 Subjects -> ELECTRONICS (Total: 207 journals)
| A B C D E F G H I J K L M N O P Q R S T U V W X Y Z | | The end of the list has been reached or no journals were found for your choice. |
|
|
- Test Report Generation for Android App Testing Via Heterogeneous Data
Analysis-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Chunrong Fang;Shengcheng Yu;Ting Su;Jing Zhang;Yuanhan Tian;Yang Liu;
Pages: 3032 - 3051
Abstract: The rising of the Android market demands higher quality assurance of Android applications (apps) to sharpen the competitive edge, and techniques for traditional software have problems adapting for mobile apps. Android apps often require testing on a large-scale device cluster, which produces a large amount of test reports consisting of heterogeneous data, e.g., hardware information, GUI screenshots, runtime logs. Such data are hard to merge to be unified analyzed, while they serve as an essential basis for bug inspection and fixing. Existing test report generation or analysis techniques can only handle testing data from different devices separately. They simply list all the information to app developers and have no further processing to summarize test reports. Besides, they neglect the inner connection of the heterogeneous data. Such techniques cannot improve the report reviewing effectiveness and efficiency, and they can hardly find the inner links and rules of the bug occurrence on different devices. As a result, developers still need to devote many efforts to inspect and fix bugs. In this paper, a large amount of test reports are investigated by the authors, as to construct a structured bug model to analyze heterogeneous data of the testing results. According to the investigation, we also define the Bug Inconsistency of testing results from multiple devices and build a novel bug taxonomy. In general, an automated approach is proposed to generate structured and comprehensible test reports from raw testing results from multiple devices. Based on the approach, a tool, namely BreGat, is implemented to evaluate the classification and deduplication capability of our approach. The experimental results of 30 Android apps on 20 devices show that BreGat can successfully cover 83% bug categories and exclude 76% duplicate bugs. Furthermore, a user study involving 16 developers shows that our test reports are m-re comprehensible and BreGat greatly improves the bug inspection efficiency compared to the state-of-the-art tool.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Challenging Machine Learning-Based Clone Detectors via Semantic-Preserving
Code Transformations-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Weiwei Zhang;Shengjian Guo;Hongyu Zhang;Yulei Sui;Yinxing Xue;Yun Xu;
Pages: 3052 - 3070
Abstract: Software clone detection identifies similar or identical code snippets. It has been an active research topic that attracts extensive attention over the last two decades. In recent years, machine learning (ML) based detectors, especially deep learning-based ones, have demonstrated impressive capability on clone detection. It seems that this longstanding problem has already been tamed owing to the advances in ML techniques. In this work, we would like to challenge the robustness of the recent ML-based clone detectors through code semantic-preserving transformations. We first utilize fifteen simple code transformation operators combined with commonly-used heuristics (i.e., Random Search, Genetic Algorithm, and Markov Chain Monte Carlo) to perform equivalent program transformation. Furthermore, we propose a deep reinforcement learning-based sequence generation (DRLSG) strategy to effectively guide the search process of generating clones that could escape from the detection. We then evaluate the ML-based detectors with the pairs of original and generated clones. We realize our method in a framework named CloneGen (stands for Clone Generator). CloneGen In evaluation, we challenge the three state-of-the-art ML-based detectors and four traditional detectors with the code clones after semantic-preserving transformations via the aid of CloneGen. Surprisingly, our experiments show that, despite the notable successes achieved by existing clone detectors, the ML models inside these detectors still cannot distinguish numerous clones produced by the code transformations in CloneGen. In addition, adversarial training of ML-based clone detectors using clones generated by CloneGen can improve their robustness and accuracy. Meanwhile, compared with the commonly-used heuristics, the DRLSG strategy has shown the best effectiveness in generating code clones to decrease the detection accuracy of the ML-based detectors. Our investigation reveals an explicable but always ignored robustness-issue of the latest ML-based detectors. Therefore, we call for more attention to the robustness of these new ML-based detectors.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- TrinityRCL: Multi-Granular and Code-Level Root Cause Localization Using
Multiple Types of Telemetry Data in Microservice Systems-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Shenghui Gu;Guoping Rong;Tian Ren;He Zhang;Haifeng Shen;Yongda Yu;Xian Li;Jian Ouyang;Chunan Chen;
Pages: 3071 - 3088
Abstract: The microservice architecture has been commonly adopted by large scale software systems exemplified by a wide range of online services. Service monitoring through anomaly detection and root cause analysis (RCA) is crucial for these microservice systems to provide stable and continued services. However, compared with monolithic systems, software systems based on the layered microservice architecture are inherently complex and commonly involve entities at different levels of granularity. Therefore, for effective service monitoring, these systems have a special requirement of multi-granular RCA. Furthermore, as a large proportion of anomalies in microservice systems pertain to problematic code, to timely troubleshoot these anomalies, these systems have another special requirement of RCA at the finest code-level. Microservice systems rely on telemetry data to perform service monitoring and RCA of service anomalies. The majority of existing RCA approaches are only based on a single type of telemetry data and as a result can only support uni-granular RCA at either application-level or service-level. Although there are attempts to combine metric and tracing data in RCA, their objective is to improve RCA's efficiency or accuracy rather than to support multi-granular RCA. In this article, we propose a new RCA solution TrinityRCL that is able to localize the root causes of anomalies at multiple levels of granularity including application-level, service-level, host-level, and metric-level, with the unique capability of code-level localization by harnessing all three types of telemetry data to construct a causal graph representing the intricate, dynamic, and nondeterministic relationships among the various entities related to the anomalies. By implementing and deploying TrinityRCL in a real production environment, we evaluate TrinityRCL against two baseline methods and the results show that TrinityRC- has a significant performance advantage in terms of accuracy at the same level of granularity with comparable efficiency and is particularly effective to support large-scale systems with massive telemetry data.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Static Analysis of JNI Programs via Binary Decompilation
-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Jihee Park;Sungho Lee;Jaemin Hong;Sukyoung Ryu;
Pages: 3089 - 3105
Abstract: JNI programs are widely used thanks to the combined benefits of C and Java programs. However, because understanding the interaction behaviors between two different programming languages is challenging, JNI program development is difficult to get right and vulnerable to security attacks. Thus, researchers have proposed static analysis of JNI program source code to detect bugs and security vulnerabilities in JNI programs. Unfortunately, such source code analysis is not applicable to compiled JNI programs that are not open-sourced or open-source JNI programs containing third-party binary libraries. While JN-SAF, the state-of-the-art analyzer for compiled JNI programs, can analyze binary code, it has several limitations due to its symbolic execution and summary-based bottom-up analysis. In this paper, we propose a novel approach to statically analyze compiled JNI programs without their source code using binary decompilation. Unlike JN-SAF that analyzes binaries directly, our approach decompiles binaries and analyzes JNI programs with the decompiled binaries using an existing JNI program analyzer for source code. To decompile binaries to compilable C source code with precise JNI-interoperation-related types, we improve an existing decompilation tool by leveraging the characteristics of JNI programs. Our evaluation shows that the approach is precise as almost the same as the state-of-the-art JNI program analyzer for source code, and more precise than JN-SAF.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Understanding Mentors’ Engagement in OSS Communities via Google
Summer of Code-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Xin Tan;Minghui Zhou;Li Zhang;
Pages: 3106 - 3130
Abstract: A constant influx of newcomers is essential for the sustainability and success of open source software (OSS) projects. However, successful onboarding is always challenging because newcomers face various initial contributing barriers. To support newcomer onboarding, OSS communities widely adopt the mentoring approach. Despite its significance, previous mentoring studies tend to focus on the newcomer's perspective, leaving the mentor's perspective relatively under-studied. To better support mentoring, we study the popular Google Summer of Code (GSoC). It is a well-established global program that offers stipends and mentors to students aiming to bring more student developers into OSS development. We combine online data analysis, an email survey, and semi-structured interviews with the GSoC mentors to understand their motivations, challenges, strategies, and gains. We propose a taxonomy of GSoC mentors’ engagement with four themes, ten categories, 34 sub-categories, and 118 codes, as well as the mentors’ attitudes toward the codes. In particular, we find that mentors participating in GSoC are primarily intrinsically motivated, and some new motivators emerge adapting to the contemporary challenges, e.g., sustainability and advertisement of projects. Forty-one challenges and 52 strategies associated with the program timeline are identified, most of which are first time revealed. Although almost all the challenges are agreed upon by specific mentors, some mentors believe that several challenges are reasonable and even have a positive effect. For example, the cognitive differences between mentors and mentees can stimulate new perspectives. Most of the mentors agreed that they had adopted these strategies during the mentoring process, but a few strategies recommended by the GSoC administration were not agreed upon. Self-satisfaction, different skills, and peer recognition are the main gains of mento-s to participate in GSoC. Eventually, we discuss practical implications for mentors, students, OSS communities, GSoC programs, and researchers.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Trace Diagnostics for Signal-Based Temporal Properties
-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Chaima Boufaied;Claudio Menghi;Domenico Bianculli;Lionel C. Briand;
Pages: 3131 - 3154
Abstract: Trace checking is a verification technique widely used in Cyber-physical system (CPS) development, to verify whether execution traces satisfy or violate properties expressing system requirements. Often these properties characterize complex signal behaviors and are defined using domain-specific languages, such as SB-TemPsy-DSL, a pattern-based specification language for signal-based temporal properties. Most of the trace-checking tools only yield a Boolean verdict. However, when a property is violated by a trace, engineers usually inspect the trace to understand the cause of the violation; such manual diagnostic is time-consuming and error-prone. Existing approaches that complement trace-checking tools with diagnostic capabilities either produce low-level explanations that are hardly comprehensible by engineers or do not support complex signal-based temporal properties. In this paper, we propose TD-SB-TemPsy, a trace-diagnostic approach for properties expressed using SB-TemPsy-DSL. Given a property and a trace that violates the property, TD-SB-TemPsy determines the root cause of the property violation. TD-SB-TemPsy relies on the concepts of violation cause, which characterizes one of the behaviors of the system that may lead to a property violation, and diagnoses, which are associated with violation causes and provide additional information to help engineers understand the violation cause. As part of TD-SB-TemPsy, we propose a language-agnostic methodology to define violation causes and diagnoses. In our context, its application resulted in a catalog of 34 violation causes, each associated with one diagnosis, tailored to properties expressed in SB-TemPsy-DSL. We assessed the applicability of TD-SB-TemPsy on two datasets, including one based on a complex industrial case study. The results show that TD-SB-TemPsy could fini-h within a timeout of 1 min for $approx 83.66%$≈83.66% of the trace-property combinations in the industrial dataset, yielding a diagnosis in $approx 99.84%$≈99.84% of these cases; moreover, it also yielded a diagnosis for all the trace-property combinations in the other dataset. These results suggest that our tool is applicable and efficient in most cases.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Plumber: Boosting the Propagation of Vulnerability Fixes in the npm
Ecosystem-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Ying Wang;Peng Sun;Lin Pei;Yue Yu;Chang Xu;Shing-Chi Cheung;Hai Yu;Zhiliang Zhu;
Pages: 3155 - 3181
Abstract: Vulnerabilities are known reported security threats that affect a large amount of packages in the npm ecosystem. To mitigate these security threats, the open-source community strongly suggests vulnerable packages to timely publish vulnerability fixes and recommends affected packages to update their dependencies. However, there are still serious lags in the propagation of vulnerability fixes in the ecosystem. In our preliminary study on the latest versions of 356,283 active npm packages, we found that 20.0% of them can still introduce vulnerabilities via direct or transitive dependencies although the involved vulnerable packages have already published fix versions for over a year. Prior study by (Chinthanet et al. 2021) lays the groundwork for research on how to mitigate propagation lags of vulnerability fixes in an ecosystem. They conducted an empirical investigation to identify lags that might occur between the vulnerable package release and its fixing release. They found that factors such as the branch upon which a fix landed and the severity of the vulnerability had a small effect on its propagation trajectory throughout the ecosystem. To ensure quick adoption and propagation of a release that contains the fix, they gave several actionable advice to developers and researchers. However, it is still an open question how to design an effective technique to accelerate the propagation of vulnerability fixes. Motivated by this problem, in this paper, we conducted an empirical study to learn the scale of packages that block the propagation of vulnerability fixes in the ecosystem and investigate their evolution characteristics. Furthermore, we distilled the remediation strategies that have better effects on mitigating the fix propagation lags. Leveraging our empirical findings, we propose an ecosystem-level technique, Plumber, for deriving feasible remediation strategies to boost the propagation of vulnerabil-ty fixes. To precisely diagnose the causes of fix propagation blocking, Plumber models the vulnerability metadata, and npm dependency metadata and continuously monitors their evolution. By analyzing a full-picture of the ecosystem-level dependency graph and the corresponding fix propagation statuses, it derives remediation schemes for pivotal packages. In the schemes, Plumber provides customized remediation suggestions with vulnerability impact analysis to arouse package developers’ awareness. We applied Plumber to generating 268 remediation reports for the identified pivotal packages, to evaluate its remediation effectiveness based on developers’ feedback. Encouragingly, 47.4% our remediation reports received positive feedback from many well-known npm projects, such as Tensorflow/tfjs, Ethers.js, and GoogleChrome/workbox. Our reports have boosted the propagation of vulnerability fixes into 16,403 root packages through 92,469 dependency paths. On average, each remediated package version is receiving 72,678 downloads per week by the time of this work.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Black-Box Testing of Deep Neural Networks through Test Case Diversity
-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Zohreh Aghababaeyan;Manel Abdellatif;Lionel Briand;Ramesh S;Mojtaba Bagherzadeh;
Pages: 3182 - 3204
Abstract: Deep Neural Networks (DNNs) have been extensively used in many areas including image processing, medical diagnostics and autonomous driving. However, DNNs can exhibit erroneous behaviours that may lead to critical errors, especially when used in safety-critical systems. Inspired by testing techniques for traditional software systems, researchers have proposed neuron coverage criteria, as an analogy to source code coverage, to guide the testing of DNNs. Despite very active research on DNN coverage, several recent studies have questioned the usefulness of such criteria in guiding DNN testing. Further, from a practical standpoint, these criteria are white-box as they require access to the internals or training data of DNNs, which is often not feasible or convenient. Measuring such coverage requires executing DNNs with candidate inputs to guide testing, which is not an option in many practical contexts. In this paper, we investigate diversity metrics as an alternative to white-box coverage criteria. For the previously mentioned reasons, we require such metrics to be black-box and not rely on the execution and outputs of DNNs under test. To this end, we first select and adapt three diversity metrics and study, in a controlled manner, their capacity to measure actual diversity in input sets. We then analyze their statistical association with fault detection using four datasets and five DNNs. We further compare diversity with state-of-the-art white-box coverage criteria. As a mechanism to enable such analysis, we also propose a novel way to estimate fault detection in DNNs. Our experiments show that relying on the diversity of image features embedded in test input sets is a more reliable indicator than coverage criteria to effectively guide DNN testing. Indeed, we found that one of our selected black-box diversity metrics far outperforms existing coverage criteria in terms of fault-revealing capability and computational time. Results also confirm the suspicions that state-of-the-art coverage criteria are not adequate to guide the construction of test input sets to detect as many faults as possible using natural inputs.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- NCQ: Code Reuse Support for Node.js Developers
-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Brittany Reid;Marcelo d'Amorim;Markus Wagner;Christoph Treude;
Pages: 3205 - 3225
Abstract: Code reuse is an important part of software development. The adoption of code reuse practices is especially common among Node.js developers. The Node.js package manager, NPM, indexes over 1 Million packages and developers often seek out packages to solve programming tasks. Due to the vast number of packages, selecting the right package is difficult and time consuming. With the goal of improving productivity of developers that heavily reuse code through third-party packages, we present Node Code Query (NCQ), a Read-Eval-Print-Loop environment that allows developers to 1) search for NPM packages using natural language queries, 2) search for code snippets related to those packages, 3) automatically correct errors in these code snippets, 4) quickly setup new environments for testing those snippets, and 5) transition between search and editing modes. In two user studies with a total of 20 participants, we find that participants begin programming faster and conclude tasks faster with NCQ than with baseline approaches, and that they like, among other features, the search for code snippets and packages. Our results suggest that NCQ makes Node.js developers more efficient in reusing code.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Beyond Literal Meaning: Uncover and Explain Implicit Knowledge in Code
Through Wikipedia-Based Concept Linking-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Chong Wang;Xin Peng;Zhenchang Xing;Xiujie Meng;
Pages: 3226 - 3240
Abstract: When reusing or modifying code, developers need to understand the implicit knowledge behind a piece of code in addition to the literal meaning of code. Such implicit knowledge involves related concepts and their explanations. Uncovering and understanding the implicit knowledge in code are challenging due to the extensive use of abbreviations, scattered expressions of concepts, and ambiguity of concept mentions. In this paper, we propose an automatic approach (called CoLiCo) that can uncover implicit concepts in code and link the uncovered concepts to Wikipedia. Based on a trained identifier embedding model, CoLiCo identifies Wikipedia concepts mentioned in a given code snippet and excerpts a paragraph-level explanation from Wikipedia for each concept. During the process, CoLiCo resolves identifier abbreviation (i.e., concepts mentioned in the form of abbreviations) and identifier aggregation (i.e., concepts mentioned by an aggregation of multiple identifiers) based on identifier embedding and mining of identifier abbreviation/aggregation relations. Experimental study shows that CoLiCo outperforms a general entity linking approach by 38.7% in the correctness of concept linking and identifies 96.7% more correct concept linkings on a dataset with 629 code snippets. The concept linking is significant for program understanding in 54% code snippets. Our user study shows that CoLiCo can significantly shorten the time and improve the correctness in code comprehension tasks that intensively involve implicit knowledge.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Empirical Validation of Automated Vulnerability Curation and
Characterization-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Ahmet Okutan;Peter Mell;Mehdi Mirakhorli;Igor Khokhlov;Joanna C. S. Santos;Danielle Gonzalez;Steven Simmons;
Pages: 3241 - 3260
Abstract: Prior research has shown that public vulnerability systems such as US National Vulnerability Database (NVD) rely on a manual, time-consuming, and error-prone process which has led to inconsistencies and delays in releasing final vulnerability results. This work provides an approach to curate vulnerability reports in real-time and map textual vulnerability reports to machine readable structured vulnerability attribute data. Designed to support the time consuming human analysis done by vulnerability databases, the system leverages the Common Vulnerabilities and Exposures (CVE) list of vulnerabilities and the vulnerability attributes described by the National Institute of Standards and Technology (NIST) Vulnerability Description Ontology (VDO) framework. Our work uses Natural Language Processing (NLP), Machine Learning (ML) and novel Information Theoretical (IT) methods to provide automated techniques for near real-time publishing, and characterization of vulnerabilities using 28 attributes in 5 domains. Experiment results indicate that vulnerabilities can be evaluated up to 95 hours earlier than using manual methods, they can be characterized with F-Measure values over 0.9, and the proposed automated approach could save up to 47% of the time spent for CVE characterization.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Modelling Second-Order Uncertainty in State Machines
-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Neil Walkinshaw;Robert M. Hierons;
Pages: 3261 - 3276
Abstract: Modelling the behaviour of state-based systems can be challenging, especially when the modeller is not entirely certain about its intended interactions with the user or the environment. Currently, it is possible to associate a stated level of uncertainty with a given event by attaching probabilities to transitions (producing ‘Probabilistic State Machines’). This captures the ‘First-order uncertainty’ - the (un-)certainty that a given event will occur. However, this does not permit the modeller to capture their own uncertainty (or lack thereof) about that stated probability - also known as ‘Second-order uncertainty’. In this article we introduce a generalisation of probabilistic finite state machines that makes it possible to incorporate this important additional dimension of uncertainty. For this we adopt a formalism for reasoning about uncertainty called Subjective Logic. We present an algorithm to create these enhanced state machines automatically from a conventional state machine and a set of observed sequences. We show how this approach can be used for reverse-engineering predictive state machines from traces.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Verification of Fuzzy Decision Trees
-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Jack H. Good;Nicholas Gisolfi;Kyle Miller;Artur Dubrawski;
Pages: 3277 - 3288
Abstract: In recent years, there have been major strides in the safety verification of machine learning models such as neural networks and tree ensembles. However, fuzzy decision trees (FDT), also called soft or differentiable decision trees, are yet unstudied in the context of verification. They present unique verification challenges resulting from multiplications of input values; in the simplest case with a piecewise-linear splitting function, an FDT is piecewise-polynomial with degree up to the depth of the tree. We propose an abstraction-refinement algorithm for verification of properties of FDTs. We show that the problem is NP-Complete, like many other machine learning verification problems, and that our algorithm is complete in a finite precision setting. We benchmark on a selection of public data sets against an off-the-shelf SMT solver and a baseline variation of our algorithm that uses a refinement strategy from similar methods for neural network verification, finding the proposed method to be the fastest. Code for our algorithm along with our experiments and demos are available on GitHub at https://github.com/autonlab/fdt_verification.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- API Usage Recommendation Via Multi-View Heterogeneous Graph Representation
Learning-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Yujia Chen;Cuiyun Gao;Xiaoxue Ren;Yun Peng;Xin Xia;Michael R. Lyu;
Pages: 3289 - 3304
Abstract: Developers often need to decide which APIs to use for the functions being implemented. With the ever-growing number of APIs and libraries, it becomes increasingly difficult for developers to find appropriate APIs, indicating the necessity of automatic API usage recommendation. Previous studies adopt statistical models or collaborative filtering methods to mine the implicit API usage patterns for recommendation. However, they rely on the occurrence frequencies of APIs for mining usage patterns, thus prone to fail for the low-frequency APIs. Besides, prior studies generally regard the API call interaction graph as homogeneous graph, ignoring the rich information (e.g., edge types) in the structure graph. In this work, we propose a novel method named MEGA for improving the recommendation accuracy especially for the low-frequency APIs. Specifically, besides call interaction graph, MEGA considers another two new heterogeneous graphs: global API co-occurrence graph enriched with the API frequency information and hierarchical structure graph enriched with the project component information. With the three multi-view heterogeneous graphs, MEGA can capture the API usage patterns more accurately. Experiments on three Java benchmark datasets demonstrate that MEGA significantly outperforms the baseline models by at least 19% with respect to the Success Rate@1 metric. Especially, for the low-frequency APIs, MEGA also increases the baselines by at least 55% regarding the Success Rate@1 score.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- Automatically Tagging the “AAA” Pattern in Unit Test Cases Using
Machine Learning Models-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Chenhao Wei;Lu Xiao;Tingting Yu;Xinyu Chen;Xiao Wang;Sunny Wong;Abigail Clune;
Pages: 3305 - 3324
Abstract: The AAA pattern (i.e., Arrange-Act-Assert) is a common and natural layout to create a test case. Following this pattern in test cases may benefit comprehension, debugging, and maintenance. The AAA structure of real-life test cases, however, may not be clear due to their high complexity. Manually labeling AAA statements in test cases is tedious. Thus, we envision that an automated approach for labeling AAA statements in existing test cases could benefit new developers and projects that practice collective code ownership and test-driven development. This paper contributes an automatic approach based on machine learning models. The “secret sauce” of this approach is a set of three learning features that are based on the semantic, syntax, and context information in test cases, derived from the manual tagging process. Thus, our approach mimics how developers may manually tag the AAA pattern of a test case. We assess the precision, recall, and F-1 score of our approach based on 449 test cases, containing about 16,612 statements, across 4 Apache open source projects. To achieve the best performance in our approach, we explore the usage of six machine learning models; the contribution of the SMOTE data balancing technique; the comparison of the three learning features; and the comparison of five different methods for calculating the semantic feature. The results show our approach is able to identify Arrangement, Action, and Assertion statements with a precision upwards of 92%, and recall up to 74%. We also summarize some experience based on our experiments—regarding the choice of machine learning models, data balancing algorithm, and feature engineering methods—which could po-entially provide some reference to related future research.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
- A Framework for Emotion-Oriented Requirements Change Handling in Agile
Software Engineering-
Free pre-print version: Loading...
Rate this result:
What is this?
Please help us test our new pre-print finding feature by giving the pre-print link a rating.
A 5 star rating indicates the linked pre-print has the exact same content as the published article.
Authors:
Kashumi Madampe;Rashina Hoda;John Grundy;
Pages: 3325 - 3343
Abstract: Background: Requirements Changes (RCs) – the additions/modifications/deletions of functional/non-functional requirements in software products – are challenging for software practitioners to handle. Handling some changes may significantly impact the emotions of the practitioners. Objective: We wanted to know the key challenges that make RC handling difficult, how these impact the emotions of software practitioners, what influences their RC handling, and how RC handling can be made less emotionally challenging. Method: We followed a mixed-methods approach. We conducted two survey studies, with 40 participants and 201 participants respectively. The presentation of key quantitative data was followed by descriptive statistical analysis, and the qualitative data was analysed using Strauss–Corbinian Grounded Theory, and Socio–Technical Grounded Theory analysis techniques. Findings: We found (1) several key factors that make RC handling an emotional challenge, (2) varying emotions that practitioners feel when it is challenging to handle RCs, (3) how stakeholders, including practitioners themselves, peers, managers and customers, influence the RC handling and how practitioners feel due to the stakeholder influence, and (4) practices that can be used to better handle RCs. Conclusion: Some challenges are technical and some are social which also belong to aspects of agile practice, emotional intelligence, and likely belong to cognitive intelligence. Therefore, to better handle RCs with positive emotions in socio–technical environments, agility, emotional intelligence, and cognitive intelligence need to work in synergy with each other.
PubDate:
May 1 2023
Issue No: Vol. 49, No. 5 (2023)
|
Hybrid journal (It can contain Open Access articles)
