首页 > 最新文献

Software Testing Verification & Reliability最新文献

英文 中文
TimelyRep: Timing deterministic replay for Android web applications timeelyrep: Android web应用程序的定时确定性重放
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-06-01 DOI: 10.1002/stvr.1745
Yanqiang Liu, Fangge Yan, Mingyuan Xia, Zhengwei Qi, Xue Liu
With the constantly growing and changing requirements of app users, web techniques are used in mobile application development for better cross‐platform compatibility and online update. As the embedded web contents gain complexity, debugging web apps become a critical demand. Web replay tools can record program inputs and reproduce the same execution for debugging and performance tuning. However, traditional replay approaches are largely intended for apps with desktop interaction methods (keyboard, mouse) and require modification to the browser, which limits their applicability in mobile platforms.
随着应用程序用户需求的不断增长和变化,web技术被用于移动应用程序开发,以获得更好的跨平台兼容性和在线更新。随着嵌入式web内容的日益复杂,调试web应用程序成为一项关键需求。Web重播工具可以记录程序输入并重现相同的执行,以便进行调试和性能调优。然而,传统的重放方法主要针对具有桌面交互方法(键盘、鼠标)的应用程序,并且需要修改浏览器,这限制了它们在移动平台上的适用性。
{"title":"TimelyRep: Timing deterministic replay for Android web applications","authors":"Yanqiang Liu, Fangge Yan, Mingyuan Xia, Zhengwei Qi, Xue Liu","doi":"10.1002/stvr.1745","DOIUrl":"https://doi.org/10.1002/stvr.1745","url":null,"abstract":"With the constantly growing and changing requirements of app users, web techniques are used in mobile application development for better cross‐platform compatibility and online update. As the embedded web contents gain complexity, debugging web apps become a critical demand. Web replay tools can record program inputs and reproduce the same execution for debugging and performance tuning. However, traditional replay approaches are largely intended for apps with desktop interaction methods (keyboard, mouse) and require modification to the browser, which limits their applicability in mobile platforms.","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"206 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73579939","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Conference Virtualization 会议虚拟化
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-06-01 DOI: 10.1002/stvr.1749
R. Hierons, Tao Xie
Due to the ongoing COVID-19 outbreak, conference virtualization has happened, is happening, and will happen for the recent past, ongoing, and upcoming periods, respectively. An ongoing example of conference virtualization is ICSE 2020, the largest conference in software engineering. ACM has recently formed the ACM Presidential Task Force on What Conferences Can Do to Replace Faceto-Face Meetings; in May 2020, this task force released a guide to best practices on virtual conferences (https://www.acm.org/virtual-conferences). The availability of videoconferencing and/or Webinar systems such as Zoom has made online live presentations of accepted conference papers easy and low cost. One may wonder whether the current technology and platform availability for live presentations can facilitate some innovations of disseminating journal papers, going beyond the current common practice of partnership between journals and conferences, e.g., journal-first papers. For example, a journal may consider organizing a virtual journal summit every year or every half of a year for authors of accepted or published papers in that journal to present their papers in an online live manner. Indeed, community discussion is needed before these kinds of innovations are put into action. We welcome your thoughts on possible innovations of disseminating journal papers (especially in the face of conference virtualization), and these innovations’ potential pros and cons. This issue contains two papers. In the first paper, Lucas R. Andrade, Patricia D. L. Machado, and Wilkerson. L. Andrade address the problem of predicting the fault detection capability of a test suite. It has previously been observed that although code coverage is often seen as being important, the actual coverage achieved by a test suite is a poor predictor of effectiveness. To address this, recent work has introduced metrics (forms of Operational Coverage) that combine code coverage with information from an operational profile that models the expected usage of the system. This paper reports on the outcomes of a case study that considered 46 versions of a proprietary system. In order to provide an estimate of the effectiveness of a test suite, the authors used the number of post-release bugs reported (the fewer found, the more effective the test suite). Interestingly, it was found that there was a negative correlation between measures of test suite effectiveness with both versions of statement coverage but that the correlation was stronger with operational statement coverage. (Recommended by Lori L. Pollock). In the second paper, Yanqiang Liu, Fangge Yan, Mingyuan Xia, Zhengwei Qi, and Xue Liu present TimelyRep, an efficient and deterministic replay tool for web-enabled mobile applications. TimelyRep achieves deterministic replay of program states and low replay delays in face of the high input rate of mobile interaction. In particular, TimelyRep includes a mechanism for delivering an HTTP response stream with de
由于2019冠状病毒病(COVID-19)的持续爆发,会议虚拟化分别在最近的过去、正在进行和即将进行的时期发生、正在发生和将要发生。一个正在进行的会议虚拟化的例子是ICSE 2020,这是软件工程领域最大的会议。ACM最近成立了ACM主席工作组,研究会议如何取代面对面会议;2020年5月,该工作组发布了虚拟会议最佳实践指南(https://www.acm.org/virtual-conferences)。视频会议和/或网络研讨会系统(如Zoom)的可用性使得被接受的会议论文的在线实时演示变得容易和低成本。人们可能会想,目前的现场演示技术和平台是否可以促进一些传播期刊论文的创新,超越目前期刊和会议之间合作的常见做法,例如期刊优先论文。例如,一个期刊可以考虑每年或每半年组织一次虚拟期刊峰会,让该期刊上被接受或发表的论文的作者以在线直播的方式展示他们的论文。事实上,在这些创新付诸行动之前,需要进行社区讨论。我们欢迎您对期刊论文传播的可能创新(特别是面对会议虚拟化)的想法,以及这些创新的潜在利弊。本期包含两篇论文。在第一篇论文中,Lucas R. Andrade, Patricia D. L. Machado和Wilkerson。L. Andrade解决了预测测试套件的故障检测能力的问题。前面已经观察到,尽管代码覆盖率经常被认为是重要的,但是测试套件所实现的实际覆盖率并不能很好地预测效率。为了解决这个问题,最近的工作引入了度量(操作覆盖的形式),它将代码覆盖与来自操作概要文件的信息结合起来,该概要文件模拟了系统的预期使用情况。本文报告了一个案例研究的结果,该案例研究考虑了46个版本的专有系统。为了提供测试套件有效性的估计,作者使用了发布后报告的错误数量(发现的越少,测试套件越有效)。有趣的是,我们发现在测试套件有效性的度量与两个版本的语句覆盖率之间存在负相关,但是与操作语句覆盖率之间的相关性更强。(洛里·l·波洛克推荐)。在第二篇论文中,刘延强、闫方歌、夏明远、齐正伟和刘雪介绍了TimelyRep,这是一种用于支持web的移动应用程序的高效且确定的重放工具。TimelyRep在面对移动交互的高输入率时,实现了程序状态的确定性重播和较低的重播延迟。特别是,TimelyRep包含一种机制,用于交付具有确定性序列、内容和延迟的HTTP响应流,而不需要修改浏览器核心或操作系统。TimelyRep还包含一种机制来控制JavaScript空间中的重放延迟,适用于移动web嵌入和传统web浏览器。本文报告了对两个具有复杂非确定性和密集用户输入的现实世界网页游戏应用程序的评估。评估结果表明,TimelyRep对于重现程序漏洞和保持低延迟对于触摸密集型网页游戏非常有用。(Robert Hierons推荐)。
{"title":"Conference Virtualization","authors":"R. Hierons, Tao Xie","doi":"10.1002/stvr.1749","DOIUrl":"https://doi.org/10.1002/stvr.1749","url":null,"abstract":"Due to the ongoing COVID-19 outbreak, conference virtualization has happened, is happening, and will happen for the recent past, ongoing, and upcoming periods, respectively. An ongoing example of conference virtualization is ICSE 2020, the largest conference in software engineering. ACM has recently formed the ACM Presidential Task Force on What Conferences Can Do to Replace Faceto-Face Meetings; in May 2020, this task force released a guide to best practices on virtual conferences (https://www.acm.org/virtual-conferences). The availability of videoconferencing and/or Webinar systems such as Zoom has made online live presentations of accepted conference papers easy and low cost. One may wonder whether the current technology and platform availability for live presentations can facilitate some innovations of disseminating journal papers, going beyond the current common practice of partnership between journals and conferences, e.g., journal-first papers. For example, a journal may consider organizing a virtual journal summit every year or every half of a year for authors of accepted or published papers in that journal to present their papers in an online live manner. Indeed, community discussion is needed before these kinds of innovations are put into action. We welcome your thoughts on possible innovations of disseminating journal papers (especially in the face of conference virtualization), and these innovations’ potential pros and cons. This issue contains two papers. In the first paper, Lucas R. Andrade, Patricia D. L. Machado, and Wilkerson. L. Andrade address the problem of predicting the fault detection capability of a test suite. It has previously been observed that although code coverage is often seen as being important, the actual coverage achieved by a test suite is a poor predictor of effectiveness. To address this, recent work has introduced metrics (forms of Operational Coverage) that combine code coverage with information from an operational profile that models the expected usage of the system. This paper reports on the outcomes of a case study that considered 46 versions of a proprietary system. In order to provide an estimate of the effectiveness of a test suite, the authors used the number of post-release bugs reported (the fewer found, the more effective the test suite). Interestingly, it was found that there was a negative correlation between measures of test suite effectiveness with both versions of statement coverage but that the correlation was stronger with operational statement coverage. (Recommended by Lori L. Pollock). In the second paper, Yanqiang Liu, Fangge Yan, Mingyuan Xia, Zhengwei Qi, and Xue Liu present TimelyRep, an efficient and deterministic replay tool for web-enabled mobile applications. TimelyRep achieves deterministic replay of program states and low replay delays in face of the high input rate of mobile interaction. In particular, TimelyRep includes a mechanism for delivering an HTTP response stream with de","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"92 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90342739","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Can operational profile coverage explain post‐release bug detection? 操作配置文件覆盖能解释发布后的漏洞检测吗?
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-06-01 DOI: 10.1002/stvr.1735
Lucas Andrade, Patricia D. L. Machado, W. Andrade
To deliver reliable software, developers may rely on the fault detection capability of test suites. To evaluate this capability, they can apply code coverage metrics before a software release. However, recent research results have shown that these metrics may not provide a solid basis for this evaluation. Moreover, the fixing of a fault has a cost, and not all faults have the same impact regarding software reliability. In this sense, operational testing aims at assessing parts of the system that are more valuable for users. The goal of this work is to investigate whether traditional code coverage and code coverage merged with operational information can be related to post‐release bug detection. We focus on the scope of proprietary software under continuous delivery. We performed an exploratory case study where code branch and statement coverage metrics were collected for each version of a proprietary software together with real usage data of the system. We then measured the ability to explain the bug‐fixing activity after version release using code coverage levels. We found that traditional statement coverage has a moderate negative correlation with bug‐fixing activities, whereas statement coverage merged with the operational profile has a large negative correlation with higher confidence. Developers can consider operational information as an important factor of influence that should be analysed, among other factors, together with code coverage to assess the fault detection capability of a test suite.
为了交付可靠的软件,开发人员可能依赖于测试套件的故障检测能力。为了评估这种能力,他们可以在软件发布之前应用代码覆盖度量。然而,最近的研究结果表明,这些指标可能不能为这种评估提供坚实的基础。此外,修复一个错误是有代价的,并不是所有的错误对软件可靠性都有相同的影响。从这个意义上说,操作测试旨在评估系统中对用户更有价值的部分。这项工作的目标是调查传统的代码覆盖率和合并了操作信息的代码覆盖率是否与发布后的bug检测有关。我们专注于持续交付的专有软件范围。我们执行了一个探索性的案例研究,其中收集了专有软件的每个版本的代码分支和语句覆盖度量,以及系统的实际使用数据。然后,我们使用代码覆盖级别来衡量版本发布后解释bug修复活动的能力。我们发现,传统的语句覆盖率与错误修复活动有适度的负相关,而与操作概况合并的语句覆盖率与更高的置信度有很大的负相关。开发人员可以考虑将操作信息作为一个重要的影响因素,在其他因素中,与代码覆盖率一起分析,以评估测试套件的故障检测能力。
{"title":"Can operational profile coverage explain post‐release bug detection?","authors":"Lucas Andrade, Patricia D. L. Machado, W. Andrade","doi":"10.1002/stvr.1735","DOIUrl":"https://doi.org/10.1002/stvr.1735","url":null,"abstract":"To deliver reliable software, developers may rely on the fault detection capability of test suites. To evaluate this capability, they can apply code coverage metrics before a software release. However, recent research results have shown that these metrics may not provide a solid basis for this evaluation. Moreover, the fixing of a fault has a cost, and not all faults have the same impact regarding software reliability. In this sense, operational testing aims at assessing parts of the system that are more valuable for users. The goal of this work is to investigate whether traditional code coverage and code coverage merged with operational information can be related to post‐release bug detection. We focus on the scope of proprietary software under continuous delivery. We performed an exploratory case study where code branch and statement coverage metrics were collected for each version of a proprietary software together with real usage data of the system. We then measured the ability to explain the bug‐fixing activity after version release using code coverage levels. We found that traditional statement coverage has a moderate negative correlation with bug‐fixing activities, whereas statement coverage merged with the operational profile has a large negative correlation with higher confidence. Developers can consider operational information as an important factor of influence that should be analysed, among other factors, together with code coverage to assess the fault detection capability of a test suite.","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"31 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79926995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Working Across Boundaries 跨界工作
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-04-13 DOI: 10.1002/stvr.1734
R. Hierons, Tao Xie
This editorial was written during a period of extreme difficulty for many individuals, families, and nations in the ongoing COVID-19 outbreak. We can only hope that measures taken are successful and that the situation has improved considerably. We also do not pretend that we have anything to add regarding health, social, or economic issues. However, the crisis has shown the role that Computer Science can play in informing policy. Society requires evidence and computers are often involved in producing such evidence via, for example, simulation. It is here that we, as a community, can contribute through advances in testing, verification, and reliability in areas such as Scientific Computing and Computer Simulations and maybe also AI/data sciences for helping expedite the process of finding treatment. As a recent example discussed in social media, when commenting on pandemic simulation code used to model control measures against COVID-19, Prof. Guido Salvaneschi said in his tweet: “Ever wondered about the “impact“ of research on programming languages and software engineering? Political decisions affecting hundreds of millions are being taken based on thousands of lines of 13+ years old C code that allegedly nobody understands anymore. #COVID19 #cs” (https://twitter.com/guidosalva/status/1242049884347412482). There is already some truly excellent work for making advances in these areas and we are confident that the community will rise to the challenge. This issue contains two papers. In the first paper, Simons and Lefticaru introduce a new Model-Based Testing approach, which is based on the use of a Stream X-machine (SXM) specification. SXMs provide a state-based formalism and there is a traditional approach to testing from an SXM. This approach typically assumes that the underlying functions/operations have been implemented correctly but these functions may be integrated (into a state machine) in the wrong way. There are a number of automated test generation approaches for SXMs and the authors make two main additional contributions to this area. First, they introduce a number of novel optimisations into test generation. Second, they observe that SXM test generation algorithms return abstract test cases (sequences of functions); the paper shows how corresponding concrete test data can be generated. The approach has been implemented and evaluated on case studies, with the tool also checking that a specification satisfies certain desirable properties. (Recommended by Hyunsook Do). In the second paper, Pouria Derakhshanfar, Xavier Devroey, Gilles Perrouin, Andy Zaidman, and Arie van Deursen introduce behavioural model seeding, a new seeding approach for learning class usages from both the system source code under test and existing test cases. The learned class usages are represented in a state-machine-based behavioural model. The behavioural model is then used to guide search-based crash reproduction, which generates a test case (i.e., objects and seque
这篇社论是在许多个人、家庭和国家在当前的COVID-19疫情中面临极端困难时期撰写的。我们只能希望所采取的措施是成功的,局势已大为改善。我们也不会假装我们对健康、社会或经济问题有任何补充。然而,这场危机显示了计算机科学在为政策提供信息方面可以发挥的作用。社会需要证据,而计算机经常通过模拟等方式参与生成证据。正是在这里,我们作为一个社区,可以通过在科学计算和计算机模拟等领域的测试、验证和可靠性方面的进步做出贡献,也许还可以通过人工智能/数据科学来帮助加快寻找治疗方法的过程。最近在社交媒体上讨论的一个例子是,Guido Salvaneschi教授在评论用于模拟COVID-19控制措施的大流行模拟代码时,在他的推文中说:“有没有想过研究对编程语言和软件工程的‘影响’?影响数亿人的政治决策是基于数千行13年以上的C代码做出的,据说没有人能理解这些代码了。# covid - 19 #cs”(https://twitter.com/guidosalva/status/1242049884347412482)。在这些领域已经有一些真正出色的工作取得进展,我们相信社区将迎接挑战。这一期有两篇论文。在第一篇论文中,Simons和Lefticaru介绍了一种新的基于模型的测试方法,该方法基于Stream X-machine (SXM)规范的使用。SXM提供了一种基于状态的形式,并且有一种从SXM进行测试的传统方法。这种方法通常假设底层功能/操作已经正确实现,但是这些功能可能以错误的方式集成(到状态机中)。有许多用于SXMs的自动化测试生成方法,作者对该领域做出了两个主要的额外贡献。首先,他们在测试生成中引入了许多新的优化。其次,他们观察到SXM测试生成算法返回抽象测试用例(函数序列);本文介绍了如何生成相应的混凝土试验数据。该方法已经在案例研究中实现和评估,该工具还检查规范是否满足某些期望的属性。(推荐:杜贤淑)在第二篇论文中,Pouria Derakhshanfar、Xavier Devroey、Gilles Perrouin、Andy Zaidman和Arie van Deursen介绍了行为模型播种,这是一种新的播种方法,用于从被测试的系统源代码和现有测试用例中学习类用法。学习到的类用法在基于状态机的行为模型中表示。然后使用行为模型来指导基于搜索的崩溃再现,它生成一个测试用例(即,对象和对这些对象的方法调用序列)来再现给定堆栈跟踪的崩溃。这种方法与现有的播种策略相反,后者只是从测试中的系统源代码和现有的测试用例中收集和重用值和对象状态,而没有任何抽象。该方法已经在一个名为BOTSING工具集的开源实现中实现,并对来自六个开源应用程序的122次崩溃进行了评估。(菲尔·麦克明推荐)。
{"title":"Working Across Boundaries","authors":"R. Hierons, Tao Xie","doi":"10.1002/stvr.1734","DOIUrl":"https://doi.org/10.1002/stvr.1734","url":null,"abstract":"This editorial was written during a period of extreme difficulty for many individuals, families, and nations in the ongoing COVID-19 outbreak. We can only hope that measures taken are successful and that the situation has improved considerably. We also do not pretend that we have anything to add regarding health, social, or economic issues. However, the crisis has shown the role that Computer Science can play in informing policy. Society requires evidence and computers are often involved in producing such evidence via, for example, simulation. It is here that we, as a community, can contribute through advances in testing, verification, and reliability in areas such as Scientific Computing and Computer Simulations and maybe also AI/data sciences for helping expedite the process of finding treatment. As a recent example discussed in social media, when commenting on pandemic simulation code used to model control measures against COVID-19, Prof. Guido Salvaneschi said in his tweet: “Ever wondered about the “impact“ of research on programming languages and software engineering? Political decisions affecting hundreds of millions are being taken based on thousands of lines of 13+ years old C code that allegedly nobody understands anymore. #COVID19 #cs” (https://twitter.com/guidosalva/status/1242049884347412482). There is already some truly excellent work for making advances in these areas and we are confident that the community will rise to the challenge. This issue contains two papers. In the first paper, Simons and Lefticaru introduce a new Model-Based Testing approach, which is based on the use of a Stream X-machine (SXM) specification. SXMs provide a state-based formalism and there is a traditional approach to testing from an SXM. This approach typically assumes that the underlying functions/operations have been implemented correctly but these functions may be integrated (into a state machine) in the wrong way. There are a number of automated test generation approaches for SXMs and the authors make two main additional contributions to this area. First, they introduce a number of novel optimisations into test generation. Second, they observe that SXM test generation algorithms return abstract test cases (sequences of functions); the paper shows how corresponding concrete test data can be generated. The approach has been implemented and evaluated on case studies, with the tool also checking that a specification satisfies certain desirable properties. (Recommended by Hyunsook Do). In the second paper, Pouria Derakhshanfar, Xavier Devroey, Gilles Perrouin, Andy Zaidman, and Arie van Deursen introduce behavioural model seeding, a new seeding approach for learning class usages from both the system source code under test and existing test cases. The learned class usages are represented in a state-machine-based behavioural model. The behavioural model is then used to guide search-based crash reproduction, which generates a test case (i.e., objects and seque","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"77 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-04-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83872654","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Facilitating program performance profiling via evolutionary symbolic execution 通过演化符号执行促进程序性能分析
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-03-01 DOI: 10.1002/stvr.1719
Andrea Aquino, Pietro Braione, G. Denaro, P. Salza
Performance profiling can benefit from test cases that hit high‐cost executions of programs. In this paper, we investigate the problem of automatically generating test cases that trigger the worst‐case execution of programs and propose a novel technique that solves this problem with an unprecedented combination of symbolic execution and evolutionary algorithms. Our technique, which we refer to as ‘Evolutionary Symbolic Execution’, embraces the execution cost of the program paths as the fitness function to pursue the worst execution. It defines an original set of evolutionary operators, based on symbolic execution, which suitably sample the possible program paths to make the search process effective. Specifically, our technique defines a memetic algorithm that (i) incrementally evolves by steering symbolic execution to traverse new program paths that comply with execution conditions combined and refined from the currently collected worse program paths and (ii) periodically applies local optimizations to the execution conditions of the worst currently identified program path to further speed up the identification of the worst path. We report on a set of initial experiments indicating that our technique succeeds in generating good worst‐case test cases for programs with which existing approaches cannot cope. Also, we show that, as far as the problem of generating worst‐case test cases is concerned, the distinguishing evolutionary operators based on symbolic execution that we define in this paper are more effective than traditional operators that directly manipulate the program inputs.
性能分析可以从测试用例中受益,这些测试用例击中了程序的高成本执行。在本文中,我们研究了自动生成触发程序最坏情况执行的测试用例的问题,并提出了一种新的技术,通过前所未有的符号执行和进化算法的结合来解决这个问题。我们的技术,我们称之为“进化符号执行”,将程序路径的执行成本作为追求最差执行的适应度函数。它定义了一组原始的基于符号执行的进化算子,这些算子适当地对可能的程序路径进行采样,以使搜索过程有效。具体来说,我们的技术定义了一种模因算法,该算法(i)通过引导符号执行来逐步发展,以遍历符合执行条件的新程序路径,这些执行条件是由当前收集的最差程序路径组合和改进的;(ii)定期对当前识别的最差程序路径的执行条件进行局部优化,以进一步加快最差路径的识别。我们报告了一组初始实验,表明我们的技术成功地为现有方法无法处理的程序生成了良好的最坏情况测试用例。此外,我们还表明,就生成最坏情况测试用例的问题而言,我们在本文中定义的基于符号执行的区分进化算子比直接操作程序输入的传统算子更有效。
{"title":"Facilitating program performance profiling via evolutionary symbolic execution","authors":"Andrea Aquino, Pietro Braione, G. Denaro, P. Salza","doi":"10.1002/stvr.1719","DOIUrl":"https://doi.org/10.1002/stvr.1719","url":null,"abstract":"Performance profiling can benefit from test cases that hit high‐cost executions of programs. In this paper, we investigate the problem of automatically generating test cases that trigger the worst‐case execution of programs and propose a novel technique that solves this problem with an unprecedented combination of symbolic execution and evolutionary algorithms. Our technique, which we refer to as ‘Evolutionary Symbolic Execution’, embraces the execution cost of the program paths as the fitness function to pursue the worst execution. It defines an original set of evolutionary operators, based on symbolic execution, which suitably sample the possible program paths to make the search process effective. Specifically, our technique defines a memetic algorithm that (i) incrementally evolves by steering symbolic execution to traverse new program paths that comply with execution conditions combined and refined from the currently collected worse program paths and (ii) periodically applies local optimizations to the execution conditions of the worst currently identified program path to further speed up the identification of the worst path. We report on a set of initial experiments indicating that our technique succeeds in generating good worst‐case test cases for programs with which existing approaches cannot cope. Also, we show that, as far as the problem of generating worst‐case test cases is concerned, the distinguishing evolutionary operators based on symbolic execution that we define in this paper are more effective than traditional operators that directly manipulate the program inputs.","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"68 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-03-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88764593","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A verified and optimized Stream X‐Machine testing method, with application to cloud service certification 经过验证和优化的Stream X - Machine测试方法,可应用于云服务认证
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-02-18 DOI: 10.1002/stvr.1729
A. Simons, R. Lefticaru
The Stream X‐Machine (SXM) testing method provides strong and repeatable guarantees of functional correctness, up to a specification. These qualities make the method attractive for software certification, especially in the domain of brokered cloud services, where arbitrage seeks to substitute functionally equivalent services from alternative providers. However, practical obstacles include the difficulty in providing a correct specification, the translation of abstract paths into feasible concrete tests and the large size of generated test suites. We describe a novel SXM verification and testing method, which automatically checks specifications for completeness and determinism, prior to generating complete test suites with full grounding information. Three optimization steps achieve up to a 10‐fold reduction in the size of the test suite, removing infeasible and redundant tests. The method is backed by a set of tools to validate and verify the SXM specification, generate technology‐agnostic test suites and ground these in SOAP, REST or rich‐client service implementations. The method was initially validated using seven specifications, three cloud platforms and five grounding strategies.
Stream X - Machine (SXM)测试方法提供了强大且可重复的功能正确性保证,达到规格要求。这些特性使得该方法对软件认证很有吸引力,尤其是在代理云服务领域,在这个领域,套利试图替代其他提供商提供的功能等效的服务。然而,实际的障碍包括难以提供正确的规范、将抽象路径转换为可行的具体测试以及生成的测试套件的大尺寸。我们描述了一种新的SXM验证和测试方法,它在生成具有完整接地信息的完整测试套件之前,自动检查规范的完整性和确定性。三个优化步骤可将测试套件的大小减少10倍,消除不可行和冗余的测试。该方法由一组工具支持,用于验证和验证SXM规范,生成与技术无关的测试套件,并将这些测试套件置于SOAP、REST或富客户端服务实现中。该方法最初使用七个规范、三个云平台和五种接地策略进行了验证。
{"title":"A verified and optimized Stream X‐Machine testing method, with application to cloud service certification","authors":"A. Simons, R. Lefticaru","doi":"10.1002/stvr.1729","DOIUrl":"https://doi.org/10.1002/stvr.1729","url":null,"abstract":"The Stream X‐Machine (SXM) testing method provides strong and repeatable guarantees of functional correctness, up to a specification. These qualities make the method attractive for software certification, especially in the domain of brokered cloud services, where arbitrage seeks to substitute functionally equivalent services from alternative providers. However, practical obstacles include the difficulty in providing a correct specification, the translation of abstract paths into feasible concrete tests and the large size of generated test suites. We describe a novel SXM verification and testing method, which automatically checks specifications for completeness and determinism, prior to generating complete test suites with full grounding information. Three optimization steps achieve up to a 10‐fold reduction in the size of the test suite, removing infeasible and redundant tests. The method is backed by a set of tools to validate and verify the SXM specification, generate technology‐agnostic test suites and ground these in SOAP, REST or rich‐client service implementations. The method was initially validated using seven specifications, three cloud platforms and five grounding strategies.","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"46 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-02-18","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"89126084","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Model‐based hypothesis testing of uncertain software systems 不确定软件系统的基于模型的假设检验
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-02-06 DOI: 10.1002/stvr.1730
Matteo Camilli, A. Gargantini, P. Scandurra
Nowadays, there exists an increasing demand for reliable software systems able to fulfill their requirements in different operational environments and to cope with uncertainty that can be introduced both at design‐time and at runtime because of the lack of control over third‐party system components and complex interactions among software, hardware infrastructures and physical phenomena. This article addresses the problem of the discrepancy between measured data at runtime and the design‐time formal specification by using an inverse uncertainty quantification approach. Namely, we introduce a methodology called METRIC and its supporting toolchain to quantify and mitigate software system uncertainty during testing by combining (on‐the‐fly) model‐based testing and Bayesian inference. Our approach connects probabilistic input/output conformance theory with statistical hypothesis testing in order to assess if the behaviour of the system under test corresponds to its probabilistic formal specification provided in terms of a Markov decision process. An uncertainty‐aware model‐based test case generation strategy is used as a means to collect evidence from software components affected by sources of uncertainty. Test results serve as input to a Bayesian inference process that updates beliefs on model parameters encoding uncertain quality attributes of the system under test. This article describes our approach from both theoretical and practical perspectives. An extensive empirical evaluation activity has been conducted in order to assess the cost‐effectiveness of our approach. We show that, under same effort constraints, our uncertainty‐aware testing strategy increases the accuracy of the uncertainty quantification process up to 50 times with respect to traditional model‐based testing methods.
如今,对可靠的软件系统的需求日益增加,这些系统能够在不同的操作环境中满足其需求,并应对由于缺乏对第三方系统组件的控制以及软件、硬件基础设施和物理现象之间复杂的相互作用而在设计时和运行时引入的不确定性。本文通过使用逆不确定性量化方法解决了运行时测量数据与设计时正式规范之间的差异问题。也就是说,我们引入了一种名为METRIC的方法及其支持工具链,通过结合(实时)基于模型的测试和贝叶斯推理,量化和减轻测试过程中的软件系统不确定性。我们的方法将概率输入/输出一致性理论与统计假设检验联系起来,以评估被测系统的行为是否符合根据马尔可夫决策过程提供的概率形式规范。一种基于不确定性感知模型的测试用例生成策略被用作从受不确定性源影响的软件组件中收集证据的手段。测试结果作为贝叶斯推理过程的输入,该过程更新对编码被测系统不确定质量属性的模型参数的信念。本文从理论和实践两方面阐述了我们的方法。为了评估我们的方法的成本效益,进行了广泛的实证评估活动。我们表明,在相同的努力约束下,我们的不确定感知测试策略与传统的基于模型的测试方法相比,不确定量化过程的准确性提高了50倍。
{"title":"Model‐based hypothesis testing of uncertain software systems","authors":"Matteo Camilli, A. Gargantini, P. Scandurra","doi":"10.1002/stvr.1730","DOIUrl":"https://doi.org/10.1002/stvr.1730","url":null,"abstract":"Nowadays, there exists an increasing demand for reliable software systems able to fulfill their requirements in different operational environments and to cope with uncertainty that can be introduced both at design‐time and at runtime because of the lack of control over third‐party system components and complex interactions among software, hardware infrastructures and physical phenomena. This article addresses the problem of the discrepancy between measured data at runtime and the design‐time formal specification by using an inverse uncertainty quantification approach. Namely, we introduce a methodology called METRIC and its supporting toolchain to quantify and mitigate software system uncertainty during testing by combining (on‐the‐fly) model‐based testing and Bayesian inference. Our approach connects probabilistic input/output conformance theory with statistical hypothesis testing in order to assess if the behaviour of the system under test corresponds to its probabilistic formal specification provided in terms of a Markov decision process. An uncertainty‐aware model‐based test case generation strategy is used as a means to collect evidence from software components affected by sources of uncertainty. Test results serve as input to a Bayesian inference process that updates beliefs on model parameters encoding uncertain quality attributes of the system under test. This article describes our approach from both theoretical and practical perspectives. An extensive empirical evaluation activity has been conducted in order to assess the cost‐effectiveness of our approach. We show that, under same effort constraints, our uncertainty‐aware testing strategy increases the accuracy of the uncertainty quantification process up to 50 times with respect to traditional model‐based testing methods.","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"8 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90232108","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Complexity vulnerability analysis using symbolic execution 使用符号执行的复杂性漏洞分析
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-02-06 DOI: 10.1002/stvr.1716
K. S. Luckow, Rody Kersten, C. Pasareanu
We describe techniques based on symbolic execution for finding software vulnerabilities that are due to algorithmic complexity. Such vulnerabilities allow an attacker to mount denial‐of‐service attacks to deny service to benign users or to otherwise disable a software system.
我们描述了基于符号执行的技术,用于发现由于算法复杂性而导致的软件漏洞。这些漏洞允许攻击者进行拒绝服务攻击,以拒绝向良性用户提供服务或以其他方式禁用软件系统。
{"title":"Complexity vulnerability analysis using symbolic execution","authors":"K. S. Luckow, Rody Kersten, C. Pasareanu","doi":"10.1002/stvr.1716","DOIUrl":"https://doi.org/10.1002/stvr.1716","url":null,"abstract":"We describe techniques based on symbolic execution for finding software vulnerabilities that are due to algorithmic complexity. Such vulnerabilities allow an attacker to mount denial‐of‐service attacks to deny service to benign users or to otherwise disable a software system.","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"33 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-02-06","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91294024","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Performance mutation testing 性能变异测试
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-01-29 DOI: 10.1002/stvr.1728
Pedro Delgado-Pérez, A. B. Sánchez, Sergio Segura, I. Medina-Bulo
Performance bugs are known to be a major threat to the success of software products. Performance tests aim to detect performance bugs by executing the program through test cases and checking whether it exhibits a noticeable performance degradation. The principles of mutation testing, a well‐established testing technique for the assessment of test suites through the injection of artificial faults, could be exploited to evaluate and improve the detection power of performance tests. However, the application of mutation testing to assess performance tests, henceforth called performance mutation testing (PMT), is a novel research topic with numerous open challenges. In previous papers, we identified some key challenges related to PMT. In this work, we go a step further and explore the feasibility of applying PMT at the source‐code level in general‐purpose languages. To do so, we revisit concepts associated with classical mutation testing and design seven novel mutation operators to model known bug‐inducing patterns. As a proof of concept, we applied traditional mutation operators as well as performance mutation operators to open‐source C++ programs. The results reveal the potential of the new performance‐mutants to help assess and enhance performance tests when compared with traditional mutants. A review of live mutants in these programs suggests that they can induce the design of special test inputs. In addition to these promising results, our work brings a whole new set of challenges related to PMT, which will hopefully serve as a starting point for new contributions in the area.
众所周知,性能缺陷是软件产品成功的主要威胁。性能测试的目的是通过测试用例执行程序并检查它是否表现出明显的性能下降来检测性能缺陷。突变测试是一种成熟的测试技术,通过注入人工故障来评估测试套件,可以利用突变测试的原理来评估和提高性能测试的检测能力。然而,应用突变测试来评估性能测试,以下称为性能突变测试(PMT),是一个具有许多开放挑战的新研究课题。在之前的论文中,我们确定了与PMT相关的一些关键挑战。在这项工作中,我们进一步探索了在通用语言的源代码级别应用PMT的可行性。为此,我们重新审视了与经典突变测试相关的概念,并设计了七个新的突变操作符来模拟已知的bug诱导模式。作为概念验证,我们将传统的变异操作符和性能变异操作符应用于开源c++程序。结果表明,与传统突变体相比,新的性能突变体有助于评估和提高性能测试。对这些程序中的活突变体的回顾表明,它们可以诱导设计特殊的测试输入。除了这些有希望的结果之外,我们的工作还带来了一系列与PMT相关的全新挑战,这有望成为该领域新贡献的起点。
{"title":"Performance mutation testing","authors":"Pedro Delgado-Pérez, A. B. Sánchez, Sergio Segura, I. Medina-Bulo","doi":"10.1002/stvr.1728","DOIUrl":"https://doi.org/10.1002/stvr.1728","url":null,"abstract":"Performance bugs are known to be a major threat to the success of software products. Performance tests aim to detect performance bugs by executing the program through test cases and checking whether it exhibits a noticeable performance degradation. The principles of mutation testing, a well‐established testing technique for the assessment of test suites through the injection of artificial faults, could be exploited to evaluate and improve the detection power of performance tests. However, the application of mutation testing to assess performance tests, henceforth called performance mutation testing (PMT), is a novel research topic with numerous open challenges. In previous papers, we identified some key challenges related to PMT. In this work, we go a step further and explore the feasibility of applying PMT at the source‐code level in general‐purpose languages. To do so, we revisit concepts associated with classical mutation testing and design seven novel mutation operators to model known bug‐inducing patterns. As a proof of concept, we applied traditional mutation operators as well as performance mutation operators to open‐source C++ programs. The results reveal the potential of the new performance‐mutants to help assess and enhance performance tests when compared with traditional mutants. A review of live mutants in these programs suggests that they can induce the design of special test inputs. In addition to these promising results, our work brings a whole new set of challenges related to PMT, which will hopefully serve as a starting point for new contributions in the area.","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"49 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-01-29","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80915481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 12
Special issue: ISSRE 2018, the 29th IEEE International Symposium on Software Reliability Engineering 特刊:ISSRE 2018,第29届IEEE软件可靠性工程国际研讨会
IF 1.5 4区 计算机科学 Q3 COMPUTER SCIENCE, SOFTWARE ENGINEERING Pub Date : 2020-01-23 DOI: 10.1002/stvr.1732
R. Natella, Sudipto Ghosh
This special issue contains extended versions of five papers from the 29th IEEE International Symposium on Software Reliability Engineering (ISSRE 2018). ISSRE is focused on innovative techniques and tools for assessing, predicting, and improving the reliability, safety, and security of software products. The symposium emphasizes scientific methods, industrial relevance, rigorous empirical validation, and shared value of practical tools and experiences. ISSRE boasts a large industry participation, with authors and participants from international corporations. Based on the reviews from the programme committee members and discussions with the editorsin-chief regarding the relevance of the papers to the journal’s topics of interest, we invited the authors of seven papers to extend their work and submit to this special issue. The extended papers went through several rounds of revision during the rigorous peer-review process. The papers were reviewed by a panel of experts that included, but was not limited to, members of the ISSRE 2018 Program Committee. Five papers successfully completed the review process and are included in this special issue. The first paper, Using Mutants to Help Developers Distinguish and Debug (Compiler) Faults by Josie Holmes and Alex Groce, introduces a distance metric for failing test cases based on the intuition that failing tests that kill the same mutants are likely related to the same fault. This issue is especially relevant for very large test suites, as in the ‘compiler fuzzer taming’ problem. The paper evaluates the metric on two widely used real-world compilers by combining the metric with state-of-the-art methods for fault identification and localization. The second paper, Testing Microservice Architectures for Operational Reliability by Roberto Pietrantuono, Stefano Russo, and Antonio Guerriero, proposes a method for quantitatively assessing the probability of failures (‘operational reliability’) in the context of microservice applications, where the usage profile changes often for reasons such as frequent releases. The method achieves significant improvements in terms of accuracy and efficiency of reliability assessment on three open-source applications. The third paper, Model-based Hypothesis Testing of Uncertain Software Systems by Matteo Camilli, Angelo Gargantini, and Patrizia Scandurra, presents a methodology for combining model-based testing with Bayesian reasoning for testing systems with stochastic QoS properties using a model with uncertain parameters. The paper provides a detailed and reproducible case study for demonstrating the methodology. The fourth paper, Fully Automated HTML and Javascript Rewriting for Constructing a Self-healing Web Proxy by Thomas Durieux, Youssef Hamadi, and Martin Monperrus, applies the failure-oblivious computing principle to web applications. Errors are masked through HTML and Javascript code rewriting (e.g., to skip the faulty line) with an HTTP proxy and a browser extensio
本特刊包含来自第29届IEEE软件可靠性工程国际研讨会(ISSRE 2018)的五篇论文的扩展版本。ISSRE专注于创新技术和工具,用于评估、预测和提高软件产品的可靠性、安全性和安全性。研讨会强调科学方法、工业相关性、严格的实证验证以及实用工具和经验的共享价值。ISSRE拥有庞大的行业参与,作者和参与者来自国际公司。根据计划委员会成员的评论以及与主编就论文与期刊感兴趣的主题的相关性进行的讨论,我们邀请了七篇论文的作者扩展他们的工作并提交给本期特刊。在严格的同行评审过程中,论文经过了几轮修改。这些论文由包括但不限于ISSRE 2018计划委员会成员在内的专家小组进行审查。五篇论文成功地完成了评审过程,并被收录在本期特刊中。第一篇论文,Josie Holmes和Alex Groce撰写的《使用突变体来帮助开发人员区分和调试(编译器)错误》,介绍了一个失败测试用例的距离度量,该度量基于这样一种直觉,即失败的测试杀死相同的突变体可能与相同的错误有关。这个问题与非常大的测试套件特别相关,如“编译器模糊器驯服”问题。本文将该度量与最新的故障识别和定位方法相结合,在两种广泛使用的实际编译器上对该度量进行了评估。第二篇论文,Roberto Pietrantuono、Stefano Russo和Antonio Guerriero撰写的《测试微服务架构的运行可靠性》,提出了一种在微服务应用环境中定量评估故障概率(“运行可靠性”)的方法,在微服务应用环境中,由于频繁发布等原因,使用概况经常发生变化。在三个开源应用中,该方法在可靠性评估的准确性和效率方面取得了显著的提高。第三篇论文,由Matteo Camilli, Angelo Gargantini和Patrizia Scandurra撰写的基于模型的不确定软件系统假设测试,提出了一种将基于模型的测试与贝叶斯推理相结合的方法,用于使用具有不确定参数的模型测试具有随机QoS属性的系统。本文提供了一个详细的和可复制的案例研究来证明该方法。第四篇论文《构建自修复Web代理的全自动HTML和Javascript重写》,作者是Thomas Durieux、Youssef Hamadi和Martin Monperrus,论文将故障无关计算原理应用于Web应用程序。错误是通过HTML和Javascript代码重写来屏蔽的(例如,跳过错误行),分别使用HTTP代理和浏览器扩展。该方法是在大量可重复的Javascript错误的公开可用数据集上进行经验评估的。通过这个简单的策略,大部分错误都可以自动自我修复。第五篇论文,Andrea Aquino, Pietro Braione, Giovanni Denaro和Pasquale Salza通过进化符号执行促进程序性能分析,研究性能
{"title":"Special issue: ISSRE 2018, the 29th IEEE International Symposium on Software Reliability Engineering","authors":"R. Natella, Sudipto Ghosh","doi":"10.1002/stvr.1732","DOIUrl":"https://doi.org/10.1002/stvr.1732","url":null,"abstract":"This special issue contains extended versions of five papers from the 29th IEEE International Symposium on Software Reliability Engineering (ISSRE 2018). ISSRE is focused on innovative techniques and tools for assessing, predicting, and improving the reliability, safety, and security of software products. The symposium emphasizes scientific methods, industrial relevance, rigorous empirical validation, and shared value of practical tools and experiences. ISSRE boasts a large industry participation, with authors and participants from international corporations. Based on the reviews from the programme committee members and discussions with the editorsin-chief regarding the relevance of the papers to the journal’s topics of interest, we invited the authors of seven papers to extend their work and submit to this special issue. The extended papers went through several rounds of revision during the rigorous peer-review process. The papers were reviewed by a panel of experts that included, but was not limited to, members of the ISSRE 2018 Program Committee. Five papers successfully completed the review process and are included in this special issue. The first paper, Using Mutants to Help Developers Distinguish and Debug (Compiler) Faults by Josie Holmes and Alex Groce, introduces a distance metric for failing test cases based on the intuition that failing tests that kill the same mutants are likely related to the same fault. This issue is especially relevant for very large test suites, as in the ‘compiler fuzzer taming’ problem. The paper evaluates the metric on two widely used real-world compilers by combining the metric with state-of-the-art methods for fault identification and localization. The second paper, Testing Microservice Architectures for Operational Reliability by Roberto Pietrantuono, Stefano Russo, and Antonio Guerriero, proposes a method for quantitatively assessing the probability of failures (‘operational reliability’) in the context of microservice applications, where the usage profile changes often for reasons such as frequent releases. The method achieves significant improvements in terms of accuracy and efficiency of reliability assessment on three open-source applications. The third paper, Model-based Hypothesis Testing of Uncertain Software Systems by Matteo Camilli, Angelo Gargantini, and Patrizia Scandurra, presents a methodology for combining model-based testing with Bayesian reasoning for testing systems with stochastic QoS properties using a model with uncertain parameters. The paper provides a detailed and reproducible case study for demonstrating the methodology. The fourth paper, Fully Automated HTML and Javascript Rewriting for Constructing a Self-healing Web Proxy by Thomas Durieux, Youssef Hamadi, and Martin Monperrus, applies the failure-oblivious computing principle to web applications. Errors are masked through HTML and Javascript code rewriting (e.g., to skip the faulty line) with an HTTP proxy and a browser extensio","PeriodicalId":49506,"journal":{"name":"Software Testing Verification & Reliability","volume":"51 1","pages":""},"PeriodicalIF":1.5,"publicationDate":"2020-01-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83299003","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":4,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
期刊
Software Testing Verification & Reliability
全部 Acc. Chem. Res. ACS Applied Bio Materials ACS Appl. Electron. Mater. ACS Appl. Energy Mater. ACS Appl. Mater. Interfaces ACS Appl. Nano Mater. ACS Appl. Polym. Mater. ACS BIOMATER-SCI ENG ACS Catal. ACS Cent. Sci. ACS Chem. Biol. ACS Chemical Health & Safety ACS Chem. Neurosci. ACS Comb. Sci. ACS Earth Space Chem. ACS Energy Lett. ACS Infect. Dis. ACS Macro Lett. ACS Mater. Lett. ACS Med. Chem. Lett. ACS Nano ACS Omega ACS Photonics ACS Sens. ACS Sustainable Chem. Eng. ACS Synth. Biol. Anal. Chem. BIOCHEMISTRY-US Bioconjugate Chem. BIOMACROMOLECULES Chem. Res. Toxicol. Chem. Rev. Chem. Mater. CRYST GROWTH DES ENERG FUEL Environ. Sci. Technol. Environ. Sci. Technol. Lett. Eur. J. Inorg. Chem. IND ENG CHEM RES Inorg. Chem. J. Agric. Food. Chem. J. Chem. Eng. Data J. Chem. Educ. J. Chem. Inf. Model. J. Chem. Theory Comput. J. Med. Chem. J. Nat. Prod. J PROTEOME RES J. Am. Chem. Soc. LANGMUIR MACROMOLECULES Mol. Pharmaceutics Nano Lett. Org. Lett. ORG PROCESS RES DEV ORGANOMETALLICS J. Org. Chem. J. Phys. Chem. J. Phys. Chem. A J. Phys. Chem. B J. Phys. Chem. C J. Phys. Chem. Lett. Analyst Anal. Methods Biomater. Sci. Catal. Sci. Technol. Chem. Commun. Chem. Soc. Rev. CHEM EDUC RES PRACT CRYSTENGCOMM Dalton Trans. Energy Environ. Sci. ENVIRON SCI-NANO ENVIRON SCI-PROC IMP ENVIRON SCI-WAT RES Faraday Discuss. Food Funct. Green Chem. Inorg. Chem. Front. Integr. Biol. J. Anal. At. Spectrom. J. Mater. Chem. A J. Mater. Chem. B J. Mater. Chem. C Lab Chip Mater. Chem. Front. Mater. Horiz. MEDCHEMCOMM Metallomics Mol. Biosyst. Mol. Syst. Des. Eng. Nanoscale Nanoscale Horiz. Nat. Prod. Rep. New J. Chem. Org. Biomol. Chem. Org. Chem. Front. PHOTOCH PHOTOBIO SCI PCCP Polym. Chem.
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
0
微信
客服QQ
Book学术公众号 扫码关注我们
反馈
×
意见反馈
请填写您的意见或建议
请填写您的手机或邮箱
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
Book学术官方微信
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术
文献互助 智能选刊 最新文献 互助须知 联系我们:info@booksci.cn
Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。
Copyright © 2023 Book学术 All rights reserved.
ghs 京公网安备 11010802042870号 京ICP备2023020795号-1