A  B  C  D  E  F  G  H  I  J  K  L  M  N  O  P  Q  R  S  T  U  V  W  X  Y  Z  

        1 2 | Last   [Sort alphabetically]   [Restore default list]

  Subjects -> ELECTRONICS (Total: 207 journals)
Showing 1 - 200 of 277 Journals sorted by number of followers
IEEE Transactions on Aerospace and Electronic Systems     Hybrid Journal   (Followers: 281)
Control Systems     Hybrid Journal   (Followers: 237)
IEEE Transactions on Geoscience and Remote Sensing     Hybrid Journal   (Followers: 174)
Journal of Guidance, Control, and Dynamics     Hybrid Journal   (Followers: 166)
Electronic Design     Partially Free   (Followers: 125)
Electronics     Open Access   (Followers: 125)
Advances in Electronics     Open Access   (Followers: 122)
Electronics For You     Partially Free   (Followers: 114)
IEEE Antennas and Propagation Magazine     Hybrid Journal   (Followers: 112)
IEEE Power Electronics Magazine     Full-text available via subscription   (Followers: 90)
IEEE Antennas and Wireless Propagation Letters     Hybrid Journal   (Followers: 88)
IEEE Transactions on Power Electronics     Hybrid Journal   (Followers: 87)
IEEE Transactions on Industrial Electronics     Hybrid Journal   (Followers: 85)
IEEE Transactions on Software Engineering     Hybrid Journal   (Followers: 84)
IEEE Transactions on Antennas and Propagation     Full-text available via subscription   (Followers: 79)
IET Power Electronics     Open Access   (Followers: 76)
IEEE Transactions on Automatic Control     Hybrid Journal   (Followers: 65)
Selected Topics in Applied Earth Observations and Remote Sensing, IEEE Journal of     Hybrid Journal   (Followers: 62)
IEEE Embedded Systems Letters     Hybrid Journal   (Followers: 60)
IEEE Transactions on Industry Applications     Hybrid Journal   (Followers: 57)
Advances in Power Electronics     Open Access   (Followers: 56)
IEEE Journal of Emerging and Selected Topics in Power Electronics     Hybrid Journal   (Followers: 52)
Canadian Journal of Remote Sensing     Full-text available via subscription   (Followers: 50)
IEEE Nanotechnology Magazine     Hybrid Journal   (Followers: 45)
IEEE Transactions on Consumer Electronics     Hybrid Journal   (Followers: 45)
Journal of Electrical and Electronics Engineering Research     Open Access   (Followers: 41)
IET Microwaves, Antennas & Propagation     Open Access   (Followers: 35)
IEEE Transactions on Biomedical Engineering     Hybrid Journal   (Followers: 35)
IEEE Transactions on Circuits and Systems for Video Technology     Hybrid Journal   (Followers: 31)
International Journal of Power Electronics     Hybrid Journal   (Followers: 30)
Bell Labs Technical Journal     Hybrid Journal   (Followers: 27)
IEEE Transactions on Information Theory     Hybrid Journal   (Followers: 27)
Microelectronics and Solid State Electronics     Open Access   (Followers: 27)
American Journal of Electrical and Electronic Engineering     Open Access   (Followers: 26)
Journal of Sensors     Open Access   (Followers: 25)
Electronics Letters     Open Access   (Followers: 25)
International Journal of Aerospace Innovations     Full-text available via subscription   (Followers: 23)
International Journal of Image, Graphics and Signal Processing     Open Access   (Followers: 22)
Journal of Power Electronics & Power Systems     Full-text available via subscription   (Followers: 19)
IEEE Reviews in Biomedical Engineering     Hybrid Journal   (Followers: 19)
IEEE/OSA Journal of Optical Communications and Networking     Hybrid Journal   (Followers: 19)
Journal of Artificial Intelligence     Open Access   (Followers: 18)
IEEE Transactions on Electron Devices     Hybrid Journal   (Followers: 18)
IET Wireless Sensor Systems     Open Access   (Followers: 17)
Circuits and Systems     Open Access   (Followers: 16)
International Journal of Microwave and Wireless Technologies     Hybrid Journal   (Followers: 16)
IEEE Transactions on Signal and Information Processing over Networks     Hybrid Journal   (Followers: 14)
Journal of Low Power Electronics     Full-text available via subscription   (Followers: 14)
International Journal of Advanced Research in Computer Science and Electronics Engineering     Open Access   (Followers: 14)
Archives of Electrical Engineering     Open Access   (Followers: 14)
International Journal of Control     Hybrid Journal   (Followers: 13)
International Journal of Sensors, Wireless Communications and Control     Hybrid Journal   (Followers: 13)
Advances in Microelectronic Engineering     Open Access   (Followers: 12)
IEEE Transactions on Learning Technologies     Full-text available via subscription   (Followers: 12)
International Journal of Wireless and Microwave Technologies     Open Access   (Followers: 12)
International Journal of Advances in Telecommunications, Electrotechnics, Signals and Systems     Open Access   (Followers: 12)
Intelligent Transportation Systems Magazine, IEEE     Full-text available via subscription   (Followers: 12)
IEEE Solid-State Circuits Magazine     Hybrid Journal   (Followers: 11)
IEICE - Transactions on Electronics     Full-text available via subscription   (Followers: 11)
IEEE Women in Engineering Magazine     Hybrid Journal   (Followers: 11)
IEEE Transactions on Broadcasting     Hybrid Journal   (Followers: 11)
Journal of Electromagnetic Waves and Applications     Hybrid Journal   (Followers: 10)
International Journal of Advanced Electronics and Communication Systems     Open Access   (Followers: 10)
International Journal of Antennas and Propagation     Open Access   (Followers: 10)
IETE Journal of Research     Open Access   (Followers: 10)
Journal of Low Power Electronics and Applications     Open Access   (Followers: 9)
IETE Technical Review     Open Access   (Followers: 9)
Batteries     Open Access   (Followers: 8)
IEEE Journal of the Electron Devices Society     Open Access   (Followers: 8)
IEEE Transactions on Autonomous Mental Development     Hybrid Journal   (Followers: 8)
Journal of Power Electronics     Hybrid Journal   (Followers: 8)
China Communications     Full-text available via subscription   (Followers: 8)
International Journal of Electronics and Telecommunications     Open Access   (Followers: 8)
Open Journal of Antennas and Propagation     Open Access   (Followers: 8)
Metrology and Measurement Systems     Open Access   (Followers: 8)
APSIPA Transactions on Signal and Information Processing     Open Access   (Followers: 8)
Journal of Microwave Power and Electromagnetic Energy     Hybrid Journal   (Followers: 8)
Progress in Quantum Electronics     Full-text available via subscription   (Followers: 8)
Electronics and Communications in Japan     Hybrid Journal   (Followers: 8)
Solid-State Electronics     Hybrid Journal   (Followers: 7)
Nanotechnology, Science and Applications     Open Access   (Followers: 7)
Universal Journal of Electrical and Electronic Engineering     Open Access   (Followers: 7)
International Journal of Electronics     Hybrid Journal   (Followers: 7)
IEEE Magnetics Letters     Hybrid Journal   (Followers: 7)
Foundations and Trends® in Signal Processing     Full-text available via subscription   (Followers: 7)
Journal of Electromagnetic Analysis and Applications     Open Access   (Followers: 6)
Foundations and Trends® in Communications and Information Theory     Full-text available via subscription   (Followers: 6)
Annals of Telecommunications     Hybrid Journal   (Followers: 6)
Electronic Markets     Hybrid Journal   (Followers: 6)
International Journal of Systems, Control and Communications     Hybrid Journal   (Followers: 6)
Advances in Biosensors and Bioelectronics     Open Access   (Followers: 6)
Research & Reviews : Journal of Embedded System & Applications     Full-text available via subscription   (Followers: 6)
IEICE - Transactions on Information and Systems     Full-text available via subscription   (Followers: 5)
Kinetik : Game Technology, Information System, Computer Network, Computing, Electronics, and Control     Open Access   (Followers: 5)
Journal of Electronics (China)     Hybrid Journal   (Followers: 5)
Journal of Field Robotics     Hybrid Journal   (Followers: 5)
Energy Storage Materials     Full-text available via subscription   (Followers: 5)
IEEE Pulse     Hybrid Journal   (Followers: 5)
International Journal of Computational Vision and Robotics     Hybrid Journal   (Followers: 5)
Advances in Electrical and Electronic Engineering     Open Access   (Followers: 5)
Batteries & Supercaps     Hybrid Journal   (Followers: 5)
IEEE Transactions on Services Computing     Hybrid Journal   (Followers: 5)
Journal of Electrical Engineering & Electronic Technology     Hybrid Journal   (Followers: 4)
Wireless and Mobile Technologies     Open Access   (Followers: 4)
Superconductivity     Full-text available via subscription   (Followers: 4)
IEEE Transactions on Haptics     Hybrid Journal   (Followers: 4)
Synthesis Lectures on Power Electronics     Full-text available via subscription   (Followers: 4)
Journal of Biosensors & Bioelectronics     Open Access   (Followers: 4)
Networks: an International Journal     Hybrid Journal   (Followers: 4)
International Journal of Numerical Modelling: Electronic Networks, Devices and Fields     Hybrid Journal   (Followers: 4)
Electronic Materials Letters     Hybrid Journal   (Followers: 4)
Journal of Circuits, Systems, and Computers     Hybrid Journal   (Followers: 4)
Journal of Energy Storage     Full-text available via subscription   (Followers: 4)
Journal of Optoelectronics Engineering     Open Access   (Followers: 4)
Sensors International     Open Access   (Followers: 3)
Nature Electronics     Hybrid Journal   (Followers: 3)
IJEIS (Indonesian Journal of Electronics and Instrumentation Systems)     Open Access   (Followers: 3)
EPE Journal : European Power Electronics and Drives     Hybrid Journal   (Followers: 3)
Machine Learning with Applications     Full-text available via subscription   (Followers: 3)
International Journal of Applied Electronics in Physics & Robotics     Open Access   (Followers: 3)
Informatik-Spektrum     Hybrid Journal   (Followers: 3)
IETE Journal of Education     Open Access   (Followers: 3)
International Transaction of Electrical and Computer Engineers System     Open Access   (Followers: 2)
IEEE Journal on Exploratory Solid-State Computational Devices and Circuits     Hybrid Journal   (Followers: 2)
Power Electronics and Drives     Open Access   (Followers: 2)
Security and Communication Networks     Hybrid Journal   (Followers: 2)
Journal of Microelectronics and Electronic Packaging     Hybrid Journal   (Followers: 2)
Advancing Microelectronics     Hybrid Journal   (Followers: 2)
Transactions on Electrical and Electronic Materials     Hybrid Journal   (Followers: 2)
Energy Storage     Hybrid Journal   (Followers: 2)
Journal of Information and Telecommunication     Open Access   (Followers: 2)
Sensing and Imaging : An International Journal     Hybrid Journal   (Followers: 2)
Radiophysics and Quantum Electronics     Hybrid Journal   (Followers: 2)
TELKOMNIKA (Telecommunication, Computing, Electronics and Control)     Open Access   (Followers: 2)
Advanced Materials Technologies     Hybrid Journal   (Followers: 2)
EPJ Quantum Technology     Open Access   (Followers: 2)
e-Prime : Advances in Electrical Engineering, Electronics and Energy     Open Access   (Followers: 2)
Journal of Intelligent Procedures in Electrical Technology     Open Access   (Followers: 2)
IET Smart Grid     Open Access   (Followers: 2)
International Journal of Review in Electronics & Communication Engineering     Open Access   (Followers: 2)
Journal of Nuclear Cardiology     Hybrid Journal   (Followers: 1)
Transactions on Cryptographic Hardware and Embedded Systems     Open Access   (Followers: 1)
ACS Applied Electronic Materials     Open Access   (Followers: 1)
Frontiers in Electronics     Open Access   (Followers: 1)
IEEE Letters on Electromagnetic Compatibility Practice and Applications     Hybrid Journal   (Followers: 1)
Semiconductors and Semimetals     Full-text available via subscription   (Followers: 1)
International Journal of Granular Computing, Rough Sets and Intelligent Systems     Hybrid Journal   (Followers: 1)
IET Energy Systems Integration     Open Access   (Followers: 1)
ECTI Transactions on Electrical Engineering, Electronics, and Communications     Open Access   (Followers: 1)
International Journal of Hybrid Intelligence     Hybrid Journal   (Followers: 1)
Open Electrical & Electronic Engineering Journal     Open Access   (Followers: 1)
Ural Radio Engineering Journal     Open Access   (Followers: 1)
Frontiers of Optoelectronics     Hybrid Journal   (Followers: 1)
Електротехніка і Електромеханіка     Open Access   (Followers: 1)
Edu Elektrika Journal     Open Access   (Followers: 1)
Journal of Computational Intelligence and Electronic Systems     Full-text available via subscription   (Followers: 1)
Majalah Ilmiah Teknologi Elektro : Journal of Electrical Technology     Open Access   (Followers: 1)
Journal of Advanced Dielectrics     Open Access   (Followers: 1)
IET Cyber-Physical Systems : Theory & Applications     Open Access   (Followers: 1)
Automatika : Journal for Control, Measurement, Electronics, Computing and Communications     Open Access  
npj Flexible Electronics     Open Access  
Elektronika ir Elektortechnika     Open Access  
Emitor : Jurnal Teknik Elektro     Open Access  
IEEE Solid-State Circuits Letters     Hybrid Journal  
IEEE Open Journal of Industry Applications     Open Access  
IEEE Open Journal of the Industrial Electronics Society     Open Access  
IEEE Journal of Electromagnetics, RF and Microwaves in Medicine and Biology     Hybrid Journal  
IEEE Open Journal of Circuits and Systems     Open Access  
Journal of Electronic Science and Technology     Open Access  
Australian Journal of Electrical and Electronics Engineering     Hybrid Journal  
Solid State Electronics Letters     Open Access  
Industrial Technology Research Journal Phranakhon Rajabhat University     Open Access  
Journal of Engineered Fibers and Fabrics     Open Access  
Jurnal Teknologi Elektro     Open Access  
IET Nanodielectrics     Open Access  
Elkha : Jurnal Teknik Elektro     Open Access  
JAREE (Journal on Advanced Research in Electrical Engineering)     Open Access  
Jurnal Teknik Elektro     Open Access  
IACR Transactions on Symmetric Cryptology     Open Access  
Acta Electronica Malaysia     Open Access  
Bioelectronics in Medicine     Hybrid Journal  
Chinese Journal of Electronics     Open Access  
Problemy Peredachi Informatsii     Full-text available via subscription  
Technical Report Electronics and Computer Engineering     Open Access  
Jurnal Rekayasa Elektrika     Open Access  
Facta Universitatis, Series : Electronics and Energetics     Open Access  
Visión Electrónica : algo más que un estado sólido     Open Access  
Telematique     Open Access  
International Journal of Nanoscience     Hybrid Journal  
International Journal of High Speed Electronics and Systems     Hybrid Journal  

        1 2 | Last   [Sort alphabetically]   [Restore default list]

Similar Journals
Journal Cover
IEEE Transactions on Software Engineering
Journal Prestige (SJR): 0.548
Citation Impact (citeScore): 5
Number of Followers: 84  
 
  Hybrid Journal Hybrid journal (It can contain Open Access articles)
ISSN (Print) 0098-5589
Published by IEEE Homepage  [228 journals]
  • Code Review Knowledge Perception: Fusing Multi-Features for Salient-Class
           Location

    • Free pre-print version: Loading...

      Authors: Yuan Huang;Nan Jia;Xiangping Chen;Kai Hong;Zibin Zheng;
      Pages: 1463 - 1479
      Abstract: Code review is a common software engineering practice of practical importance to reduce software defects. Review today is often with the help of specialized tools, such as Gerrit. However, even in a tool-supported code review involves a significant amount of human effort to understand the code change, because the information required to inspect code changes may distribute across multiple files that reviewers are not familiar with. Code changes are often organized as commits for review. In this paper, we found that most of the commits contain a salient class(es), which is saliently modified and causes the modification of the rest classes in a commit. Our user studies confirmed that identifying the salient class in a commit can facilitate reviewers in understanding code change. Inspired by the effectiveness of machine learning techniques in the classification field, we model the salient class identification as a binary classification problem and a number of discriminative features is extracted for a commit and used to characterize the salience of a class. The experiments results show that our approach achieves an accuracy of 88 percent. A user study with industrial developers shows that our approach can really improve the efficiency of reviewers understanding code changes in a reviewing scenario without using comment.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Predicting Defective Lines Using a Model-Agnostic Technique

    • Free pre-print version: Loading...

      Authors: Supatsara Wattanakriengkrai;Patanamon Thongtanunam;Chakkrit Tantithamthavorn;Hideaki Hata;Kenichi Matsumoto;
      Pages: 1480 - 1496
      Abstract: Defect prediction models are proposed to help a team prioritize the areas of source code files that need Software Quality Assurance (SQA) based on the likelihood of having defects. However, developers may waste their unnecessary effort on the whole file while only a small fraction of its source code lines are defective. Indeed, we find that as little as 1-3 percent of lines of a file are defective. Hence, in this work, we propose a novel framework (called Line-DP) to identify defective lines using a model-agnostic technique, i.e., an Explainable AI technique that provides information why the model makes such a prediction. Broadly speaking, our Line-DP first builds a file-level defect model using code token features. Then, our Line-DP uses a state-of-the-art model-agnostic technique (i.e., LIME) to identify risky tokens, i.e., code tokens that lead the file-level defect model to predict that the file will be defective. Then, the lines that contain risky tokens are predicted as defective lines. Through a case study of 32 releases of nine Java open source systems, our evaluation results show that our Line-DP achieves an average recall of 0.61, a false alarm rate of 0.47, a top 20%LOC recall of 0.27, and an initial false alarm of 16, which are statistically better than six baseline approaches. Our evaluation shows that our Line-DP requires an average computation time of 10 seconds including model construction and defective line identification time. In addition, we find that 63 percent of defective lines that can be identified by our Line-DP are related to common defects (e.g., argument change, condition change). These results suggest that our Line-DP can effectively identify defective lines that contain common defects while requiring a smaller amount of inspection effort and a manageable computation cost. The contribution of this paper builds an important step towards line-level defect pr-diction by leveraging a model-agnostic technique.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • An Empirical Study of C++ Vulnerabilities in Crowd-Sourced Code Examples

    • Free pre-print version: Loading...

      Authors: Morteza Verdi;Ashkan Sami;Jafar Akhondali;Foutse Khomh;Gias Uddin;Alireza Karami Motlagh;
      Pages: 1497 - 1514
      Abstract: Software developers share programming solutions in Q&A sites like Stack Overflow, Stack Exchange, Android forum, and so on. The reuse of crowd-sourced code snippets can facilitate rapid prototyping. However, recent research shows that the shared code snippets may be of low quality and can even contain vulnerabilities. This paper aims to understand the nature and the prevalence of security vulnerabilities in crowd-sourced code examples. To achieve this goal, we investigate security vulnerabilities in the C++ code snippets shared on Stack Overflow over a period of 10 years. In collaborative sessions involving multiple human coders, we manually assessed each code snippet for security vulnerabilities following CWE (Common Weakness Enumeration) guidelines. From the 72,483 reviewed code snippets used in at least one project hosted on GitHub, we found a total of 99 vulnerable code snippets categorized into 31 types. Many of the investigated code snippets are still not corrected on Stack Overflow. The 99 vulnerable code snippets found in Stack Overflow were reused in a total of 2859 GitHub projects. To help improve the quality of code snippets shared on Stack Overflow, we developed a browser extension that allows Stack Overflow users to be notified for vulnerabilities in code snippets when they see them on the platform.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • The Best Laid Plans or Lack Thereof: Security Decision-Making of Different
           Stakeholder Groups

    • Free pre-print version: Loading...

      Authors: Benjamin Shreeve;Joseph Hallett;Matthew Edwards;Kopo M. Ramokapane;Richard Atkins;Awais Rashid;
      Pages: 1515 - 1528
      Abstract: Cyber security requirements are influenced by the priorities and decisions of a range of stakeholders. Board members and Chief Information Security Officers (CISOs) determine strategic priorities. Managers have responsibility for resource allocation and project management. Legal professionals concern themselves with regulatory compliance. Little is understood about how the security decision-making approaches of these different stakeholders contrast, and if particular groups of stakeholders have a better appreciation of security requirements during decision-making. Are risk analysts better decision makers than CISOs' Do security experts exhibit more effective strategies than board members' This paper explores the effect that different experience and diversity of expertise has on the quality of a team's cyber security decision-making and whether teams with members from more varied backgrounds perform better than those with more focused, homogeneous skill sets. Using data from 208 sessions and 948 players of a tabletop game run in the wild by a major national organization over 16 months, we explore how choices are affected by player background (e.g., cyber security experts versus risk analysts, board-level decision makers versus technical experts) and different team make-ups (homogeneous teams of security experts versus various mixes). We find that no group of experts makes significantly better game decisions than anyone else, and that their biases lead them to not fully comprehend what they are defending or how the defenses work.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • PerfJIT: Test-Level Just-in-Time Prediction for Performance Regression
           Introducing Commits

    • Free pre-print version: Loading...

      Authors: Jinfu Chen;Weiyi Shang;Emad Shihab;
      Pages: 1529 - 1544
      Abstract: Performance issues may compromise user experiences, increase the cost resources, and cause field failures. One of the most prevalent performance issues is performance regression. Due to the importance and challenges in performance regression detection, prior research proposes various automated approaches that detect performance regressions. However, the performance regression detection is conducted after the system is built and deployed. Hence, large amounts of resources are still required to locate and fix performance regressions. In our paper, we propose an approach that automatically predicts whether a test would manifest performance regressions given a code commit. In particular, we extract both traditional metrics and performance-related metrics from the code changes that are associated with each test. For each commit, we build random forest classifiers that are trained from all prior commits to predict in this commit whether each test would manifest performance regression. We conduct case studies on three open-source systems (Hadoop, Cassandra, and OpenJPA). Our results show that our approach can predict tests that manifest performance regressions in a commit with high AUC values (on average 0.86). Our approach can drastically reduce the testing time needed to detect performance regressions. In addition, we find that our approach could be used to detect the introduction of six out of nine real-life performance issues from the subject systems during our studied period. Finally, we find that traditional metrics that are associated with size and code change histories are the most important factors in our models. Our approach and the study results can be leveraged by practitioners to effectively cope with performance regressions in a timely and proactive manner.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Probabilistic Preference Planning Problem for Markov Decision Processes

    • Free pre-print version: Loading...

      Authors: Meilun Li;Andrea Turrini;Ernst Moritz Hahn;Zhikun She;Lijun Zhang;
      Pages: 1545 - 1559
      Abstract: The classical planning problem aims to find a sequence of permitted actions leading a system to a designed state, i.e., to achieve the system’s task. However, in many realistic cases we also have requirements on how to complete the task, indicating that some behaviors and situations are more preferred than others. In this paper, we present the probabilistic preference-based planning problem ($mathrm{P4}$P4) for Markov decision processes, where the preferences are defined based on an enriched probabilistic LTL-style logic. We first recall $mathrm{mathrm{P4} {}Solver}$P4 Solver , an SMT-based planner computing the preferred plan by reducing the problem to a quadratic programming one previously developed to solve $mathrm{P4}$P4. To improve computational efficiency and scalability, we then introduce a new encoding of the probabilistic preference-based planning problem as a multi-objective model checking one, and propose the corresponding planner $mathrm{mathrm{P4} {}Solver} _{{MO}}$P4 Solver MO. We illustrate the efficacy of both planners on some selected case studies to show that the model checking-based algorithm is considerably more efficient than the quadratic-programming-based one.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Enabling Decision and Objective Space Exploration for Interactive
           Multi-Objective Refactoring

    • Free pre-print version: Loading...

      Authors: Soumaya Rebai;Vahid Alizadeh;Marouane Kessentini;Houcem Fehri;Rick Kazman;
      Pages: 1560 - 1578
      Abstract: Due to the conflicting nature of quality measures, there are always multiple refactoring options to fix quality issues. Thus, interaction with developers is critical to inject their preferences. While several interactive techniques have been proposed, developers still need to examine large numbers of possible refactorings, which makes the interaction time-consuming. Furthermore, existing interactive tools are limited to the ”objective space” to show developers the impacts of refactorings on quality attributes. However, the “decision space” is also important since developers may want to focus on specific code locations. In this paper, we propose an interactive approach that enables developers to pinpoint their preference simultaneously in the objective (quality metrics) and decision (code location) spaces. Developers may be interested in looking at refactoring strategies that can improve a specific quality attribute, such as extendibility (objective space), but such strategies may be related to different code locations (decision space). A plethora of solutions is generated at first using multi-objective search that tries to find the possible trade-offs between quality objectives. Then, an unsupervised learning algorithm clusters the trade-off solutions based on their quality metrics, and another clustering algorithm is applied within each cluster of the objective space to identify solutions related to different code locations. The objective and decision spaces can now be explored more efficiently by the developer, who can give feedback on a smaller number of solutions. This feedback is then used to generate constraints for the optimization process, to focus on the developer's regions of interest in both the decision and objective spaces. A manual validation of selected refactoring solutions by developers confirms that our approach outperforms state of the art refactoring t-chniques.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Real World Scrum A Grounded Theory of Variations in Practice

    • Free pre-print version: Loading...

      Authors: Zainab Masood;Rashina Hoda;Kelly Blincoe;
      Pages: 1579 - 1591
      Abstract: Scrum, the most popular agile method and project management framework, is widely reported to be used, adapted, misused, and abused in practice. However, not much is known about how Scrum actually works in practice, and critically, where, when, how and why it diverges from Scrum by the book. Through a Grounded Theory study involving semi-structured interviews of 45 participants from 30 companies and observations of five teams, we present our findings on how Scrum works in practice as compared to how it is presented in its formative books. We identify significant variations in these practices such as work breakdown, estimation, prioritization, assignment, the associated roles and artefacts, and discuss the underlying rationales driving the variations. Critically, we claim that not all variations are process misuse/abuse and propose a nuanced classification approach to understanding variations as standard, necessary, contextual, and clear deviations for successful Scrum use and adaptation.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Vuln4Real: A Methodology for Counting Actually Vulnerable Dependencies

    • Free pre-print version: Loading...

      Authors: Ivan Pashchenko;Henrik Plate;Serena Elisa Ponta;Antonino Sabetta;Fabio Massacci;
      Pages: 1592 - 1609
      Abstract: Vulnerable dependencies are a known problem in today’s free open-source software ecosystems because FOSS libraries are highly interconnected, and developers do not always update their dependencies. Our paper proposes Vuln4Real, the methodology for counting actually vulnerable dependencies, that addresses the over-inflation problem of academic and industrial approaches for reporting vulnerable dependencies in FOSS software, and therefore, caters to the needs of industrial practice for correct allocation of development and audit resources. To understand the industrial impact of a more precise methodology, we considered the 500 most popular FOSS Java libraries used by SAP in its own software. Our analysis included 25767 distinct library instances in Maven. We found that the proposed methodology has visible impacts on both ecosystem view and the individual library developer view of the situation of software dependencies: Vuln4Real significantly reduces the number of false alerts for deployed code (dependencies wrongly flagged as vulnerable), provides meaningful insights on the exposure to third-parties (and hence vulnerabilities) of a library, and automatically predicts when dependency maintenance starts lagging, so it may not receive updates for arising issues.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Automated Generation of Consistent Graph Models With Multiplicity
           Reasoning

    • Free pre-print version: Loading...

      Authors: Kristóf Marussy;Oszkár Semeráth;Dániel Varró;
      Pages: 1610 - 1629
      Abstract: Advanced tools used in model-based systems engineering (MBSE) frequently represent their models as graphs. In order to test those tools, the automated generation of well-formed (or intentionally malformed) graph models is necessitated which is often carried out by solver-based model generation techniques. In many model generation scenarios, one needs more refined control over the generated unit tests to focus on the more relevant models. Type scopes allow to precisely define the required number of newly generated elements, thus one can avoid the generation of unrealistic and highly symmetric models having only a single type of elements. In this paper, we propose a 3-valued scoped partial modeling formalism, which innovatively extends partial graph models with predicate abstraction and counter abstraction. As a result, well-formedness constraints and multiplicity requirements can be evaluated in an approximated way on incomplete (unfinished) models by using advanced graph query engines with numerical solvers (e.g., IP or LP solvers). Based on the refinement of 3-valued scoped partial models, we propose an efficient model generation algorithm that generates models that are both well-formed and satisfy the scope requirements. We show that the proposed approach scales significantly better than existing SAT-solver techniques or the original graph solver without multiplicity reasoning. We illustrate our approach in a complex design-space exploration case study of collaborating satellites introduced by researchers at NASA JPL.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Comparing Block-Based Programming Models for Two-Armed Robots

    • Free pre-print version: Loading...

      Authors: Nico Ritschel;Vladimir Kovalenko;Reid Holmes;Ronald Garcia;David C. Shepherd;
      Pages: 1630 - 1643
      Abstract: Modern industrial robots can work alongside human workers and coordinate with other robots. This means they can perform complex tasks, but doing so requires complex programming. Therefore, robots are typically programmed by experts, but there are not enough to meet the growing demand for robots. To reduce the need for experts, researchers have tried to make robot programming accessible to factory workers without programming experience. However, none of that previous work supports coordinating multiple robot arms that work on the same task. In this paper we present four block-based programming language designs that enable end-users to program two-armed robots. We analyze the benefits and trade-offs of each design on expressiveness and user cognition, and evaluate the designs based on a survey of 273 professional participants of whom 110 had no previous programming experience. We further present an interactive experiment based on a prototype implementation of the design we deem best. This experiment confirmed that novices can successfully use our prototype to complete realistic robotics tasks. This work contributes to making coordinated programming of robots accessible to end-users. It further explores how visual programming elements can make traditionally challenging programming tasks more beginner-friendly.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Experimental Evaluation of Test-Driven Development With Interns Working on
           a Real Industrial Project

    • Free pre-print version: Loading...

      Authors: Bartosz Papis;Konrad Grochowski;Kamil Subzda;Kamil Sijko;
      Pages: 1644 - 1664
      Abstract: Context: There is still little evidence on differences between Test-Driven Development and Test-Last Development, especially for real-world projects, so their impact on code/test quality is an ongoing research trend. An empirical comparison is presented, with 19 participants working on an industrial project developed for an energy market software company, implementing real-world requirements for one of the company's customers. Objective: Examine the impact of TDD and TLD on quality of the code and the tests. The aim is to evaluate if there is a significant difference in external code quality and test quality between these techniques. Method: The experiment is based on a randomized within-subjects block design, with participants working for three months on the same requirements using different techniques, changed from week to week, within three different competence blocks: Intermediate, Novice and Mixed. The resulting code was verified for process conformance. The participants developed only business logic and were separated from infrastructural concerns. A separate group of code repositories was used to work without unit tests, to verify that the requirements were not too easy for the participants. Also, it was analysed if there is any difference between the code created by shared efforts of developers with different competences and the code created by participants isolated in the competence blocks. The resulting implementations had LOC order of magnitude of 10k. Results: Statistically significant advantage of TDD in terms of external code quality (1.8 fewer bugs) and test quality (5 percentage points higher) than TLD. Additionally, TDD narrows the gap in code coverage between developers from different competence blocks. At the same time, TDD proved to have a considerable entry barrier and was hard to follow strictly, especially by Novices. Still, no significant difference w.r.t. code coverage ha- been observed between the Intermediate and the Novice developers - as opposed to TLD, which was easier to follow. Lastly, isolating the Intermediate developers from the Novices had significant impact on the code quality. Conclusion:TDD is a recommended technique for software projects with a long horizon or when it is critical to minimize the number of bugs and achieve high code coverage.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Detecting Software Security Vulnerabilities Via Requirements Dependency
           Analysis

    • Free pre-print version: Loading...

      Authors: Wentao Wang;Faryn Dumont;Nan Niu;Glen Horton;
      Pages: 1665 - 1675
      Abstract: Cyber attacks targeting software applications have a tremendous impact on our daily life. For example, attackers have utilized vulnerabilities of web applications to steal and gain unauthorized use of sensitive data stored in these systems. Previous studies indicate that security testing is highly precise, and therefore is widely applied to validate individual security requirements. However, dependencies between security requirements may cause additional vulnerabilities. Manual dependency detection faces scalability challenges, e.g., a previous study shows that the pairwise dependency analysis of 40 requirements would take around 12 hours. In this article, we present a novel approach which integrates the interdependency among high-level security requirements, such as those documented in policies, regulations, and standards. We then use automated requirements tracing methods to identify product-level security requirements and their dependencies. Our manual analysis of HIPAA and FIPS 200 leads to the identification of five types of high-level security requirements dependencies, which further inform the automated tracing methods and guide the designs of system-level security tests. Experimental results on five projects in healthcare and education domains show the significant recall improvements at 81 percent. Our case study on a deployed production system uncovers four previously unknown vulnerabilities by using the detected requirements dependencies as test paths, demonstrating our approach's value in connecting requirements engineering with security testing.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Identifying Self-Admitted Technical Debts With Jitterbug: A Two-Step
           Approach

    • Free pre-print version: Loading...

      Authors: Zhe Yu;Fahmid Morshed Fahid;Huy Tu;Tim Menzies;
      Pages: 1676 - 1691
      Abstract: Keeping track of and managing Self-Admitted Technical Debts (SATDs) are important to maintaining a healthy software project. This requires much time and effort from human experts to identify the SATDs manually. The current automated solutions do not have satisfactory precision and recall in identifying SATDs to fully automate the process. To solve the above problems, we propose a two-step framework called Jitterbug for identifying SATDs. Jitterbug first identifies the “easy to find” SATDs automatically with close to 100 percent precision using a novel pattern recognition technique. Subsequently, machine learning techniques are applied to assist human experts in manually identifying the remaining “hard to find” SATDs with reduced human effort. Our simulation studies on ten software projects show that Jitterbug can identify SATDs more efficiently (with less human effort) than the prior state-of-the-art methods.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Eyes on Code: A Study on Developers’ Code Navigation Strategies

    • Free pre-print version: Loading...

      Authors: Zohreh Sharafi;Ian Bertram;Michael Flanagan;Westley Weimer;
      Pages: 1692 - 1704
      Abstract: What code navigation strategies do developers use and what mechanisms do they employ to find relevant information' Do their strategies evolve over the course of longer tasks' Answers to these questions can provide insight to educators and software tool designers to support a wide variety of programmers as they tackle increasingly-complex software systems. However, little research to date has measured developers’ code navigation strategies in ecologically-valid settings, or analyzed how strategies progressed throughout a maintenance task. We propose a novel experimental design that more accurately represents the software maintenance process in terms of software complexity and IDE interactions. Using this framework, we conduct an eye-tracking study (n=36) of realistic bug-fixing tasks, dynamically and empirically identifying relevant code areas. We introduce a three-phase model to characterize developers’ navigation behavior supported by statistical variations in eye movements over time. We also propose quantifiable notion of “thrashing” with the code as a navigation activity. We find that thrashing is associated with lower effectiveness. Our results confirm that the relevance of various code elements changes over time, and that our proposed three-phase model is capable of capturing these significant changes. We discuss our findings and their implications for tool designers, educators, and the research community.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Can Clean New Code Reduce Technical Debt Density'

    • Free pre-print version: Loading...

      Authors: George Digkas;Alexander Chatzigeorgiou;Apostolos Ampatzoglou;Paris Avgeriou;
      Pages: 1705 - 1721
      Abstract: While technical debt grows in absolute numbers as software systems evolve over time, the density of technical debt (technical debt divided by lines of code) is reduced in some cases. This can be explained by either the application of refactorings or the development of new artifacts with limited Technical Debt. In this paper we explore the second explanation, by investigating the relation between the amount of Technical Debt in new code and the evolution of Technical Debt in the system. To this end, we compare the Technical Debt Density of new code with existing code, and we investigate which of the three major types of code changes (additions, deletions and modifications) is primarily responsible for changes in the evolution of Technical Debt density. Furthermore, we study whether there is a relation between code quality practices and the ‘cleanness’ of new code. To obtain the required data, we have performed a large-scale case study on twenty-seven open-source software projects by the Apache Software Foundation, analyzing 66,661 classes and 56,890 commits. The results suggest that writing “clean” (or at least “cleaner”) new code can be an efficient strategy for reducing Technical Debt Density, and thus preventing software decay over time. The findings also suggest that projects adopting an explicit policy for quality improvement, e.g., through discussions on code quality in board meetings, are associated with a higher frequency of cleaner new code commits. Therefore, we champion the establishment of processes that monitor the density of Technical Debt of new code to control the accumulation of Technical Debt in a software system.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • A Survey on the Use of Computer Vision to Improve Software Engineering
           Tasks

    • Free pre-print version: Loading...

      Authors: Mohammad Bajammal;Andrea Stocco;Davood Mazinanian;Ali Mesbah;
      Pages: 1722 - 1742
      Abstract: Software engineering (SE) research has traditionally revolved around engineering the source code. However, novel approaches that analyze software through computer vision have been increasingly adopted in SE. These approaches allow analyzing the software from a different complementary perspective other than the source code, and they are used to either complement existing source code-based methods, or to overcome their limitations. The goal of this manuscript is to survey the use of computer vision techniques in SE with the aim of assessing their potential in advancing the field of SE research. We examined an extensive body of literature from top-tier SE venues, as well as venues from closely related fields (machine learning, computer vision, and human-computer interaction). Our inclusion criteria targeted papers applying computer vision techniques that address problems related to any area of SE. We collected an initial pool of 2,716 papers, from which we obtained 66 final relevant papers covering a variety of SE areas. We analyzed what computer vision techniques have been adopted or designed, for what reasons, how they are used, what benefits they provide, and how they are evaluated. Our findings highlight that visual approaches have been adopted in a wide variety of SE tasks, predominantly for effectively tackling software analysis and testing challenges in the web and mobile domains. The results also show a rapid growth trend of the use of computer vision techniques in SE research.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Towards Security Threats of Deep Learning Systems: A Survey

    • Free pre-print version: Loading...

      Authors: Yingzhe He;Guozhu Meng;Kai Chen;Xingbo Hu;Jinwen He;
      Pages: 1743 - 1770
      Abstract: Deep learning has gained tremendous success and great popularity in the past few years. However, deep learning systems are suffering several inherent weaknesses, which can threaten the security of learning models. Deep learning’s wide use further magnifies the impact and consequences. To this end, lots of research has been conducted with the purpose of exhaustively identifying intrinsic weaknesses and subsequently proposing feasible mitigation. Yet few are clear about how these weaknesses are incurred and how effective these attack approaches are in assaulting deep learning. In order to unveil the security weaknesses and aid in the development of a robust deep learning system, we undertake an investigation on attacks towards deep learning, and analyze these attacks to conclude some findings in multiple views. In particular, we focus on four types of attacks associated with security threats of deep learning: model extraction attack, model inversion attack, poisoning attack and adversarial attack. For each type of attack, we construct its essential workflow as well as adversary capabilities and attack goals. Pivot metrics are devised for comparing the attack approaches, by which we perform quantitative and qualitative analyses. From the analysis, we have identified significant and indispensable factors in an attack vector, e.g., how to reduce queries to target models, what distance should be used for measuring perturbation. We shed light on 18 findings covering these approaches’ merits and demerits, success probability, deployment complexity and prospects. Moreover, we discuss other potential security weaknesses and possible mitigation which can inspire relevant research in this area.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • How to Evaluate Solutions in Pareto-Based Search-Based Software
           Engineering: A Critical Review and Methodological Guidance

    • Free pre-print version: Loading...

      Authors: Miqing Li;Tao Chen;Xin Yao;
      Pages: 1771 - 1799
      Abstract: With modern requirements, there is an increasing tendency of considering multiple objectives/criteria simultaneously in many Software Engineering (SE) scenarios. Such a multi-objective optimization scenario comes with an important issue — how to evaluate the outcome of optimization algorithms, which typically is a set of incomparable solutions (i.e., being Pareto nondominated to each other). This issue can be challenging for the SE community, particularly for practitioners of Search-Based SE (SBSE). On one hand, multi-objective optimization could still be relatively new to SE/SBSE researchers, who may not be able to identify the right evaluation methods for their problems. On the other hand, simply following the evaluation methods for general multi-objective optimization problems may not be appropriate for specific SBSE problems, especially when the problem nature or decision maker’s preferences are explicitly/implicitly known. This has been well echoed in the literature by various inappropriate/inadequate selection and inaccurate/misleading use of evaluation methods. In this paper, we first carry out a systematic and critical review of quality evaluation for multi-objective optimization in SBSE. We survey 717 papers published between 2009 and 2019 from 36 venues in seven repositories, and select 95 prominent studies, through which we identify five important but overlooked issues in the area. We then conduct an in-depth analysis of quality evaluation indicators/methods and general situations in SBSE, which, together with the identified issues, enables us to codify a methodological guidance for selecting and using evaluation methods in different SBSE scenarios.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • ATOM: Commit Message Generation Based on Abstract Syntax Tree and Hybrid
           Ranking

    • Free pre-print version: Loading...

      Authors: Shangqing Liu;Cuiyun Gao;Sen Chen;Lun Yiu Nie;Yang Liu;
      Pages: 1800 - 1817
      Abstract: Commit messages record code changes (e.g., feature modifications and bug repairs) in natural language, and are useful for program comprehension. Due to the frequent updates of software and time cost, developers are generally unmotivated to write commit messages for code changes. Therefore, automating the message writing process is necessitated. Previous studies on commit message generation have been benefited from generation models or retrieval models, but the code structure of changed code, i.e., AST, which can be important for capturing code semantics, has not been explicitly involved. Moreover, although generation models have the advantages of synthesizing commit messages for new code changes, they are not easy to bridge the semantic gap between code and natural languages which could be mitigated by retrieval models. In this paper, we propose a novel commit message generation model, named ATOM, which explicitly incorporates the abstract syntax tree for representing code changes and integrates both retrieved and generated messages through hybrid ranking. Specifically, the hybrid ranking module can prioritize the most accurate message from both retrieved and generated messages regarding one code change. We evaluate the proposed model ATOM on our dataset crawled from 56 popular Java repositories. Experimental results demonstrate that ATOM increases the state-of-the-art models by 30.72 percent in terms of BLEU-4 (an accuracy measure that is widely used to evaluate text generation systems). Qualitative analysis also demonstrates the effectiveness of ATOM in generating accurate code commit messages.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
  • Human Values in Software Engineering: Contrasting Case Studies of Practice

    • Free pre-print version: Loading...

      Authors: Waqar Hussain;Harsha Perera;Jon Whittle;Arif Nurwidyantoro;Rashina Hoda;Rifat Ara Shams;Gillian Oliver;
      Pages: 1818 - 1833
      Abstract: The growing diffusion of software in society and its influence on people demands from its creators that their work carefully considers human values such as transparency, social responsibility, and equality. But how do software practitioners address human values in software engineering practice' We interviewed 31 software practitioners from two organizations, each having a strong values framework, with the aim to understand: (a) practitioners’ perceptions of human values and their role in software engineering; (b) practices that practitioners use to address human values in software; and (c) challenges they face during this process. We report our findings from two contrasting case organizations on how practitioners “engineer” values in their unique organizational settings. We found evidence that organizational culture significantly contributes to how values are addressed in software. We summarize recommendations from the practitioners to support proactive engineering of values-conscious software.
      PubDate: May 1 2022
      Issue No: Vol. 48, No. 5 (2022)
       
 
JournalTOCs
School of Mathematical and Computer Sciences
Heriot-Watt University
Edinburgh, EH14 4AS, UK
Email: journaltocs@hw.ac.uk
Tel: +00 44 (0)131 4513762
 


Your IP address: 44.200.74.241
 
Home (Search)
API
About JournalTOCs
News (blog, publications)
JournalTOCs on Twitter   JournalTOCs on Facebook

JournalTOCs © 2009-