Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00011
S. Schulz, Emanuel Herrendorf, Christoph Bockisch
In this paper we present StaTS, a precise static data-race detection mechanism for Java. It analyzes applications in four phases. The first one is a novel points-to analysis that includes approximations of threads and execution contexts. The second phase uses the results of the points-to analysis to compute which fields are accessed by which threads, while considering the locks held by the threads. The third phase carries out a context-sensitive static happens-before analysis to rule out accesses in execution contexts that can never be executed in parallel. The final phase builds upon the results of the first three to determine conflicting accesses and report them to the user. Our proof-of-concept implementation does not scale for large programs, which is why it can optionally limit the number of points-to relations it considers, based on sampling. Nevertheless, our evaluation shows that, even with sampling enabled for large programs, StaTS detects more data races than existing approaches. In terms of execution time, the analysis without sampling takes in the order of seconds for smaller programs. For larger ones and with sampling enabled, analysis takes minutes, thus being practically usable in nightly build environments in all cases.
{"title":"Thread-Sensitive Data Race Detection for Java","authors":"S. Schulz, Emanuel Herrendorf, Christoph Bockisch","doi":"10.1109/APSEC53868.2021.00011","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00011","url":null,"abstract":"In this paper we present StaTS, a precise static data-race detection mechanism for Java. It analyzes applications in four phases. The first one is a novel points-to analysis that includes approximations of threads and execution contexts. The second phase uses the results of the points-to analysis to compute which fields are accessed by which threads, while considering the locks held by the threads. The third phase carries out a context-sensitive static happens-before analysis to rule out accesses in execution contexts that can never be executed in parallel. The final phase builds upon the results of the first three to determine conflicting accesses and report them to the user. Our proof-of-concept implementation does not scale for large programs, which is why it can optionally limit the number of points-to relations it considers, based on sampling. Nevertheless, our evaluation shows that, even with sampling enabled for large programs, StaTS detects more data races than existing approaches. In terms of execution time, the analysis without sampling takes in the order of seconds for smaller programs. For larger ones and with sampling enabled, analysis takes minutes, thus being practically usable in nightly build environments in all cases.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130257391","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00078
Dongwook Choi, Jinseok Heo, Eunseok Lee
Automated Feedback Generation (AFG) was proposed to automatically generate personalized feedback on students' programming assignments. Existing AFG techniques have been developed mainly for novice programmers, so feedback on complex programs cannot be generated. Therefore, we propose MUNCK, which automatically generates feedback for multiple function programs, one of the complex programs. Our experiment shows that MUNCK can generate feedback for 90% of multiple function programs.
{"title":"Automated Feedback Generation for Multiple Function Programs","authors":"Dongwook Choi, Jinseok Heo, Eunseok Lee","doi":"10.1109/APSEC53868.2021.00078","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00078","url":null,"abstract":"Automated Feedback Generation (AFG) was proposed to automatically generate personalized feedback on students' programming assignments. Existing AFG techniques have been developed mainly for novice programmers, so feedback on complex programs cannot be generated. Therefore, we propose MUNCK, which automatically generates feedback for multiple function programs, one of the complex programs. Our experiment shows that MUNCK can generate feedback for 90% of multiple function programs.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"138 20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128508490","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00056
Tran-Manh Cuong, T. Tran, Tan M. Nguyen, Thu-Trang Nguyen, Son Nguyen, H. Vo
APIs are extensively and frequently used in source code to leverage existing libraries and improve programming productivity. However, correctly and effectively using APIs, especially from unfamiliar libraries, is a non-trivial task. Although various approaches have been proposed for recommending API method calls in code completion, suggesting actual parameters for such APIs still needs further investigating. In this paper, we introduce FLUTE, an efficient and novel approach combining program analysis and language models for recommending API parameters. With FLUTE, the source code of programs is first analyzed to generate syntactically legal and type-valid candidates. Then, these candidates are ranked using language models. Our empirical results on two large real-world projects Netbeans and Eclipse indicate that FLUTE achieves 80% and +90% in Top-1 and Top-5 Precision, which means the tool outperforms the state-of-the-art approach.
{"title":"API parameter recommendation based on language model and program analysis","authors":"Tran-Manh Cuong, T. Tran, Tan M. Nguyen, Thu-Trang Nguyen, Son Nguyen, H. Vo","doi":"10.1109/APSEC53868.2021.00056","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00056","url":null,"abstract":"APIs are extensively and frequently used in source code to leverage existing libraries and improve programming productivity. However, correctly and effectively using APIs, especially from unfamiliar libraries, is a non-trivial task. Although various approaches have been proposed for recommending API method calls in code completion, suggesting actual parameters for such APIs still needs further investigating. In this paper, we introduce FLUTE, an efficient and novel approach combining program analysis and language models for recommending API parameters. With FLUTE, the source code of programs is first analyzed to generate syntactically legal and type-valid candidates. Then, these candidates are ranked using language models. Our empirical results on two large real-world projects Netbeans and Eclipse indicate that FLUTE achieves 80% and +90% in Top-1 and Top-5 Precision, which means the tool outperforms the state-of-the-art approach.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"79 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128527882","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00067
Akira Fujimoto, Yoshiki Higo, S. Kusumoto
In the field of software development, version control systems such as Git are imperative tools that help software teams manage source code. Git can detect a change history of each file individually. Even if a file was renamed in the past, Git can identify and track the before renamed file based on content similarities, which are calculated as the ratio of lines that match pre- and post-change files to the total number of lines. However, line-based comparison techniques do not consider source code structures and have coarse granularity, which can result in misidentifying pre-change files and tracking interruptions. To resolve these problems, this paper proposes a technique that calculates file content similarities using source code differences based on an abstract syntax tree. In experiments conducted on 197 open source Java-based projects, we found that the number of rename detections increased 3.3 %, and that, on average, our technique tracked commits 1.37 times more frequently than previous technique. We also measured accuracy levels and found that the maximum F - measure was 0.943, which is higher than the 0.926 maximum value of the line-based technique.
{"title":"Towards Accurate File Tracking Based on AST Differences","authors":"Akira Fujimoto, Yoshiki Higo, S. Kusumoto","doi":"10.1109/APSEC53868.2021.00067","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00067","url":null,"abstract":"In the field of software development, version control systems such as Git are imperative tools that help software teams manage source code. Git can detect a change history of each file individually. Even if a file was renamed in the past, Git can identify and track the before renamed file based on content similarities, which are calculated as the ratio of lines that match pre- and post-change files to the total number of lines. However, line-based comparison techniques do not consider source code structures and have coarse granularity, which can result in misidentifying pre-change files and tracking interruptions. To resolve these problems, this paper proposes a technique that calculates file content similarities using source code differences based on an abstract syntax tree. In experiments conducted on 197 open source Java-based projects, we found that the number of rename detections increased 3.3 %, and that, on average, our technique tracked commits 1.37 times more frequently than previous technique. We also measured accuracy levels and found that the maximum F - measure was 0.943, which is higher than the 0.926 maximum value of the line-based technique.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123673434","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00059
R. Mittal, Dominique Blouin, S. Bandyopadhyay
Software for embedded systems goes through a scheduling phase where it is subjected to optimizing transformations. In such a scenario, validating the preservation of semantics across the transformation is essential. In this paper, we present PNPEq (Petri Net Program Equivalence), an ongoing work on a novel translation validation technique to handle various schedule-time conditional optimizations among others. The method makes use of a reduced size Petri net model integrating SMT solvers for validating arithmetic transformations. The approach is illustrated with a simple program and its translation, and further validated with a preliminary example suite.
{"title":"PNPEq: Verification of Scheduled Conditional Behavior in Embedded Software using Petri Nets","authors":"R. Mittal, Dominique Blouin, S. Bandyopadhyay","doi":"10.1109/APSEC53868.2021.00059","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00059","url":null,"abstract":"Software for embedded systems goes through a scheduling phase where it is subjected to optimizing transformations. In such a scenario, validating the preservation of semantics across the transformation is essential. In this paper, we present PNPEq (Petri Net Program Equivalence), an ongoing work on a novel translation validation technique to handle various schedule-time conditional optimizations among others. The method makes use of a reduced size Petri net model integrating SMT solvers for validating arithmetic transformations. The approach is illustrated with a simple program and its translation, and further validated with a preliminary example suite.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126183572","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00051
Guangwei Li, Ting Yuan, Jie Lu, Lian Li, Xiaobin Zhang, Xu Song, Kejun Zhang
Static analysis tools, although widely adopted in industry, suffer from a high false positive rate. This paper aims to refine the results of static analysis tools, by automatically searching for a vulnerable path from given defect report. To realize this goal, we develop SATRACER, a novel tool which integrates symbolic execution techniques with static analysis. SATRACER selectively skips those program parts which can be consistently updated by static analysis, thus drastically improving performance. We have applied SATRACER to a set of 21 real-world applications. Evaluation results show that SATRACER can successfully remove 71.4% false alarms reported by a commercial static analysis tool in 10 hours, and confirmed 29 real use-after-free bugs and 895 real null-pointer-dereference bugs.
{"title":"Exposing Vulnerable Paths: Enhance Static Analysis with Lightweight Symbolic Execution","authors":"Guangwei Li, Ting Yuan, Jie Lu, Lian Li, Xiaobin Zhang, Xu Song, Kejun Zhang","doi":"10.1109/APSEC53868.2021.00051","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00051","url":null,"abstract":"Static analysis tools, although widely adopted in industry, suffer from a high false positive rate. This paper aims to refine the results of static analysis tools, by automatically searching for a vulnerable path from given defect report. To realize this goal, we develop SATRACER, a novel tool which integrates symbolic execution techniques with static analysis. SATRACER selectively skips those program parts which can be consistently updated by static analysis, thus drastically improving performance. We have applied SATRACER to a set of 21 real-world applications. Evaluation results show that SATRACER can successfully remove 71.4% false alarms reported by a commercial static analysis tool in 10 hours, and confirmed 29 real use-after-free bugs and 895 real null-pointer-dereference bugs.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130426141","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00035
S. Beba, Magnus Melseth Karlsen, Jingyue Li, Bing Zhang
Integrated development environment (IDE) plugins aimed at detecting web application security vulnerabilities can help developers create secure applications in the first place. Most of such IDE plugins use static source code analysis approaches. Although several empirical studies evaluated the plugins and compared their precision and recall of detecting web application security, few follow-up studies tried to understand the evaluation results. We analyzed more than 20,000 vulnerability reports based on 7,215 distinct test cases spanning 11 categories of web application vulnerabilities to understand the evaluation results of three open-source IDE plugins, namely, SpotBugs, FindSecBugs, and Early Security Vulnerability Detector (ESVD), which aimed at detecting security vulnerabilities of Java-based web applications. Our results identify many factors besides the source code analysis approach that can dramatically bias the detection performance. Based on our insights, we improved the studied plugins. In addition, our study raises the alarm that, without solid root cause analyses, the evaluation and comparisons of security vulnerability detection approaches and tools could be misleading. Thus, we proposed a guideline on reporting the evaluation results of the security vulnerability detection approaches.
{"title":"Critical Understanding of Security Vulnerability Detection Plugin Evaluation Reports","authors":"S. Beba, Magnus Melseth Karlsen, Jingyue Li, Bing Zhang","doi":"10.1109/APSEC53868.2021.00035","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00035","url":null,"abstract":"Integrated development environment (IDE) plugins aimed at detecting web application security vulnerabilities can help developers create secure applications in the first place. Most of such IDE plugins use static source code analysis approaches. Although several empirical studies evaluated the plugins and compared their precision and recall of detecting web application security, few follow-up studies tried to understand the evaluation results. We analyzed more than 20,000 vulnerability reports based on 7,215 distinct test cases spanning 11 categories of web application vulnerabilities to understand the evaluation results of three open-source IDE plugins, namely, SpotBugs, FindSecBugs, and Early Security Vulnerability Detector (ESVD), which aimed at detecting security vulnerabilities of Java-based web applications. Our results identify many factors besides the source code analysis approach that can dramatically bias the detection performance. Based on our insights, we improved the studied plugins. In addition, our study raises the alarm that, without solid root cause analyses, the evaluation and comparisons of security vulnerability detection approaches and tools could be misleading. Thus, we proposed a guideline on reporting the evaluation results of the security vulnerability detection approaches.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129712573","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00062
Ryoko Izuta, S. Matsumoto, H. Igaki, S. Saiki, Naoki Fukuyasu, S. Kusumoto
Software testing is being leveraged in programming education for automated assessment of programming assignments. When using software testing in programming education, program specifications are provided as unit or integration tests, and students create programs that pass these tests. Although this method has various advantages, such as ensuring objective program specifications and automating the operation check, it also has many disadvantages. For example, detecting innovations, such as original specifications and functional extensions by an individual student, is difficult. The purpose of this research is to automatically detect functional differences among student programs in programming education using tests. In our proposed method, automatic test generation is applied to student programs, and the generated tests are mutually executed for other student programs. Furthermore, we classify the tests based on the execution path to obtain sets of tests that are capable of detecting functional differences.
{"title":"Detecting Functional Differences using Automatic Test Generation for Automated Assessment in Programming Education","authors":"Ryoko Izuta, S. Matsumoto, H. Igaki, S. Saiki, Naoki Fukuyasu, S. Kusumoto","doi":"10.1109/APSEC53868.2021.00062","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00062","url":null,"abstract":"Software testing is being leveraged in programming education for automated assessment of programming assignments. When using software testing in programming education, program specifications are provided as unit or integration tests, and students create programs that pass these tests. Although this method has various advantages, such as ensuring objective program specifications and automating the operation check, it also has many disadvantages. For example, detecting innovations, such as original specifications and functional extensions by an individual student, is difficult. The purpose of this research is to automatically detect functional differences among student programs in programming education using tests. In our proposed method, automatic test generation is applied to student programs, and the generated tests are mutually executed for other student programs. Furthermore, we classify the tests based on the execution path to obtain sets of tests that are capable of detecting functional differences.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121391052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-12-01DOI: 10.1109/APSEC53868.2021.00046
Kiat Kian Anthony Chua, Doo-Hwan Bae, Eunkyoung Jee
System of Systems (SoS), refers to a class of systems that are comprised of independent constituent systems (CS) interacting with one another to form a larger system, thus resulting in a common goal being achieved through the set of interactions between the CSs. In conventional systems software testing, the problem of identifying correct behaviour given a set of test inputs is called the oracle problem. In terms of SoS, the oracle problem is exacerbated due to each CS in an SoS being sufficiently complex systems themselves. We address the oracle problem in the domain of the software testing in System of Systems (SoS) by applying Metamorphic Testing (MT). In order to derive concrete Metamorphic Relations (MR) for SoS, we first borrow the concept of creating MRs from abstract Metamorphic Relation Patterns (MRPs), where the represented MRPs themselves describe characteristics that are used in the modeling and analysis of SoS. They are then applied to two SoS simulator types, the Smart Grid SoS and Mass Casualty Incident (MCI) Response SoS in order to test for reliability in SoS and to also determine the viability of MT in SoS. It is shown through the experiments conducted that the derived concrete MRs are able to find faults in both the systems under test.
系统的系统(System of Systems, SoS)是指由独立的组成系统(CS)相互作用形成一个更大的系统,从而通过CSs之间的一组相互作用实现共同目标的一类系统。在传统的系统软件测试中,识别给定一组测试输入的正确行为的问题被称为oracle问题。就SoS而言,由于SoS中的每个CS本身都是足够复杂的系统,因此oracle问题变得更加严重。本文应用变形测试(MT)解决了系统中的软件测试领域中的oracle问题。为了推导出具体的SoS的变质关系(MR),我们首先从抽象的变质关系模式(MRPs)中借用了创建MRs的概念,其中所表示的MRPs本身描述了用于SoS建模和分析的特征。然后将它们应用于两种SoS模拟器类型,即智能电网SoS和大规模伤亡事件(MCI)响应SoS,以测试SoS的可靠性,并确定MT在SoS中的可行性。实验结果表明,所推导的混凝土磁流变模型能够发现两种系统的故障。
{"title":"Metamorphic Testing for Reliability in System of Systems","authors":"Kiat Kian Anthony Chua, Doo-Hwan Bae, Eunkyoung Jee","doi":"10.1109/APSEC53868.2021.00046","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00046","url":null,"abstract":"System of Systems (SoS), refers to a class of systems that are comprised of independent constituent systems (CS) interacting with one another to form a larger system, thus resulting in a common goal being achieved through the set of interactions between the CSs. In conventional systems software testing, the problem of identifying correct behaviour given a set of test inputs is called the oracle problem. In terms of SoS, the oracle problem is exacerbated due to each CS in an SoS being sufficiently complex systems themselves. We address the oracle problem in the domain of the software testing in System of Systems (SoS) by applying Metamorphic Testing (MT). In order to derive concrete Metamorphic Relations (MR) for SoS, we first borrow the concept of creating MRs from abstract Metamorphic Relation Patterns (MRPs), where the represented MRPs themselves describe characteristics that are used in the modeling and analysis of SoS. They are then applied to two SoS simulator types, the Smart Grid SoS and Mass Casualty Incident (MCI) Response SoS in order to test for reliability in SoS and to also determine the viability of MT in SoS. It is shown through the experiments conducted that the derived concrete MRs are able to find faults in both the systems under test.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124019536","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Initial observations of adopting behavior-driven development for an Internet of Things System in an agile process context is reported. Since an IoT system usually comprises multiple subsystems, the problem frames approach is adopted alongside to define the specifications that capture the overarching behaviors at the system level and constituent behaviors at the subsystem and component levels. Development of specifications based on the two practices is illustrated with the development case of a Smart Cone system.
{"title":"Applying Problem Frames in Behavior-Driven Development for Smart Cone System","authors":"Yi-Chun Yen, Bing-Yun Wang, Xin-Zhe Zhong, Wei-Yi Chiang, Chin-Yun Hsieh, Yu Chin Cheng","doi":"10.1109/APSEC53868.2021.00070","DOIUrl":"https://doi.org/10.1109/APSEC53868.2021.00070","url":null,"abstract":"Initial observations of adopting behavior-driven development for an Internet of Things System in an agile process context is reported. Since an IoT system usually comprises multiple subsystems, the problem frames approach is adopted alongside to define the specifications that capture the overarching behaviors at the system level and constituent behaviors at the subsystem and component levels. Development of specifications based on the two practices is illustrated with the development case of a Smart Cone system.","PeriodicalId":143800,"journal":{"name":"2021 28th Asia-Pacific Software Engineering Conference (APSEC)","volume":"127 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123448881","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}