Static analysis tools used for detecting information exposure bugs can help software engineers detecting bugs without introducing run-time overhead. Such tools can make the detection of information-flow bugs faster and cheaper without having to provide user input in order to trigger the bug detection. In this paper we present a bug-detection tool for detecting information exposure bugs in C/C++ programs. Our tool is context-sensitive and uses static code analysis for bug detection. We developed our bug finding tool as a Eclipse plug-in in order to easily integrate it in software development work flows. The bug reports provide user friendly visualizations that can be easily traced back to the location where the bug was detected. We discuss one static analysis approach for detecting information exposure bugs and relate briefly the usability of our bug testing tool to empirical research. We conducted an empirical evaluation based on 90 test programs which were selected from the Juliet test suite for C/C++ code. We reached a true-positive coverage of 94.4% in 121 seconds for 90 test programs having a total of 12589 source code lines.
{"title":"Context-sensitive detection of information exposure bugs with symbolic execution","authors":"Paul Muntean, C. Eckert, A. Ibing","doi":"10.1145/2666581.2666591","DOIUrl":"https://doi.org/10.1145/2666581.2666591","url":null,"abstract":"Static analysis tools used for detecting information exposure bugs can help software engineers detecting bugs without introducing run-time overhead. Such tools can make the detection of information-flow bugs faster and cheaper without having to provide user input in order to trigger the bug detection. In this paper we present a bug-detection tool for detecting information exposure bugs in C/C++ programs. Our tool is context-sensitive and uses static code analysis for bug detection. We developed our bug finding tool as a Eclipse plug-in in order to easily integrate it in software development work flows. The bug reports provide user friendly visualizations that can be easily traced back to the location where the bug was detected. We discuss one static analysis approach for detecting information exposure bugs and relate briefly the usability of our bug testing tool to empirical research. We conducted an empirical evaluation based on 90 test programs which were selected from the Juliet test suite for C/C++ code. We reached a true-positive coverage of 94.4% in 121 seconds for 90 test programs having a total of 12589 source code lines.","PeriodicalId":249136,"journal":{"name":"Proceedings of the International Workshop on Innovative Software Development Methodologies and Practices","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125514994","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Global Software Engineering (GSE) aims at utilizing global expertise and reducing time-to-market and costs for software development. However, GSE faces serious challenges related to the communication, coordination and provision of development environments for geographically distributed GSE sites, resulting in increased costs. Nowadays, cloud computing offers a cost-effective and a handy solution to provide computing support for global business. In particularly, it provides potential and viable solutions to address concerns and challenges in GSE. We have reviewed the relevant literature on cloud-based support for GSE and identified a set of pros and cons for supporting GSE with cloud services. We also present some recommendations to increase the trustworthiness and productivity with cloud-based support for GSE. This paper outlines the potential benefits and risks of cloud computing to GSE and identifies some gaps that need to be addressed by cloud-based support towards more trustworthy and productive work environment for GSE. This will open windows of opportunities for tailoring the solution utilizing cloud-based support for GSE.
{"title":"Cloud-based support for global software engineering: potentials, risks, and gaps","authors":"Mohammed Al-qadhi, J. Keung","doi":"10.1145/2666581.2666583","DOIUrl":"https://doi.org/10.1145/2666581.2666583","url":null,"abstract":"Global Software Engineering (GSE) aims at utilizing global expertise and reducing time-to-market and costs for software development. However, GSE faces serious challenges related to the communication, coordination and provision of development environments for geographically distributed GSE sites, resulting in increased costs. Nowadays, cloud computing offers a cost-effective and a handy solution to provide computing support for global business. In particularly, it provides potential and viable solutions to address concerns and challenges in GSE. We have reviewed the relevant literature on cloud-based support for GSE and identified a set of pros and cons for supporting GSE with cloud services. We also present some recommendations to increase the trustworthiness and productivity with cloud-based support for GSE. This paper outlines the potential benefits and risks of cloud computing to GSE and identifies some gaps that need to be addressed by cloud-based support towards more trustworthy and productive work environment for GSE. This will open windows of opportunities for tailoring the solution utilizing cloud-based support for GSE.","PeriodicalId":249136,"journal":{"name":"Proceedings of the International Workshop on Innovative Software Development Methodologies and Practices","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117039303","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Proceedings of the International Workshop on Innovative Software Development Methodologies and Practices","authors":"H. Leung","doi":"10.1145/2666581","DOIUrl":"https://doi.org/10.1145/2666581","url":null,"abstract":"","PeriodicalId":249136,"journal":{"name":"Proceedings of the International Workshop on Innovative Software Development Methodologies and Practices","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130782479","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In recent years, web services (WS’s) have been widely used to support interoperable machine-to-machine interaction over a network. In order to ensure a reliable WS system, a number of fault tolerance designs have been proposed. It is known that network connection and hardware devices may fail. In addition, the acceptance test (AT) as well as the decision mechanism (DM), which are common in fault tolerance designs, could also fail unexpectedly. Such uncertainties may affect the reliability of a WS-based system but have not yet been carefully considered in reliability modeling. Therefore, we propose extended NVP (ENVP) and extended RB (ERB) for the reliability analysis. Various operations of ENVP and ERB are discussed, and a simulation procedure is implemented to evaluate the system reliability and the failure probability of fault-tolerant WS-based systems. The experimental results show a high degree of correlation between the numbers of AT’s and the reliability improvements. The proposed fault tolerance designs could improve the system reliability, and the simulation procedure could also help in exploring appropriate configurations of fault tolerance designs for practitioners.
{"title":"Enhanced n-version programming and recovery block techniques for web service systems","authors":"K. Peng, Chin-Yu Huang, P. Wang, Chao-Jung Hsu","doi":"10.1145/2666581.2666587","DOIUrl":"https://doi.org/10.1145/2666581.2666587","url":null,"abstract":"In recent years, web services (WS’s) have been widely used to support interoperable machine-to-machine interaction over a network. In order to ensure a reliable WS system, a number of fault tolerance designs have been proposed. It is known that network connection and hardware devices may fail. In addition, the acceptance test (AT) as well as the decision mechanism (DM), which are common in fault tolerance designs, could also fail unexpectedly. Such uncertainties may affect the reliability of a WS-based system but have not yet been carefully considered in reliability modeling. Therefore, we propose extended NVP (ENVP) and extended RB (ERB) for the reliability analysis. Various operations of ENVP and ERB are discussed, and a simulation procedure is implemented to evaluate the system reliability and the failure probability of fault-tolerant WS-based systems. The experimental results show a high degree of correlation between the numbers of AT’s and the reliability improvements. The proposed fault tolerance designs could improve the system reliability, and the simulation procedure could also help in exploring appropriate configurations of fault tolerance designs for practitioners.","PeriodicalId":249136,"journal":{"name":"Proceedings of the International Workshop on Innovative Software Development Methodologies and Practices","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114207570","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Aharon Abadi, Y. Dubinsky, A. Kirshin, Y. Mesika, Idan Ben-Harrush, Uzy Hadad
Constructing a mobile application in the enterprise is expensive and time consuming. On average, deploying a mobile application is estimated at one week of effort per screen. We present an evaluation of NitroGen, a platform-independent tool for constructing mobile solutions. The tool provides a consumable integrated set of capabilities aimed at reducing development and maintenance costs. NitroGen is a mostly codeless, cloud-based, platform for visually constructing mobile applications. We demonstrate how students with some skills in web development and no skills in mobile development have successfully learned and used NitroGen to implement a small-scale three-screen application, which uses existing back-end services—all in less than 90 minutes.
{"title":"Developing enterprise mobile applications the easy way","authors":"Aharon Abadi, Y. Dubinsky, A. Kirshin, Y. Mesika, Idan Ben-Harrush, Uzy Hadad","doi":"10.1145/2666581.2666590","DOIUrl":"https://doi.org/10.1145/2666581.2666590","url":null,"abstract":"Constructing a mobile application in the enterprise is expensive and time consuming. On average, deploying a mobile application is estimated at one week of effort per screen. We present an evaluation of NitroGen, a platform-independent tool for constructing mobile solutions. The tool provides a consumable integrated set of capabilities aimed at reducing development and maintenance costs. NitroGen is a mostly codeless, cloud-based, platform for visually constructing mobile applications. We demonstrate how students with some skills in web development and no skills in mobile development have successfully learned and used NitroGen to implement a small-scale three-screen application, which uses existing back-end services—all in less than 90 minutes.","PeriodicalId":249136,"journal":{"name":"Proceedings of the International Workshop on Innovative Software Development Methodologies and Practices","volume":"243 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2014-11-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130769046","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: