Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00043
Seunghwan Baek, Jisoo Song, Changyun Seo
Reproducing software defects plays a crucial role in the process of diagnosing and resolving bugs. While reproducing bugs, programmers may apply additional analysis tools to locate the point at which the program has gone astray. In a database management system for handling massive concurrent workloads from business application, developing a reproduction scenario may be challenging due to complex transactional dependency among workload executions. In this paper, for SAP HANA Quality assurance, we introduce a technique to extract a lightweight reproduction scenario which contains the relevant sequence of database operations for retriggering a target system failure. Our approach comprises two phases: (1) transforming a historical transactional information into a compact data structure, (2) extracting a reproduction scenario to isolate the symptom. We evaluate our technique against real functional bugs detected during the SAP HANA release validation and highlight its effectiveness for handling complex symptom analysis.
{"title":"RSX: Reproduction Scenario Extraction Technique for Business Application Workloads in DBMS","authors":"Seunghwan Baek, Jisoo Song, Changyun Seo","doi":"10.1109/ISSREW51248.2020.00043","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00043","url":null,"abstract":"Reproducing software defects plays a crucial role in the process of diagnosing and resolving bugs. While reproducing bugs, programmers may apply additional analysis tools to locate the point at which the program has gone astray. In a database management system for handling massive concurrent workloads from business application, developing a reproduction scenario may be challenging due to complex transactional dependency among workload executions. In this paper, for SAP HANA Quality assurance, we introduce a technique to extract a lightweight reproduction scenario which contains the relevant sequence of database operations for retriggering a target system failure. Our approach comprises two phases: (1) transforming a historical transactional information into a compact data structure, (2) extracting a reproduction scenario to isolate the symptom. We evaluate our technique against real functional bugs detected during the SAP HANA release validation and highlight its effectiveness for handling complex symptom analysis.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128407718","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00028
Hao Yang, Yang Xu, Yong Li, Hyunduk Choi
After a developer submits code, corresponding test cases arise to ensure the quality of software delivery. Test failures would occur during this period, such as crash, error, and timeout. Since it takes time for developers to resolve them, many duplicate failures will happen during this period. In the delivery practice of SAP HANA, crash triaging is considered as the most timeconsuming task. If duplicate crash failures can be automatically identified, the degree of automation will be significantly enhanced. To find such duplicates, we propose a training-based mathematical model that utilizes component information of SAP HANA to achieve better crash similarity comparison. We implement our approach in a tool named K-Detector (Knowledge-based Detector), which is verified by 11,208 samples and performs 0.986 in AUC (Area Under ROC Curve). Furthermore, we apply KDetector to the production environment, and it can save 97% human efforts in crash triage as statistics.
{"title":"K-Detector: Identifying Duplicate Crash Failures in Large-Scale Software Delivery","authors":"Hao Yang, Yang Xu, Yong Li, Hyunduk Choi","doi":"10.1109/ISSREW51248.2020.00028","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00028","url":null,"abstract":"After a developer submits code, corresponding test cases arise to ensure the quality of software delivery. Test failures would occur during this period, such as crash, error, and timeout. Since it takes time for developers to resolve them, many duplicate failures will happen during this period. In the delivery practice of SAP HANA, crash triaging is considered as the most timeconsuming task. If duplicate crash failures can be automatically identified, the degree of automation will be significantly enhanced. To find such duplicates, we propose a training-based mathematical model that utilizes component information of SAP HANA to achieve better crash similarity comparison. We implement our approach in a tool named K-Detector (Knowledge-based Detector), which is verified by 11,208 samples and performs 0.986 in AUC (Area Under ROC Curve). Furthermore, we apply KDetector to the production environment, and it can save 97% human efforts in crash triage as statistics.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129715377","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00084
Alireza Hakamian, Floriment Klinaku, André van Hoorn, Steffen Becker
Context. Modern distributed systems are flexible in moving from one configuration to another during operation in an automated or semi-automated manner, e.g., concerning dynamic CPU allocation and deploying updated versions of system services. Software architects need assurance that the system satisfies agreed quality of service (QoS) despite a change in system configuration. In the literature, under resilience, survivability, and elasticity, there are different change impact quantification approaches that each has different methods for quality metric specification, modeling a change, and impact analysis. However, independent of a particular approach, no taxonomy exists that clarifies a set of general concepts concerning change impact quantification in reconfigurable systems.Objective. We propose a taxonomy by examining existing approaches under the three meta-quality attributes for change impact quantification.Method. We start with works done by heavily cited authors behind resilience, survivability, and elasticity who provided unambiguous and measurable definitions.Result. We classify existing approaches for change impact quantification based on the taxonomy. We demonstrate the application of our taxonomy through an example.Conclusion. The taxonomy provides a unified and structured knowledge across communities that further eases communication and development of new approaches for change impact quantification.
{"title":"Resilience, Survivability, and Elasticity: A Taxonomy for Change Impact Quantification of Reconfigurable Systems","authors":"Alireza Hakamian, Floriment Klinaku, André van Hoorn, Steffen Becker","doi":"10.1109/ISSREW51248.2020.00084","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00084","url":null,"abstract":"Context. Modern distributed systems are flexible in moving from one configuration to another during operation in an automated or semi-automated manner, e.g., concerning dynamic CPU allocation and deploying updated versions of system services. Software architects need assurance that the system satisfies agreed quality of service (QoS) despite a change in system configuration. In the literature, under resilience, survivability, and elasticity, there are different change impact quantification approaches that each has different methods for quality metric specification, modeling a change, and impact analysis. However, independent of a particular approach, no taxonomy exists that clarifies a set of general concepts concerning change impact quantification in reconfigurable systems.Objective. We propose a taxonomy by examining existing approaches under the three meta-quality attributes for change impact quantification.Method. We start with works done by heavily cited authors behind resilience, survivability, and elasticity who provided unambiguous and measurable definitions.Result. We classify existing approaches for change impact quantification based on the taxonomy. We demonstrate the application of our taxonomy through an example.Conclusion. The taxonomy provides a unified and structured knowledge across communities that further eases communication and development of new approaches for change impact quantification.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123707345","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2020-10-01DOI: 10.1109/ISSREW51248.2020.00080
Gianpiero Costantino, I. Matteucci, Domenico Morales
Modern vehicles are computers on wheels connected to the Internet. Thus, they may be vulnerable to local and remote cyber-attacks. This paper proposes a novel Intrusion Prevention System (IPS), named EARNEST aiming at preventing that an attacker sends malicious CAN frames among different partitions of intra-vehicle network. EARNEST stands for challEnge bAsed intRusioN prEvention SysTem. Its main novelty is the usage of a challenge-based mechanism: once an ECU sends a frame from a partition to another, EARNEST challenges it. If the ECU answers correctly, then its frame is forwarded, otherwise, it is discarded. The proposed algorithm is able to address both replay and fuzzing attacks. A proof of concept implementation of the EARNEST algorithm is provided within an evaluation of its performances in a simulated environment.
{"title":"EARNEST: A challenge-based intrusion prevention system for CAN messages","authors":"Gianpiero Costantino, I. Matteucci, Domenico Morales","doi":"10.1109/ISSREW51248.2020.00080","DOIUrl":"https://doi.org/10.1109/ISSREW51248.2020.00080","url":null,"abstract":"Modern vehicles are computers on wheels connected to the Internet. Thus, they may be vulnerable to local and remote cyber-attacks. This paper proposes a novel Intrusion Prevention System (IPS), named EARNEST aiming at preventing that an attacker sends malicious CAN frames among different partitions of intra-vehicle network. EARNEST stands for challEnge bAsed intRusioN prEvention SysTem. Its main novelty is the usage of a challenge-based mechanism: once an ECU sends a frame from a partition to another, EARNEST challenges it. If the ECU answers correctly, then its frame is forwarded, otherwise, it is discarded. The proposed algorithm is able to address both replay and fuzzing attacks. A proof of concept implementation of the EARNEST algorithm is provided within an evaluation of its performances in a simulated environment.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129203886","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/issrew.2019.00007
{"title":"ISSRE Industry Track Committees","authors":"","doi":"10.1109/issrew.2019.00007","DOIUrl":"https://doi.org/10.1109/issrew.2019.00007","url":null,"abstract":"","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"133 45","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"113969973","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2019-10-01DOI: 10.1109/issrew.2019.00011
A fast abstract is a two-page article to: (i) introduce early original ideas targeting problems in both research and industry, (ii) discuss new research trends in SRE, (iii) state bold arguments on controversial issues, (iv) report on relevant ongoing experiences and open/solved challenges of SRE, or (v) share lessons learned from large-scale real-world software development, deployment, and/or maintenance.
{"title":"Message from the Fast Abstracts Track Chairs","authors":"","doi":"10.1109/issrew.2019.00011","DOIUrl":"https://doi.org/10.1109/issrew.2019.00011","url":null,"abstract":"A fast abstract is a two-page article to: (i) introduce early original ideas targeting problems in both research and industry, (ii) discuss new research trends in SRE, (iii) state bold arguments on controversial issues, (iv) report on relevant ongoing experiences and open/solved challenges of SRE, or (v) share lessons learned from large-scale real-world software development, deployment, and/or maintenance.","PeriodicalId":202247,"journal":{"name":"2020 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"488 2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134197132","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: