Maintaining software quality is a significant challenge as the complexity of software is increasing with the rise of the software industry. Software defects are a primary concern in complex modules, and predicting them in the early stages of the software development life cycle (SDLC) is difficult. Previous techniques to address this issue have not been very promising. We have proposed “A hybrid ensemble model for software defect prediction using AI‐based techniques with feature preservation” to overcome this problem. We have used the National Aeronautics and Space Administration (NASA) dataset from the PROMISE repository for testing and validation. By applying exploratory data analysis (EDA), feature engineering, scaling, and standardization, we found that the dataset is imbalanced, which can negatively affect the model's performance. To address this, we have used the Synthetic Minority Oversampling (SMOTE) technique and the edited nearest neighbor (ENN) (SMOTE‐ENN). We have also used recursive feature elimination cross‐validation (RFE‐CV) with a pipeline to prevent data leaking in CV and kernel‐based principal component analysis (K‐PCA) to minimize dimensionality and selectively relevant features. The reduced dimensional data is then given to the eXtreme Gradient Boosting (XGBoost) for classification, resulting in the hybrid‐ensemble (SMERKP‐XGB) model. The proposed SMERKP‐XGB model is better than previously developed models in terms of accuracy (CM1: 97.53%, PC1: 92.05%, and PC2: 97.45%, KC1:95.65%), and area under the receiver operating characteristic curve values (CM1:96.30%, PC1:98.30%, and PC2:99.30%: KC1: 93.54) and other evaluation criteria mentioned in the literature.
{"title":"A hybrid‐ensemble model for software defect prediction for balanced and imbalanced datasets using AI‐based techniques with feature preservation: SMERKP‐XGB","authors":"Mohd Mustaqeem, Tamanna Siddiqui, Suhel Mustajab","doi":"10.1002/smr.2731","DOIUrl":"https://doi.org/10.1002/smr.2731","url":null,"abstract":"Maintaining software quality is a significant challenge as the complexity of software is increasing with the rise of the software industry. Software defects are a primary concern in complex modules, and predicting them in the early stages of the software development life cycle (SDLC) is difficult. Previous techniques to address this issue have not been very promising. We have proposed “A hybrid ensemble model for software defect prediction using AI‐based techniques with feature preservation” to overcome this problem. We have used the National Aeronautics and Space Administration (NASA) dataset from the PROMISE repository for testing and validation. By applying exploratory data analysis (EDA), feature engineering, scaling, and standardization, we found that the dataset is imbalanced, which can negatively affect the model's performance. To address this, we have used the Synthetic Minority Oversampling (SMOTE) technique and the edited nearest neighbor (ENN) (SMOTE‐ENN). We have also used recursive feature elimination cross‐validation (RFE‐CV) with a pipeline to prevent data leaking in CV and kernel‐based principal component analysis (K‐PCA) to minimize dimensionality and selectively relevant features. The reduced dimensional data is then given to the eXtreme Gradient Boosting (XGBoost) for classification, resulting in the hybrid‐ensemble (SMERKP‐XGB) model. The proposed SMERKP‐XGB model is better than previously developed models in terms of accuracy (CM1: 97.53%, PC1: 92.05%, and PC2: 97.45%, KC1:95.65%), and area under the receiver operating characteristic curve values (CM1:96.30%, PC1:98.30%, and PC2:99.30%: KC1: 93.54) and other evaluation criteria mentioned in the literature.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"19 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-09-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142265344","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Large language models (LLMs) have been touted to enable increased productivity in many areas of today's work life. Scientific research as an area of work is no exception: The potential of LLM‐based tools to assist in the daily work of scientists has become a highly discussed topic across disciplines. However, we are only at the very onset of this subject of study. It is still unclear how the potential of LLMs will materialize in research practice. With this study, we give first empirical evidence on the use of LLMs in the research process. We have investigated a set of use cases for LLM‐based tools in scientific research and conducted a first study to assess to which degree current tools are helpful. In this position paper, we report specifically on use cases related to software engineering, specifically, on generating application code and developing scripts for data analytics and visualization. While we studied seemingly simple use cases, results across tools differ significantly. Our results highlight the promise of LLM‐based tools in general, yet we also observe various issues, particularly regarding the integrity of the output these tools provide.
{"title":"LLMs for science: Usage for code generation and data analysis","authors":"Mohamed Nejjar, Luca Zacharias, Fabian Stiehle, Ingo Weber","doi":"10.1002/smr.2723","DOIUrl":"https://doi.org/10.1002/smr.2723","url":null,"abstract":"Large language models (LLMs) have been touted to enable increased productivity in many areas of today's work life. Scientific research as an area of work is no exception: The potential of LLM‐based tools to assist in the daily work of scientists has become a highly discussed topic across disciplines. However, we are only at the very onset of this subject of study. It is still unclear how the potential of LLMs will materialize in research practice. With this study, we give first empirical evidence on the use of LLMs in the research process. We have investigated a set of use cases for LLM‐based tools in scientific research and conducted a first study to assess to which degree current tools are helpful. In this position paper, we report specifically on use cases related to software engineering, specifically, on generating application code and developing scripts for data analytics and visualization. While we studied seemingly simple use cases, results across tools differ significantly. Our results highlight the promise of LLM‐based tools in general, yet we also observe various issues, particularly regarding the integrity of the output these tools provide.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"4 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-09-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142269249","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jingwen Zhao, Yanxia Wu, Yun Feng, Jibin Dong, Changting Shi
Atomicity violation bugs are a frequent problem in concurrency. Because of the unpredictable nature of thread interleaving, most current methods are unable to differentiate between harmful and benign atomicity violations. This makes it challenging to determine the existence of an actual bug. This paper presents a method for detecting atomicity violation bugs in programs based on user interaction. First, UserTrack matches access interleaving patterns to identify all potential violations. We then verify the programmer's atomicity intent between two logical access operations on the same thread and filter out some candidates. Finally, a user interaction mechanism checks the paths that do not produce atomicity violations when threads are interleaved. Our method focuses on a small number of interesting states and interleavings, while allowing the programmer to impose constraints on thread interleavings and explore all executions that satisfy these constraints. We continuously gather information through user feedback results and detect atomicity violation bugs that truly go against the programmer's intent. We evaluated the method using benchmark tests, which demonstrated the effectiveness of UserTrack in detecting atomicity violations.
{"title":"Detect atomicity violations in concurrent programs through user assistance and identification of suspicious variable access patterns","authors":"Jingwen Zhao, Yanxia Wu, Yun Feng, Jibin Dong, Changting Shi","doi":"10.1002/smr.2725","DOIUrl":"https://doi.org/10.1002/smr.2725","url":null,"abstract":"Atomicity violation bugs are a frequent problem in concurrency. Because of the unpredictable nature of thread interleaving, most current methods are unable to differentiate between harmful and benign atomicity violations. This makes it challenging to determine the existence of an actual bug. This paper presents a method for detecting atomicity violation bugs in programs based on user interaction. First, UserTrack matches access interleaving patterns to identify all potential violations. We then verify the programmer's atomicity intent between two logical access operations on the same thread and filter out some candidates. Finally, a user interaction mechanism checks the paths that do not produce atomicity violations when threads are interleaved. Our method focuses on a small number of interesting states and interleavings, while allowing the programmer to impose constraints on thread interleavings and explore all executions that satisfy these constraints. We continuously gather information through user feedback results and detect atomicity violation bugs that truly go against the programmer's intent. We evaluated the method using benchmark tests, which demonstrated the effectiveness of UserTrack in detecting atomicity violations.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"53 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142185445","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Yue Li, He Zhang, Lanxin Yang, Liming Dong, Juzheng Zhang, Bohan Liu
Software engineers play a centric role throughout the software development lifecycle. Their activities directly impact the quality, performance, and successful delivery of software products, in particular for enterprises with an emphasis on high levels of quality assurance and timely delivery. Proper incentives that motivate software engineers are vital to secure and continuously improve development productivity and software quality. However, most existing research ignores the positive incentives for software engineers, especially industry‐oriented research. In addition, existing research largely relies on peer assessment and lacks objectivity and transparency. To this end, this study investigates the process of contribution measurement for software engineers in a global Information and Communications Technology (ICT) enterprise, to explore the practical experiences and significance of contribution measurement. We investigated the practices of contribution measurement through multiple methods, including archival analysis, interviews, and survey. A total of 22 software engineers were interviewed to understand the practical implementation process of measuring contributions and its impact on software processes as well as engineers. In addition, 74 responses to our questionnaire were collected and used for a comprehensive impact analysis on software engineers. The analysis results reveal five benefits for software development processes and four benefits for practitioners of contribution measurement in the studied enterprise. In addition, this study reports on the best practices of contribution measurement, such as team‐specific measurements, and provides a practical reference for researchers and organizations interested in studying or performing contribution measurement.
{"title":"Measuring software engineer's contribution in practice: An industrial experience report","authors":"Yue Li, He Zhang, Lanxin Yang, Liming Dong, Juzheng Zhang, Bohan Liu","doi":"10.1002/smr.2722","DOIUrl":"https://doi.org/10.1002/smr.2722","url":null,"abstract":"Software engineers play a centric role throughout the software development lifecycle. Their activities directly impact the quality, performance, and successful delivery of software products, in particular for enterprises with an emphasis on high levels of quality assurance and timely delivery. Proper incentives that motivate software engineers are vital to secure and continuously improve development productivity and software quality. However, most existing research ignores the positive incentives for software engineers, especially industry‐oriented research. In addition, existing research largely relies on peer assessment and lacks objectivity and transparency. To this end, this study investigates the process of contribution measurement for software engineers in a global Information and Communications Technology (ICT) enterprise, to explore the practical experiences and significance of contribution measurement. We investigated the practices of contribution measurement through multiple methods, including archival analysis, interviews, and survey. A total of 22 software engineers were interviewed to understand the practical implementation process of measuring contributions and its impact on software processes as well as engineers. In addition, 74 responses to our questionnaire were collected and used for a comprehensive impact analysis on software engineers. The analysis results reveal five benefits for software development processes and four benefits for practitioners of contribution measurement in the studied enterprise. In addition, this study reports on the best practices of contribution measurement, such as team‐specific measurements, and provides a practical reference for researchers and organizations interested in studying or performing contribution measurement.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"60 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-09-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142224279","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ruilian Zhao, Shukai Zhang, Zhifan Zhu, Ying Shang, Weiwei Wang
End‐to‐end (E2E) testing is a commonly used technique for web application testing. Unlike traditional unit tests, E2E tests focus on test scenarios that target the entire business, which integrate and collaborate of various components and services to make the whole application work. As a result, one drawback of E2E tests is their longer execution time, seriously affecting testing efficiency of web applications. In order to speed up the execution of E2E tests for web applications, this paper proposes a test execution optimization approach based page state reuse. Through analyzing the common operations of E2E tests, a common prefix trees is constructed to organize the same operations among test scripts in a test suite of web applications. Under the guidance of the prefix tree, the optimal reusable state is identified and duplicated to maximize the utilization of page states triggered by the same operations, thereby reducing the overall execution time of the test suite. Besides, to realize page state reuse automatically, we design a browser process replication strategy, which implement querying the active page and duplicating the web page. To verify the effectiveness of our method, experiments and evaluations were conducted on 347 E2E tests from eight open‐source web applications, and the results showed that our approach reduced the E2E testing execution time for web applications by 52%–68%.
{"title":"E2E test execution optimization for web application based on state reuse","authors":"Ruilian Zhao, Shukai Zhang, Zhifan Zhu, Ying Shang, Weiwei Wang","doi":"10.1002/smr.2714","DOIUrl":"https://doi.org/10.1002/smr.2714","url":null,"abstract":"End‐to‐end (E2E) testing is a commonly used technique for web application testing. Unlike traditional unit tests, E2E tests focus on test scenarios that target the entire business, which integrate and collaborate of various components and services to make the whole application work. As a result, one drawback of E2E tests is their longer execution time, seriously affecting testing efficiency of web applications. In order to speed up the execution of E2E tests for web applications, this paper proposes a test execution optimization approach based page state reuse. Through analyzing the common operations of E2E tests, a common prefix trees is constructed to organize the same operations among test scripts in a test suite of web applications. Under the guidance of the prefix tree, the optimal reusable state is identified and duplicated to maximize the utilization of page states triggered by the same operations, thereby reducing the overall execution time of the test suite. Besides, to realize page state reuse automatically, we design a browser process replication strategy, which implement querying the active page and duplicating the web page. To verify the effectiveness of our method, experiments and evaluations were conducted on 347 E2E tests from eight open‐source web applications, and the results showed that our approach reduced the E2E testing execution time for web applications by 52%–68%.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"60 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-09-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142185444","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Barbara Gallina, Gergő László Steierhoffer, Thomas Young Olesen, Eszter Parajdi, Mike Aarup
Legislations impose requirements on the manufacturing of machinery. Typically, these requirements are interpreted and refined by (domain‐specific) technical committees and published in terms of standards. At the company level, these refined requirements are further interpreted, refined, and documented in terms of internal processes. Due to the proliferation of (interdependent) legislations and standards and the consequent increase of the cognitive complexity, at the company level, manual knowledge management is becoming more and more challenging and requires automated decision support. Despite the availability of approaches aimed at automating the decision support, no one offers a satisfactory solution. In this paper, we focus on knowledge management for process compliance and we propose a novel structured ontology. Our ontology aims at mastering (by dividing and conquering via tracing) the cognitive complexity of the compliance problem, when heterogeneous and sometimes geographically distributed knowledge‐driven organizational structures (legal department, standardization department, etc.) are involved and need to communicate. We also illustrate the potential usefulness of our proposed ontology in the context of pumps manufacturing and safety process compliance with the Machinery Directive and related harmonized standards including EN 809:1998+A1. Specifically, first, we identify the competencies that characterize departments and interdepartment interactions, then we formulate an initial set of competency questions that translate those identified competencies, then we show how the ontology can be exploited to retrieve the answers to the questions and how the answers can be exploited to build a justification for compliance. Precisely, we propose an argumentation pattern given in two different argumentation notations, and we show how it can be partly instantiated by exploiting the returned answers. The illustration also partly covers the compliance with the Machinery Regulation, expected to replace the Machinery Directive by January 2027. Finally, we sketch our intended future work.
法律对机械制造提出了要求。通常,这些要求由(特定领域的)技术委员会进行解释和完善,并以标准的形式发布。在公司层面,这些细化的要求会在内部流程中得到进一步解释、细化和记录。由于(相互依存的)立法和标准激增,认知复杂性随之增加,在公司层面,人工知识管理变得越来越具有挑战性,需要自动化决策支持。尽管有很多旨在实现决策支持自动化的方法,但没有一种能提供令人满意的解决方案。在本文中,我们将重点放在流程合规的知识管理上,并提出了一种新颖的结构化本体。我们的本体论旨在掌握合规问题的认知复杂性(通过追踪进行划分和征服),当涉及到异构的、有时是分布在不同地域的知识驱动型组织结构(法律部门、标准化部门等)并需要进行沟通时,我们的本体论就会发挥作用。我们还以泵制造和安全流程是否符合机械指令和相关协调标准(包括 EN 809:1998+A1)为背景,说明了我们提出的本体论的潜在用途。具体来说,首先,我们确定了各部门和部门间互动的能力特征,然后,我们提出了一组初步的能力问题,对这些已确定的能力进行翻译,接着,我们展示了如何利用本体来检索问题的答案,以及如何利用这些答案来建立合规理由。准确地说,我们提出了一种以两种不同论证符号给出的论证模式,并展示了如何通过利用返回的答案将其部分实例化。该说明还部分涵盖了《机械条例》的合规性,该条例预计将于 2027 年 1 月取代《机械指令》。最后,我们简要介绍了今后打算开展的工作。
{"title":"Towards an ontology for process compliance with the (machinery) legislations","authors":"Barbara Gallina, Gergő László Steierhoffer, Thomas Young Olesen, Eszter Parajdi, Mike Aarup","doi":"10.1002/smr.2728","DOIUrl":"https://doi.org/10.1002/smr.2728","url":null,"abstract":"Legislations impose requirements on the manufacturing of machinery. Typically, these requirements are interpreted and refined by (domain‐specific) technical committees and published in terms of standards. At the company level, these refined requirements are further interpreted, refined, and documented in terms of internal processes. Due to the proliferation of (interdependent) legislations and standards and the consequent increase of the cognitive complexity, at the company level, manual knowledge management is becoming more and more challenging and requires automated decision support. Despite the availability of approaches aimed at automating the decision support, no one offers a satisfactory solution. In this paper, we focus on knowledge management for process compliance and we propose a novel structured ontology. Our ontology aims at mastering (by dividing and conquering via tracing) the cognitive complexity of the compliance problem, when heterogeneous and sometimes geographically distributed knowledge‐driven organizational structures (legal department, standardization department, etc.) are involved and need to communicate. We also illustrate the potential usefulness of our proposed ontology in the context of pumps manufacturing and safety process compliance with the Machinery Directive and related harmonized standards including EN 809:1998+A1. Specifically, first, we identify the competencies that characterize departments and interdepartment interactions, then we formulate an initial set of competency questions that translate those identified competencies, then we show how the ontology can be exploited to retrieve the answers to the questions and how the answers can be exploited to build a justification for compliance. Precisely, we propose an argumentation pattern given in two different argumentation notations, and we show how it can be partly instantiated by exploiting the returned answers. The illustration also partly covers the compliance with the Machinery Regulation, expected to replace the Machinery Directive by January 2027. Finally, we sketch our intended future work.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"17 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-08-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142185446","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Xiaoxue Wu, Shiyu Weng, Bin Zheng, Wei Zheng, Xiang Chen, Xiaobin Sun
As software grows in size and complexity, software vulnerabilities are increasing, leading to a range of serious insecurity issues. Open‐source software vulnerability reports and documentation can provide researchers with great convenience for analysis and detection. However, the quality of different data sources varies, the data are duplicated and lack of correlation, which often requires a lot of manual management and analysis. In order to solve the problems of scattered and heterogeneous data and lack of correlation in traditional vulnerability repositories, this paper proposes a software vulnerability feature knowledge extraction method that combines the N‐gram model and mask similarity. The method generates mask text data based on the extraction of N‐gram candidate keywords and extracts vulnerability feature knowledge by calculating the similarity of mask text. This method analyzes the samples efficiently and stably in the environment of large sample size and complex samples and can obtain high‐value semi‐structured data. Then, the final node, relationship, and attribute information are obtained by secondary knowledge cleaning and extraction of the extracted semi‐structured data results. And based on the extraction results, the corresponding software vulnerability domain knowledge graph is constructed to deeply explore the semantic information features and entity relationships of vulnerabilities, which can help to efficiently study software security problems and solve vulnerability problems. The effectiveness and superiority of the proposed method is verified by comparing it with several traditional keyword extraction algorithms on Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) vulnerability data.
{"title":"NG_MDERANK: A software vulnerability feature knowledge extraction method based on N‐gram similarity","authors":"Xiaoxue Wu, Shiyu Weng, Bin Zheng, Wei Zheng, Xiang Chen, Xiaobin Sun","doi":"10.1002/smr.2727","DOIUrl":"https://doi.org/10.1002/smr.2727","url":null,"abstract":"As software grows in size and complexity, software vulnerabilities are increasing, leading to a range of serious insecurity issues. Open‐source software vulnerability reports and documentation can provide researchers with great convenience for analysis and detection. However, the quality of different data sources varies, the data are duplicated and lack of correlation, which often requires a lot of manual management and analysis. In order to solve the problems of scattered and heterogeneous data and lack of correlation in traditional vulnerability repositories, this paper proposes a software vulnerability feature knowledge extraction method that combines the N‐gram model and mask similarity. The method generates mask text data based on the extraction of N‐gram candidate keywords and extracts vulnerability feature knowledge by calculating the similarity of mask text. This method analyzes the samples efficiently and stably in the environment of large sample size and complex samples and can obtain high‐value semi‐structured data. Then, the final node, relationship, and attribute information are obtained by secondary knowledge cleaning and extraction of the extracted semi‐structured data results. And based on the extraction results, the corresponding software vulnerability domain knowledge graph is constructed to deeply explore the semantic information features and entity relationships of vulnerabilities, which can help to efficiently study software security problems and solve vulnerability problems. The effectiveness and superiority of the proposed method is verified by comparing it with several traditional keyword extraction algorithms on Common Weakness Enumeration (CWE) and Common Vulnerabilities and Exposures (CVE) vulnerability data.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"6 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142224280","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Richard Messnarz, Vesna Djordjevic, Viktor Grémen, Winifred Menezes, Ahmed Alborae, Rainer Dreves, So Norimatsu, Thomas Wegner, Bernhard Sechser
This paper documents the results of the PIM.3 (Process Improvement Management) working group in INTACS (International Assessor Certification Schema) supported by the VDA‐QMC (Verband der Deutschen Automobilindustrie/German Automotive Association–Quality Management Center). INTACS promotes Automotive SPICE, which is an international standard that allows process capability assessment of projects, which implement systems that integrate mechanics, electronics, and software including optionally cybersecurity, functional safety, and machine learning. The paper outlines that for the first time since more than 20 years, the INTACS and VDA‐QMC included a process like PIM.3 Process Improvement Management in the scope for the assessor training. Before that, the assessments focused on the management, engineering, and support processes of series projects, while the improvement management has not been trained or assessed.
{"title":"The PIM.3 process improvement process—Part of the iNTACS certified process expert training","authors":"Richard Messnarz, Vesna Djordjevic, Viktor Grémen, Winifred Menezes, Ahmed Alborae, Rainer Dreves, So Norimatsu, Thomas Wegner, Bernhard Sechser","doi":"10.1002/smr.2726","DOIUrl":"https://doi.org/10.1002/smr.2726","url":null,"abstract":"This paper documents the results of the PIM.3 (Process Improvement Management) working group in INTACS (International Assessor Certification Schema) supported by the VDA‐QMC (Verband der Deutschen Automobilindustrie/German Automotive Association–Quality Management Center). INTACS promotes Automotive SPICE, which is an international standard that allows process capability assessment of projects, which implement systems that integrate mechanics, electronics, and software including optionally cybersecurity, functional safety, and machine learning. The paper outlines that for the first time since more than 20 years, the INTACS and VDA‐QMC included a process like PIM.3 Process Improvement Management in the scope for the assessor training. Before that, the assessments focused on the management, engineering, and support processes of series projects, while the improvement management has not been trained or assessed.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"2 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142224425","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
In software development and maintenance, code comments can help developers understand source code and improve communication among developers. However, developers sometimes neglect to update the corresponding comment when changing the code, resulting in outdated comments (i.e., inconsistent codes and comments). Outdated comments are dangerous and harmful and may mislead subsequent developers. More seriously, the outdated comments may lead to a fatal flaw sometime in the future. To automatically identify the outdated comments in source code, we proposed a learning‐based method, called CoCC, to detect the consistency between code and comment. To efficiently identify outdated comments, we extract multiple features from both codes and comments before and after they change. Besides, we also consider the relation between code and comment in our model. Experiment results show that CoCC can effectively detect outdated comments with precision over 90%. In addition, we have identified the 15 most important factors that cause outdated comments and verified the applicability of CoCC in different programming languages. We also used CoCC to find outdated comments in the latest commits of open source projects, which further proves the effectiveness of the proposed method.
{"title":"Are your comments outdated? Toward automatically detecting code‐comment consistency","authors":"Yuan Huang, Yinan Chen, Xiangping Chen, Xiaocong Zhou","doi":"10.1002/smr.2718","DOIUrl":"https://doi.org/10.1002/smr.2718","url":null,"abstract":"In software development and maintenance, code comments can help developers understand source code and improve communication among developers. However, developers sometimes neglect to update the corresponding comment when changing the code, resulting in outdated comments (i.e., inconsistent codes and comments). Outdated comments are dangerous and harmful and may mislead subsequent developers. More seriously, the outdated comments may lead to a fatal flaw sometime in the future. To automatically identify the outdated comments in source code, we proposed a learning‐based method, called CoCC, to detect the consistency between code and comment. To efficiently identify outdated comments, we extract multiple features from both codes and comments before and after they change. Besides, we also consider the relation between code and comment in our model. Experiment results show that CoCC can effectively detect outdated comments with precision over 90%. In addition, we have identified the 15 most important factors that cause outdated comments and verified the applicability of CoCC in different programming languages. We also used CoCC to find outdated comments in the latest commits of open source projects, which further proves the effectiveness of the proposed method.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"52 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-08-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142224278","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ghulam Murtaza Khan, Siffat Ullah Khan, Mahmood Niazi, Muhammad Ilyas, Mamoona Humayun, Akash Ahmad, Javed Ali Khan, Sajjad Mahmood
Global software development (GSD) refers to developing software with a distributed team spanning multiple locations and time zones. Based on relationships, there are four types of outsourcing: dyadic (one client–one vendor), multi‐vendor (one client–many vendors), co‐sourcing (many clients–one vendor), and complex outsourcing (many clients–many vendors). Compared to the other types of outsourcing contracts, complex outsourcing contracts are the hardest to work on and have the highest risk of project failure. This paper presents a model, the complex outsourcing relationships management model (CORMM), to assist the complex outsourcing stakeholders (both the clients and vendors) in managing their relationships in the context of GSD. This paper aims to develop a CORMM to assist the complex outsourcing relationships management stakeholders in GSD. Also, we are interested in identifying the applicability and effectiveness of the CORMM in the real‐world industry. The research approach follows a structured methodology comprising multiple phases. Initially, it leverages a systematic literature review (SLR) as its primary research method. The second phase involves the validation of the SLR findings via an empirical study. Subsequently, in the third phase, a model is developed. Finally, the proposed research approach is validated by incorporating two industrial case studies to assess the organization's relationship management utilizing the Motorola tool. The case study results show that CORMM can successfully point out relationship management issues in a complex outsourcing context. The feedback received from the participants of both companies indicates several positive and valuable insights about the CORMM and its application in the context of complex outsourcing relationships. The results highlight that CORMM serves as an assessment tool for evaluating an organization's relationship management capability and a means for organizations to enhance their position. Through CORMM, complex outsourcing organizations (many clients–many vendors) can identify strengths and weaknesses in their relationship management practices, enabling targeted improvement efforts.
{"title":"Complex outsourcing relationships management model","authors":"Ghulam Murtaza Khan, Siffat Ullah Khan, Mahmood Niazi, Muhammad Ilyas, Mamoona Humayun, Akash Ahmad, Javed Ali Khan, Sajjad Mahmood","doi":"10.1002/smr.2724","DOIUrl":"https://doi.org/10.1002/smr.2724","url":null,"abstract":"Global software development (GSD) refers to developing software with a distributed team spanning multiple locations and time zones. Based on relationships, there are four types of outsourcing: dyadic (one client–one vendor), multi‐vendor (one client–many vendors), co‐sourcing (many clients–one vendor), and complex outsourcing (many clients–many vendors). Compared to the other types of outsourcing contracts, complex outsourcing contracts are the hardest to work on and have the highest risk of project failure. This paper presents a model, the complex outsourcing relationships management model (CORMM), to assist the complex outsourcing stakeholders (both the clients and vendors) in managing their relationships in the context of GSD. This paper aims to develop a CORMM to assist the complex outsourcing relationships management stakeholders in GSD. Also, we are interested in identifying the applicability and effectiveness of the CORMM in the real‐world industry. The research approach follows a structured methodology comprising multiple phases. Initially, it leverages a systematic literature review (SLR) as its primary research method. The second phase involves the validation of the SLR findings via an empirical study. Subsequently, in the third phase, a model is developed. Finally, the proposed research approach is validated by incorporating two industrial case studies to assess the organization's relationship management utilizing the Motorola tool. The case study results show that CORMM can successfully point out relationship management issues in a complex outsourcing context. The feedback received from the participants of both companies indicates several positive and valuable insights about the CORMM and its application in the context of complex outsourcing relationships. The results highlight that CORMM serves as an assessment tool for evaluating an organization's relationship management capability and a means for organizations to enhance their position. Through CORMM, complex outsourcing organizations (many clients–many vendors) can identify strengths and weaknesses in their relationship management practices, enabling targeted improvement efforts.","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"62 1","pages":""},"PeriodicalIF":2.0,"publicationDate":"2024-08-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"142224277","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: