首页 > 最新文献

2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)最新文献

英文 中文
Semantic Feature Learning based on Double Sequences Structure for Software Defect Number Prediction 基于双序列结构语义特征学习的软件缺陷数预测
Tao Wang, Chuanqi Tao, Hongjing Guo, Lijin Tang
Software defect prediction(SDP), which predicts defective code areas, including files, code blocks, code lines, etc. It can help developers or testers in allocating test resources before the testing phase. Software defect number prediction(SDNP) is an important research direction of SDP. Previous studies mostly used regression-based methods or different neural networks to mine the semantic features contained in AST, but the way to represent code was relatively simple. In this article, we propose a framework for representing the semantic features in terms of sequences of nodes with a double sequence structure, by analyzing the ASTs and the changes in the code blocks between adjacent version. In addition, to combine statistical metric information, we also propose a model that dynamically determines the ratio of semantic features to traditional metric features during model training by using the gated fusion mechanism to perform SDNP. In the experimental part, we select 10 open source Java projects as training and test sets, and conduct a lot of comparative experiments. The experimental results demonstrate the superiority of our proposed method compared to the baseline approach.
软件缺陷预测(SDP),预测有缺陷的代码区域,包括文件、代码块、代码行等。它可以帮助开发人员或测试人员在测试阶段之前分配测试资源。软件缺陷数预测是软件缺陷数预测的一个重要研究方向。以往的研究多采用基于回归的方法或不同的神经网络来挖掘AST中包含的语义特征,但表示代码的方式相对简单。在本文中,我们通过分析ast和相邻版本之间代码块的变化,提出了一个用双序列结构的节点序列来表示语义特征的框架。此外,为了结合统计度量信息,我们还提出了一种模型,该模型在模型训练过程中使用门通融合机制执行SDNP,动态确定语义特征与传统度量特征的比例。在实验部分,我们选择了10个开源Java项目作为训练集和测试集,并进行了大量的对比实验。实验结果表明,与基线方法相比,我们提出的方法具有优越性。
{"title":"Semantic Feature Learning based on Double Sequences Structure for Software Defect Number Prediction","authors":"Tao Wang, Chuanqi Tao, Hongjing Guo, Lijin Tang","doi":"10.1109/QRS57517.2022.00026","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00026","url":null,"abstract":"Software defect prediction(SDP), which predicts defective code areas, including files, code blocks, code lines, etc. It can help developers or testers in allocating test resources before the testing phase. Software defect number prediction(SDNP) is an important research direction of SDP. Previous studies mostly used regression-based methods or different neural networks to mine the semantic features contained in AST, but the way to represent code was relatively simple. In this article, we propose a framework for representing the semantic features in terms of sequences of nodes with a double sequence structure, by analyzing the ASTs and the changes in the code blocks between adjacent version. In addition, to combine statistical metric information, we also propose a model that dynamically determines the ratio of semantic features to traditional metric features during model training by using the gated fusion mechanism to perform SDNP. In the experimental part, we select 10 open source Java projects as training and test sets, and conduct a lot of comparative experiments. The experimental results demonstrate the superiority of our proposed method compared to the baseline approach.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"67 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128660103","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Automated Grey-Box Testing of Microservice Architectures 微服务架构的自动化灰盒测试
Luca Giamattei, Antonio Guerriero, R. Pietrantuono, S. Russo
Microservices Architectures (MSA) have found large adoption in companies delivering online services, often in conjunction with agile development practices. Microservices are distributed, independent and polyglot entities – all features favouring black-box testing. However, for real-scale MSA, a pure black-box strategy may not be able to exercise the system to properly cover the interactions involving internal microservices.We propose a grey-box strategy (MACROHIVE) for automated testing and monitoring of (internal) microservices interactions. It uses combinatorial testing to generate valid and invalid tests from microservices specification. Tests execution and monitoring are automated by a service mesh infrastructure. MACROHIVE runs the tests and traces the interactions among microservices, to report about internal coverage and failing behaviour.MACROHIVE is experimented on TrainTicket, an open-source MSA benchmark. It performs comparably to state-of-the-art techniques in terms of edge-level coverage, but exposes internal failures undetected by black-box testing, gives detailed internal coverage information, and requires fewer tests.
微服务架构(MSA)在提供在线服务的公司中得到了广泛的应用,通常与敏捷开发实践相结合。微服务是分布式的、独立的、多语言的实体——所有这些特性都有利于黑盒测试。然而,对于实际规模的MSA,纯黑盒策略可能无法使系统正确地覆盖涉及内部微服务的交互。我们提出了一种灰盒策略(MACROHIVE),用于(内部)微服务交互的自动化测试和监控。它使用组合测试从微服务规范生成有效和无效的测试。测试执行和监控由服务网格基础设施自动化。MACROHIVE运行测试并跟踪微服务之间的交互,以报告内部覆盖率和失败行为。MACROHIVE在TrainTicket上进行了实验,这是一个开源的MSA基准。就边缘覆盖而言,它的性能与最先进的技术相当,但是暴露了未被黑盒测试检测到的内部故障,提供了详细的内部覆盖信息,并且需要更少的测试。
{"title":"Automated Grey-Box Testing of Microservice Architectures","authors":"Luca Giamattei, Antonio Guerriero, R. Pietrantuono, S. Russo","doi":"10.1109/QRS57517.2022.00070","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00070","url":null,"abstract":"Microservices Architectures (MSA) have found large adoption in companies delivering online services, often in conjunction with agile development practices. Microservices are distributed, independent and polyglot entities – all features favouring black-box testing. However, for real-scale MSA, a pure black-box strategy may not be able to exercise the system to properly cover the interactions involving internal microservices.We propose a grey-box strategy (MACROHIVE) for automated testing and monitoring of (internal) microservices interactions. It uses combinatorial testing to generate valid and invalid tests from microservices specification. Tests execution and monitoring are automated by a service mesh infrastructure. MACROHIVE runs the tests and traces the interactions among microservices, to report about internal coverage and failing behaviour.MACROHIVE is experimented on TrainTicket, an open-source MSA benchmark. It performs comparably to state-of-the-art techniques in terms of edge-level coverage, but exposes internal failures undetected by black-box testing, gives detailed internal coverage information, and requires fewer tests.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125362759","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
A BiLSTM-Attention Model for Detecting Smart Contract Defects More Accurately 一种更准确检测智能合约缺陷的bilstm -注意力模型
Chen Qian, Tianyuan Hu, Bixin Li
Smart contracts are applications running on the blockchain which control many virtual currencies. Since smart contracts are composed of code, they inevitably have defects. In recent years, many smart contract defects have caused lots of economic losses and harmful impacts. A contract that has defects may have some errors that cause unwanted results. As smart contracts cannot be modified once deployed, it is necessary to ensure that they are free from defects. In this paper, we focus on eleven defects of smart contracts and construct a deep learning-based model to detect these contract defects more accurately. Our model regards the smart contract’s operation codes as a sequential sentence and uses an Attention-based bidirectional long short term memory (BiLSTM-Attention) model to find smart contract defects. We evaluate our model’s and other models’ performance on 45622 real-world smart contracts. The experimental results show that our model can achieve higher accuracy (95.40%) and F1-score (95.38%). In addition, our model is highly efficient and can quickly detect large numbers of contracts.
智能合约是运行在区块链上的应用程序,它控制着许多虚拟货币。由于智能合约是由代码组成的,它们不可避免地存在缺陷。近年来,许多智能合约缺陷造成了大量的经济损失和有害影响。有缺陷的合同可能会有一些错误,导致不想要的结果。由于智能合约一旦部署就无法修改,因此有必要确保它们没有缺陷。本文针对智能合约的11个缺陷,构建了一个基于深度学习的模型来更准确地检测这些缺陷。我们的模型将智能合约的操作代码视为一个连续的句子,并使用基于注意力的双向长短期记忆(BiLSTM-Attention)模型来发现智能合约的缺陷。我们评估了我们的模型和其他模型在45622个真实智能合约上的性能。实验结果表明,该模型能够达到较高的准确率(95.40%)和f1分数(95.38%)。此外,我们的模型效率很高,可以快速检测到大量的合同。
{"title":"A BiLSTM-Attention Model for Detecting Smart Contract Defects More Accurately","authors":"Chen Qian, Tianyuan Hu, Bixin Li","doi":"10.1109/QRS57517.2022.00016","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00016","url":null,"abstract":"Smart contracts are applications running on the blockchain which control many virtual currencies. Since smart contracts are composed of code, they inevitably have defects. In recent years, many smart contract defects have caused lots of economic losses and harmful impacts. A contract that has defects may have some errors that cause unwanted results. As smart contracts cannot be modified once deployed, it is necessary to ensure that they are free from defects. In this paper, we focus on eleven defects of smart contracts and construct a deep learning-based model to detect these contract defects more accurately. Our model regards the smart contract’s operation codes as a sequential sentence and uses an Attention-based bidirectional long short term memory (BiLSTM-Attention) model to find smart contract defects. We evaluate our model’s and other models’ performance on 45622 real-world smart contracts. The experimental results show that our model can achieve higher accuracy (95.40%) and F1-score (95.38%). In addition, our model is highly efficient and can quickly detect large numbers of contracts.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125930606","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
EDDNet: An Efficient and Accurate Defect Detection Network for the Industrial Edge Environment EDDNet:面向工业边缘环境的高效、准确的缺陷检测网络
Runbing Qin, Ningjiang Chen, Yihui Huang
Defect detection aims to locate the accurate position of defects in images, which is of great significance to quality inspection in the industrial product manufacturing. Currently, many defect detection methods rely on deep neural networks to extract features. Although the accuracy of these methods is relatively high, it is computationally intensive, making the methods difficult to deploy in resource-limited edge devices. In order to solve these problems, a lightweight defect detection model for the industrial edge environment is proposed, termed the efficient defect detection network (EDDNet). EfficientNet-B0 is used as the feature extraction backbone, extracting feature maps from feature layers of different depths of the network and fusing multilevel features by multilevel feature fusion (MFF). To obtain more information, we redesign the attention mechanism in MBConv blocks, taking the encoding space (ES) attention mechanism as a new module, which solves the problem that the defective image spatial information is ignored. The experimental results on the NEU-DET and DAGM2007 datasets and PCB defect datasets demonstrate the effectiveness of the proposed EDDNet and its possibility for application in industrial edge device.
缺陷检测的目的是在图像中准确定位缺陷的位置,这对工业产品制造中的质量检测具有重要意义。目前,许多缺陷检测方法依赖于深度神经网络来提取特征。虽然这些方法的准确性相对较高,但计算量大,使得这些方法难以在资源有限的边缘设备中部署。为了解决这些问题,提出了一种适用于工业边缘环境的轻量级缺陷检测模型,称为高效缺陷检测网络(EDDNet)。采用EfficientNet-B0作为特征提取骨干,从网络不同深度的特征层中提取特征映射,并通过多层特征融合(multilevel feature fusion, MFF)对多层特征进行融合。为了获得更多的信息,我们重新设计了MBConv块的注意机制,将编码空间(ES)注意机制作为一个新的模块,解决了有缺陷的图像空间信息被忽略的问题。在NEU-DET和DAGM2007数据集以及PCB缺陷数据集上的实验结果表明了所提出的EDDNet的有效性及其在工业边缘器件中的应用可能性。
{"title":"EDDNet: An Efficient and Accurate Defect Detection Network for the Industrial Edge Environment","authors":"Runbing Qin, Ningjiang Chen, Yihui Huang","doi":"10.1109/QRS57517.2022.00090","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00090","url":null,"abstract":"Defect detection aims to locate the accurate position of defects in images, which is of great significance to quality inspection in the industrial product manufacturing. Currently, many defect detection methods rely on deep neural networks to extract features. Although the accuracy of these methods is relatively high, it is computationally intensive, making the methods difficult to deploy in resource-limited edge devices. In order to solve these problems, a lightweight defect detection model for the industrial edge environment is proposed, termed the efficient defect detection network (EDDNet). EfficientNet-B0 is used as the feature extraction backbone, extracting feature maps from feature layers of different depths of the network and fusing multilevel features by multilevel feature fusion (MFF). To obtain more information, we redesign the attention mechanism in MBConv blocks, taking the encoding space (ES) attention mechanism as a new module, which solves the problem that the defective image spatial information is ignored. The experimental results on the NEU-DET and DAGM2007 datasets and PCB defect datasets demonstrate the effectiveness of the proposed EDDNet and its possibility for application in industrial edge device.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125967042","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Conceptualizing the Secure Machine Learning Operations (SecMLOps) Paradigm 概念化安全机器学习操作(SecMLOps)范式
Xinrui Zhang, Jason Jaskolka
Due to the proliferation of machine learning in various domains and applications, Machine Learning Operations (MLOps) was created to improve efficiency and adaptability by automating and operationalizing ML products. Because many machine learning application domains demand high levels of assurance, security has become a top priority and necessity to be involved at the beginning of ML system design. To provide theoretical guidance, we first introduce the Secure Machine Learning Operations (SecMLOps) paradigm, which extends MLOps with security considerations. We use the People, Processes, Technology, Governance and Compliance (PPTGC) framework to conceptualize SecMLOps, and to discuss challenges in adopting SecMLOps in practice. Since ML systems are often multi-concerned, analysis on how the adoption of SecMLOps impacts other system qualities, such as fairness, explainability, reliability, safety, and sustainability are provided. This paper aims to provide guidance and a research roadmap for ML researchers and organizational-level practitioners towards secure, reliable, and trustworthy MLOps.
由于机器学习在各个领域和应用中的扩散,机器学习操作(MLOps)的创建是为了通过自动化和操作机器学习产品来提高效率和适应性。由于许多机器学习应用领域需要高水平的保证,因此安全性已成为ML系统设计之初的首要任务和必要因素。为了提供理论指导,我们首先介绍安全机器学习操作(SecMLOps)范式,该范式扩展了具有安全性考虑的MLOps。我们使用人员、流程、技术、治理和合规性(PPTGC)框架来概念化SecMLOps,并讨论在实践中采用SecMLOps所面临的挑战。由于机器学习系统通常是多关注点的,因此本文分析了采用SecMLOps如何影响其他系统质量,如公平性、可解释性、可靠性、安全性和可持续性。本文旨在为机器学习研究人员和组织级从业者提供安全、可靠和值得信赖的mlop的指导和研究路线图。
{"title":"Conceptualizing the Secure Machine Learning Operations (SecMLOps) Paradigm","authors":"Xinrui Zhang, Jason Jaskolka","doi":"10.1109/QRS57517.2022.00023","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00023","url":null,"abstract":"Due to the proliferation of machine learning in various domains and applications, Machine Learning Operations (MLOps) was created to improve efficiency and adaptability by automating and operationalizing ML products. Because many machine learning application domains demand high levels of assurance, security has become a top priority and necessity to be involved at the beginning of ML system design. To provide theoretical guidance, we first introduce the Secure Machine Learning Operations (SecMLOps) paradigm, which extends MLOps with security considerations. We use the People, Processes, Technology, Governance and Compliance (PPTGC) framework to conceptualize SecMLOps, and to discuss challenges in adopting SecMLOps in practice. Since ML systems are often multi-concerned, analysis on how the adoption of SecMLOps impacts other system qualities, such as fairness, explainability, reliability, safety, and sustainability are provided. This paper aims to provide guidance and a research roadmap for ML researchers and organizational-level practitioners towards secure, reliable, and trustworthy MLOps.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"49 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114795580","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Can PoW Consensus Protocol Resist the Whale Attack? PoW共识协议能抵抗鲸鱼攻击吗?
Xueyong Sun, Qihao Bao, Bixin Li
Proof of Work (PoW) is the most widely used consensus protocol. However, due to the hash rate competition mechanism, longest chain principle, and transaction fee mechanism of the PoW consensus protocol, malicious nodes can launch attacks to obtain more relative revenue than honest mining, which will discourage honest miners from packing transactions into blocks and verifying blocks. As a result, the speed of the nodes reaching consensus in the network is slowed down, or even consensus cannot be reached, which ultimately affects the security of the PoW consensus protocol.In this paper, the Markov Decision Process (MDP) is used to simulate the whale attack launched by malicious nodes, and evaluate the capability of PoW consensus protocol against the whale attack. The experimental results show that the PoW consensus protocol is secure in the Bitcoin network when the transaction fee is set in the range of 0.002-0.3 block rewards and the transaction volume should not exceed 21.09 block rewards. In addition, the PoW consensus protocol will be more secure with the adjustment of parameters such as the number of block confirmations, block generation interval and block size.
工作量证明(PoW)是使用最广泛的共识协议。然而,由于PoW共识协议的哈希率竞争机制、最长链原理和交易费机制,恶意节点可以发起攻击,以获得比诚实挖掘更多的相对收益,这将阻碍诚实矿工将交易打包成块并验证块。导致网络中节点达成共识的速度变慢,甚至无法达成共识,最终影响PoW共识协议的安全性。本文利用马尔可夫决策过程(MDP)模拟恶意节点发起的鲸鱼攻击,评估PoW共识协议抵御鲸鱼攻击的能力。实验结果表明,当交易费用设置在0.002-0.3块奖励范围内,交易量不超过21.09块奖励时,PoW共识协议在比特币网络中是安全的。此外,通过调整区块确认次数、区块生成间隔和区块大小等参数,PoW共识协议将更加安全。
{"title":"Can PoW Consensus Protocol Resist the Whale Attack?","authors":"Xueyong Sun, Qihao Bao, Bixin Li","doi":"10.1109/QRS57517.2022.00058","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00058","url":null,"abstract":"Proof of Work (PoW) is the most widely used consensus protocol. However, due to the hash rate competition mechanism, longest chain principle, and transaction fee mechanism of the PoW consensus protocol, malicious nodes can launch attacks to obtain more relative revenue than honest mining, which will discourage honest miners from packing transactions into blocks and verifying blocks. As a result, the speed of the nodes reaching consensus in the network is slowed down, or even consensus cannot be reached, which ultimately affects the security of the PoW consensus protocol.In this paper, the Markov Decision Process (MDP) is used to simulate the whale attack launched by malicious nodes, and evaluate the capability of PoW consensus protocol against the whale attack. The experimental results show that the PoW consensus protocol is secure in the Bitcoin network when the transaction fee is set in the range of 0.002-0.3 block rewards and the transaction volume should not exceed 21.09 block rewards. In addition, the PoW consensus protocol will be more secure with the adjustment of parameters such as the number of block confirmations, block generation interval and block size.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126550042","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Empirical Study on Software Aging of Long-Running Object Detection Algorithms 长时间目标检测算法的软件老化实证研究
R. Pietrantuono, Domenico Cotroneo, E. Andrade, F. Machida
Efficient and effective object detection is a key problem in Computer Vision. Numerous object detection algorithms have been developed, whose aim is to achieve two conflicting goals, namely accuracy and efficiency, while being executed in real-time with high robustness. Many of these algorithms must run for an extended period of time, i.e., in video surveillance or in self-driving cars – a working condition that make them subject to the risk of software aging.In this work, we focus on evaluating several object detection algorithms to understand if and to what extent they are affected by software aging. A measurement-based aging approach was adopted, with a series of long-running tests and subsequent data analysis. The results report significant trends of performance degradation, sometimes leading to aging-related failures, as well as memory consumption trends, which turned out to be the main issue across all the experiments.
高效的目标检测是计算机视觉中的一个关键问题。目前已经开发了许多目标检测算法,其目的是在实现精度和效率两个相互冲突的目标的同时,具有高鲁棒性和实时性。其中许多算法必须长时间运行,例如在视频监控或自动驾驶汽车中,这种工作条件使它们面临软件老化的风险。在这项工作中,我们专注于评估几种目标检测算法,以了解它们是否以及在多大程度上受到软件老化的影响。采用了基于测量的老化方法,并进行了一系列长期运行的测试和随后的数据分析。结果报告了性能下降的显著趋势,有时会导致与老化相关的故障,以及内存消耗趋势,这是所有实验中的主要问题。
{"title":"An Empirical Study on Software Aging of Long-Running Object Detection Algorithms","authors":"R. Pietrantuono, Domenico Cotroneo, E. Andrade, F. Machida","doi":"10.1109/QRS57517.2022.00112","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00112","url":null,"abstract":"Efficient and effective object detection is a key problem in Computer Vision. Numerous object detection algorithms have been developed, whose aim is to achieve two conflicting goals, namely accuracy and efficiency, while being executed in real-time with high robustness. Many of these algorithms must run for an extended period of time, i.e., in video surveillance or in self-driving cars – a working condition that make them subject to the risk of software aging.In this work, we focus on evaluating several object detection algorithms to understand if and to what extent they are affected by software aging. A measurement-based aging approach was adopted, with a series of long-running tests and subsequent data analysis. The results report significant trends of performance degradation, sometimes leading to aging-related failures, as well as memory consumption trends, which turned out to be the main issue across all the experiments.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"50 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123059619","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
A Functional FMECA Approach for the Assessment of Critical Infrastructure Resilience 关键基础设施弹性评估的功能性FMECA方法
G. Carvalho, N. Medeiros, H. Madeira, Bruno Cabral
The damage or destruction of Critical Infrastructures (CIs) affect societies’ sustainable functioning. Therefore, it is crucial to have effective methods to assess the risk and resilience of CIs. Failure Mode and Effects Analysis (FMEA) and Failure Mode Effects and Criticality Analysis (FMECA) are two approaches to risk assessment and criticality analysis. However, these approaches are complex to apply to intricate CIs and associated Cyber-Physical Systems (CPS). We provide a top-down strategy, starting from a high abstraction level of the system and progressing to cover the functional elements of the infrastructures. This approach develops from FMECA but estimates risks and focuses on assessing resilience. We applied the proposed technique to a real-world CI, predicting how possible improvement scenarios may influence the overall system resilience. The results show the effectiveness of our approach in benchmarking the CI resilience, providing a cost-effective way to evaluate plausible alternatives concerning the improvement of preventive measures.
关键基础设施(CIs)的破坏或破坏影响社会的可持续运作。因此,有有效的方法来评估ci的风险和弹性是至关重要的。失效模式与影响分析(FMEA)和失效模式影响与临界性分析(FMECA)是风险评估和临界性分析的两种方法。然而,这些方法应用于复杂的ci和相关的网络物理系统(CPS)是复杂的。我们提供自顶向下的策略,从系统的高抽象级别开始,逐步覆盖基础结构的功能元素。这种方法从FMECA发展而来,但估计风险并侧重于评估复原力。我们将建议的技术应用于实际的CI,预测可能的改进场景如何影响整个系统的弹性。结果表明我们的方法在CI弹性基准测试方面的有效性,提供了一种具有成本效益的方法来评估有关改进预防措施的合理替代方案。
{"title":"A Functional FMECA Approach for the Assessment of Critical Infrastructure Resilience","authors":"G. Carvalho, N. Medeiros, H. Madeira, Bruno Cabral","doi":"10.1109/QRS57517.2022.00073","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00073","url":null,"abstract":"The damage or destruction of Critical Infrastructures (CIs) affect societies’ sustainable functioning. Therefore, it is crucial to have effective methods to assess the risk and resilience of CIs. Failure Mode and Effects Analysis (FMEA) and Failure Mode Effects and Criticality Analysis (FMECA) are two approaches to risk assessment and criticality analysis. However, these approaches are complex to apply to intricate CIs and associated Cyber-Physical Systems (CPS). We provide a top-down strategy, starting from a high abstraction level of the system and progressing to cover the functional elements of the infrastructures. This approach develops from FMECA but estimates risks and focuses on assessing resilience. We applied the proposed technique to a real-world CI, predicting how possible improvement scenarios may influence the overall system resilience. The results show the effectiveness of our approach in benchmarking the CI resilience, providing a cost-effective way to evaluate plausible alternatives concerning the improvement of preventive measures.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132318858","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
An Exploratory Study for GUI Posts on Stack Overflow 基于堆栈溢出的GUI帖子的探索性研究
Jing Ding, Liming Nie, Y. Liu, Zuohua Ding, J. Xuan
Graphical User Interface (GUI) has become one of the most effective human-computer communication medium today. The quality of GUI is essential to the success of apps, especially for mobile apps. Developers not only have to understand the interaction of various components, but also follow the principles of design and implementation. It is helpful for developers to understand the challenges via analyzing the questions and answers (Q&A) on GUI development. However, there is no large-scale study on the GUI development posts on Stack Overflow. In this paper, we conduct an exploratory study on 23,741 posts related to GUI development on Stack Overflow. We first extract 20 topics related to GUI development using topic modeling. After manually classifying these GUI topics into 5 categories, we further quantitatively analyze the popularity and difficulty of GUI topics, the correlation between these two aspects, and qualitatively analyze the distribution of question types in posts. Finally, we have some interesting findings. These findings contain that the topic "tool selection" is the most popular topic, the topic "thread" has the highest percentage of unaccepted answers, and the topic "client/server" answer takes the longest time to be accepted. In addition, we discuss about possible inspirations of our research to GUI development stakeholders.
图形用户界面(GUI)已成为当今最有效的人机通信媒介之一。GUI的质量对应用的成功至关重要,尤其是手机应用。开发人员不仅要理解各种组件之间的交互,还要遵循设计和实现的原则。通过分析GUI开发中的问题和答案(Q&A),可以帮助开发人员了解挑战。然而,目前还没有对Stack Overflow上的GUI开发帖子进行大规模的研究。本文对Stack Overflow上23741篇与GUI开发相关的帖子进行了探索性研究。我们首先使用主题建模提取20个与GUI开发相关的主题。在将这些GUI话题手工划分为5类之后,我们进一步定量分析GUI话题的受欢迎程度和难易程度,以及两者之间的相关性,并定性分析问题类型在帖子中的分布。最后,我们有一些有趣的发现。这些发现包括主题“工具选择”是最受欢迎的主题,主题“线程”的不被接受的答案百分比最高,主题“客户端/服务器”的答案需要最长的时间才能被接受。此外,我们还讨论了我们的研究对GUI开发涉众可能的启发。
{"title":"An Exploratory Study for GUI Posts on Stack Overflow","authors":"Jing Ding, Liming Nie, Y. Liu, Zuohua Ding, J. Xuan","doi":"10.1109/QRS57517.2022.00114","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00114","url":null,"abstract":"Graphical User Interface (GUI) has become one of the most effective human-computer communication medium today. The quality of GUI is essential to the success of apps, especially for mobile apps. Developers not only have to understand the interaction of various components, but also follow the principles of design and implementation. It is helpful for developers to understand the challenges via analyzing the questions and answers (Q&A) on GUI development. However, there is no large-scale study on the GUI development posts on Stack Overflow. In this paper, we conduct an exploratory study on 23,741 posts related to GUI development on Stack Overflow. We first extract 20 topics related to GUI development using topic modeling. After manually classifying these GUI topics into 5 categories, we further quantitatively analyze the popularity and difficulty of GUI topics, the correlation between these two aspects, and qualitatively analyze the distribution of question types in posts. Finally, we have some interesting findings. These findings contain that the topic \"tool selection\" is the most popular topic, the topic \"thread\" has the highest percentage of unaccepted answers, and the topic \"client/server\" answer takes the longest time to be accepted. In addition, we discuss about possible inspirations of our research to GUI development stakeholders.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130947221","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
cPV – Simulation and Verification for Membrane Computing cPV -膜计算的仿真与验证
Yezhou Liu, Jing Sun, R. Nicolescu, Hai H. Wang
As a newly proposed computational paradigm of membrane computing, cP systems are used to solve several NP-complete and PSPACE-complete problems in linear or sub-linear time theoretically. Most cP systems proposed in previous studies lack of automated verification support. In this paper, we present cPV, the first software implementation for cP system simulation and verification. cPV offers multiple features, which include modelling, simulation, automated verification of properties such as absence of deadlock, confluence, termination, determinism, and goal reachability. As an extensible framework, modules in cPV are loosely coupled, where new verification algorithms, reduction techniques, and property specifications can be easily extended. To evaluate cPV, we constructed two benchmark datasets that cover several important aspects of cP systems. The experimental results demonstrated effective automatic verification support to the membrane computing problem domain.
cP系统作为膜计算新提出的一种计算范式,从理论上解决了线性或亚线性时间内的np完全和pspace完全问题。在以往的研究中提出的大多数cP系统缺乏自动验证支持。在本文中,我们提出cPV,第一个软件实现的cP系统的仿真和验证。cPV提供了多种特性,包括建模、仿真、自动验证属性(如无死锁、合流、终止、确定性和目标可达性)。作为一个可扩展的框架,cPV中的模块是松散耦合的,新的验证算法、约简技术和属性规范可以很容易地扩展。为了评估cPV,我们构建了两个基准数据集,涵盖了cP系统的几个重要方面。实验结果表明,该方法对膜计算问题域具有有效的自动验证支持。
{"title":"cPV – Simulation and Verification for Membrane Computing","authors":"Yezhou Liu, Jing Sun, R. Nicolescu, Hai H. Wang","doi":"10.1109/QRS57517.2022.00067","DOIUrl":"https://doi.org/10.1109/QRS57517.2022.00067","url":null,"abstract":"As a newly proposed computational paradigm of membrane computing, cP systems are used to solve several NP-complete and PSPACE-complete problems in linear or sub-linear time theoretically. Most cP systems proposed in previous studies lack of automated verification support. In this paper, we present cPV, the first software implementation for cP system simulation and verification. cPV offers multiple features, which include modelling, simulation, automated verification of properties such as absence of deadlock, confluence, termination, determinism, and goal reachability. As an extensible framework, modules in cPV are loosely coupled, where new verification algorithms, reduction techniques, and property specifications can be easily extended. To evaluate cPV, we constructed two benchmark datasets that cover several important aspects of cP systems. The experimental results demonstrated effective automatic verification support to the membrane computing problem domain.","PeriodicalId":143812,"journal":{"name":"2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-12-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130985327","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
2022 IEEE 22nd International Conference on Software Quality, Reliability and Security (QRS)
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1