2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)最新文献

筛选
英文 中文
Reducer-Based Construction of Conditional Verifiers 基于约简的条件验证器构造
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180259
Dirk Beyer, Marie-Christine Jakobs, T. Lemberger, H. Wehrheim
{"title":"Reducer-Based Construction of Conditional Verifiers","authors":"Dirk Beyer, Marie-Christine Jakobs, T. Lemberger, H. Wehrheim","doi":"10.1145/3180155.3180259","DOIUrl":"https://doi.org/10.1145/3180155.3180259","url":null,"abstract":"Despite recent advances, software verification remains challenging. To solve hard verification tasks, we need to leverage not just one but several different verifiers employing different technologies. To this end, we need to exchange information between verifiers. Conditional model checking was proposed as a solution to exactly this problem: The idea is to let the first verifier output a condition which describes the state space that it successfully verified and to instruct the second verifier to verify the yet unverified state space using this condition. However, most verifiers do not understand conditions as input. In this paper, we propose the usage of an off-the-shelf construction of a conditional verifier from a given traditional verifier and a reducer. The reducer takes as input the program to be verified and the condition, and outputs a residual program whose paths cover the unverified state space described by the condition. As a proof of concept, we designed and implemented one particular reducer and composed three conditional model checkers from the three best verifiers at SV-COMP 2017. We defined a set of claims and experimentally evaluated their validity. All experimental data and results are available for replication.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"1 1","pages":"1182-1193"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81156058","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
Synthesizing Qualitative Research in Software Engineering: A Critical Review 软件工程中的综合定性研究:综述
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180235
Xin Huang, He Zhang, Xin Zhou, M. Babar, Song Yang
{"title":"Synthesizing Qualitative Research in Software Engineering: A Critical Review","authors":"Xin Huang, He Zhang, Xin Zhou, M. Babar, Song Yang","doi":"10.1145/3180155.3180235","DOIUrl":"https://doi.org/10.1145/3180155.3180235","url":null,"abstract":"Synthesizing data extracted from primary studies is an integral component of the methodologies in support of Evidence Based Software Engineering (EBSE) such as System Literature Review (SLR). Since a large and increasing number of studies in Software Engineering (SE) incorporate qualitative data, it is important to systematically review and understand different aspects of the Qualitative Research Synthesis (QRS) being used in SE. We have reviewed the use of QRS methods in 328 SLRs published between 2005 and 2015. We also inquired the authors of 274 SLRs to confrm whether or not any QRS methods were used in their respective reviews. 116 of them provided the responses, which were included in our analysis. We found eight QRS methods applied in SE research, two of which, narrative synthesis and thematic synthesis, have been predominantly adopted by SE researchers for synthesizing qualitative data. Our study determines that a signifcant amount of missing knowledge and incomplete understanding of the defned QRS methods in the community. Our effort also identifes an initial set factors that may in?uence the selection and use of appropriate QRS methods in SE.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"1 1","pages":"1207-1218"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"82089617","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 31
The Road to Live Programming: Insights from the Practice 现场编程之路:来自实践的见解
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180200
Juraj Kubelka, R. Robbes, Alexandre Bergel
{"title":"The Road to Live Programming: Insights from the Practice","authors":"Juraj Kubelka, R. Robbes, Alexandre Bergel","doi":"10.1145/3180155.3180200","DOIUrl":"https://doi.org/10.1145/3180155.3180200","url":null,"abstract":"Live Programming environments allow programmers to get feedback instantly while changing software. Liveness is gaining attention among industrial and open-source communities; several IDEs offer high degrees of liveness. While several studies looked at how programmers work during software evolution tasks, none of them consider live environments. We conduct such a study based on an analysis of 17 programming sessions of practitioners using Pharo, a mature Live Programming environment. The study is complemented by a survey and subsequent analysis of 16 programming sessions in additional languages, e.g., JavaScript. We document the approaches taken by developers during their work. We find that some liveness features are extensively used, and have an impact on the way developers navigate source code and objects in their work.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"305 1","pages":"1090-1101"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"84833679","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 24
Leveraging Program Analysis to Reduce User-Perceived Latency in Mobile Applications 利用程序分析减少移动应用程序中的用户感知延迟
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180249
Yixue Zhao, Marcelo Schmitt Laser, Yingjun Lyu, N. Medvidović
{"title":"Leveraging Program Analysis to Reduce User-Perceived Latency in Mobile Applications","authors":"Yixue Zhao, Marcelo Schmitt Laser, Yingjun Lyu, N. Medvidović","doi":"10.1145/3180155.3180249","DOIUrl":"https://doi.org/10.1145/3180155.3180249","url":null,"abstract":"Reducing network latency in mobile applications is an effective way of improving the mobile user experience and has tangible economic benefits. This paper presents PALOMA, a novel client-centric technique for reducing the network latency by prefetching HTTP requests in Android apps. Our work leverages string analysis and callback control-flow analysis to automatically instrument apps using PALOMA's rigorous formulation of scenarios that address \"what\" and \"when\" to prefetch. PALOMA has been shown to incur significant runtime savings (several hundred milliseconds per prefetchable HTTP request), both when applied on a reusable evaluation benchmark we have developed and on real applications.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"28 1","pages":"176-186"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87123646","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 27
Understanding Developers' Needs on Deprecation as a Language Feature 理解开发人员对弃用作为语言特性的需求
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180170
A. Sawant, M. Aniche, A. Deursen, Alberto Bacchelli
{"title":"Understanding Developers' Needs on Deprecation as a Language Feature","authors":"A. Sawant, M. Aniche, A. Deursen, Alberto Bacchelli","doi":"10.1145/3180155.3180170","DOIUrl":"https://doi.org/10.1145/3180155.3180170","url":null,"abstract":"Deprecation is a language feature that allows API producers to mark a feature as obsolete. We aim to gain a deep understanding of the needs of API producers and consumers alike regarding deprecation. To that end, we investigate why API producers deprecate features, whether they remove deprecated features, how they expect consumers to react, and what prompts an API consumer to react to deprecation. To achieve this goal we conduct semi-structured interviews with 17 third-party Java API producers and survey 170 Java developers. We observe that the current deprecation mechanism in Java and the proposal to enhance it does not address all the needs of a developer. This leads us to propose and evaluate three further enhancements to the deprecation mechanism.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"58 1","pages":"561-571"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88938562","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 23
GUILeak: Tracing Privacy Policy Claims on User Input Data for Android Applications 追踪Android应用程序用户输入数据的隐私政策索赔
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180196
Xiaoyin Wang, Xue Qin, M. Hosseini, Rocky Slavin, T. Breaux, Jianwei Niu
{"title":"GUILeak: Tracing Privacy Policy Claims on User Input Data for Android Applications","authors":"Xiaoyin Wang, Xue Qin, M. Hosseini, Rocky Slavin, T. Breaux, Jianwei Niu","doi":"10.1145/3180155.3180196","DOIUrl":"https://doi.org/10.1145/3180155.3180196","url":null,"abstract":"The Android mobile platform supports billions of devices across more than 190 countries around the world. This popularity coupled with user data collection by Android apps has made privacy protection a well-known challenge in the Android ecosystem. In practice, app producers provide privacy policies disclosing what information is collected and processed by the app. However, it is difficult to trace such claims to the corresponding app code to verify whether the implementation is consistent with the policy. Existing approaches for privacy policy alignment focus on information directly accessed through the Android platform (e.g., location and device ID), but are unable to handle user input, a major source of private information. In this paper, we propose a novel approach that automatically detects privacy leaks of user-entered data for a given Android app and determines whether such leakage may violate the app's privacy policy claims. For evaluation, we applied our approach to 120 popular apps from three privacy-relevant app categories: finance, health, and dating. The results show that our approach was able to detect 21 strong violations and 18 weak violations from the studied apps.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"63 1","pages":"37-47"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81373377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 69
Are Mutation Scores Correlated with Real Fault Detection? A Large Scale Empirical Study on the Relationship Between Mutants and Real Faults 突变分数与真实故障检测相关吗?突变体与实际故障关系的大规模实证研究
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180183
Mike Papadakis, Donghwan Shin, S. Yoo, Doo-Hwan Bae
{"title":"Are Mutation Scores Correlated with Real Fault Detection? A Large Scale Empirical Study on the Relationship Between Mutants and Real Faults","authors":"Mike Papadakis, Donghwan Shin, S. Yoo, Doo-Hwan Bae","doi":"10.1145/3180155.3180183","DOIUrl":"https://doi.org/10.1145/3180155.3180183","url":null,"abstract":"Empirical validation of software testing studies is increasingly relying on mutants. This practice is motivated by the strong correlation between mutant scores and real fault detection that is reported in the literature. In contrast, our study shows that correlations are the results of the confounding effects of the test suite size. In particular, we investigate the relation between two independent variables, mutation score and test suite size, with one dependent variable the detection of (real) faults. We use two data sets, CoreBench and De-fects4J, with large C and Java programs and real faults and provide evidence that all correlations between mutation scores and real fault detection are weak when controlling for test suite size. We also found that both independent variables significantly influence the dependent one, with significantly better fits, but overall with relative low prediction power. By measuring the fault detection capability of the top ranked, according to mutation score, test suites (opposed to randomly selected test suites of the same size), we found that achieving higher mutation scores improves significantly the fault detection. Taken together, our data suggest that mutants provide good guidance for improving the fault detection of test suites, but their correlation with fault detection are weak.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"23 1","pages":"537-548"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83283984","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 108
RFC-Directed Differential Testing of Certificate Validation in SSL/TLS Implementations SSL/TLS实现中rfc导向的证书验证差异测试
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180226
Chu Chen, Cong Tian, Zhenhua Duan, Liang Zhao
{"title":"RFC-Directed Differential Testing of Certificate Validation in SSL/TLS Implementations","authors":"Chu Chen, Cong Tian, Zhenhua Duan, Liang Zhao","doi":"10.1145/3180155.3180226","DOIUrl":"https://doi.org/10.1145/3180155.3180226","url":null,"abstract":"Certificate validation in Secure Socket Layer or Transport Layer Security protocol (SSL/TLS) is critical to Internet security. Thus, it is significant to check whether certificate validation in SSL/TLS is correctly implemented. With this motivation, we propose a novel differential testing approach which is directed by the standard Request For Comments (RFC). First, rules of certificates are extracted automatically from RFCs. Second, low-level test cases are generated through dynamic symbolic execution. Third, high-level test cases, i.e. certificates, are assembled automatically. Finally, with the assembled certificates being test cases, certificate validations in SSL/TLS implementations are tested to reveal latent vulnerabilities or bugs. Our approach named RFCcert has the following advantages: (1) certificates of RFCcert are discrepancy-targeted since they are assembled according to standards instead of genetics; (2) with the obtained certificates, RFCcert not only reveals the invalidity of traditional differential testing but also is able to conduct testing that traditional differential testing cannot do; and (3) the supporting tool of RFCcert has been implemented and extensive experiments show that the approach is effective in finding bugs of SSL/TLS implementations.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"1 1","pages":"859-870"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81942155","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 20
Dataflow Tunneling: Mining Inter-Request Data Dependencies for Request-Based Applications 数据流隧道:为基于请求的应用程序挖掘请求间数据依赖关系
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180171
Xiao Yu, Guoliang Jin
{"title":"Dataflow Tunneling: Mining Inter-Request Data Dependencies for Request-Based Applications","authors":"Xiao Yu, Guoliang Jin","doi":"10.1145/3180155.3180171","DOIUrl":"https://doi.org/10.1145/3180155.3180171","url":null,"abstract":"Request-based applications, e.g., most server-side applications, expose services to users in a request-based paradigm, in which requests are served by request-handler methods. An important task for request-based applications is inter-request analysis, which analyzes request-handler methods that are related by inter-request data dependencies together. However, in the request-based paradigm, data dependencies between related request-handler methods are implicitly established by the underlying frameworks that execute these methods. As a result, existing analysis tools are usually limited to the scope of each single method without the knowledge of dependencies between different methods. In this paper, we design an approach called dataflow tunneling to capture inter-request data dependencies from concrete application executions and produce data-dependency specifications. Our approach answers two key questions: (1) what request-handler methods have data dependencies and (2) what these data dependencies are. Our evaluation using applications developed with two representative and popular frameworks shows that our approach is general and accurate. We also present a characteristic study and a use case of cache tuning based on the mined specifications. We envision that our approach can provide key information to enable future inter-request analysis techniques.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"51 1","pages":"586-597"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80735004","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Redefining Prioritization: Continuous Prioritization for Continuous Integration 重新定义优先级:持续集成的持续优先级
2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE) Pub Date : 2018-05-27 DOI: 10.1145/3180155.3180213
Jingjing Liang, Sebastian G. Elbaum, G. Rothermel
{"title":"Redefining Prioritization: Continuous Prioritization for Continuous Integration","authors":"Jingjing Liang, Sebastian G. Elbaum, G. Rothermel","doi":"10.1145/3180155.3180213","DOIUrl":"https://doi.org/10.1145/3180155.3180213","url":null,"abstract":"Continuous integration (CI) development environments allow soft-ware engineers to frequently integrate and test their code. While CI environments provide advantages, they also utilize non-trivial amounts of time and resources. To address this issue, researchers have adapted techniques for test case prioritization (TCP) to CI environments. To date, however, the techniques considered have operated on test suites, and have not achieved substantial improvements. Moreover, they can be inappropriate to apply when system build costs are high. In this work we explore an alternative: prioritization of commits. We use a lightweight approach based on test suite failure and execution history that is highly effcient; our approach \"continuously\" prioritizes commits that are waiting for execution in response to the arrival of each new commit and the completion of each previously scheduled commit. We have evaluated our approach on three non-trivial CI data sets. Our results show that our approach can be more effective than prior techniques.","PeriodicalId":6560,"journal":{"name":"2018 IEEE/ACM 40th International Conference on Software Engineering (ICSE)","volume":"24 1","pages":"688-698"},"PeriodicalIF":0.0,"publicationDate":"2018-05-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"74258531","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 55
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信