Test case prioritization (TCP) tries to find an optimal execution sequence by adjusting test cases that need to be executed. Traditional techniques rely on code coverage information to achieve effective results, but they need access to historical execution information. The string distance-based test case prioritization (SD-TCP) can avoid these limitations through only using the test cases themselves for sorting, but it is sensitive to extreme test cases and inefficient. To overcome these problems, we propose a test case prioritization method based on K-medoids and Similarity (KS-TCP). The proposed KS-TCP approach considers sorting a set of test cases rather than individual test case to effectively avoid the effect of extreme test cases, it uses cluster analysis and greedy strategy to divide the subsets and compose the final execution sequence by polling. Extensive experimental results show that the proposed KS-TCP approach has a higher APFD value compared to Random Prioritization (RP) and SD-TCP, and it also outperforms SD-TCP in terms of better time efficiency on test case prioritization.
{"title":"KS-TCP: An Efficient Test Case Prioritization Approach based on K-medoids and Similarity","authors":"Jinfu Chen, Yuechao Gu, Saihua Cai, Haibo Chen, Jingyi Chen","doi":"10.1109/ISSREW53611.2021.00051","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00051","url":null,"abstract":"Test case prioritization (TCP) tries to find an optimal execution sequence by adjusting test cases that need to be executed. Traditional techniques rely on code coverage information to achieve effective results, but they need access to historical execution information. The string distance-based test case prioritization (SD-TCP) can avoid these limitations through only using the test cases themselves for sorting, but it is sensitive to extreme test cases and inefficient. To overcome these problems, we propose a test case prioritization method based on K-medoids and Similarity (KS-TCP). The proposed KS-TCP approach considers sorting a set of test cases rather than individual test case to effectively avoid the effect of extreme test cases, it uses cluster analysis and greedy strategy to divide the subsets and compose the final execution sequence by polling. Extensive experimental results show that the proposed KS-TCP approach has a higher APFD value compared to Random Prioritization (RP) and SD-TCP, and it also outperforms SD-TCP in terms of better time efficiency on test case prioritization.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132223215","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.1109/ISSREW53611.2021.00111
Isha Subedi, Maninder Singh, Vijayalakshmi Ramasamy, G. Walia
Agile is one of the most widely used software development methodologies that include user stories, the smallest units semi-structured specifications to capture the requirements from a user's point of view. Despite being popular, only a little research has been done to automate the quality checking/analysis of a user story before assigning it to a sprint. In this study, we have chosen two metrics, i.e., Testable and Valuable criteria from INVEST checklist, and have applied supervised machine learning classifiers to automatically classify them. Since the industrial data collected for the research was unbalanced, we also applied data balancing techniques such as SMOTE, RUS, ROS, and Back translation (BT) to verify if they improved any classification metrics. Although we did not see any significant improvements in accuracy and precision for the classifiers after applying data balancing techniques, we noticed a significant improvement in recall values across all the classifiers. Our research provides some promising insights into how this research could be used in the software industry to automate the analysis of user stories and improve the quality of software produced.
{"title":"Classification of Testable and Valuable User Stories by using Supervised Machine Learning Classifiers","authors":"Isha Subedi, Maninder Singh, Vijayalakshmi Ramasamy, G. Walia","doi":"10.1109/ISSREW53611.2021.00111","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00111","url":null,"abstract":"Agile is one of the most widely used software development methodologies that include user stories, the smallest units semi-structured specifications to capture the requirements from a user's point of view. Despite being popular, only a little research has been done to automate the quality checking/analysis of a user story before assigning it to a sprint. In this study, we have chosen two metrics, i.e., Testable and Valuable criteria from INVEST checklist, and have applied supervised machine learning classifiers to automatically classify them. Since the industrial data collected for the research was unbalanced, we also applied data balancing techniques such as SMOTE, RUS, ROS, and Back translation (BT) to verify if they improved any classification metrics. Although we did not see any significant improvements in accuracy and precision for the classifiers after applying data balancing techniques, we noticed a significant improvement in recall values across all the classifiers. Our research provides some promising insights into how this research could be used in the software industry to automate the analysis of user stories and improve the quality of software produced.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124020717","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.1109/issrew53611.2021.00015
{"title":"Message from the WoSoCer 2021 Workshop Chairs","authors":"","doi":"10.1109/issrew53611.2021.00015","DOIUrl":"https://doi.org/10.1109/issrew53611.2021.00015","url":null,"abstract":"","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"33 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129077124","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.1109/ISSREW53611.2021.00082
Marco Barletta, M. Cinque, Raffaele Della Corte
Real-time containers are a promising solution to implement mixed-criticality systems. In this paper we propose a novel solution to implement real-time containers in Linux environments with real-time co-kernels and hierarchical scheduling. Preliminary experimental results are presented, confirming that the solution is able to keep the worst-case latency of a task running within a real-time container within acceptable limits, despite the presence of non-real time load on the same machine.
{"title":"Hierarchical Scheduling for Real-Time Containers in Mixed-Criticality Systems","authors":"Marco Barletta, M. Cinque, Raffaele Della Corte","doi":"10.1109/ISSREW53611.2021.00082","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00082","url":null,"abstract":"Real-time containers are a promising solution to implement mixed-criticality systems. In this paper we propose a novel solution to implement real-time containers in Linux environments with real-time co-kernels and hierarchical scheduling. Preliminary experimental results are presented, confirming that the solution is able to keep the worst-case latency of a task running within a real-time container within acceptable limits, despite the presence of non-real time load on the same machine.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129206952","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.1109/ISSREW53611.2021.00078
Wenchu Xu, Yanran Ma
Introductory programming courses are crucial to students who begin to learn programming languages. However, current introductory program judgment systems only give a pass or fail by the percentage of passed test cases. This limitation hinders the learning progress because students may unaware of potential bugs hidden in their programs. Detecting and reporting these bugs can help them avoid introducing the same kinds of bugs in other programs. However, state-of-the-art bug detection methods focus on precision and scalability, but are usually costly to develop detection methods for various kinds of bugs. To simplify the development of bug detection while keeping a reasonable precision, this paper presents a static detection framework to detect software bugs. Then, we apply the method to introductory programs and successfully detect all bugs with a false positive rate of 28.57 %.
{"title":"A Static Analysis Framework for Detecting Bugs in Introductory Programs","authors":"Wenchu Xu, Yanran Ma","doi":"10.1109/ISSREW53611.2021.00078","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00078","url":null,"abstract":"Introductory programming courses are crucial to students who begin to learn programming languages. However, current introductory program judgment systems only give a pass or fail by the percentage of passed test cases. This limitation hinders the learning progress because students may unaware of potential bugs hidden in their programs. Detecting and reporting these bugs can help them avoid introducing the same kinds of bugs in other programs. However, state-of-the-art bug detection methods focus on precision and scalability, but are usually costly to develop detection methods for various kinds of bugs. To simplify the development of bug detection while keeping a reasonable precision, this paper presents a static detection framework to detect software bugs. Then, we apply the method to introductory programs and successfully detect all bugs with a false positive rate of 28.57 %.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"17 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128494664","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.1109/ISSREW53611.2021.00052
Irena Bojanova, C. E. Galhardo, Sara Moshtari
In this work, we present an orthogonal classification of input/output check bugs, allowing precise structured descriptions of related software vulnerabilities. We utilize the Bugs Framework (BF) approach to define two language-independent classes that cover all possible kinds of data check bugs. We also identify all types of injection errors, as they are always directly caused by input/output data validation bugs. In BF each class is a taxonomic category of a weakness type defined by sets of operations, cause→consequence relations, and attributes. A BF description of a bug or a weakness is an instance of a taxonomic BF class with one operation, one cause, one consequence, and their attributes. Any vulnerability then can be described as a chain of such instances and their consequence-cause transitions. With our newly developed Data Validation Bugs and Data Verification Bugs classes, we confirm that BF is a classification system that extends the Common Weakness Enumeration (CWE). It allows clear communication about software bugs and weaknesses, providing a structured way to precisely describe real-world vulnerabilities.
{"title":"Input/Output Check Bugs Taxonomy: Injection Errors in Spotlight","authors":"Irena Bojanova, C. E. Galhardo, Sara Moshtari","doi":"10.1109/ISSREW53611.2021.00052","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00052","url":null,"abstract":"In this work, we present an orthogonal classification of input/output check bugs, allowing precise structured descriptions of related software vulnerabilities. We utilize the Bugs Framework (BF) approach to define two language-independent classes that cover all possible kinds of data check bugs. We also identify all types of injection errors, as they are always directly caused by input/output data validation bugs. In BF each class is a taxonomic category of a weakness type defined by sets of operations, cause→consequence relations, and attributes. A BF description of a bug or a weakness is an instance of a taxonomic BF class with one operation, one cause, one consequence, and their attributes. Any vulnerability then can be described as a chain of such instances and their consequence-cause transitions. With our newly developed Data Validation Bugs and Data Verification Bugs classes, we confirm that BF is a classification system that extends the Common Weakness Enumeration (CWE). It allows clear communication about software bugs and weaknesses, providing a structured way to precisely describe real-world vulnerabilities.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"118 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117286941","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.1109/ISSREW53611.2021.00109
M. Farrell, Matt Luckcuck, Laura Pullum, M. Fisher, A. Hessami, Danit Gal, Zvikomborero Murahwi, Ken Wallace
Autonomous systems are complex, diverse, and likely be used in environments that change unpredictably. We must develop mechanisms to cope with failures, potentially caused by both the natural stresses of the operating environment and the system's inadequate environmental models. Failures also arise from system component wear. In 2016, the IEEE launched the Global Initiative on Ethics of Autonomous and Intelligent Systems in response to the proliferation of increasingly-autonomous systems. A cornerstone of this initiative is the IEEE P7000 series of projects, which set the standards for the future of ethical intelligent and autonomous technologies. This paper describes the ongoing development of the IEEE P7009 standard on “Fail-Safe Design of Autonomous and Semi-Autonomous Systems”. We provide a collective perspective on the ongoing development of IEEE P7009, and outline the objectives, current approaches, issues under discussion, and two exemplar use cases from different sectors: one high-regulation, the other low-regulation.
{"title":"Evolution of the IEEE P7009 Standard: Towards Fail-Safe Design of Autonomous Systems","authors":"M. Farrell, Matt Luckcuck, Laura Pullum, M. Fisher, A. Hessami, Danit Gal, Zvikomborero Murahwi, Ken Wallace","doi":"10.1109/ISSREW53611.2021.00109","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00109","url":null,"abstract":"Autonomous systems are complex, diverse, and likely be used in environments that change unpredictably. We must develop mechanisms to cope with failures, potentially caused by both the natural stresses of the operating environment and the system's inadequate environmental models. Failures also arise from system component wear. In 2016, the IEEE launched the Global Initiative on Ethics of Autonomous and Intelligent Systems in response to the proliferation of increasingly-autonomous systems. A cornerstone of this initiative is the IEEE P7000 series of projects, which set the standards for the future of ethical intelligent and autonomous technologies. This paper describes the ongoing development of the IEEE P7009 standard on “Fail-Safe Design of Autonomous and Semi-Autonomous Systems”. We provide a collective perspective on the ongoing development of IEEE P7009, and outline the objectives, current approaches, issues under discussion, and two exemplar use cases from different sectors: one high-regulation, the other low-regulation.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114513188","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.1109/ISSREW53611.2021.00074
Wei Zheng, Liangbo Hou, Junming Yu, Fei Chen
The continuous expansion of the Internet of Things(IoT) market has brought serious security problems. As cryptocurrency attracts more and more people's attention, the price of cryptocurrency has reached unprecedented heights, and now IoT devices are likely to become the target of cybercriminals for stealing computing resources to mine cryptocurrency. This paper proposes a method based on machine learning to detect the existence of malicious miners using IoT devices in a local area network. Compared with previous methods that leverage static signatures or dynamic analysis, this method has low overhead, is easy to maintain, and independent of specific IoT devices and manufacturers. We collected normal traffic from 4 different IoT devices and the traffic of an IoT device that mines the Monero cryptocurrency. Based on the collected data set, 5 machine learning models have been trained to classify normal traffic and mining traffic. Experimental results show that the proposed method effectively detects IoT device mining traffics.
{"title":"Detection of IoT Devices That Mine Cryptocurrency","authors":"Wei Zheng, Liangbo Hou, Junming Yu, Fei Chen","doi":"10.1109/ISSREW53611.2021.00074","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00074","url":null,"abstract":"The continuous expansion of the Internet of Things(IoT) market has brought serious security problems. As cryptocurrency attracts more and more people's attention, the price of cryptocurrency has reached unprecedented heights, and now IoT devices are likely to become the target of cybercriminals for stealing computing resources to mine cryptocurrency. This paper proposes a method based on machine learning to detect the existence of malicious miners using IoT devices in a local area network. Compared with previous methods that leverage static signatures or dynamic analysis, this method has low overhead, is easy to maintain, and independent of specific IoT devices and manufacturers. We collected normal traffic from 4 different IoT devices and the traffic of an IoT device that mines the Monero cryptocurrency. Based on the collected data set, 5 machine learning models have been trained to classify normal traffic and mining traffic. Experimental results show that the proposed method effectively detects IoT device mining traffics.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"56 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126527836","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2021-10-01DOI: 10.1109/ISSREW53611.2021.00087
Kangjin Wang, Ying Li
Colocating Latency-Critical (LC) jobs and Best-Effort (BE) jobs on one host is the best practice to improve datacenter resource efficiency and the Colocated Job Scheduling algorithms play a key role in this scenario. But validating a new Colocated Job Scheduling algorithm at scale is usually resource-, energy- and time-consuming in the real-datacenter, therefore simulation is the first choice. Unfortunately, existing simulators are not suitable for colocation simulation because: 1) they cannot simulate microservices, which is widely adopted in LC/BE jobs; 2) they cannot simulate performance interference of colocated jobs. In this paper, we present a new simulator, ColocationSim, which 1) uses REG(Request Execution Graph) model and queue theory to simulate the behavior of microservices; 2) uses pre-trained models to simulate performance interference. Experiments show that ColocationSim can simulate performance interference of both sequential and fan-out structure microservices with high accuracy and it can also simulate more than 8,000 colocated hosts in a short time.
{"title":"ColocationSim: Simulate Colocation Datacenter with Microservices and Performance Interference","authors":"Kangjin Wang, Ying Li","doi":"10.1109/ISSREW53611.2021.00087","DOIUrl":"https://doi.org/10.1109/ISSREW53611.2021.00087","url":null,"abstract":"Colocating Latency-Critical (LC) jobs and Best-Effort (BE) jobs on one host is the best practice to improve datacenter resource efficiency and the Colocated Job Scheduling algorithms play a key role in this scenario. But validating a new Colocated Job Scheduling algorithm at scale is usually resource-, energy- and time-consuming in the real-datacenter, therefore simulation is the first choice. Unfortunately, existing simulators are not suitable for colocation simulation because: 1) they cannot simulate microservices, which is widely adopted in LC/BE jobs; 2) they cannot simulate performance interference of colocated jobs. In this paper, we present a new simulator, ColocationSim, which 1) uses REG(Request Execution Graph) model and queue theory to simulate the behavior of microservices; 2) uses pre-trained models to simulate performance interference. Experiments show that ColocationSim can simulate performance interference of both sequential and fan-out structure microservices with high accuracy and it can also simulate more than 8,000 colocated hosts in a short time.","PeriodicalId":385392,"journal":{"name":"2021 IEEE International Symposium on Software Reliability Engineering Workshops (ISSREW)","volume":"87 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133977370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: