M. Walker, Parssa Khazra, An Ji, Hongru Wang, F. Breugel
We present jpf-logic, an extension of the model checker Java PathFinder (JPF). Our extension jpf-logic provides a framework to check properties expressed in temporal logics such as linear temporal logic (LTL) and computation tree logic (CTL). To support a logic in our framework, we (1) implement a parser for the logic, (2) develop a hierarchy of classes that represent the abstract syntax of the logic and implement a transformation from parse trees of formulas to the corresponding abstract syntax trees, and (3) implement a model checking algorithm that takes as input an abstract syntax tree of a formula and a partial transition system. The latter represents a model of the Java application. All three components have been implemented for CTL. The first two have been implemented for LTL.
{"title":"jpf-logic","authors":"M. Walker, Parssa Khazra, An Ji, Hongru Wang, F. Breugel","doi":"10.1145/3573074.3573083","DOIUrl":"https://doi.org/10.1145/3573074.3573083","url":null,"abstract":"We present jpf-logic, an extension of the model checker Java PathFinder (JPF). Our extension jpf-logic provides a framework to check properties expressed in temporal logics such as linear temporal logic (LTL) and computation tree logic (CTL). To support a logic in our framework, we (1) implement a parser for the logic, (2) develop a hierarchy of classes that represent the abstract syntax of the logic and implement a transformation from parse trees of formulas to the corresponding abstract syntax trees, and (3) implement a model checking algorithm that takes as input an abstract syntax tree of a formula and a partial transition system. The latter represents a model of the Java application. All three components have been implemented for CTL. The first two have been implemented for LTL.","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"150 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123237740","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Coralie Esnoul, Ricardo Colomo Palacios, Eunkyoung Jee, S. Chockalingam, J. Simensen, Doo-Hwan Bae
Critical Infrastructures (CIs) are vital for modern societies, covering different sectors like banking, emergency services, energy, healthcare, oil and gas, transportation, and water distribution. Over the years, CIs rely on technology for their seamless operations. Their reliable and secure operation is of supreme importance to societal welfare and a nation's economy. This paper reports on the presentation and discussions held during the 3rd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS - 2022). The main aim of this EnCyCriS workshop is to gather contributions from researchers and practitioners working on challenges and solutions for engineering and cybersecurity of critical systems in the Fourth Industrial Revolution (4IR). This year´s edition has accepted and presented seven papers in addition to a keynote speech from a Principal Analyst in Information Security for Equinor ASA, Norway. This workshop was co-located with the 44th International Conference on Software Engineering (ICSE - 2022), which took place on 16th May 2022.
{"title":"Report on the 3rd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS - 2022)","authors":"Coralie Esnoul, Ricardo Colomo Palacios, Eunkyoung Jee, S. Chockalingam, J. Simensen, Doo-Hwan Bae","doi":"10.1145/3573074.3573095","DOIUrl":"https://doi.org/10.1145/3573074.3573095","url":null,"abstract":"Critical Infrastructures (CIs) are vital for modern societies, covering different sectors like banking, emergency services, energy, healthcare, oil and gas, transportation, and water distribution. Over the years, CIs rely on technology for their seamless operations. Their reliable and secure operation is of supreme importance to societal welfare and a nation's economy. This paper reports on the presentation and discussions held during the 3rd International Workshop on Engineering and Cybersecurity of Critical Systems (EnCyCriS - 2022). The main aim of this EnCyCriS workshop is to gather contributions from researchers and practitioners working on challenges and solutions for engineering and cybersecurity of critical systems in the Fourth Industrial Revolution (4IR). This year´s edition has accepted and presented seven papers in addition to a keynote speech from a Principal Analyst in Information Security for Equinor ASA, Norway. This workshop was co-located with the 44th International Conference on Software Engineering (ICSE - 2022), which took place on 16th May 2022.","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"43 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114647348","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Elena Sherman, Yannic Noller, Cyrille Artho, F. Breugel, An Ji, J. Kellerman, Parssa Khazra, Filip Kliber, Gaurang Kudale, P. Parízek, C. Pasareanu, Ron Pressler, Matt Walker, Hongru Wang, Qiuchen Yan
Java Pathfinder (JPF) was originally developed as an explicit state software model checker and subsequently evolved into an extensible Java bytecode analysis framework that has been successfully used to implement techniques such as symbolic and concolic execution, compositional verification, parallel execution, incremental program analysis, and many more. Apart from its original domain of concurrent Java programs, JPF now supports the verification of new domains such as UMLs, numeric programs, graphical user interfaces, and Android applications.
{"title":"The Java Pathfinder Workshop 2022","authors":"Elena Sherman, Yannic Noller, Cyrille Artho, F. Breugel, An Ji, J. Kellerman, Parssa Khazra, Filip Kliber, Gaurang Kudale, P. Parízek, C. Pasareanu, Ron Pressler, Matt Walker, Hongru Wang, Qiuchen Yan","doi":"10.1145/3573074.3573080","DOIUrl":"https://doi.org/10.1145/3573074.3573080","url":null,"abstract":"Java Pathfinder (JPF) was originally developed as an explicit state software model checker and subsequently evolved into an extensible Java bytecode analysis framework that has been successfully used to implement techniques such as symbolic and concolic execution, compositional verification, parallel execution, incremental program analysis, and many more. Apart from its original domain of concurrent Java programs, JPF now supports the verification of new domains such as UMLs, numeric programs, graphical user interfaces, and Android applications.","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"102 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128610050","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
[Background:] Security-by-design techniques (e.g., STRIDE) are used to elicit system threats before they are exploited. Since security threat assessment is performed on a conceptualised model of the system under analysis, human expertise is relied upon to exhaustively elicit all possible threats. To this end, the outcomes of threat analysis depend on the individual actors involved in the process. However, human expertise can be biased depending on certain or a combination of human factors. [Goal:] With this work, we aim to unveil the effect (if any) of human factors (e.g., gender, age, seniority, educational background, nationality) to security risk assessment. [Method:] To contribute to this body of knowledge, we are conducting a state-of-the-art literature review and several experiments with human participants (experts and non-experts) in the domain of security and risk assessment. First, the topic and technical domain are described in general. Second, preliminary results of the on-going literature review are presented. Finally, a research plan is described including research questions, treatment, and participant recruitment.
{"title":"Towards Unveiling Effects Of Human Factors Within Security Risk Assessment","authors":"Winnie Mbaka","doi":"10.1145/3573074.3573092","DOIUrl":"https://doi.org/10.1145/3573074.3573092","url":null,"abstract":"[Background:] Security-by-design techniques (e.g., STRIDE) are used to elicit system threats before they are exploited. Since security threat assessment is performed on a conceptualised model of the system under analysis, human expertise is relied upon to exhaustively elicit all possible threats. To this end, the outcomes of threat analysis depend on the individual actors involved in the process. However, human expertise can be biased depending on certain or a combination of human factors. [Goal:] With this work, we aim to unveil the effect (if any) of human factors (e.g., gender, age, seniority, educational background, nationality) to security risk assessment. [Method:] To contribute to this body of knowledge, we are conducting a state-of-the-art literature review and several experiments with human participants (experts and non-experts) in the domain of security and risk assessment. First, the topic and technical domain are described in general. Second, preliminary results of the on-going literature review are presented. Finally, a research plan is described including research questions, treatment, and participant recruitment.","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"27 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132836678","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
A large number of commercial software solutions contain some functionality achieved using different APIs. To use these APIs correctly, programmers must understand what they do and how they work. However, research into the comprehension of APIs has so far been limited. The aim of this research is to expand the current knowledge of program comprehension to include APIs and to analyze API comprehension in the context of software engineering work.
{"title":"Component Comprehension in Context","authors":"Ava Heinonen","doi":"10.1145/3573074.3573086","DOIUrl":"https://doi.org/10.1145/3573074.3573086","url":null,"abstract":"A large number of commercial software solutions contain some functionality achieved using different APIs. To use these APIs correctly, programmers must understand what they do and how they work. However, research into the comprehension of APIs has so far been limited. The aim of this research is to expand the current knowledge of program comprehension to include APIs and to analyze API comprehension in the context of software engineering work.","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"61 3 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116429202","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The Workshop on Automating Test Case Design, Selection and Evaluation (A-TEST) has provided a venue for researchers and industry members alike to exchange and discuss trending views, ideas, state of the art, work in progress, and scientific results on automated testing. Up until now it has run 13 editions since 2009. The 13th edition of the A-TEST workshop has been performed as an in-person workshop in Singapore during 17 to 18 of November, 2022. This edition of the A-TEST workshop was co-located with ESEC/FSE 2022 conference.
{"title":"13th Workshop on Automating Test Case Design, Selection and Evaluation (A-TEST 2022) co-located with ESEC/FSE conference","authors":"Ákos Kiss, Beatriz Marín, Mehrdad Saadatmand","doi":"10.1145/3573074.3573093","DOIUrl":"https://doi.org/10.1145/3573074.3573093","url":null,"abstract":"The Workshop on Automating Test Case Design, Selection and Evaluation (A-TEST) has provided a venue for researchers and industry members alike to exchange and discuss trending views, ideas, state of the art, work in progress, and scientific results on automated testing. Up until now it has run 13 editions since 2009. The 13th edition of the A-TEST workshop has been performed as an in-person workshop in Singapore during 17 to 18 of November, 2022. This edition of the A-TEST workshop was co-located with ESEC/FSE 2022 conference.","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133047166","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Natural language processing (NLP) refers to automatic computa- tional processing of human language, including both algorithms that take human-produced text as input and algorithms that pro- duce natural-looking text as outputs. There is a widespread and growing usage of NLP approaches to optimize many aspects of the development process of software systems. In particular, since natural language artifacts are used and reused during the software development lifecycle, the availability of natural language-based approaches and tools enabled the envisioning of methods for im- proving efficiency in software engineers, processes, and products. The research community has been discussing these approaches in the 1st edition of the Natural Language-Based Software Engineer- ing Workshop (NLBSE), collocated with ICSE (the International Conference on Software Engineering) in 2022. This event brought together researchers and industrial practitioners from NLP and the software engineering community to share experiences, pro- vide directions for future research, and encourage the usage of NLP techniques and tools for addressing software engineering- speci c challenges. In this paper, we present a summary of the 1st edition of the workshop, which comprised ve full papers, four short/position papers, ve tool competition/demonstration pa- pers, one keynote (Deep Learning & Software Engineering: Past, Present and Future"by Denys Poshyvanyk), followed by extensive discussion among NLBSE participants. More details can be found at https://nlbse2022.github.io/index.html
{"title":"Summary of the 1st Natural Language-based Software Engineering Workshop (NLBSE 2022)","authors":"Andrea Di Sorbo, Sebastiano Panichella","doi":"10.1145/3573074.3573101","DOIUrl":"https://doi.org/10.1145/3573074.3573101","url":null,"abstract":"Natural language processing (NLP) refers to automatic computa- tional processing of human language, including both algorithms that take human-produced text as input and algorithms that pro- duce natural-looking text as outputs. There is a widespread and growing usage of NLP approaches to optimize many aspects of the development process of software systems. In particular, since natural language artifacts are used and reused during the software development lifecycle, the availability of natural language-based approaches and tools enabled the envisioning of methods for im- proving efficiency in software engineers, processes, and products. The research community has been discussing these approaches in the 1st edition of the Natural Language-Based Software Engineer- ing Workshop (NLBSE), collocated with ICSE (the International Conference on Software Engineering) in 2022. This event brought together researchers and industrial practitioners from NLP and the software engineering community to share experiences, pro- vide directions for future research, and encourage the usage of NLP techniques and tools for addressing software engineering- speci c challenges. In this paper, we present a summary of the 1st edition of the workshop, which comprised ve full papers, four short/position papers, ve tool competition/demonstration pa- pers, one keynote (Deep Learning & Software Engineering: Past, Present and Future\"by Denys Poshyvanyk), followed by extensive discussion among NLBSE participants. More details can be found at https://nlbse2022.github.io/index.html","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"38 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133470724","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The 4th International Workshop on Software Engineering Education for the Next Generation was held remotely on May 17, 2022. The workshop was part of the 44th International Conference on Software Engineering. It specifically supported the general theme of "Educating the Next Generation of Software Engineers". Building on its predecessors, the workshop used a highly interactive format, structured around eight short paper presentations to generate discussion topics, an activity to select the most interesting topics, and structured breakout sessions. This enabled the participants to discuss the most interesting topics in detail. Participants presented the results of the breakout sessions using mind maps.
{"title":"Software Engineering Education for the Next Generation SEENG 2022 Workshop Report","authors":"Stephan Krusche, B. Tenbergen","doi":"10.1145/3573074.3573104","DOIUrl":"https://doi.org/10.1145/3573074.3573104","url":null,"abstract":"The 4th International Workshop on Software Engineering Education for the Next Generation was held remotely on May 17, 2022. The workshop was part of the 44th International Conference on Software Engineering. It specifically supported the general theme of \"Educating the Next Generation of Software Engineers\". Building on its predecessors, the workshop used a highly interactive format, structured around eight short paper presentations to generate discussion topics, an activity to select the most interesting topics, and structured breakout sessions. This enabled the participants to discuss the most interesting topics in detail. Participants presented the results of the breakout sessions using mind maps.","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124882454","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Context: microservices architecture enables organizations to develop an application as a suite of loosely coupled small and independent services that can be developed, tested, and deployed independently. Various organizations are re-architecting their existing monolithic systems with microservices architecture. However, re-architecting the entire system can bring some indefinite challenges. Objective: the goal of this research project is to investigate (i) the need for migration from monolithic to microservices architecture, (ii) architectural description for adopting microservices, (iii) refactoring tools and methods (iv) potential challenges while transforming to microservices, and (v) effective patterns and strategies to adopt microservice successfully. Methodology: the industrial empirical (interviews, case study, and questionnaire survey) approach will be used to meet the research objective. Possible outcomes: the expected outcomes would be (i) an evidence-based decision-making framework for transforming monolithic architecture (ii) strategies to refactor the monolithic architecture (iii) prioritization-based taxonomy of challenges while transforming to microservices. Finally, (iv) the development of a decision model for selecting patterns and strategies for successful implementation of the microservices system.
{"title":"Transforming Monolithic Systems to a Microservices Architecture","authors":"Muhammad Hamza","doi":"10.1145/3573074.3573091","DOIUrl":"https://doi.org/10.1145/3573074.3573091","url":null,"abstract":"Context: microservices architecture enables organizations to develop an application as a suite of loosely coupled small and independent services that can be developed, tested, and deployed independently. Various organizations are re-architecting their existing monolithic systems with microservices architecture. However, re-architecting the entire system can bring some indefinite challenges. Objective: the goal of this research project is to investigate (i) the need for migration from monolithic to microservices architecture, (ii) architectural description for adopting microservices, (iii) refactoring tools and methods (iv) potential challenges while transforming to microservices, and (v) effective patterns and strategies to adopt microservice successfully. Methodology: the industrial empirical (interviews, case study, and questionnaire survey) approach will be used to meet the research objective. Possible outcomes: the expected outcomes would be (i) an evidence-based decision-making framework for transforming monolithic architecture (ii) strategies to refactor the monolithic architecture (iii) prioritization-based taxonomy of challenges while transforming to microservices. Finally, (iv) the development of a decision model for selecting patterns and strategies for successful implementation of the microservices system.","PeriodicalId":432885,"journal":{"name":"ACM SIGSOFT Software Engineering Notes","volume":"48 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-01-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128673838","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: