Adaptive random testing (ART) is a method for improving the fault-finding effectiveness of random testing. Fixed-size candidate set ART is the most studied variant of this approach. However, existing implementations of FSCS-ART have had substantial selection overhead, with n test cases requiring O(n/sup 2/) time to generate. We describe the use of a geometric data structure known as the Voronoi diagram to reduce this overhead to no worse than O(n/spl radic/n) and, with further optimization, O(nlogn). We demonstrate experimentally that practical improvements in selection overhead can be gained using this improved implementation.
{"title":"Efficient and effective random testing using the Voronoi diagram","authors":"T. Chen, Robert G. Merkel","doi":"10.1109/ASWEC.2006.25","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.25","url":null,"abstract":"Adaptive random testing (ART) is a method for improving the fault-finding effectiveness of random testing. Fixed-size candidate set ART is the most studied variant of this approach. However, existing implementations of FSCS-ART have had substantial selection overhead, with n test cases requiring O(n/sup 2/) time to generate. We describe the use of a geometric data structure known as the Voronoi diagram to reduce this overhead to no worse than O(n/spl radic/n) and, with further optimization, O(nlogn). We demonstrate experimentally that practical improvements in selection overhead can be gained using this improved implementation.","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"28 1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130186682","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Semistructured data is typically represented using XML. However, little semantic information can be captured using XML. Other data models, such as the object relationship attribute data model for semistructured data (ORA-SS), have been introduced to represent more detailed semantic information. Automatic analysis of the data models would enable us to reveal inconsistencies both at the schema and instance levels of the semistructured data. The aim of this paper is to encode the semantics of the ORA-SS data model in the Alloy formal language and automatically validate the semistructured data design using the Alloy analyzer. It enables us to check the consistency of an ORA-SS schema and its instances.
{"title":"Validating ORA-SS data models using Alloy","authors":"L. Wang, G. Dobbie, Jing Sun, L. Groves","doi":"10.1109/ASWEC.2006.54","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.54","url":null,"abstract":"Semistructured data is typically represented using XML. However, little semantic information can be captured using XML. Other data models, such as the object relationship attribute data model for semistructured data (ORA-SS), have been introduced to represent more detailed semantic information. Automatic analysis of the data models would enable us to reveal inconsistencies both at the schema and instance levels of the semistructured data. The aim of this paper is to encode the semantics of the ORA-SS data model in the Alloy formal language and automatically validate the semistructured data design using the Alloy analyzer. It enables us to check the consistency of an ORA-SS schema and its instances.","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"20 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126977180","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
With the increased usage of wireless LANs (WLANs), businesses and educational institutions are becoming more concerned about wireless network security. The latest WLAN security protocol, the IEEE 802.11i assures rigid security for wireless networks with the support of IEEE 802.1X protocol for authentication, authorization and key distribution. In this study we investigate the integrity of the security model developed by us based on 802.11i robust security mechanism (RSN), strengthening our desire towards establishing a secure wireless network environment. We have used the symbolic analysis laboratory (SAL) tools to formally verify the behavior tree models. This paper presents the several linear temporal logic (LTL) formulas established to prove the credibility of our model. We also discuss probable software issues that could arise during implementation. By examining all possible execution traces of the security protocol we have proved our implementation model to be complete and consistent.
{"title":"Formal verification of the IEEE 802.11i WLAN security protocol","authors":"E. Sithirasenan, Saad Zafar, V. Muthukkumarasamy","doi":"10.1109/ASWEC.2006.29","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.29","url":null,"abstract":"With the increased usage of wireless LANs (WLANs), businesses and educational institutions are becoming more concerned about wireless network security. The latest WLAN security protocol, the IEEE 802.11i assures rigid security for wireless networks with the support of IEEE 802.1X protocol for authentication, authorization and key distribution. In this study we investigate the integrity of the security model developed by us based on 802.11i robust security mechanism (RSN), strengthening our desire towards establishing a secure wireless network environment. We have used the symbolic analysis laboratory (SAL) tools to formally verify the behavior tree models. This paper presents the several linear temporal logic (LTL) formulas established to prove the credibility of our model. We also discuss probable software issues that could arise during implementation. By examining all possible execution traces of the security protocol we have proved our implementation model to be complete and consistent.","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127130918","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
This paper describes the formalisation of Java thread synchronisation in an extended Owicki-Gries theory, which facilitates the proof of safety and progress properties of multi-threaded Java programs. Although we can use this formalisation to verify existing Java programs, our focus is on deriving them instead. The derivation process consists of two stages: design and transformation. In the design stage, we use the method of Feijen and van Gasteren to obtain a program that satisfies the given requirements. This solution will most likely make atomicity assumptions Java is unable to guarantee. In the transformation stage, we reduce the granularity of the statements and develop a solution that can be translated directly to a Java implementation
{"title":"Derivation of Java monitors","authors":"Brijesh Dongol","doi":"10.1109/ASWEC.2006.23","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.23","url":null,"abstract":"This paper describes the formalisation of Java thread synchronisation in an extended Owicki-Gries theory, which facilitates the proof of safety and progress properties of multi-threaded Java programs. Although we can use this formalisation to verify existing Java programs, our focus is on deriving them instead. The derivation process consists of two stages: design and transformation. In the design stage, we use the method of Feijen and van Gasteren to obtain a program that satisfies the given requirements. This solution will most likely make atomicity assumptions Java is unable to guarantee. In the transformation stage, we reduce the granularity of the statements and develop a solution that can be translated directly to a Java implementation","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"175 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132624967","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
To address the problems of traditional software development methodologies, recent years have seen the introduction of more light-weight or "agile" development processes. These processes are intended to support early and quick production of working code by structuring the development into small release cycles and focus on continual interaction between developers and customers. As these kinds of software development processes are becoming more and more popular in industry, there is a growing demand to expose Software Engineering students to agile development practices. This, however, is not a straightforward task as the corresponding practices cannot be adjusted easily to a learning environment or may even run counter to educational goals. In this paper, we discuss our experiences in introducing agile practices in student software development projects and reflect on both the benefits and drawbacks of agile processes in this setting
{"title":"Agile practices in software development - experiences from student projects","authors":"Jean-Guy Schneider, Rajesh Vasa","doi":"10.1109/ASWEC.2006.9","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.9","url":null,"abstract":"To address the problems of traditional software development methodologies, recent years have seen the introduction of more light-weight or \"agile\" development processes. These processes are intended to support early and quick production of working code by structuring the development into small release cycles and focus on continual interaction between developers and customers. As these kinds of software development processes are becoming more and more popular in industry, there is a growing demand to expose Software Engineering students to agile development practices. This, however, is not a straightforward task as the corresponding practices cannot be adjusted easily to a learning environment or may even run counter to educational goals. In this paper, we discuss our experiences in introducing agile practices in student software development projects and reflect on both the benefits and drawbacks of agile processes in this setting","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"52 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134372075","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We propose a software development method for enterprise applications that combines the use of the structural concepts provided by problem frames, and the use of the UML notation. Problem frames are patterns that provide a precise conceptual model of what is the problem to be solved. The first step of our method is to match the current task with one of the problem frames that we propose for enterprise applications, and this helps to understand the nature of the problem under study. The problem frames to be considered for enterprise applications are clearly more complex than the basic ones. We then provide guidelines to develop all the artifacts required by the method through a dedicated choice of appropriate UML diagrams together with predefined schemas or skeletons for their contents. Thus, using our method provides a more direct path to the UML models, which saves time (no long questions about which diagrams to use and how) and improves the models quality (relevant issues are addressed, a uniform style is offered). In this paper, we consider the phases of modelling the domain, the requirements capture and specification, and their relationships.
{"title":"Requirements capture and specification for enterprise applications: a UML based attempt","authors":"C. Choppy, G. Reggio","doi":"10.1109/ASWEC.2006.43","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.43","url":null,"abstract":"We propose a software development method for enterprise applications that combines the use of the structural concepts provided by problem frames, and the use of the UML notation. Problem frames are patterns that provide a precise conceptual model of what is the problem to be solved. The first step of our method is to match the current task with one of the problem frames that we propose for enterprise applications, and this helps to understand the nature of the problem under study. The problem frames to be considered for enterprise applications are clearly more complex than the basic ones. We then provide guidelines to develop all the artifacts required by the method through a dedicated choice of appropriate UML diagrams together with predefined schemas or skeletons for their contents. Thus, using our method provides a more direct path to the UML models, which saves time (no long questions about which diagrams to use and how) and improves the models quality (relevant issues are addressed, a uniform style is offered). In this paper, we consider the phases of modelling the domain, the requirements capture and specification, and their relationships.","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"111 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133992007","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Kerberos-One-Time protocol is a key distribution protocol promoted for use with Javacards to provide secure communication over the GSM mobile phone network. From inspection we suspected a replay attack was possible on the protocol. To check this, we formally specified the protocol using Object-Z and then analysed its behaviour in the presence of an attacker using the symbolic analysis laboratory's model checker. To produce accurate results efficiently, our formalism included an abstraction of the protocol's data structures that captured just those characteristics that we believed made the protocol vulnerable. Ultimately, the model checker's analysis confirmed our suspicions about the protocol's weakness
{"title":"Formally analysing a security protocol for replay attacks","authors":"Benjamin W. Long, C. Fidge","doi":"10.1109/ASWEC.2006.30","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.30","url":null,"abstract":"The Kerberos-One-Time protocol is a key distribution protocol promoted for use with Javacards to provide secure communication over the GSM mobile phone network. From inspection we suspected a replay attack was possible on the protocol. To check this, we formally specified the protocol using Object-Z and then analysed its behaviour in the presence of an attacker using the symbolic analysis laboratory's model checker. To produce accurate results efficiently, our formalism included an abstraction of the protocol's data structures that captured just those characteristics that we believed made the protocol vulnerable. Ultimately, the model checker's analysis confirmed our suspicions about the protocol's weakness","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121936046","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
We have developed an approach to identify and capture architecturally significant information from patterns (ASIP), which can be used to improve architecture design and evaluation. Our experimental goal was to evaluate whether the use of the ASIP improves the quality of scenarios developed to evaluate software architecture. Out of 24 subjects 21 were experienced software engineers who had returned to University for a postgraduate studies and remaining 3 were fourth year undergraduate students. All participants were taking a course in software architecture. The participants were randomly assigned to two groups of equal size. Both groups developed scenarios for architecture evaluation. One group (treatment group) was given ASIP information the other (control group) was not. The outcome variable was the quality of the scenarios produced by each participant working individually. The treatment group participants also completed a post-experiment questionnaire. Our results support the hypothesis that ASIP information assists scenario development in the context of architecture evaluation.
{"title":"The value of architecturally significant information extracted from patterns for architecture evaluation: a controlled experiment","authors":"M. Babar, B. Kitchenham, P. Maheshwari","doi":"10.1109/ASWEC.2006.52","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.52","url":null,"abstract":"We have developed an approach to identify and capture architecturally significant information from patterns (ASIP), which can be used to improve architecture design and evaluation. Our experimental goal was to evaluate whether the use of the ASIP improves the quality of scenarios developed to evaluate software architecture. Out of 24 subjects 21 were experienced software engineers who had returned to University for a postgraduate studies and remaining 3 were fourth year undergraduate students. All participants were taking a course in software architecture. The participants were randomly assigned to two groups of equal size. Both groups developed scenarios for architecture evaluation. One group (treatment group) was given ASIP information the other (control group) was not. The outcome variable was the quality of the scenarios produced by each participant working individually. The treatment group participants also completed a post-experiment questionnaire. Our results support the hypothesis that ASIP information assists scenario development in the context of architecture evaluation.","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124948391","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In order to determine a success criterion for open-source software projects, we analyzed 122,205 projects in the SourceForge database. There were 80,597 projects with no downloads at all. We restricted our analysis to the 41,608 projects that together were downloaded 704,897,520 times. Contrary to what we had expected, the distribution of the number of downloads of each project is not Zipf-like; only a portion of the log-log plot of the number of downloads and their rank appears to be a straight line. We performed least-squares analysis (utilizing the Bayesian information criterion) to divide the plot into three segments. On the basis of the shapes of the corresponding curves and the locations of their boundary points, we categorized the projects as follows: 85 superprojects (highly successful projects with more than 1.1 million downloads); just over 10,000 successful projects (with more than 1680 downloads each); and struggling projects (with 1680 downloads or fewer). In terms of our criterion, only a quarter of the projects that have one or more downloads can be deemed to be successful.
{"title":"An empirically-based criterion for determining the success of an open-source project","authors":"D. Feitelson, G. Heller, S. Schach","doi":"10.1109/ASWEC.2006.12","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.12","url":null,"abstract":"In order to determine a success criterion for open-source software projects, we analyzed 122,205 projects in the SourceForge database. There were 80,597 projects with no downloads at all. We restricted our analysis to the 41,608 projects that together were downloaded 704,897,520 times. Contrary to what we had expected, the distribution of the number of downloads of each project is not Zipf-like; only a portion of the log-log plot of the number of downloads and their rank appears to be a straight line. We performed least-squares analysis (utilizing the Bayesian information criterion) to divide the plot into three segments. On the basis of the shapes of the corresponding curves and the locations of their boundary points, we categorized the projects as follows: 85 superprojects (highly successful projects with more than 1.1 million downloads); just over 10,000 successful projects (with more than 1680 downloads each); and struggling projects (with 1680 downloads or fewer). In terms of our criterion, only a quarter of the projects that have one or more downloads can be deemed to be successful.","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129814052","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Software maintenance and evolution are inevitable activities since almost all software that is useful and successful stimulates user-generated requests for change and improvements. One of the most critical problems in software maintenance and evolution is to maintain consistency between software artefacts by propagating changes correctly. Although many approaches have been proposed, automated change propagation is still a significant technical challenge in software engineering. In this paper we present a novel, agent-oriented approach to deal with change propagation in evolving software systems that are developed using the Prometheus methodology. A meta-model with a set of the object constraint language (OCL) rules forms the basis of the proposed framework. The underlying change propagation mechanism of our framework is based on the well-known Belief-Desire-Intention (BDI) agent architecture. Traceability information and design heuristics are also incorporated into the framework to facilitate the change propagation process.
{"title":"An agent-oriented approach to change propagation in software evolution","authors":"K. Dam, M. Winikoff, L. Padgham","doi":"10.1109/ASWEC.2006.10","DOIUrl":"https://doi.org/10.1109/ASWEC.2006.10","url":null,"abstract":"Software maintenance and evolution are inevitable activities since almost all software that is useful and successful stimulates user-generated requests for change and improvements. One of the most critical problems in software maintenance and evolution is to maintain consistency between software artefacts by propagating changes correctly. Although many approaches have been proposed, automated change propagation is still a significant technical challenge in software engineering. In this paper we present a novel, agent-oriented approach to deal with change propagation in evolving software systems that are developed using the Prometheus methodology. A meta-model with a set of the object constraint language (OCL) rules forms the basis of the proposed framework. The underlying change propagation mechanism of our framework is based on the well-known Belief-Desire-Intention (BDI) agent architecture. Traceability information and design heuristics are also incorporated into the framework to facilitate the change propagation process.","PeriodicalId":285684,"journal":{"name":"Australian Software Engineering Conference (ASWEC'06)","volume":"36 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2006-04-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127844812","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: