GUI ripping explores the graphical user interface of an application to build a model which can express the application behavior. The ripped GUI model is useful in various software engineering tasks. Traditional GUI ripping techniques depend on the underlying GUI frameworks to provide the GUI structure information. They are difficult to work across platforms or on nonnative applications where the GUI structure information cannot easily be obtained. This work introduces cvrip, a visual GUI ripping framework, to address the problem. cvrip visually analyzes the GUI screen for ripping and does not rely on the underlying GUI frameworks. We introduce many new techniques to enable efficient visual GUI ripping, for example, a YOLO v5-based model to detect executable widgets, a state recognition acceleration method for fast model updating, and several GUI exploration strategies taking the characteristics of imperfect visual analysis into account. Experiments are conducted to evaluate many technique choices in visual GUI ripping and compare the solution with the traditional style ripping. The results show that cvrip can get competitive exploration coverage compared to traditional approaches. This suggests visual GUI ripping is a direction worthy of more future studies.
{"title":"cvrip: A Visual GUI Ripping Framework","authors":"Heji Huang, Ju Qian, Wenduo Jia, Yiming Jin","doi":"10.1002/smr.70009","DOIUrl":"https://doi.org/10.1002/smr.70009","url":null,"abstract":"<div>\u0000 \u0000 <p>GUI ripping explores the graphical user interface of an application to build a model which can express the application behavior. The ripped GUI model is useful in various software engineering tasks. Traditional GUI ripping techniques depend on the underlying GUI frameworks to provide the GUI structure information. They are difficult to work across platforms or on nonnative applications where the GUI structure information cannot easily be obtained. This work introduces cvrip, a visual GUI ripping framework, to address the problem. cvrip visually analyzes the GUI screen for ripping and does not rely on the underlying GUI frameworks. We introduce many new techniques to enable efficient visual GUI ripping, for example, a YOLO v5-based model to detect executable widgets, a state recognition acceleration method for fast model updating, and several GUI exploration strategies taking the characteristics of imperfect visual analysis into account. Experiments are conducted to evaluate many technique choices in visual GUI ripping and compare the solution with the traditional style ripping. The results show that cvrip can get competitive exploration coverage compared to traditional approaches. This suggests visual GUI ripping is a direction worthy of more future studies.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-02-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143475661","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Eladio Domínguez, Beatriz Pérez, Ángel L. Rubio, María A. Zapata
� �
Organizations use key performance indicators (KPIs) to assess the effectiveness and efficiency of their procedures and processes. In a world that is constantly evolving and hyperconnected via the internet, it is of great interest to analyze how changes (organizational, legal, technological or other) can lead to modifications in the KPIs involved. However, little attention has been paid to KPI evolution either in the scientific literature or in developed solutions. This paper presents A Flexible Framework for the Evolution, Consistency and Traceability of KPIs (AFFECTK) that aims at establishing the basis for suitable KPIs' evolution management. The feasibility of this proposal is demonstrated through a proof-of-concept developed using a reasoning tool based on Constraint Logic Programming. The framework is further evaluated, using real KPI case studies, to assess the functional suitability of our approach.
{"title":"A Flexible Framework to Ensure Traceability, Consistency, and Propagation of KPIs Evolution","authors":"Eladio Domínguez, Beatriz Pérez, Ángel L. Rubio, María A. Zapata","doi":"10.1002/smr.70004","DOIUrl":"https://doi.org/10.1002/smr.70004","url":null,"abstract":"<div>\u0000 \u0000 <p>Organizations use key performance indicators (KPIs) to assess the effectiveness and efficiency of their procedures and processes. In a world that is constantly evolving and hyperconnected via the internet, it is of great interest to analyze how changes (organizational, legal, technological or other) can lead to modifications in the KPIs involved. However, little attention has been paid to KPI evolution either in the scientific literature or in developed solutions. This paper presents <i>A Flexible Framework for the Evolution, Consistency and Traceability of KPIs</i> (AFFECTK) that aims at establishing the basis for suitable KPIs' evolution management. The feasibility of this proposal is demonstrated through a proof-of-concept developed using a reasoning tool based on Constraint Logic Programming. The framework is further evaluated, using real KPI case studies, to assess the functional suitability of our approach.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143438830","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Code comprehension is often supported by source code analysis tools that provide more abstract views over software systems, such as those detecting design patterns. These tools encompass analysis of source code and ensuing extraction of relevant information. However, the analysis of the source code is often specific to the target programming language. We propose DP-LARA, a multilanguage pattern detection tool that uses the multilanguage capability of the LARA framework to support finding pattern instances in a code base. LARA provides a virtual AST, which is common to multiple OOP programming languages, and DP-LARA then performs code analysis of detecting pattern instances on this abstract representation. We evaluate the detection performance and consistency of DP-LARA with a few software projects. Results show that a multilanguage approach does not compromise detection performance, and DP-LARA is consistent across the languages we tested it for (i.e., Java and C/C++). Moreover, by providing a virtual AST as the abstract representation, we believe to have decreased the effort of extending the tool to new programming languages and maintaining existing ones.
{"title":"Multilanguage Detection of Design Pattern Instances","authors":"Hugo Andrade, João Bispo, Filipe F. Correia","doi":"10.1002/smr.2738","DOIUrl":"https://doi.org/10.1002/smr.2738","url":null,"abstract":"<div>\u0000 \u0000 <p>Code comprehension is often supported by source code analysis tools that provide more abstract views over software systems, such as those detecting design patterns. These tools encompass analysis of source code and ensuing extraction of relevant information. However, the analysis of the source code is often specific to the target programming language. We propose DP-LARA, a multilanguage pattern detection tool that uses the multilanguage capability of the LARA framework to support finding pattern instances in a code base. LARA provides a virtual AST, which is common to multiple OOP programming languages, and DP-LARA then performs code analysis of detecting pattern instances on this abstract representation. We evaluate the detection performance and consistency of DP-LARA with a few software projects. Results show that a multilanguage approach does not compromise detection performance, and DP-LARA is consistent across the languages we tested it for (i.e., Java and C/C++). Moreover, by providing a virtual AST as the abstract representation, we believe to have decreased the effort of extending the tool to new programming languages and maintaining existing ones.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143438831","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mingliang Ma, Yanhui Li, Yingxin Chen, Lin Chen, Yuming Zhou
� �
The evolution (e.g., development and maintenance) of deep learning (DL) models has attracted much attention. One of the main challenges during the development and maintenance of DL models is model training, which often requires a lot of human resources and computing power (such as labeling costs and parameter training). In recent years, to alleviate this problem, researchers have introduced the idea of software engineering (SE) into DL. Researchers consider the DL model a new type of software, borrowing the practice of traditional software reuse, that is, focusing on the reuse of DL models to improve the quality of DL model development and maintenance. This paper focuses on more complex model reuse scenarios, where developers need to combine multiple models with functional overlaps. We explore whether the model combination technique can meet the requirements for such scenarios. We have conducted an empirical study of the research scenario and found that a model composition approach was needed to meet the requirements. Furthermore, we propose a model combination method based on concatenation-parallel called MCCP. First, the multiple models' hidden layer features are connected, and then the multiple models are connected in parallel to construct a joint model with all output categories. The joint model is trained to achieve unified requirements under the limited marking cost. Through experiments on data sets in nine domains and five model structures, the following two conclusions are drawn: (1) we observe noticeable differences (38% at most) in the performance of multiple models within overlapping category data, which calls for effective model combination techniques. (2) MCCP is more effective than the baseline, which performs the best in eight of the nine domains. Our research shows that the joint model generated by combining models with overlapping functions can meet the requirements of complex model reuse scenarios.
{"title":"Why and How We Combine Multiple Deep Learning Models With Functional Overlaps","authors":"Mingliang Ma, Yanhui Li, Yingxin Chen, Lin Chen, Yuming Zhou","doi":"10.1002/smr.70003","DOIUrl":"https://doi.org/10.1002/smr.70003","url":null,"abstract":"<div>\u0000 \u0000 <p>The evolution (e.g., development and maintenance) of deep learning (DL) models has attracted much attention. One of the main challenges during the development and maintenance of DL models is model training, which often requires a lot of human resources and computing power (such as labeling costs and parameter training). In recent years, to alleviate this problem, researchers have introduced the idea of software engineering (SE) into DL. Researchers consider the DL model a new type of software, borrowing the practice of traditional software reuse, that is, focusing on the reuse of DL models to improve the quality of DL model development and maintenance. This paper focuses on more complex model reuse scenarios, where developers need to combine multiple models with functional overlaps. We explore whether the model combination technique can meet the requirements for such scenarios. We have conducted an empirical study of the research scenario and found that a model composition approach was needed to meet the requirements. Furthermore, we propose a model combination method based on concatenation-parallel called MCCP. First, the multiple models' hidden layer features are connected, and then the multiple models are connected in parallel to construct a joint model with all output categories. The joint model is trained to achieve unified requirements under the limited marking cost. Through experiments on data sets in nine domains and five model structures, the following two conclusions are drawn: (1) we observe noticeable differences (38% at most) in the performance of multiple models within overlapping category data, which calls for effective model combination techniques. (2) MCCP is more effective than the baseline, which performs the best in eight of the nine domains. Our research shows that the joint model generated by combining models with overlapping functions can meet the requirements of complex model reuse scenarios.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-02-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143424164","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
As the size and the complexity of business process models are an important driver of error probability, it is recommended to split large models into smaller models. Hence, we propose, in this paper, to develop business process models by refinement. A refinement is a transformation of a source model to a target model expressed in the same modeling language. This transformation should preserve the semantics of the source model to provide semantically correct target model. Thus, we propose, in this paper, a domain specific language based on Business Process Model and Notation (BPMN) language for developing by refinement business process models correct-by-construction. Hence, we propose (i) a formal syntax throughout a context-free grammar , (ii) axiomatic semantics to ensure the refinement correction when building business process models, (iii) operational semantics in terms of Kripke structure permitting formal verification of provided models to check their reliability. The Kripke structure supports the verification of behavioral requirements represented by the Computational Tree Logic (CTL) temporal logic and verified by NuSMV model checker. Based on these semantics, we prove the validity
由于业务流程模型的大小和复杂性是错误概率的重要驱动因素,因此建议将大型模型拆分为较小的模型。因此,我们在本文中建议通过细化来开发业务流程模型。精化是源模型到用相同建模语言表示的目标模型的转换。这种转换应该保留源模型的语义,以提供语义正确的目标模型。因此,我们在本文中提出了一种基于业务流程模型和符号(BPMN)语言的领域特定语言,用于通过按构造正确地细化业务流程模型来进行开发。因此,我们提出(i)一个贯穿上下文无关语法G的B P M N R $$ BPM{N}_R $$形式语法B P M N R $$ {G}_{BPM{N}_R} $$,(ii)公理语义,确保构建业务流程模型时的精化校正;(iii)基于Kripke结构的操作语义,允许对所提供的B P M N R $$ BPM{N}_R $$模型进行形式化验证,以检查其可靠性。Kripke结构支持以计算树逻辑(CTL)时态逻辑表示的行为需求验证,并通过NuSMV模型检查器进行验证。基于这些语义,我们证明了我们开发的b.p M N R $$ BPM{N}_R $$编译器的有效性,该编译器可以帮助开发人员构建正确的b.pM N R $$ BPM{N}_R $$模型,并将这些模型转换为NuSMV代码,以证明其可靠性。
{"title":"An Approach to Develop Correct-by-Construction Business Process Models Using a Formal Domain Specific Language","authors":"Yousra Bendaly Hlaoui, Salma Ayari","doi":"10.1002/smr.2762","DOIUrl":"https://doi.org/10.1002/smr.2762","url":null,"abstract":"<div>\u0000 \u0000 <p>As the size and the complexity of business process models are an important driver of error probability, it is recommended to split large models into smaller models. Hence, we propose, in this paper, to develop business process models by refinement. A refinement is a transformation of a source model to a target model expressed in the same modeling language. This transformation should preserve the semantics of the source model to provide semantically correct target model. Thus, we propose, in this paper, a domain specific language based on Business Process Model and Notation (BPMN) language for developing by refinement business process models correct-by-construction. Hence, we propose (i) a <span></span><math>\u0000 <semantics>\u0000 <mrow>\u0000 <mi>B</mi>\u0000 <mi>P</mi>\u0000 <mi>M</mi>\u0000 <msub>\u0000 <mrow>\u0000 <mi>N</mi>\u0000 </mrow>\u0000 <mrow>\u0000 <mi>R</mi>\u0000 </mrow>\u0000 </msub>\u0000 </mrow>\u0000 <annotation>$$ BPM{N}_R $$</annotation>\u0000 </semantics></math> formal syntax throughout a context-free grammar <span></span><math>\u0000 <semantics>\u0000 <mrow>\u0000 <msub>\u0000 <mrow>\u0000 <mi>G</mi>\u0000 </mrow>\u0000 <mrow>\u0000 <mi>B</mi>\u0000 <mi>P</mi>\u0000 <mi>M</mi>\u0000 <msub>\u0000 <mrow>\u0000 <mi>N</mi>\u0000 </mrow>\u0000 <mrow>\u0000 <mi>R</mi>\u0000 </mrow>\u0000 </msub>\u0000 </mrow>\u0000 </msub>\u0000 </mrow>\u0000 <annotation>$$ {G}_{BPM{N}_R} $$</annotation>\u0000 </semantics></math>, (ii) axiomatic semantics to ensure the refinement correction when building business process models, (iii) operational semantics in terms of Kripke structure permitting formal verification of provided <span></span><math>\u0000 <semantics>\u0000 <mrow>\u0000 <mi>B</mi>\u0000 <mi>P</mi>\u0000 <mi>M</mi>\u0000 <msub>\u0000 <mrow>\u0000 <mi>N</mi>\u0000 </mrow>\u0000 <mrow>\u0000 <mi>R</mi>\u0000 </mrow>\u0000 </msub>\u0000 </mrow>\u0000 <annotation>$$ BPM{N}_R $$</annotation>\u0000 </semantics></math> models to check their reliability. The Kripke structure supports the verification of behavioral requirements represented by the Computational Tree Logic (CTL) temporal logic and verified by NuSMV model checker. Based on these semantics, we prove the validity ","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-02-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143389002","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Casper van Schothorst, Slinger Jansen, Liza Lausberg
Software ecosystem services are essential for the sustainability and functionality of software ecosystems, but they lack comprehensive categorization, hindering further study. This study explores the concept of software ecosystem services through a systematic literature review and brief survey. Drawing analogies from natural ecosystems, we define software ecosystem services as the conditions and processes through which software ecosystems create, provide, and sustain innovation and value creation via software. Software ecosystem services are categorized into four primary types: provisioning, regulating, cultural, and supporting services.
Our findings highlight the crucial role of services that do not directly add customer value but are essential for the software ecosystem's functionality, such as authentication and authorization services, collaboration and communication platforms, and app stores. By highlighting these vital yet often overlooked services, the research identifies potential sustainability threats for software ecosystems, such as the dominance of a few major players, which mirrors the risks of monocultures in natural ecosystems. This study lays the groundwork for further research aimed at ensuring the long-term sustainability and resilience of software ecosystems.
{"title":"The Indispensable Role of Software Ecosystem Services","authors":"Casper van Schothorst, Slinger Jansen, Liza Lausberg","doi":"10.1002/smr.70002","DOIUrl":"https://doi.org/10.1002/smr.70002","url":null,"abstract":"<p>Software ecosystem services are essential for the sustainability and functionality of software ecosystems, but they lack comprehensive categorization, hindering further study. This study explores the concept of software ecosystem services through a systematic literature review and brief survey. Drawing analogies from natural ecosystems, we define software ecosystem services as the conditions and processes through which software ecosystems create, provide, and sustain innovation and value creation via software. Software ecosystem services are categorized into four primary types: provisioning, regulating, cultural, and supporting services.</p><p>Our findings highlight the crucial role of services that do not directly add customer value but are essential for the software ecosystem's functionality, such as authentication and authorization services, collaboration and communication platforms, and app stores. By highlighting these vital yet often overlooked services, the research identifies potential sustainability threats for software ecosystems, such as the dominance of a few major players, which mirrors the risks of monocultures in natural ecosystems. This study lays the groundwork for further research aimed at ensuring the long-term sustainability and resilience of software ecosystems.</p>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://onlinelibrary.wiley.com/doi/epdf/10.1002/smr.70002","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143362482","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"OA","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Evolutionary test case generation plays a vital role in ensuring software quality and reliability. Since Web applications involve a large number of interactions between client and server, the dynamic evolutionary test case generation is very time-consuming, which makes it difficult to apply in actual projects. Obviously, parallelization provides a feasible way to improve the efficiency and effectiveness of evolutionary test generation. In our previous research, the idea of parallelism has been introduced into the evolutionary test generation for Web applications. However, its performance is affected by many factors, such as migration scale, migration frequency, the number of browser processes and subpopulations, and so on. The analysis of influencing factors can guide enhancing the performance of evolutionary test generation. For this reason, this paper analyzes the factors that influence parallel evolutionary algorithms and how they affect the performance of test generation for Web applications. At the same time, different parallel evolutionary test generation methods are designed and implemented. Experiments are conducted on open-source Web applications to generate test cases that meet the server-side sensitive paths coverage criterion, providing guidance and suggestions for the parameter setting of parallel evolutionary test case generation for Web applications. The experimental results show that (1) compared with the global parallelization model, the evolutionary algorithm based on the parallel island model has a greater improvement in test case generation performance. In more detail, when generating test cases with the same server-side sensitive paths coverage, the number of iterations required is reduced by 49.6%, and the time cost is reduced by 58.7%; (2) for the test case generation based on the parallel island model, if the migration scale is large, appropriately increasing the migration frequency can reduce its time cost; (3) if the number of subpopulations is fixed, appropriately increasing the number of browser processes can reduce the time cost of Web application test case evolution, but the number of browser processes should not be too large; otherwise, it may increase the time cost.
{"title":"Influencing Factors' Analysis for the Performance of Parallel Evolutionary Test Case Generation for Web Applications","authors":"Weiwei Wang, Shukai Zhang, Kepeng Qiu, Xuejun Liu, Xiaodan Li, Ruilian Zhao","doi":"10.1002/smr.2751","DOIUrl":"https://doi.org/10.1002/smr.2751","url":null,"abstract":"<div>\u0000 \u0000 <p>Evolutionary test case generation plays a vital role in ensuring software quality and reliability. Since Web applications involve a large number of interactions between client and server, the dynamic evolutionary test case generation is very time-consuming, which makes it difficult to apply in actual projects. Obviously, parallelization provides a feasible way to improve the efficiency and effectiveness of evolutionary test generation. In our previous research, the idea of parallelism has been introduced into the evolutionary test generation for Web applications. However, its performance is affected by many factors, such as migration scale, migration frequency, the number of browser processes and subpopulations, and so on. The analysis of influencing factors can guide enhancing the performance of evolutionary test generation. For this reason, this paper analyzes the factors that influence parallel evolutionary algorithms and how they affect the performance of test generation for Web applications. At the same time, different parallel evolutionary test generation methods are designed and implemented. Experiments are conducted on open-source Web applications to generate test cases that meet the server-side sensitive paths coverage criterion, providing guidance and suggestions for the parameter setting of parallel evolutionary test case generation for Web applications. The experimental results show that (1) compared with the global parallelization model, the evolutionary algorithm based on the parallel island model has a greater improvement in test case generation performance. In more detail, when generating test cases with the same server-side sensitive paths coverage, the number of iterations required is reduced by 49.6%, and the time cost is reduced by 58.7%; (2) for the test case generation based on the parallel island model, if the migration scale is large, appropriately increasing the migration frequency can reduce its time cost; (3) if the number of subpopulations is fixed, appropriately increasing the number of browser processes can reduce the time cost of Web application test case evolution, but the number of browser processes should not be too large; otherwise, it may increase the time cost.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-02-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143248387","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Patches can help fix security vulnerabilities and optimize software performance, thereby enhancing the quality and security of the software. Unfortunately, patches generated by automated program repair tools are not always correct, as they may introduce new bugs or fail to fully rectify the original issue. Various methods for evaluating patch correctness have been proposed. However, most methods face the challenge of capturing long-distance dependencies in patch correctness evaluation, which leads to a decline in the predictive performance of the models. To address the challenge, this paper presents a method named Qamhaen to evaluate the correctness of patches generated by APR. Specifically, text embedding of bugs and patches component address the challenge of long-distance dependencies across functions in patch correctness evaluation by using bug reports and patch descriptions as inputs instead of code snippets. BERT is employed for pretraining to capture these dependencies, followed by an additional multihead self-attention mechanism for further feature extraction. Similarity evaluator component devises a similarity calculation to assess the effectiveness of patch descriptions in resolving issues outlined in bug reports. Comprehensive experiments are conducted on a dataset containing 9135 patches and a patch correctness assessment metric, and extensive experiments demonstrate that Qamhaen outperforms baseline methods in terms of overall performance across AUC, F1, +Recall, -Recall, and Precision. For example, compared to the baseline, Qamhaen achieves an F1 of 0.691, representing improvements of 24.2%, 22.1%, and 6.3% over the baseline methods, respectively.
{"title":"Structuring Semantic-Aware Relations Between Bugs and Patches for Accurate Patch Evaluation","authors":"Lingxiao Zhao, Hui Li, Yongqian Chen, Xiaowei Pan, Shikai Guo","doi":"10.1002/smr.70001","DOIUrl":"https://doi.org/10.1002/smr.70001","url":null,"abstract":"<div>\u0000 \u0000 <p>Patches can help fix security vulnerabilities and optimize software performance, thereby enhancing the quality and security of the software. Unfortunately, patches generated by automated program repair tools are not always correct, as they may introduce new bugs or fail to fully rectify the original issue. Various methods for evaluating patch correctness have been proposed. However, most methods face the challenge of capturing long-distance dependencies in patch correctness evaluation, which leads to a decline in the predictive performance of the models. To address the challenge, this paper presents a method named Qamhaen to evaluate the correctness of patches generated by APR. Specifically, text embedding of bugs and patches component address the challenge of long-distance dependencies across functions in patch correctness evaluation by using bug reports and patch descriptions as inputs instead of code snippets. BERT is employed for pretraining to capture these dependencies, followed by an additional multihead self-attention mechanism for further feature extraction. Similarity evaluator component devises a similarity calculation to assess the effectiveness of patch descriptions in resolving issues outlined in bug reports. Comprehensive experiments are conducted on a dataset containing 9135 patches and a patch correctness assessment metric, and extensive experiments demonstrate that Qamhaen outperforms baseline methods in terms of overall performance across <i>AUC</i>, <i>F1</i>, <i>+Recall</i>, <i>-Recall</i>, and <i>Precision</i>. For example, compared to the baseline, Qamhaen achieves an <i>F1</i> of 0.691, representing improvements of 24.2%, 22.1%, and 6.3% over the baseline methods, respectively.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 2","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-02-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143110874","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Ye Wang, Weihao Xue, Qiao Huang, Bo Jiang, Hua Zhang
� �
As software development grows increasingly complex, application programming interface (API) plays a significant role in enhancing development efficiency and code quality. However, the explosive growth in the number of APIs makes it impossible for developers to become familiar with all of them. In actual development scenarios, developers may spend a significant amount of time searching for suitable APIs, which could severely impact the development process. Recently, the OpenAI's large language model (LLM) based application—ChatGPT has shown exceptional performance across various software development tasks, responding swiftly to instructions and generating high-quality textual responses, suggesting its potential in API recommendation tasks. Thus, this paper presents an empirical study to investigate the performance of ChatGPT in query-based API recommendation tasks. Specifically, we utilized the existing benchmark APIBENCH-Q and the newly constructed dataset as evaluation datasets, selecting the state-of-the-art models BIKER and MULAREC for comparison with ChatGPT. Our research findings demonstrate that ChatGPT outperforms existing approaches in terms of success rate, mean reciprocal rank (MRR), and mean average precision (MAP). Through a manual examination of samples in which ChatGPT exceeds baseline performance and those where it provides incorrect answers, we further substantiate ChatGPT's advantages over the baselines and identify several issues contributing to its suboptimal performance. To address these issues and enhance ChatGPT's recommendation capabilities, we employed two strategies: (1) utilizing a more advanced LLM (GPT-4) and (2) exploring a new approach—MACAR, which is based on the Chain of Thought methodology. The results indicate that both strategies are effective.
{"title":"Exploring ChatGPT's Potential in Java API Method Recommendation: An Empirical Study","authors":"Ye Wang, Weihao Xue, Qiao Huang, Bo Jiang, Hua Zhang","doi":"10.1002/smr.2765","DOIUrl":"https://doi.org/10.1002/smr.2765","url":null,"abstract":"<div>\u0000 \u0000 <p>As software development grows increasingly complex, application programming interface (API) plays a significant role in enhancing development efficiency and code quality. However, the explosive growth in the number of APIs makes it impossible for developers to become familiar with all of them. In actual development scenarios, developers may spend a significant amount of time searching for suitable APIs, which could severely impact the development process. Recently, the OpenAI's large language model (LLM) based application—ChatGPT has shown exceptional performance across various software development tasks, responding swiftly to instructions and generating high-quality textual responses, suggesting its potential in API recommendation tasks. Thus, this paper presents an empirical study to investigate the performance of ChatGPT in query-based API recommendation tasks. Specifically, we utilized the existing benchmark APIBENCH-Q and the newly constructed dataset as evaluation datasets, selecting the state-of-the-art models BIKER and MULAREC for comparison with ChatGPT. Our research findings demonstrate that ChatGPT outperforms existing approaches in terms of success rate, mean reciprocal rank (MRR), and mean average precision (MAP). Through a manual examination of samples in which ChatGPT exceeds baseline performance and those where it provides incorrect answers, we further substantiate ChatGPT's advantages over the baselines and identify several issues contributing to its suboptimal performance. To address these issues and enhance ChatGPT's recommendation capabilities, we employed two strategies: (1) utilizing a more advanced LLM (GPT-4) and (2) exploring a new approach—MACAR, which is based on the Chain of Thought methodology. The results indicate that both strategies are effective.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143120196","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Modern supply chains of goods and services rely heavily on close collaborations between the partners within these supply chains. Consequently, there is a demand for IT systems that support collaborations between business partners, for instance, allowing for joint computations for global optimizations (in contrast to local optimizations that each partner can do on their own). Still, businesses are very reluctant to share data or connect their enterprise systems to allow for such joint computation. The topmost factor that businesses name as reason for not collaborating, is their security concern in general and, in particular, the confidentiality of business critical data. While there are techniques (e.g., homomorphic encryption or secure multiparty computation) that allow joint computations and, at the same time, that are protecting the confidentiality of the data that flows into such a joint computation, they are not widely used. One of the main problems that prevent their adoption is their perceived performance overhead. In this paper, we address this problem by an approach that utilized the structure of supply chains by decomposing global computations into local groups, and applying secure multiparty computation within each group. This results in a scalable (resulting in a significant smaller runtime overhead than traditional approaches) and secure (i.e., protecting the confidentiality of data provided by supply chain partners) approach for joint computations within supply chains. We evaluate our approach using life-cycle assessment (LCA) as a case study. Our experiments show that, for instance, secure LCA computations even in supply chains with 15 partners are possible within less than two minutes, while traditional approaches using secure multiparty computation need more than a day.
{"title":"Ensuring Confidentiality in Supply Chains With an Application to Life-Cycle Assessment","authors":"Achim D. Brucker, Sakine Yalman","doi":"10.1002/smr.2763","DOIUrl":"https://doi.org/10.1002/smr.2763","url":null,"abstract":"<div>\u0000 \u0000 <p>Modern supply chains of goods and services rely heavily on close collaborations between the partners within these supply chains. Consequently, there is a demand for IT systems that support collaborations between business partners, for instance, allowing for joint computations for global optimizations (in contrast to local optimizations that each partner can do on their own). Still, businesses are very reluctant to share data or connect their enterprise systems to allow for such joint computation. The topmost factor that businesses name as reason for not collaborating, is their security concern in general and, in particular, the confidentiality of business critical data. While there are techniques (e.g., homomorphic encryption or secure multiparty computation) that allow joint computations <i>and</i>, at the same time, that are protecting the confidentiality of the data that flows into such a joint computation, they are not widely used. One of the main problems that prevent their adoption is their perceived performance overhead. In this paper, we address this problem by an approach that utilized the structure of supply chains by decomposing global computations into local groups, and applying secure multiparty computation within each group. This results in a scalable (resulting in a significant smaller runtime overhead than traditional approaches) <i>and</i> secure (i.e., protecting the confidentiality of data provided by supply chain partners) approach for joint computations within supply chains. We evaluate our approach using life-cycle assessment (LCA) as a case study. Our experiments show that, for instance, secure LCA computations even in supply chains with 15 partners are possible within less than two minutes, while traditional approaches using secure multiparty computation need more than a day.</p>\u0000 </div>","PeriodicalId":48898,"journal":{"name":"Journal of Software-Evolution and Process","volume":"37 1","pages":""},"PeriodicalIF":1.7,"publicationDate":"2025-01-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"143119858","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
扫码关注我们
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号