIUrl":"https://doi.org/10.1109/ICSE.2017.73","url":null,"abstract":"Large and complicated UML models are not useful, because they are difficult to understand. This problem can be solved by using several diagrams of the same system at different levels of abstraction. Unfortunately, UML does not define an explicit set of rules for ensuring that diagrams at different levels of abstraction are consistent. We define such a set of rules, that we call diagram refinement. Diagram refinement is intuitive, and applicable to several kinds of UML diagrams (mostly to structural diagrams but also to use case diagrams), yet it rests on a solid mathematical basis—the theory of graph homomorphisms. We illustrate its usefulness with a series of examples.","PeriodicalId":6505,"journal":{"name":"2017 IEEE/ACM 39th International Conference on Software Engineering (ICSE)","volume":"161 1","pages":"735-745"},"PeriodicalIF":0.0,"publicationDate":"2017-05-20","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86260120","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 14
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信