Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00045
Jinfu Chen, Jingyi Chen, Dong Guo, D. Towey
Fuzzing is a highly automated testing technique. It has been widely used in software vulnerability mining. American fuzzy lop (AFL) is one of the most effective fuzzing tools, with low resource consumption and a variety of efficient fuzzy test strategies. However, because it uses a random testing (RT) algorithm when generating test cases, there is a problem of low quality and low test efficiency. In this paper, we propose an improved fuzzing testing approach based on adaptive random testing (ART) to enhance the effectiveness of AFL test case generation. We also introduce AFL-ART, a new fuzzing tool based on ART. According to the experimental results, AFLART can enhance AFL test case generation, and improve fuzzing testing efficiency.
{"title":"An improved fuzzing approach based on adaptive random testing","authors":"Jinfu Chen, Jingyi Chen, Dong Guo, D. Towey","doi":"10.1109/ISSREW51248.2020.00045","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00045","url":null,"abstract":"Fuzzing is a highly automated testing technique. It has been widely used in software vulnerability mining. American fuzzy lop (AFL) is one of the most effective fuzzing tools, with low resource consumption and a variety of efficient fuzzy test strategies. However, because it uses a random testing (RT) algorithm when generating test cases, there is a problem of low quality and low test efficiency. In this paper, we propose an improved fuzzing testing approach based on adaptive random testing (ART) to enhance the effectiveness of AFL test case generation. We also introduce AFL-ART, a new fuzzing tool based on ART. According to the experimental results, AFLART can enhance AFL test case generation, and improve fuzzing testing efficiency.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"93 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124665179","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00073
Andrea Stocco, P. Tonella
In this paper, we first discuss the challenges of adapting an already trained DNN-based anomaly detector with knowledge mined during the execution of the main system. Then, we present a framework for the continual learning of anomaly detectors, which records in-field behavioural data to determine what data are appropriate for adaptation. We evaluated our framework to improve an anomaly detector taken from the literature, in the context of misbehavior prediction for self-driving cars. Our results show that our solution can reduce the false positive rate by a large margin and adapt to nominal behaviour changes while maintaining the original anomaly detection capability.
{"title":"Towards Anomaly Detectors that Learn Continuously","authors":"Andrea Stocco, P. Tonella","doi":"10.1109/ISSREW51248.2020.00073","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00073","url":null,"abstract":"In this paper, we first discuss the challenges of adapting an already trained DNN-based anomaly detector with knowledge mined during the execution of the main system. Then, we present a framework for the continual learning of anomaly detectors, which records in-field behavioural data to determine what data are appropriate for adaptation. We evaluated our framework to improve an anomaly detector taken from the literature, in the context of misbehavior prediction for self-driving cars. Our results show that our solution can reduce the false positive rate by a large margin and adapt to nominal behaviour changes while maintaining the original anomaly detection capability.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"60 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127143217","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00063
A. Hocking, Jonathan C. Rowanhill, B. D. Vito
Unit lemmas and a checklist of questions used to generate them can identify flaws in formal requirements and specifications early in the design process, reducing the overall cost and increasing confidence in the final product. We demonstrate how we can apply unit lemmas and the checklist to a tri-valued logic system.
{"title":"Unit Lemmas for Detecting Requirement and Specification Flaws","authors":"A. Hocking, Jonathan C. Rowanhill, B. D. Vito","doi":"10.1109/ISSREW51248.2020.00063","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00063","url":null,"abstract":"Unit lemmas and a checklist of questions used to generate them can identify flaws in formal requirements and specifications early in the design process, reducing the overall cost and increasing confidence in the final product. We demonstrate how we can apply unit lemmas and the checklist to a tri-valued logic system.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"58 4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115549683","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00038
Stephan Baumgart, Joakim Fröberg, S. Punnekkat
Autonomous vehicles grow importance in many domains and depending on the domain and user needs, autonomous vehicles can be designed as stand-alone solutions as in the automotive domain or as part of a fleet with a specific purpose as in the earth moving machinery domain. Contemporary hazard analysis methods primarily focus on analyzing hazards for single systems. Such an analysis requires knowledge about typical usage of a product, and it is evaluated among others if an operator is able to handle a critical situation. Each hazard analysis method requires specific information as input in order to conduct the method. However, for system-of-systems it is not yet clear how to analyze hazards and provide the required information. In this paper we describe a use case from the earth moving machinery domain where autonomous machines collaborate as a system-of-systems to achieve the mission. We propose a hierarchical process to document a system-of-systems and propose the use of model-based development methods. In this work we discuss how to utilize the provided details in a hazard analysis. Our approach helps to design a complex system-of-systems and supports hazard analysis in a more effective and efficient manner.
{"title":"A Process to Support Safety Analysis for a System-of-Systems","authors":"Stephan Baumgart, Joakim Fröberg, S. Punnekkat","doi":"10.1109/ISSREW51248.2020.00038","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00038","url":null,"abstract":"Autonomous vehicles grow importance in many domains and depending on the domain and user needs, autonomous vehicles can be designed as stand-alone solutions as in the automotive domain or as part of a fleet with a specific purpose as in the earth moving machinery domain. Contemporary hazard analysis methods primarily focus on analyzing hazards for single systems. Such an analysis requires knowledge about typical usage of a product, and it is evaluated among others if an operator is able to handle a critical situation. Each hazard analysis method requires specific information as input in order to conduct the method. However, for system-of-systems it is not yet clear how to analyze hazards and provide the required information. In this paper we describe a use case from the earth moving machinery domain where autonomous machines collaborate as a system-of-systems to achieve the mission. We propose a hierarchical process to document a system-of-systems and propose the use of model-based development methods. In this work we discuss how to utilize the provided details in a hazard analysis. Our approach helps to design a complex system-of-systems and supports hazard analysis in a more effective and efficient manner.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129627310","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00083
Carlo Abate, L. Campanile, S. Marrone
Modern predictive maintenance is the convergence of several technological trends: developing new techniques and algorithms can be very costly due to the need for a physical prototype. This research has the final aim to build a simulation-based software framework for modeling and analysing complex systems and for defining predictive maintenance algorithms. By the usage of simulation, quantitative evaluation of the dependability of such systems will be possible. The ERTMS/ETCS dependability case study is presented to prove the applicability of the software.
{"title":"A flexible simulation-based framework for model-based/data-driven dependability evaluation","authors":"Carlo Abate, L. Campanile, S. Marrone","doi":"10.1109/ISSREW51248.2020.00083","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00083","url":null,"abstract":"Modern predictive maintenance is the convergence of several technological trends: developing new techniques and algorithms can be very costly due to the need for a physical prototype. This research has the final aim to build a simulation-based software framework for modeling and analysing complex systems and for defining predictive maintenance algorithms. By the usage of simulation, quantitative evaluation of the dependability of such systems will be possible. The ERTMS/ETCS dependability case study is presented to prove the applicability of the software.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"103 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124601747","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/issrew51248.2020.00017
K. Trivedi, T. Dohi, Domenico Cotroneo, Javier Alonso, Junjun Zheng, X. Chang, H. Okamura, A. Platis, A. Puliafito, M. Scarpa, Nuno Silva, Kishor S. Trivedi, K. Vaidyanathan, K. Wolter, Jianwen Xiang, Liudong Xing
Program Committee Javier Alonso, Amazon.com, USA Artur Andrzejak, Heidelberg University, Germany Alberto Avritzer, eSulabSolutions, USA Xiaolin Chang, Beijing Jiaotong University, China Domenico Cotroneo, Federico II University of Naples, Italy Tadashi Dohi, Hiroshima University, Japan Lance Fiondella, University of Massachusetts, USA Michael Grottke, GfK SE and Friedrich-Alexander-Universität Erlangen-Nürnberg,Germany Sandip Homchaudhuri, Qualcomm Technologies Inc (QTI), USA Kenji Kono, Keio University, Japan Vasilis Koutras, University of the Aegean, Greece Jinghui Li, Huawei, China Fumio Machida, University of Tsukuba, Japan Paulo Maciel, Federal University of Pernambuco, Brazil Rivalino Matias, Federal University of Uberlandia, Brazil Daniel Sadoc Menasche, Federal University of Rio de Janeiro, Brazil Veena Mendiratta, Bell Labs, Nokia, USA Manoj Nambiar, Infosys, India Roberto Natella, Federico II University of Naples, Italy Hiroyuki Okamura, Hiroshima University, Japan Roberto Pietrantuono, Federico II University of Naples, Italy
{"title":"WoSAR 2020 Workshop Committees","authors":"K. Trivedi, T. Dohi, Domenico Cotroneo, Javier Alonso, Junjun Zheng, X. Chang, H. Okamura, A. Platis, A. Puliafito, M. Scarpa, Nuno Silva, Kishor S. Trivedi, K. Vaidyanathan, K. Wolter, Jianwen Xiang, Liudong Xing","doi":"10.1109/issrew51248.2020.00017","DOIUrl":"https://doi.org/10.1109/issrew51248.2020.00017","url":null,"abstract":"Program Committee Javier Alonso, Amazon.com, USA Artur Andrzejak, Heidelberg University, Germany Alberto Avritzer, eSulabSolutions, USA Xiaolin Chang, Beijing Jiaotong University, China Domenico Cotroneo, Federico II University of Naples, Italy Tadashi Dohi, Hiroshima University, Japan Lance Fiondella, University of Massachusetts, USA Michael Grottke, GfK SE and Friedrich-Alexander-Universität Erlangen-Nürnberg,Germany Sandip Homchaudhuri, Qualcomm Technologies Inc (QTI), USA Kenji Kono, Keio University, Japan Vasilis Koutras, University of the Aegean, Greece Jinghui Li, Huawei, China Fumio Machida, University of Tsukuba, Japan Paulo Maciel, Federal University of Pernambuco, Brazil Rivalino Matias, Federal University of Uberlandia, Brazil Daniel Sadoc Menasche, Federal University of Rio de Janeiro, Brazil Veena Mendiratta, Bell Labs, Nokia, USA Manoj Nambiar, Infosys, India Roberto Natella, Federico II University of Naples, Italy Hiroyuki Okamura, Hiroshima University, Japan Roberto Pietrantuono, Federico II University of Naples, Italy","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"22 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126332821","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00087
Joanna C. S. Santos, A. Shokri, Mehdi Mirakhorli
Software system traceability plays a crucial role in the development and assurance of any dependable softwareintensive system. Federal agencies developing or regulating mission-centric or safety-critical software systems require traceability as a core component of the approval and certification process. Manually generating and managing traceability links is a tedious and error-prone task that requires great effort. The state-of-the-art automated traceability techniques rely on information retrieval and machine learning techniques. While these techniques create semantic links between artifacts, they are inadequate for analyzing the satisfiability of the underling traceability criteria. Therefore, in this paper, we describe SHERLOCK, an integrated environment to facilitate the rapid and continuous certification of software systems. At the core of SHERLOCK’S capabilities is the novel concept of Traceability Certification Models (TCM) and a Catalog of Certification Assurance Case Patterns (CACP) which guides the efforts of establishing the required trace links for fulfilling the criteria for a given certification. By relying on TCMs, CACPs as well as traceability and change impact analysis techniques, SHERLOCK can report the system’s traceability coverage in terms of missing traceability links required for certification, and deprecated/unnecessary links. We showcase SHERLOCK’S capabilities using a case study of certifying an Attitude and Orbit Control System (AOCS).
{"title":"Towards Automated Evidence Generation for Rapid and Continuous Software Certification","authors":"Joanna C. S. Santos, A. Shokri, Mehdi Mirakhorli","doi":"10.1109/ISSREW51248.2020.00087","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00087","url":null,"abstract":"Software system traceability plays a crucial role in the development and assurance of any dependable softwareintensive system. Federal agencies developing or regulating mission-centric or safety-critical software systems require traceability as a core component of the approval and certification process. Manually generating and managing traceability links is a tedious and error-prone task that requires great effort. The state-of-the-art automated traceability techniques rely on information retrieval and machine learning techniques. While these techniques create semantic links between artifacts, they are inadequate for analyzing the satisfiability of the underling traceability criteria. Therefore, in this paper, we describe SHERLOCK, an integrated environment to facilitate the rapid and continuous certification of software systems. At the core of SHERLOCK’S capabilities is the novel concept of Traceability Certification Models (TCM) and a Catalog of Certification Assurance Case Patterns (CACP) which guides the efforts of establishing the required trace links for fulfilling the criteria for a given certification. By relying on TCMs, CACPs as well as traceability and change impact analysis techniques, SHERLOCK can report the system’s traceability coverage in terms of missing traceability links required for certification, and deprecated/unnecessary links. We showcase SHERLOCK’S capabilities using a case study of certifying an Attitude and Orbit Control System (AOCS).","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"14 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132022042","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00077
Antonio Brogi, Stefano Forti, Carlos Guerrero, I. Lera
Managing next-gen applications over Fog computing infrastructures is challenging and calls for new methodologies and tools that enable flexible, scalable and application-specific management along the Cloud-IoT continuum. This article proposes a novel approach for realising a fully decentralised application management in opportunistic Fog computing infrastructures. We present a Prolog implementation of the approach and assess it over some motivating scenarios by experimenting with three different management policies via simulation.
{"title":"Towards Declarative Decentralised Application Management in the Fog","authors":"Antonio Brogi, Stefano Forti, Carlos Guerrero, I. Lera","doi":"10.1109/ISSREW51248.2020.00077","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00077","url":null,"abstract":"Managing next-gen applications over Fog computing infrastructures is challenging and calls for new methodologies and tools that enable flexible, scalable and application-specific management along the Cloud-IoT continuum. This article proposes a novel approach for realising a fully decentralised application management in opportunistic Fog computing infrastructures. We present a Prolog implementation of the approach and assess it over some motivating scenarios by experimenting with three different management policies via simulation.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"37 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116531667","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00060
Zhenxiang Chen, H. Washizaki, Y. Fukazawa
Modified Condition and Decision Coverage (MC/DC) is a software testing criterion to check code coverage. It can be divided into a unique-cause MC/DC and masking MC/DC, according to the level of acceptance in concepts. Although masking MC/DC is used in many applications, in our study we found undetectable cases utilizing Masking MC/DC test suites that could be detected using stricter unique-cause MC/DC. To ensure the strictness of MC/DC criterion, herein we propose an automated tool that revises the masking MC/DC test suite into a unique-cause MC/DC.
{"title":"Automated Tool for Revising Masking MC/DC Test Suite","authors":"Zhenxiang Chen, H. Washizaki, Y. Fukazawa","doi":"10.1109/ISSREW51248.2020.00060","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00060","url":null,"abstract":"Modified Condition and Decision Coverage (MC/DC) is a software testing criterion to check code coverage. It can be divided into a unique-cause MC/DC and masking MC/DC, according to the level of acceptance in concepts. Although masking MC/DC is used in many applications, in our study we found undetectable cases utilizing Masking MC/DC test suites that could be detected using stricter unique-cause MC/DC. To ensure the strictness of MC/DC criterion, herein we propose an automated tool that revises the masking MC/DC test suite into a unique-cause MC/DC.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"95 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127081862","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: